1. Commitment to Privacy
2. Collection and Use of Personal and Health Information
Novartis collects, stores and uses personal and health information for specific and limited purposes which we inform you about when we ask you for information or for secondary purposes which are related to those purposes and are therefore purposes for which you would reasonably expect the information to be used.
Generally, Novartis may keep a record of your name, contact details (address, telephone and fax number, email address etc.), and, where relevant, your date of birth and your professional details (e.g. qualifications, specialty, areas of interest), details of your practice/business (e.g. size, use of products) and details of your dealings with us. Other information may be collected from other sources but those sources will provide details of what personal information is being collected and why.
Novartis may, for example, collect information from:
- Human and Animal Health Professionals (e.g. doctor, nurse, pharmacist, veterinarian, vet nurse etc.) in the course of and for the purposes of: responding to product queries; meetings with our sales representatives; negotiating and managing contracts and taking orders of products; complying with our regulatory obligations (e.g. notification of important product safety information) and codes of conduct; adverse event reporting; and participating in Novartis sponsored programs and events (e.g. clinical trials, expert panels, trade shows, educational programs, research grants and disease management programs);
- Members of the general public in the course of using our customer or product information services, adverse event reporting; participating in promotional activities; and participating in Novartis sponsored programs (e.g. clinical trials, educational programs and disease management programs); and
- Service providers in the course of providing services to Novartis.
The personal and health information Novartis collects, either verbally or in writing, may vary depending on your particular interaction with Novartis, but is limited to that information necessary to record and manage our interaction with you.
Novartis keeps your personal and health information only for as long as is reasonably necessary for such purposes and in accordance with any applicable legal reporting or documentation retention requirements. We may also use this information to send you certain product, health or other information which we consider to be of importance to you, but we will give you the opportunity to tell us if you do not want to receive this information.
If you do not provide the personal or health information requested by us, we may not be able to provide you with our products or services or respond to your enquiry. Except where it is impractical to do so, or where we are required by law or otherwise to deal with individuals who have identified themselves, you may opt not to identify yourself, or to use a pseudonym when dealing with us.
3. Disclosure of Information
We respect your privacy. Personal and health information collected may occasionally be transferred to third parties, such as contractors who act for or on behalf of Novartis for particular purposes such as fulfilling orders for products, and providing marketing and support services, and to related companies of Novartis, including those located outside of Australia or New Zealand. Your personal and health information may only be disclosed to third parties for the purposes in connection with which it was collected, or for purposes related (or, in the case of health or other sensitive information, directly related) to those purposes, unless you agree otherwise.
Such third parties may operate under different privacy policies. However, we endeavour to take reasonable steps to ensure that such third parties provide the same level of protection as Novartis and, where appropriate, we will contractually require them to process personal and health information transferred to them only for the purposes expressly authorised by Novartis.
We will not share with third parties any identifiable health information about you without your consent except to prevent a serious and imminent threat to an individual’s life or health. You may always revoke your consent at a later date. If consent is revoked Novartis may not be able to carry out certain requests made by you. Novartis will, where practicable, inform third parties to whom your information has been transferred of your withdrawal of consent.
We may also disclose your information in circumstances required or authorised under law, in co- operation with any governmental authority or as otherwise permitted under applicable legislation.
4. Personal Information regarding Employees
Novartis complies with the privacy requirements which apply to personal information supplied by prospective employees, contractors or consultants. In the private sector in Australia, legislation provides an exemption regarding employee records of current and previous employees. In the public sector and in New Zealand, standard privacy laws apply.
5. Right of Access
You have the right to access and update your personal and health information unless certain circumstances, set out in the Privacy Principles relevant to either Australia or New Zealand,
apply. We take reasonable steps to ensure that any information we hold about you is up-to- date, accurate, and complete for the purposes for which it was collected.
If you wish to access or correct this information, please contact the Privacy Officer. To protect your privacy, Novartis may require proof of identity before processing your request.
No charge will be levied for requesting access or correction of your information, however, Novartis may charge a reasonable fee to cover its costs of providing access.
6. Security and Confidentiality
Novartis takes reasonable steps to ensure the security and confidentiality of personal and health information that it collects. We may hold your information in electronic or hard copy form. When information is collected on-line, it is subject to data networks protected, inter alia, by firewall and password protection. Access to personal and health information is restricted to those employees who have a need to use the data, who have been directed to handle such data properly and observe strict standards of confidentiality. While we cannot guarantee against any loss, misuse or alteration to data, we try to prevent such occurrences. Novartis destroys or de- identifies personal information when it is no longer needed or required to be kept by law.
7. Data Transfer Abroad
Novartis is part of a global enterprise with databases in different jurisdictions, some of which are operated by the local Novartis Group Company, some by Novartis Group Companies overseas, and some by third parties on behalf of a Novartis Group Company. Novartis is likely to transfer your personal and health information to one of its databases outside Australia or New Zealand. We will ensure that if we transfer data to Novartis databases outside Australia or New Zealand, we will comply with any obligations we have under the respective Privacy Principles in relation to that transfer.
Novartis has adopted Binding Corporate Rules (BCR), a set of principles governing the international transfer of personal information of Novartis associates, customers, business partners and other individuals whose data is collected or processed in the EU and in Switzerland. The approval of the Novartis BCR by EU and Swiss Data Protection Authorities allows Novartis to transfer your personal information from the EU and Switzerland to Novartis affiliates in other countries in compliance with EU and Swiss data protection laws.
8. Anonymous Data and "Cookies"
Most of the information that Novartis collects when you visit our website is anonymous information, such as the pages you visit and searches you perform, which is processed by Novartis to help improve the contents of the website and to compile aggregate statistics about use of the website for internal, market research purposes. To collect this anonymous information, "cookies" may be sent via your browser and installed on your hard drive that collect the user’s server address and top level domain name (e.g., "bigmail.com" from an e-mail address of "firstname.lastname@example.org") and the date and time of access. "Cookies" by themselves cannot be used to discover the identity of the user. A "cookie" is a small piece of information which is sent to your browser and stored on your computer's hard drive. You can set your browser to notify you when you receive a "cookie". This will enable you to decide if you want to accept it or not.
Novartis complies in Australia with the Spam Act 2003 (Cth) and in New Zealand with the Unsolicited Electronic Messages Act 2007. Spamming is defined as sending unsolicited commercial electronic messages to individuals with whom the sender has had no previous contact or who has declined to receive such communications. If you contact us electronically and Novartis believes that certain product, health, or other information is of importance to you, we may inform you electronically but will give you the choice to opt out of receiving further communications of this type.
10. Personal and Health Information of Children
Novartis will not knowingly collect, use or disclose personal and health information from a minor (under the age of 18) without obtaining prior consent from a person with parental responsibility (e.g., a parent or guardian) through direct off-line contact. We will provide the parent with (i) notice of the specific types of information being collected from the minor, and (ii) the opportunity to object to any further collection, use, or storage of such information.
11. Links to other websites
Novartis websites may contain links to other sites. Novartis makes no representations or warranties regarding the privacy practices of third party websites.
12. Contact Novartis
|Address:||The Privacy Officer
Novartis Australia Pty Ltd
PO Box 101 (54 Waterloo Road)
North Ryde NSW 1670
|Phone:||02 9805 3555|
We will endeavor to respond within 20 business days to questions, concerns or requests. If you would like to access the personal information Novartis holds about you, please send us a request in writing. We will deal with your request within 20 business days. In certain circumstances – in accordance with privacy legislation - Novartis may deny access and reasons for the denial of access will be given in writing.
Our success depends on the creativity and performance of our associates.
On March 7th, 1996 Sandoz and Ciba-Geigy, the two Swiss-based chemical/life sciences giants, became Novartis.