Privacy & Security
Global Kinetics Pty Ltd (GK), is bound by the Australian Privacy Principles (APPs), contained in the Privacy Act 1988 (Cth) (the Act). GK may also be bound by State and Territory privacy laws in Australia. The object of the Act and other privacy laws is to protect the confidentiality of “personal information”, and the privacy of individuals by regulating the way in which personal information is collected, stored and used.
Under the Act, Personal Information means information or an opinion about an identified individual from which an individual can be reasonably identified. For example, such information could be your name, contact details and records of your dealings with GK. Personal Information includes “health information”, which refers to information regarding an individual’s health or a health service provided to an individual.
This policy outlines the way in which GK deals with the Personal Information it collects in Australia. GK is committed to safeguarding your Personal Information and to ensuring compliance with the APPs and the Act in its collection, storage and use of Personal Information.
Collection of Personal Information
GK collects Personal Information that is reasonably necessary for, or directly related to, its functions and activities as a provider of medical devices and related services. In some cases, GK is required by the law to collect Personal Information to comply with its regulatory obligations, such as responding to safety concerns about its products.
GK may collect Personal Information about you through its interactions with you. Where GK collects Personal Information from or about you, GK will inform you about the purpose and use of the collected information.
Types of Personal Information that GK collects
The Personal Information GK collects may include your name, your address, your date of birth, your email address and your phone number.
If you are a healthcare professional, additional Personal Information GK may collect from you includes your medical specialty and your clinical interests.
If you are a patient, additional Personal Information GK may collect includes details of your health care professional, details of your use of the GK device, the performance of your GK device, product data, such as the model and usage of your device, and any specific products or services you want to learn about.
When Personal Information is collected by GK
Personal Information may be collected by GK during your interactions with GK.
GK may collect Personal Information from you when you provide your Personal Information while using the GK website, when communicating with you by telephone, mail and email, or when responding to product queries, or conducting sales calls or meetings.
If you are a healthcare professional, GK may collect Personal Information from you when communicating with you by telephone, mail and email, including when providing technical and customer support, when you participate in GK sponsored educational events, conferences and research grants, or when you use GK’s customer or product information services.
If you are a patient, GK may collect Personal Information from you in the course of providing technical assistance about its products to you or to your healthcare professional, communicating with you by telephone, mail and email, including when providing technical and customer support, when you participate in GK sponsored programs, including clinical trials, or when you use GK’s customer or product information services.
Use and Disclosure
GK will use your Personal Information for the primary purpose for which it is collected, which generally includes the following purposes:
- in the course of the sale, distribution or provision of medical devices that have been requested by you or your health care providers;
- in the course of supporting you and your healthcare professional in your use of the device and your ongoing care, if you are a patient;
- administering training programs, clinical trials or other similar programs in which you agree to be involved; and
- compliance with regulatory requirements, such as maintaining a record of medical queries, complaints, adverse events and recalls relating to GK medical devices.
GK may also use your Personal Information to:
- provide you with updated product or safety information with respect to GK medical devices;
- send you material on its activities and products or developments in medical technology that GK believes may be of interest to you, although if you are a patient GK will not do so without your consent;
- manage, plan and arrange meetings between you and a GK representative;
- generate customer lists for the purposes of market research;
- maintain business records;
- access applications for employment and to act as an employer;
- manage accounts and ensure that GK receives payment for its products and services;
- in addition, use for purposes permitted or required by law, and purposes for which you have provided consent, via a GK consent form.
GK will only use or disclose your Personal Information for a purpose that was not the primary purpose for which GK collected it if you would reasonably expect us to do so or if GK has your permission. GK may also use or disclose Personal Information if GK is required or authorised by law to do so.
If you do not wish to receive information or materials about GK products and updates, you may request not to receive these marketing materials.
When dealing with particularly sensitive Personal Information, such as your health information for a purpose that is not directly linked to the primary purpose of collection, GK will generally seek your consent before using the health information. In only very limited circumstances, such as where required by law to disclose information or in the event of a serious threat to your life or health, will GK disclose your health information without your consent.
GK may also automatically collect non-personal information about you. This includes the type of internet browser and IP address you use and the site which linked you to the GK website. This information is used to assist GK in providing you with an effective website. GK may also share non-personally identifiable information in the aggregate form with third parties to illustrate trends and patterns. You cannot be personally identified from this information.
Cross Border Data Transfer
As part of a group of companies located in different countries (namely, the USA, Sweden and Ireland), GK may disclose some Personal Information to a GK company or database overseas. In disclosing data offshore, GK ensures that the use and disclosure of the Personal Information transferred is dealt with in accordance with the Act and the APPs.
Transfer of Data to Third Parties
GK may use third party support services in connection with its business operations, such as IT or finance support. Such third parties may, from time to time, have access to your Personal Information to enable them to provide those services to GK.
All companies providing such support services are required by GK to process the Personal Information disclosed to them only for the purposes expressly authorised by GK. These parties are not allowed to use Personal Information except for the purpose of providing these services.
If GK is sold to or merges with another company, some or all of the Personal Information collected from you may be transferred to a third party as a result of the transfer of assets. In such circumstances, a third party will be obliged to deal with the Personal Information in accordance with the Act and the APPs.
GK may share aggregated demographic information with its partners. This information is not linked to any Personal Information that can identify any individual person.
This website may contain links to other sites. GK is not responsible for the privacy practices of other sites. This privacy statement applies solely to information collected by GK, including through this website.
GK has put in place safeguards to protect the Personal Information GK holds from misuse, loss, unauthorised access, modification or disclosure. GK generally holds the Personal Information you provide to us in an electronic form on computer servers, which are password protected for limited access and are located in controlled facilities. However, GK may also hold Personal Information in physical form, such as in paper hard copies. While GK cannot guarantee against any loss, misuse or alteration to data, GK takes reasonable steps to prevent such occurrences.
GK employees and agents are obliged to treat any Personal Information confidentially. Additionally, GK will only retain your information for so long as it is reasonably needed for the functions and activities of its business.
Access to the Personal Information is restricted to those employees who need to use the data, who have been trained to handle such data properly and observe strict standards of confidentiality.
GK will also take reasonable steps to destroy or de-identify your Personal Information when it no longer needs it.
GK’s trusted design
Security is one of the major issues associated with deploying services on the Internet. GK takes its security responsibilities very seriously and has employed technical staff who are experienced in implementing and managing secure Internet services.
All GK services are deployed using the same trusted design. The design calls for:
- multiple security levels, so that a low-level security compromise does not cause a compromise of security at higher levels;
- enabling only services that are absolutely required on its systems;
- partitioning the enabled services so that a compromise of one service does not affect other services at the same security level; and
- encrypting sensitive customer information, both when in transit over the Internet and when stored in GK’s computers.
Whenever GK’s product are used to exchange sensitive information with its customers over the Internet, GK uses secure connections via SSL (Secure Socket Layer). This ensures that all the data is encrypted during transit over the Internet.
Access, Correction and Complaints
If you have a complaint about how GK has handled your Personal Information or consider that it has breached its obligations under the APPs, please write to the GK Privacy Officer at:
Global Kinetics Pty Ltd Attention: Data Protection Officer Level 9, 31 Queen Street Melbourne, Victoria 3000.