Novartis Australia and New Zealand - Privacy Policy

1. Commitment to Privacy

Novartis Group Companies in Australia and New Zealand (Novartis) are bound by Privacy Principles and comply with these principles to the extent required in Australia by the Privacy Act 1988 (Cwth), Privacy Amendment (Private Sector) 2000 and in New Zealand, by the Privacy Act 1993. In this Policy, "personal information" refers to information from which a person’s identity can reasonably be ascertained and “health information” refers to information regarding a person’s physical or mental health. This Privacy Policy describes how we manage your personal and health information and safeguard your privacy.

Novartis has adopted Binding Corporate Rules (BCR), a set of principles governing the international transfer of personal information of Novartis associates, customers, business partners and other individuals whose data is collected or processed in the EU and in Switzerland. The approval of the Novartis BCR by EU and Swiss Data Protection Authorities allows Novartis to transfer your personal information from the EU and Switzerland to Novartis affiliates in other countries in compliance with EU and Swiss data protection laws.

 

2. Collection and Use of Personal and Health Information

Novartis processes personal and health information for specific and limited purposes which we inform you about when we ask you for information. For example, we may collect and use personal and health information to provide you with products or services, to bill you for products and services you request, for reporting to health and regulatory authorites and to communicate with you for other purposes. Personal information you provide to Novartis either verbally or in writing is used only to respond to your request and is otherwise kept private. Novartis keeps your data only for as long as is reasonably needed for such purposes and in accordance with any applicable legal reporting or documentation retention requirements. We may also use this information to send you certain product, health or other information which we consider to be of importance to you but we will give you the opportunity to tell us if you do not want to receive this information.

 

3. Disclosure of Information

We respect your privacy. Any personal or health information which we collect about you will be used by us to perform our functions of providing Novartis products and research and support services in respect of those products. Personal and health information collected may occasionally be transferred to third parties who act for or on behalf of Novartis , and to related companies of Novartis, including those located outside of Australia or New Zealand. Such third parties may operate different privacy policies. However, we endeavour to ensure that such third parties provide the same level of protection as Novartis and, where appropriate, we will contractually require them to process personal and health information transferred to them only for the purposes expressly authorised by Novartis. We will not share with third parties any identifiable health information about you without your consent. You may always revoke your consent at a later date. If consent is revoked Novartis may not be able to carry out certain requests made by you. Novartis will, where practicable, inform third parties to whom your information has been transferred of your withdrawal of consent.

 

4. Personal Information regarding Employees

Novartis complies with the privacy requirements which apply to personal information supplied by prospective employees, contractors or consultants. In Australia, legislation provides an exemption regarding human resources records of current and previous employee records so that Human Resources activities can be carried out. In New Zealand, standard privacy laws apply.

 

5. Right of Access

You have the right to access and update your personal and health information unless certain circumstances, set out in the Privacy Principles relevant to either Australia or New Zealand, apply. We take reasonable steps to ensure that any information we hold about you is up-to- date, accurate, and complete. If you wish to access or correct this information, please contact the Privacy Officer. Your request will be dealt with in a prompt and proper manner. No charge will be levied for requesting access or correction of your information, however, Novartis may charge a small fee to cover its costs of providing access.

 

6. Security and Confidentiality

Novartis takes reasonable steps to ensure the security and confidentiality of personal and health information that it collects. When information is collected on-line, it is subject to data networks protected, inter alia, by firewall and password protection. Access to personal and health information is restricted to those employees who have a need to use the data, who have been trained to handle such data properly and observe strict standards of confidentiality. If an employee breaches our policies and procedures he/she will be disciplined accordingly. Staff compliance with our policies and procedures is regularly audited and reviewed. While we cannot guarantee against any loss, misuse or alteration to data, we try to prevent such unfortunate occurrences.

 

7. Data Transfer Abroad

Novartis is part of a global enterprise with databases in different jurisdictions. Novartis may transfer your personal and health information to one of its databases outside Australia or New Zealand. We will ensure that if we transfer data to Novartis databases outside Australia or New Zealand, we will comply with any obligations we have under the respective Privacy Principles in relation to that transfer.

 

8. Anonymous Data and "Cookies"

Most of the information that Novartis collects when you visit our website is anonymous information, such as the pages you visit and searches you perform, which is processed by Novartis to help improve the contents of the website and to compile aggregate statistics about use of the website for internal, market research purposes. To collect this anonymous information, "cookies" may be sent via your browser and installed on your hard drive that collect the first level domain name of the user (e.g., "bigmail.com" from an e-mail address of "john@bigmail.com") and the date and time of access. "Cookies" by themselves cannot be used to discover the identity of the user. A "cookie" is a small piece of information which is sent to your browser and stored on your computer's hard drive. You can set your browser to notify you when you receive a "cookie", this will enable you to decide if you want to accept it or not.

 

9. Spamming

Novartis does not condone "spamming". Spamming is defined as sending unsolicited e-mails, usually of a commercial nature, in large numbers and repeatedly to individuals with whom the sender has had no previous contact or who has declined to receive such communications. If you contact us by e-mail and Novartis believes that certain product, health, or other information is of importance to you, we may inform you by e-mail but will give you the choice to opt out of receiving further communications of this type.

 

10. Personal and Health Information of Children

Novartis will not knowingly collect, use or disclose personal and health information from a minor without obtaining prior consent from a person with parental responsibility (e.g., a parent or guardian) through direct off-line contact. We will provide the parent with (i) notice of the specific types of information being collected from the minor, and (ii) the opportunity to object to any further collection, use, or storage of such information.

 

11. Contact Novartis

If you have any queries or complaints about our compliance with this Privacy Policy, or if you would like to make any recommendations or comments to improve the quality of our Privacy Policy, please contact the Privacy Officer at:

Address:	The Privacy Officer Novartis Australia Pty Ltd PO Box 101 (54 Waterloo Road) North Ryde NSW 1670
Phone:	02 9805 3555
Website:	www.novartis.com.au

 

12. Changes to our Privacy Policy

We aim to constantly improve the tools available to you to manage the data that you provide to us, and from time to time we may amend this Privacy Policy. Please refer to this page regularly to ensure you are familiar with our current Privacy Policy.