The Paediatric Nurse (ABN 19 194 900 750) the (TPN, we, us and our) owns and operates the website located at www.thepaediatricnurse.com (the website).
We are an Australian business and conduct our Australian operations in accordance with the Australian Privacy Act 1988 (Cth) (the Privacy Act) and the Australian Privacy Principles (the APPs) which form part of that Privacy Act.
What is Personal Information?
Personal information is information or an opinion about an individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in material form or not. Sensitive information is a subset of personal information and has the meaning given to it in the Privacy Act.
Sensitive information means information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health, genetic or biometric information. We do not knowingly collect, hold or use such information. If we become aware that such information has inadvertently been collected or is inadvertently held by us, we will destroy it.
What personal information do we collect?
We may collect personal information from you when you order on or subscribe to the website and through your dealings with us including by telephone, email, SMS, face-to-face and other methods.
Information we collect may include, but is not limited to, the following:
- Your name;
- Your personal address;
- Your email address;
- Your payment details including bank details or credit/debit card details; and
- Other relevant information as required to provide our services.
If your personal details change, it is your responsibility to update TPN with those changes, so that we can keep our records complete, accurate and up to date.
In addition to data collected from your submissions, we may also collect data on your internet behaviour from third parties.
When you access and use our website we may record and log for statistical purposes certain information about such access and use, including your IP address, the date and time of your visit, the parts of our website you access during your visit, your actions on our website.
In situations where we are required to combine personal information about identified or identifiable individuals as provided to us about one customer with personal information about that individual as provided to us by another customer or from publicly available sources, wherever reasonably practicable we will use reliable and verifiable anonymisation and de-identification techniques which ensure that the risk of any individual being reasonably identifiable in relation to the combined personal information is remote.
Where we collect and use personal information about any identifiable individual from a publically available source, we assess whether the collection and use is made a manner both reasonably contemplated and permitted by the provider of that publicly available source. Where the collection and use is made a manner both reasonably contemplated and permitted by the provider of that publicly available source, we rely upon that provider to:
- comply with relevant national privacy laws applying to the provider’s activities; and
- to provide the necessary notices as required by relevant national privacy laws to that identifiable individual and to obtain the necessary consents from that individual to permit collection and disclosure by the provider of that publicly available source of that personal information, including disclosure in a manner reasonably contemplated and permitted by the provider of that publicly available source.
As well as collecting information directly from you, there may be occasions when we collect information about you from a third party. In such instances, we will determine whether we would have been entitled to collect such information from you and where we consider that we would not have been entitled to do so, we will destroy or de-identify such information as soon as reasonably practical.
You do not have to provide us with any personal information if you choose not to, however if you do not provide us with your personal information, we may not be able to provide you with our services. If you wish to remain anonymous, do not use the website.
Please note that rejecting cookies may mean that some or all of the functions on our website will not be available to you. In particular, cookies must be enabled to access and use any part of our website for placing orders.
How is your personal information used?
The personal information that we collect is generally used to provide our services to you, and, if you use our website, to track your usage and to evaluate the performance of our website.
More specifically, your personal information may be used by TPN for:
- allowing you to use our services;
- identification and authentication;
- accounting, invoicing and billing purposes;
- to protect TPN and the users of the website;
- to provide, maintain, protect and improve our services;
- as required by law, order of a court, tribunal or regulator or if TPN reasonably believes that the use or disclosure of the information is reasonably necessary for enforcement related activities;
- to ensure that TPN receives payment of the fees due to it;
- to contact you;
- to conduct research;
- marketing and promotional purposes; and
- as otherwise permitted under the Privacy Act.
When you contact TPN, we may keep a record of the communications between you and TPN to help resolve any issues you might have.
If we collect, use or disclose any information from you that is not personal information, but is sensitive information such as information relating to police checks conducted on users of the website, then we will seek consent directly from you each time we collect, use or disclose your sensitive information, including for direct marketing purposes. We will not use or disclose your sensitive information for any other purpose unless the purpose is directly related to the primary purpose for which your sensitive information was collected. You may opt out of receiving any marketing information by notifying us accordingly, or using any unsubscribe facility we provide for that purpose.
Disclosure of your personal information
We do not sell, rent or trade personal information to or with any other third parties.
We will not otherwise disclose your personal information to any third party unless:
- that third party is a contractor engaged to provide goods or services to us (including goods or services that assist us in providing our website). This may include disclosure to contractors outside of Australia. Our agreements with such contractors require that they keep your personal information confidential, and that they only use or disclose your personal information for the purposes of providing those goods or services to us. For example, we use Shopify to power our online store. We also use Google analytics to help us understand how our customers use our site and third party carriers or couriers to deliver our products;
- such disclosure is in connection with the sale of some or all of our business or assets; or
- you have consented for us to share the information for this purpose, or the disclosure is authorised by the Privacy Act including:
- to lessen or prevent a serious threat to life or health;
- to protect the personal safety of users of our website or the public;
- if authorised or required by law;
- if we have reason to suspect that unlawful activity has been, is being or may be engaged in;
- to enforce the law or where necessary to investigate a suspected unlawful activity; or where
- you would reasonably expect or we have told you that your personal information is usually used or disclosed to third parties in this way.
Access and correction of your personal information
We will, on request, provide you with access to the information we hold about you, including for the purpose of correcting or updating that information, unless there is an exception to such disclosure which applies under the APPs.
If you require access to your personal information, please email: email@example.com
Before we provide you with access to your personal information we will require some proof of identity.
For most requests, your information will be provided free of charge, however, we may charge a reasonable fee if your request requires a substantial effort on our part.
If we refuse to provide you with access to the information, we will provide you with reasons for the refusal and inform you of any exceptions relied upon under the APPs (unless it would be unreasonable to do so).
We take reasonable steps to ensure that your personal information is accurate, complete, and up-to-date whenever we collect or use it. If the personal information we hold about you is inaccurate, incomplete, irrelevant or out-of-date, please contact us and we will take reasonable steps to either correct this information, or if necessary, discuss alternative action with you.
How we hold and secure your personal information
The security of your personal information is important to TPN. We take reasonable steps to prevent the personal information we hold about you from misuse, interference or loss, and from unauthorised access, modification or disclosure. This includes the use of technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect the privacy of your personal information.
We will take all reasonable steps to protect the information we hold about you from unauthorised access, use and disclosure, however we cannot guarantee the absolute security of that information, or that our systems will be completely free from third party interception or are incorruptible from viruses. We cannot and do not guarantee that information you send from your computer to us over the Internet will be protected by any form of encryption. We therefore cannot and do not ensure or warrant the security or privacy of your personal information, including payment and account details.
You transmit your personal information to us at your own risk.
EU General Data Protection Regulation (GDPR)
This section relates to how TPN complied with GDPR.
As an information subject whose personal information we collect and process, you have certain rights. If you wish to exercise any of these rights, then please contact us using the contact details supplied below. In order to process your requests, we will ask you to provide two valid forms of identification for verification purposes.
Your rights are as follows:
- The right to be informed. As an information controller, we are obliged to provide clear and transparent information about our information processing activities. This is provided by this policy and any related communications we may send to you.
- The right of access. You may request a copy of the personal information we hold about you. We will always provide this free of charge. Once we have verified your identity and, if relevant, the authority of any third-party requestor, we will provide access to the personal information we hold about you as well as the following;
- The categories of personal information concerned
- The purpose for processing the personal information
- If applicable, who we have disclosed the information to
- The proposed or planned retention period for that information
- The source of personal information, if collected from a third party
- The right to rectification. If you feel we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete it. This may be used in conjunction with the right to restrict processing (see below) to make sure that incorrect or incomplete information is not processed until it has been rectified.
- The right to erasure. Often referred to as the ‘right to be forgotten’. Where no overriding legal basis or legitimate reason continues to exist for processing your personal information, you have the right to request that we delete that information. We will always take all reasonable steps to ensure the erasure or deletion of your information.
- The right to restrict processing. You have the right to ask us to stop processing your personal information. We will still store the information, but will not process it further. This right is an alternative to the right to erasure. If any of the following conditions apply, then you may exercise your right to restrict processing;
- You contest accuracy of your personal information and we are verifying it.
- Your information has been unlawfully processed.
- We no longer need the personal information for processing but the personal information is required for part of a legal process (e.g. establishing, exercising or defending a legal claim).
- You have exercised your right to object and processing is restricted pending a decision on the status of that processing.
- The right to information portability. You may request personal information which we hold, to be transferred to you, another controller, processor or third party. We must ensure we provide it in a commonly used and machine readable format. This right only applies because our lawful basis for processing is either consent or for the performance of a contract.
- The right to object. You have the right to object to our processing of your information. This applies when processing is;
- Based on your legitimate interests (or those of a third party);
- For the purposes of direct marketing;
- For research purposes (scientific, historic or statistical); and
- Based upon public tasks or legitimate interests.
How to contact us
Our contact details are:
The Paediatric Nurse (ABN 19 194 900 750)
Tel: 0403 458 168
If you wish to make a complaint about an alleged breach of the Privacy Act, we ask that you send us your complaint in writing to the email address listed above. We endeavour to respond to complaints within a reasonable period (usually 2 business days).
If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner by phoning 1300 363 992 or by email at firstname.lastname@example.org.