About this document
Personal Information has the meaning given under the Privacy Act and includes Sensitive Information.
Privacy Act means the Privacy Act 1988 (Cth) including the Australian Privacy Principles and any amendments to the Privacy Act or Australian Privacy Principles from time to time.
Related Entities has the same meaning as under the Corporations Act 2001 (Cth).
Sensitive Information has the same meaning as under the Privacy Act.
Website means all websites operated or utilised by us, including www.qbiotics.com
The meaning of any general language is not restricted by any accompanying example and the words 'includes', 'including', 'such as', 'for example' or similar words are not words of limitation.
What Personal Information do we collect and why do we need it?
In the course of our business, we may collect Personal Information about you that is necessary for us to undertake our business and perform our functions and activities. If we do not do so or if the information is incomplete or inaccurate, we may not be able to undertake our business or the standard and quality of our business may be compromised.
The Personal Information we collect may include:
your name, email address, telephone numbers and address;
information about attendance at or participation in events or programs run or supported by QBiotics (or on our behalf) including but not limited to meetings, research, disease management and treatment programs, clinical trials or scientific programs;
health information or medical history;
details about complaints or adverse events;
information in relation to third parties providing services to us;
information in relation to employees, contractors and consultants; and
bank and credit card details (including expiry dates) if required for payments.
Information may also be collected by our Internet Service Provider as described in Section 5.3 below.
This is not an exhaustive list and additional information may be collected as part of undertaking our business.
How do we collect the Personal Information?
We aim to collect Personal Information directly from you. Generally this occurs when you complete a form, make inquiries, participate in our programs or engage with us in our business. We may also collect Personal Information:
from online directories;
from debt collection agencies in the event of a default in a payment to us;
through our Website;
from third parties;
from publicly available sources of information;
from our records of how you engage with us and our business; or
when we are required to do so by law.
Personal Information about third parties
If at any time you supply Personal Information to us about any other person, you represent and we accept that information solely on the basis that you are authorised to do so and that the relevant person has consented to the disclosure to us.
When you visit our Website site, our Internet Service Provider makes a record of your visit and logs information for statistical purposes, including:
your server address;
your top level domain name (for example .com, .org, .gov, etc);
the pages you accessed and documents downloaded;
the previous site you have visited; and
the type of browser you are using.
We will not make an attempt to identify you or your browsing activities. However, in the unlikely event of an investigation, a law enforcement or other government agency may exercise its legal authority to inspect our Internet Service Provider's logs.
If you apply online for a position with us, we will collect Personal Information from your resume, accompanying application documentation and during any other parts of the recruitment process.
The Personal Information will be used only for considering your application for a position (or other relevant positions). If you are successful, the information you provide (including Personal Information) will form part of your employment records.
How do we use your Personal Information?
to undertake our business;
to undertake direct marketing;
for the purpose indicated to you at the time we collected your Personal Information;
to verify your identity or conduct appropriate checks in connection with your interaction with us and our business;
to process your inquiries;
to provide and administer our services in connection with our business or services of third parties;
to comply with and monitor compliance with our contractual, regulatory and other legal obligations including applicable codes and guidelines;
to monitor use, infrastructure quality and performance and operate, maintain, develop, test and upgrade our systems and infrastructure;
to disclose to your authorised representatives or advisers, or when you ask us to do so;
to develop and improve our business and the services we provide;
to protect and enforce our legal rights;
to protect and defend our, or our employees, users and clients' rights or property including against fraudulent or unlawful use of our Website and our intellectual property;
to commercialise, exploit and protect our intellectual property;
to recruit employees, contractors and consultants;
to invite you to attend programs and events;
to provide health products or services;
to engage in research and development;
to establish, monitor and conduct clinical trials or research studies (including clinical trials or studies run by third parties on behalf of QBiotics or in collaboration with QBiotics);
to involve clinical and contract research organisations, study sites, doctors and investigators (and persons who assist them) in clinical trials or research studies;
to invite you to provide services to QBiotics;
to undertake adverse event reporting;
to report to regulatory bodies and ethics committees;
to process an application for a position with us;
to provide you with information on offers, products, research and development, studies and services offered by us or our Related Entities;
to send you information about our activities, products, research, studies, services or business;
to monitor the safety, efficacy and quality of our products, studies or research and development activities; and
to the extent permitted at law, for other purposes for which you have provided your express or implied consent.
Our functions and activities may change from time to time.
If at any time you no longer wish to receive any additional marketing material from us or do not want your information disclosed for direct marketing or survey purposes, contact our Privacy Officer and we will remove your details from our marketing database.
Disclosing Personal Information
We may disclose your Personal Information to third parties in certain circumstances including:
if you agree to the disclosure;
for the purpose for which it was collected;
where you would reasonably be expected to consent to information of that kind being passed to a third party;
where disclosure is required or permitted by law, by court order or to investigate suspected fraud or other unlawful activity;
where it is required to be disclosed for audit purposes;
to our Related Entities;
if disclosure will prevent or lessen a serious or imminent threat to someone's life or health;
if applicable, to fraud checking agencies;
to regulatory authorities as part of applying to register or listing a product, responding to queries of the regulator or undertaking an approval process for a product;
in connection with obtaining protection for intellectual property of QBiotics, commercialising or exploiting our intellectual property;
to regulatory authorities or ethics committees as part of conducting, monitoring, inspecting or evaluating a clinical trial or as part of another research program;
where it is reasonably necessary for the enforcement of the law, regulations, applicable codes and guidelines;
to parties involved in corporate transactions in which QBiotics is involved or may be involved in the future; or
to third parties to assist us in carrying out the above purposes including but not limited to clinical and contract research organisations, study sites, doctors and investigators (and persons who assist them) and professional advisors.
Disclosure of Personal Information off-shore
Personal Information you provide to us may be stored on servers in countries other than Australia, for example, through a cloud service provider.
Your Personal Information may be disclosed to bodies located overseas including but not limited to research collaborators and partners, service providers, regulatory authorities and ethics committees.
While we have privacy rules in place to protect your Personal Information, the overseas recipient may not be subject to privacy obligations or to any principles similar to the Australian Privacy Principles. The overseas recipient may also be subject to a foreign law which could compel disclosure of Personal Information to a third party, for example, an overseas authority.
If you consent to the disclosure and the overseas recipient handles the information in breach of the Australian Privacy Principles, you will not be able to seek redress under the Privacy Act, may not be able to seek redress in the overseas jurisdiction and we will not be accountable under the Privacy Act.
By providing us with Personal Information, you consent to us using and disclosing your Personal Information off-shore.
If at any time you wish to withdraw your consent, contact our Privacy Officer. However, we may not be able to provide the services or information you have requested in whole or in part or those services or information may be compromised.
The law requires that Sensitive Information is used and disclosed only for the purposes for which it was provided, or a directly related secondary purpose, unless you agree otherwise or for other specific reasons, such as if the use or disclosure of this information is required by law to provide a serious and imminent threat to life or health of an individual.
Considerations when you send information to us electronically
While we do all we reasonably can to protect your Personal Information from misuse, loss, unauthorised access, modification or disclosure, including investing in security software, no data transfer over the internet is 100% secure. The open nature of the internet is such that information exchanged via the internet may be accessed and used by people other than those for whom the data is intended. If you send us any information, including (without limitation) Personal Information, it is sent at your own risk.
If you access another website from our Website, you do so and provide Personal Information in accordance with the terms and conditions under which the provider of that website operates.
We endeavour to keep our information systems and files secured from unauthorised access. Our procedures to securely store Personal Information include electronic and physical security measures, staff training and use of password protection software.
When the Personal Information we collect is no longer required, we will remove or de-identify the Personal Information as soon as reasonably possible (but we retain activity information for our accounting and performance measures). We may, however, retain Personal Information for as long as is necessary to comply with any applicable law, guidelines, codes or regulatory requirements, to comply with the directions of an authority, for the prevention of fraud, for insurance and governance purposes, in our IT back-up, for the collection of any monies owed and to resolve disputes.
How you can update, correct, or delete your Personal Information
You may request access to your Personal Information or correct any inaccurate or out of date information by contacting our Privacy Officer using the details below. You may request the source of any information we collect from a third party. We will provide this at no cost, unless under the Privacy Act or other law there is a reason for this information being withheld.
If there is a reason under the Privacy Act or other law for us not to provide you with information, we will give you a written notice of refusal setting out the reasons for the refusal (except to the extent it would be unreasonable or unlawful to do so) and advise you of the mechanisms available to you to complain about the refusal.
Dealing with a complaint
If you make a complaint about a privacy matter, our Privacy Officer will respond as soon as possible (but within 14 days) and advise you who in our company will have responsibility for investigating and managing your complaint.
We will try to resolve your complaint within 30 days of receiving it. If this is not possible, we will contact you and provide you with an estimate of the time it will take to investigate and manage the complaint.
Our Privacy Officer
You should also contact our Privacy Officer if:
you believe someone has gained access to your Personal Information;
you think that your account number, username or password have been compromised (in which case you should also immediately change your password); or
you believe we have breached our privacy obligations or your privacy rights in any way;
you have any concerns over the protection of the Personal Information you have given to us or that we have collected from others.
Our Privacy Officer can be contacted as follows:
Attention: The Privacy Officer
Mail: PO Box 42, Toowong BC QLD, Australia 4066
More information about your rights and our obligations in respect to privacy and information on making a privacy complaint are available from the Office of the Australian Information Commissioner at:
Post: GPO Box 5218 Sydney NSW 2001