PRIVACY POLICY
SWISSE PRIVACY POLICY
Updated as of 02/08/2018.
The privacy of your Personal Data is important to Swisse Wellness Pty Ltd. and its related companies and affiliates (referred to collectively as “Swisse Wellness”, “we” or “our”) and we are committed to ensuring that your Personal Data is handled responsibly, in accordance with the applicable Data Protection Legislation.
To better inform you about your privacy, this Privacy Policy describes how we collect, disclose, use, store or otherwise handle your Personal Data when you visit Swisse.com, Swisse.com.au, and any related subdomains (e.g. careers.swisse.com) (the “Swisse Websites” or “our Websites”).
The following articles make up our Privacy Policy. For immediate access to a particular topic, click on the title of that topic.
- Data protection legislation
- Data controller
- Personal Data we collect and hold;
- Information you provide us;
- Information we collect from third parties;
- Information we automatically collect from you;
- Use of cookies and other tracking systems;
- Purpose for which we collect, hold, use and disclose your Personal Data;
- Consequences for you if your Personal Data is not provided to us;
- Disclosures of Personal Data to third parties;
- Storage and transfer of your Personal Data to other countries;
- How Personal Data if held and protected;
- Accessing and correcting your information;
- Privacy complaints or disputes;
- Rights of users in the European Economic Area;
- Changes to this Privacy Policy; and
- Contacting us about privacy.
DATA PROTECTION LEGISLATION
We observe the Privacy Act 1988 (Cth) (“Privacy Act”) including the Australian Privacy Principles (“the APPs”) (hereinafter jointly referred to as the “Australian requirements”).
In addition, we adhere to the European Data Protection Legislation as described below to the extent it applies to the Personal Data we process about you.
For the purpose of this Privacy Policy, “European Data Protection Legislation” means all applicable legislation relating to data protection, including the EU General Data Protection Regulation 2016/679 (“GDPR”) and all legislation implementing or made under or pursuant to or replacing or superseding the GDPR. Where this Privacy Policy uses terms, which are defined in the GDPR, then the definitions set out in the GDPR will apply.
“Personal Data” is data relating to you from which you can be reasonably identified. Examples of Personal Data include your full name, postal address, email address and telephone number. We recognise that your Personal Data is valuable and process your information in accordance with the Australian requirements and European Data Protection Legislation (hereinafter jointly referred to as “Data Protection Legislation”).
DATA CONTROLLER
Swisse Wellness Pty Ltd. is responsible as data controller for the processing of your Personal Data collected on the Swisse Wellness websites under the European Data Protection Legislation and the Australian requirements as applicable.
PERSONAL DATA THAT WE COLLECT AND HOLD
We collect Personal Data to allow us to provide you with services and deliver information on the products and/or services offered by us. We make sure that the Personal Data we collect from you is necessary for and directly related to this purpose.
The type of Personal Data that we collect from you, will vary depending on the circumstances in which we are dealing with you. This information may include:
- Personal details about you such as your name, gender, date of birth, residential and business addresses, telephone numbers, email and other electronic addresses;
- If you have registered on our website, we may collect any information from your browser and our servers that may be connected to the contact details you gave when you registered, such as username, password, profession, company, etc. Other details relating to your relationship and dealings with us, including if we deal with you in a capacity other than a customer (for example, if you have applied for a position with us, pre-employment history, income, results of aptitude and other tests, contact and emergency details).
- Information that you voluntarily provide to us through your responses to competitions, surveys, search functions, questionnaires, feedback, ratings and reviews and the like.
Credit card information we collect from you will go directly to our processor or bank and no personnel of Swisse will have access to this data. If you choose to purchase a product from us, our third party payment processors will collect your payment information, and none of our personnel will have access to this data.
As a general rule, we do not collect sensitive information about you, such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health or condition, sexual orientation and judicial or criminal records (“Sensitive Information”). However, in circumstances where we require Sensitive Information from you for a lawful purpose, for example for the purpose of providing our services to you, we will seek your consent to collect Sensitive Information prior to collecting it.
We collect such Personal Data from you in a number of ways, including:
- directly from you, such as when you enter your personal details on our websites (for example during registration or application for products and services), when you provide information by phone or in documents such as an application form;
- from our affiliated companies;
- from your representatives;
- from our agents or service providers when engaged by us to do so or by other third parties, such as from referees, to verify the information you have provided us or to assist us to locate or communicate with you
- from sources where you’ve made your information publicly available;
- from credit-reporting and fraud-checking agencies and credit providers for credit related purposes such as credit worthiness, credit rating, credit provision and financing;
- from our own records of your dealings with us; or
- when legally required to do so.
We make sure that the way we collect data from and about you is lawful and fair in your circumstances.
We take all practical steps to ensure that you are informed of what data you are obliged to provide us, what data you may voluntarily provide us and what we may do if you do not provide us with data which you are obliged to provide.
PURPOSES FOR WHICH WE USE INFORMATION YOU PROVIDE US
This is information you give us when you enter your personal details on the Swisse Websites (for example during registration or application for products or services) or by contacting us via post, phone, e-mail or otherwise, in the context of your communication with Swisse. We will use your Personal Data to:
- Identify you. We do this because it is in our legitimate interest to make sure that your enquiry is genuine and is not being made for fraudulent reasons or is spam. We may also do this because we may be subject to legal obligations which require us to confirm the details that you provide us with before entering into a relationship with you.
- Create an account when you register with us. We will do this because it is in our legitimate interest to use your Personal Data to communicate with you, to respond to your requests and to develop the relationship between us in the context of establishing and operating your account. If you submit Personal Data comprising an email address to Swisse, we may send you product and/or service related emails (e.g. transactional emails, service and policy updates in respect of matters related to or arising from the use of this Website) because it is in our legitimate interests to keep you informed of your account activities or service changes. It may also be necessary for us to:
- use your Personal Data to perform an agreement with you, where we would be unable to provide those services without that information;
- use your Personal Data to comply with a legal obligation relating to how we manage our relationship with you.
- Provide, administer and manage services and carry out obligations arising from any contracts entered into between us, such as but not limited to online purchases. In these circumstances, we will use your Personal Data to perform an agreement with you because we would be unable to provide those services without that information;
- Monitor your use of the Website to ensure that content from our Website is presented in to the most effective manner, to view given your device and to help the further development of the Website by compiling aggregate statistics about our users to analyse Website usage. We do this because it is in our legitimate interests to understand user behaviour so that we can ensure that we present information on the Website that is of most interest to users and to ensure that information is displayed to you correctly and in a user friendly way;
- To enable Swisse to conduct research and/or analysis on the use of its Website and to evaluate and improve the products and/or services offered by Swisse. We do this because it is in our legitimate interests to understand the trends in the use and popularity of our products and services so that we can adapt existing and offer new services based on this research and analysis;
- Conduct communications between you and Swisse and respond to feedback with regard to your needs and expectations of services and/or products offered by Swisse. We will do this because it is in our legitimate interest to use your Personal Data to communicate with you, to respond to your requests about the services and facilities you require and to develop the relationship between us in the context of your use of our Website;
- Fulfil recruitment and staffing purposes. We will use your Personal Data to consider and decide how to respond to your enquiry because it is in our legitimate interests to use your Personal Data to consider whether we have any suitable job vacancies and to contact you about them. It may also be necessary for us to use your Personal Data to comply with a legal obligation relating to how we manage our business.
- Comply with various Australian laws, which may either expressly or in effect, require us to collect your Personal Data. Such laws include the Commonwealth Taxation Administration Act, Income Tax Assessment Act and other taxation laws (for example, to comply with information requests issued by the Federal Commissioner of Taxation) and employment laws (for example the Fair Work Act).
- Provide you with information related to Swisse including the products, services, news, events and other privileges, benefits and other advantages from time to time offered by Swisse, where you have opted in to receive this information.
When you opt-in to receive communications from us, you are giving your consent for your Personal Data to be used by us to contact you (depending on your selection) by email, direct mail and telephone, and to deliver personalized Website experiences, to share information about relevant products and services, news and events in relation to Swisse’s offering.
We shall not use your Personal Data for marketing communications unless we have received your consent. Your consent may be communicated to us without charge by checking the opt-in / consent box in this Website or by writing to our Data Protection Officer, Aaron Xie at:
aaron.xie [at] hh.global
Data Protection Officer
111 Cambridge Street
Collingwood, Victoria
AUSTRALIA 3066
If you subsequently decide that you do not want to receive correspondence from us about the services we could provide, you are entitled to withdraw your consent to us contacting you by clicking the “unsubscribe” link provided in a promotional email message, by amending your communication preferences or by contacting our Data Protection Officer at aaron.xie [at] hh.global or by post at 111 Cambridge Street Collingwood, Victoria AUSTRALIA 3066. Withdrawing your consent will not affect our use of the Personal Data prior to you withdrawing that consent but it will mean that we will not be able to contact you about the services we may be able to offer you or your business in the future.
We will let you know where you must provide us with Personal Data in order to perform an agreement with you or your business or to comply with a legal obligation. If you do not provide us with the Personal Data in these circumstances, we may be unable to respond to your enquiry and/or engage in further communications with you.
INFORMATION WE COLLECT FROM THIRD PARTIES
We may use information provided to us by third parties that operate automated tracking technologies on third party websites, information you may have made publicly available or information provided by third party sources, such as marketing opt-in lists or data aggregators.
PURPOSES FOR WHICH WE USE INFORMATION WE AUTOMATICALLY COLLECT FROM YOU
When you visit the Swisse websites, we may automatically collect information such as your IP address and browser type using cookies, log files, and pixel-tags (also called web beacons). This automatic data is primarily used for delivering and optimising services offered by us, such as:
- authenticating your identity and confirming whether you are currently logged in as you move through the Website. Your browser allows us to place some information (e.g., session based IDs and/or persistent cookies) on your computer’s hard drive that identifies the computer you are using.
- tracking your usage across our Swisse Websites in order to provide you with relevant, personalised content;
- improving our services, whereby we may occasionally display different versions of content to you and measure your usage of our web site pages.
To the extent this information constitutes Personal Data, we use it to ensure that content from the Swisse Websites is presented in the most effective manner for you and your device because it is in our legitimate interest to improve our customers’ online experience in relation to the Swisse websites.
Cookies
Cookies are small data files which are placed on your browser and the hard drive of your computer, mobile or other handheld device as you browse the Swisse Websites. We use cookies to store information about your visit to the Swisse Websites and distinguish you from other users.
The use of cookies helps us to provide you with a good browsing experience when you visit our websites by displaying content effectively and obtaining and analysing statistics about the use of our websites. By continuing to use the Swisse websites you consent to our use of cookies as explained in this Privacy Policy.
The use of cookies allows us to automatically personalise the Swisse websites’ content for you and remember your preferences. It also allows you to participate in interactive features on the Swisse websites, when you choose to do so. Our technology works by remembering your engagement with the site and how the site interacts with you. This may include automatically providing with a custom website experience based off your interactions with the site and making suggestions and recommendations to you about our Services that may be of interest to you.
The following information sets out the types of cookies used on the Swisse websites and provides detail about what they are used for. When you use the Swisse websites for the first time, cookies which are essential to make the Swisse websites operate (see those identified as “essential cookies” below) will have been set but other cookies will not have been set unless you agreed to those cookies being set at that time. If you have agreed to accept cookies then the Swisse websites will remember this and continue to set cookies each time you visit. If you do not want cookies to be stored, then you may, via your browser, turn off certain cookies listed below individually or you can select the appropriate options on your web browser to delete some or all cookies. Please note, however, that if you block some or all cookies (including essential cookies) you may not be able to use or access all or parts of the Swisse websites, such as being able to log on to member specific areas.
WHAT TYPES OF COOKIES DO WE USE?
We use a number of different cookies, outlined below:
Session-based cookies:
- These cookies store temporary information essential to the site in order to display its content and are usually deleted when you close your browser.
Persistent cookies:
- These cookies are stored in your browser for a set amount of time and stay on your computer after you close your browser. They usually contain information you may want to keep from session to session (e.g. your location or username).
First party cookies:
- These are ‘our’ cookies – the ones that we set up on your device and allows us to recognise you when you return to the website. It also helps keep track of your activity as you move page by page through our website and enables us to personalise our content and remember your preferences (for example, your choice of language or region).
Third party cookies:
- Other websites or servers set these cookies up on our behalf, or allow us to access their cookies for activities such as tailored advertising, or tracking our ads’ performance on other websites.
These cookies serve a function of:
Authentication, Security, Basic Functionality
- Sometimes called “essential cookies”, these cookies are needed for our websites to work properly. Without these cookies, core site services, such as accessing secure areas, can’t be provided. Some of these cookies even help us to detect fraud and keep the sites secure. These cookies don’t gather information about you and are not used for marketing or remember where you’ve been online.
Site Performance
- These cookies collect information about how our sites are performing. For example, they tell us which content is popular, which pages create errors, or how people are moving around our sites. The information they collect is anonymous, and is used to help us improve how the websites works.
Preferences
- These functional cookies are all about the choices you make both on our sites and our advertising partners’ sites. They store information about your choices (such as your user name, language or the region you’re in) and tailor your internet experience to provide relevant features and content for you, such as localised information or news. These cookies can also be used to remember changes you’ve made to text size, font and other customisable content.
- Without these cookies, our website won’t remember any choices you’ve previously made, or personalise your browsing experience.
Advertising, Marketing and Analytics
- These cookies help us tailor our marketing information online. They do things like limit the number of times you see an ad, as well as help us to measure the performance of our advertising – if you don’t like what you see, we want to know it. On the other hand, if you are interested in a particular topic, we want to help you get the best information we have.
- These cookies help us deliver ads that are more relevant both on our sites and our advertising partners’ sites. They remember that you have visited a particular website, and this information may be shared between us and other organisations, such as advertising partners. They also help us get a better understanding of you, your needs, your behaviours and how you interact with us so we can engage in product and service research, development and business strategy.
- If you would like to disable cookies, you can set your web browser to reject cookies. However, if you disable the cookie function, you may not be able to access or receive all the information contained on the Swisse websites. How to alter your cookie setting will depend on the type of browser you use. We have provided examples of how to disable cookies on the most popular browsers below:
Microsoft Internet Explorer
- choose the “tools” menu then “Internet Options”;
- click on the “privacy” tab; and
- select the appropriate setting.
Mozilla Firefox:
- choose the “tools” menu then “Options”;
- click on the “privacy” menu then “Options”;
- click on the “privacy” icon; and
- find the “cookie” menu and select the relevant options.
Please note that Google and other third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies as a result of you visiting other websites, over which we have no control.
CONSEQUENCES FOR YOU IF YOUR PERSONAL DATA IS NOT PROVIDED TO US
If you do not provide us with the Personal Data we ask for or the information provided is incorrect or incomplete, we might not be able to provide you with our products or services.
DISCLOSURES OF PERSONAL DATA TO THIRD PARTIES
We do not provide any Personal Data provided by you to any third parties other than to our affiliated companies, where required by law or as set out in this Privacy Policy. We will not sell, trade or rent your Personal Data to others.
However, we may disclose your Personal Data for the purposes listed above or as otherwise permitted by the Data Protection Legislation. By visiting the Swisse Website, you agree to disclosures to the following third parties:
- related entities, commercial partners (including parties with whom we have various types of commercial arrangements) and affiliates;
- service providers;
- other companies and individuals which we employ to provide you promotional and informational offers on behalf of Swisse Wellness, such as email marketing services (e.g. analysing customer lists, deliverability statistics, opens and clicks), marketing assistance or consulting services. These third parties may have access to information needed to perform their function but can not use that information for any other purpose;
- advertisers, which may collect aggregated statistics from the Swisse websites;
- payment processors who will collect your payment information if you choose to purchase a product from us;
- credit reporting agencies and other financial institutions including our own bankers, service providers; our professional advisers, such as our accountants, auditors and lawyers, insurers and industry groups having a legitimate reason to receive such information.
- other persons that we need to deal with in connection with engagement of staff (such as training or medical providers, insurers, next-of-kin, referees); and
- other persons and entities as permitted under the Privacy Act (such as insurers).
STORAGE AND TRANSFER OF YOUR PERSONAL DATA TO OTHER COUNTRIES
If you provide Personal Data to Swisse, it may be transferred to, processed in, stored at or accessible from a destination outside Australia or the European Economic Area (“EEA”), such as New Zealand, Canada, China, the USA and Switzerland, or any other country in which Swisse Wellness or its service providers maintain facilities. All practical steps are taken to ensure that all data is treated confidentially, kept secure and protected against unauthorised or accidental access, processing, erasure or other use and is maintained and kept no longer that is necessary for the purpose for which it is intended.
Swisse Wellness is located in Australia, which is a territory not currently been deemed to offer adequate data protection by the European Commission. If you provide your Personal Data to us in circumstances where our processing of it is subject to European Data Protection Legislation, please note that you are doing so on the basis that you explicitly consent to the transfer of your data outside the EEA. The potential consequence of you explicitly consenting to this are that there is a risk that your Personal Data will not be protected in a manner that complies with European Data Protection Legislation. You can withdraw your consent for this reason at any time by emailing us at SwisseCustomerService [at] hh.global. Withdrawing your consent will not affect our use of the Personal Data prior to your withdrawing that consent but it will mean that we may not be able to contact you about the services we may be able to offer you in the future.
Where we pass your Personal Data that is subject to European Data Protection Legislation from a location inside the EEA to parties located outside the EEA that do not offer adequate protection as determined by the European Commission, and if they are not subscribed to an approved data protection framework, such as the EU-US Privacy Shield that permits us to transfer the Personal Data to them from the EEA, we will enter into agreements which enable us to transfer Personal Data to them and that enable you to exercise your rights in accordance with the European Data Protection Legislation. A copy of these terms can be obtained by emailing us at aaron.xie [at] hh.global.
HOW PERSONAL DATA IS HELD AND PROTECTED
Swisse Wellness will only store the Personal Data as long as Swisse Wellness considers it necessary or beneficial for the purposes set out in this Privacy Policy or for regulatory, audit or record-keeping purposes.
We will keep a record of the Personal Data that we receive from you in order to answer your query, respond to a request for more information about the services, or in response to an enquiry from one of our existing suppliers. Subject to legal requirements, we will only retain the Personal Data collected from a user for as long as the user’s account is active or has otherwise not been cancelled and the user has not requested that their Personal Data be deleted. We will retain Personal Data to fulfil the purposes for which we have initially collected it, unless otherwise required by law. All Personal Data will be retained only as necessary to comply with our legal obligations.
We will delete our copy of your Personal Data 7 years from the end of our contact with you or when we are no longer required by law to retain it (whichever is later), although we may retain a record of the existence of the relationship, to the extent and for so long as we are required to do so by law. For example, if you have contacted us to ask us for the processing of your Personal Data to be erased, we will retain a record of your request in order to ensure we comply with your wishes.
Your Personal Data may be stored in hard copy documents or in electronic form in our computer systems. In particular, your Personal Data, will be stored in 128 SSL bit encryption on database servers at our data centres or at data centres owned by third party hosting companies.
We have implemented appropriate technical and organizational security measures to help safeguard your Personal Data, help prevent unauthorized access, unauthorized interference, help maintain data security and to limit use of your Personal Data to what is allowed by this Privacy Policy. We have implemented technology and security policies, rules, and other reasonable steps to protect your Personal Data from loss, modification, unauthorized access, unauthorised interference, improper use, improper alteration, unlawful or accidental destruction, or accidental loss.
You should keep in mind that Internet transmissions (including emails) are never completely secure or error-free. As such, you should take steps to protect yourself, especially online and take special care in deciding what information you send to us via e-mail or other transmissions. Moreover, where you use passwords, ID numbers, or other special access features on the Websites, it is your responsibility to safeguard them. You should choose a strong password, do not use the same password that you use on other websites and do not share your password with anyone else. Also remember to sign out of our Websites and close your browser window when you have finished to ensure that others who may have access to your computer cannot access your Personal Information.
ACCESSING AND CORRECTING YOUR INFORMATION
You have a right to access the Personal Data that we hold abut you at any time, subject to certain exemptions under the Privacy Act.
We will take all reasonable steps to ensure that the Personal Data we collect, use or disclose is accurate, complete, up-to-date and relevant to our dealings with you and the nature of our relationship with you.
If you would like to request access to your Personal Data or correction of your Personal Data held by us, you may contact us in writing. The relevant contact details are provided below (see “Contact us”).
PRIVACY COMPLAINTS OR DISPUTES
If you believe your Personal Data has not been treated consistently with this Privacy Policy or the Privacy Act, please contact us (see “Contact us” below). We will investigate your privacy complaint and respond to you as soon as practicable. We aim to resolve all complaints we find are justified.
If you are unhappy with the handling of your complaint you may refer the complaint to the Office of the Australian Information Commissioner (visit www.oaic.gov.au for more information).
- RIGHTS OF USERS IN THE EUROPEAN ECONOMIC AREA
- With respect to the Personal Data that Swisse Wellness collects about you from the Swisse Wellness websites, to the extent that you are located in the EEA, under the European Data Protection Legislation you have the right to:
- request access to that Personal Data;
- receive a copy of the Personal Data that you have provided to Swisse Wellness in a structured, commonly used and machine readable format so that you can share it with others;
- request the transfer of your Personal Data to another party;
- ask that Personal Data be erased;
- object to us possessing your Personal Data by asking for the processing of that Personal Data to be restricted or stopped. For example, if Swisse Wellness uses Personal Data for marketing purposes or to make other decisions automatically; and
- make a complaint to a European data protection authority about the manner in which Swisse Wellness processes your Personal Data. The contact details for the European data protection authorities can be found at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Please contact Swisse Wellness Customer Service to exercise these rights or for additional information at SwisseCustomerService [at] hh.global.
In addition to the above, you have the right to review, update, and correct your account information and preferences at any time by managing your account’s Profile page. If there is any information that you are not able to edit or delete, contact our Customer Service to help you make the amendments.
You have the right to request for your account to be terminated and your information to be deleted when there is no longer a legitimate or legal reason for us to keep your Personal Data.
On the other hand, if you wish to change or use other services affiliated to us, you may request for your Personal Data to be transferred or transmitted.
CHANGES TO THIS PRIVACY POLICY
We may, from time to time, review and update this Privacy Policy including, to take into account new laws, regulations and technology. Any changes we make to this Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email.
All Personal Data that we collect, use, hold and disclose will be governed by the most recent Privacy Policy that has been posted on the Website. Please check back frequently to see any updates or changes to this Privacy Policy, which will be effective immediately when posted on this website or notified to you as applicable.
CONTACT US
If you wish to contact us about the privacy-related matters described above or find out more information about our privacy practices, please use the contact details below:
Privacy Officer
PrivacyOfficer@swisse.com
Swisse Wellness Pty Ltd
Privacy Officer
111 Cambridge Street
Collingwood, Victoria
AUSTRALIA 3066
Or
Data Protection Officer
Aaron.Xie@hh.global
Data Protection Officer
111 Cambridge Street
Collingwood, Victoria
AUSTRALIA 3066