1.Pledge on Privacy
The term “personal information” as used in this Policy refers to information from which your identity can reasonably be ascertained. Novartis is bound by the National Privacy Principles and complies with these principles to the extent required by the Privacy Act 1988 (C’th) .The next sections explain how and when we collect personal information from you.
2.Collection and Use of Personal Information
Novartis processes personal information for specific and limited purposes which we inform you about when we ask you for information. For example, we may collect and use personal data to provide you with products or services, to bill you for products and services you request, to market products and services which we think may be of interest to you, or to communicate with you for other purposes. Information you send to our customer service department is used only to help resolve your problem and is otherwise kept private. Novartis keeps your data only for as long as is reasonably needed for such purposes and in accordance with any applicable legal reporting or documentation retention requirements. We only collect personal information from you when you visit the Site if you use the “Contact Us” facility to send us an email. In this case we will use your personal information to respond to your email. We may also use this information to send you by e-mail certain product, health or other information which we consider to be of importance to you but will give you the opportunity to tell us if you do not want to receive this information.
3.Disclosure of Information
Personal information collected from users of the Site may occasionally be transferred to third parties who act for or on behalf of Novartis (such as our service providers, including mail houses, call centres and IT consultants), and to related companies of Novartis, including those located outside Australia . Such third parties may operate different privacy policies. However, we endeavour to ensure that such third parties provide the same level of protection as Novartis and, where appropriate, we will contractually require them to process personal information transferred to them only for the purposes expressly authorised by Novartis. We will not share with third parties any data about you that is sensitive (e.g., medical information) in the absence of your prior and explicit consent. Your consent may always be revoked at a later date. If consent is revoked Novartis may not be able to carry out certain requests made by you. Novartis will, where practicable, inform third parties to whom your data have been transferred of your withdrawal of consent.
4.Right of Access
You have the right to access and update your personal information unless certain circumstances, set out in the National Privacy Principles, apply. We take reasonable steps to ensure that personal information we hold is up-to-date, accurate, and complete. If you wish to access or correct your personal information held by us, please contact the webmaster. Your requests will be dealt with in a prompt and proper manner in accordance with the National Privacy Principles. No charge will be levied for requesting access or correction of your personal information, however, Novartis may charge a small fee to cover its costs of providing access.
5.Security and Confidentiality
Novartis takes reasonable steps to ensure the security and confidentiality of personal information that it collects on-line. Novartis uses data networks protected, inter alia, by firewall and password protection. Access to personal information is restricted to those employees who have a need to use the data, who have been trained to handle such data properly and observe strict standards of confidentiality. If an employee breaches our policies and procedures he/she will be disciplined accordingly. Staff compliance with our policies and procedures is regularly audited and reviewed. While we cannot guarantee against any loss, misuse or alteration to data, we try to prevent such unfortunate occurrences.
6.Data Transfer Abroad
Novartis is part of a global enterprise with databases in different jurisdictions. Novartis may transfer your personal information to one of its databases outside Australia. We will ensure that if we transfer data to Novartis databases outside Australia we will comply with any obligations we have under the National Privacy Principles in relation to that transfer.
7.Anonymous Data and “Cookies”
Most of the information that Novartis collects when you visit the Site is anonymous information, such as the pages you visit and searches you perform, which is processed by Novartis to help improve the contents of the Site and to compile aggregate statistics about use of the Site for internal, market research purposes. To collect this anonymous information, “cookies” may be sent via your browser and installed on your hard drive that collect the first level domain name of the user (e.g., “bigmail.com” from an e-mail address of “firstname.lastname@example.org”) and the date and time of access. “Cookies” by themselves cannot be used to discover the identity of the user. A “cookie” is a small piece of information which is sent to your browser and stored on your computer’s hard drive. You can set your browser to notify you when you receive a “cookie”, this will enable you to decide if you want to accept it or not.
Novartis does not condone “spamming”. Spamming is defined as sending unsolicited e-mails, usually of a commercial nature, in large numbers and repeatedly to individuals with whom the sender has had no previous contact or who have declined to receive such communications. If you contact us by email and Novartis believes that certain product, health, or other information is of importance to you, we may inform you by e-mail but will give you the choice to opt out of receiving further communications of this type.
9.Personal Information and Children
Novartis will not knowingly collect, use or disclose personal information from a minor under the age of 13, without obtaining prior consent from a person with parental responsibility (e.g., a parent or guardian) through direct off-line contact. We will provide the parent with (i) notice of the specific types of personal information being collected from the minor, and (ii) the opportunity to object to any further collection, use, or storage of such information.
10.Links to Other Sites