This Privacy Policy applies to all personal information collected by MedPhys Supplies (we, us or our) via the website located at www.medphyssupplies.com.au (Website).
What information do we collect?
The kind of Personal Information that we collect from you will depend on how you use the website. The Personal Information which we collect and hold about you may include:
- Full name
- Email address
- Phone number
- Shipping address (street, suburb, state, postcode, country)
- Billing address (if different)
- Company name (if applicable)
- Payment method details (processed via third-party gateways – we do not store full card information)
- Transaction ID and payment confirmation
- Products purchased
- Purchase date and amount
- Shipping method and tracking information
- Return and refund history
- Health-related information (e.g., prescription details, intended use – where applicable and with consent)
- IP address
- Browser type and version
- Device type and operating system
- Website usage data (e.g., pages visited, time on site, referral source)
- Cookies and other tracking data (used for functionality, analytics, and marketing)
Types of information
The Privacy Act 1998 (Cth) (Privacy Act) defines types of information, including Personal Information and Sensitive Information.
Personal Information means information or an opinion about an identified individual or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “Personal Information” and will not be subject to this privacy policy.
Sensitive Information is defined in the Privacy Act as including information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive Information will be used by us only:
- for the primary purpose for which it was obtained;
- for a secondary purpose that is directly related to the primary purpose; and
- with your consent or where required or authorised by law.
How we collect your Personal Information
- We may collect Personal Information from you whenever you input such information into the Website, related app or provide it to Us in any other way.
- We may also collect cookies from your computer which enable us to tell when you use the Website and also to help customise your Website experience. As a general rule, however, it is not possible to identify you personally from our use of cookies.
- We use different types of cookies including essential cookies for website functionality, analytical cookies to improve user experience, and marketing cookies that may be set by third parties. Essential cookies are typically retained for up to 12 months to support core site functionality. Analytical cookies (e.g., Google Analytics) may be retained for up to 24 months to help us understand user behaviour and improve our services. Marketing cookies may be retained for up to 90 days and are often set by third-party providers (e.g., Facebook Pixel, Google Ads). You can manage or disable cookies through your browser settings. Third-party cookies are subject to their respective privacy policies, which we encourage you to review.
- We generally don’t collect Sensitive Information, but when we do, we will comply with the preceding paragraph.
- Where reasonable and practicable we collect your Personal Information from you only. However, sometimes we may be given information from a third party, in cases like this we will take steps to make you aware of the information that was provided by a third party.
Purpose of Collection
- We collect Personal Information to provide you with the best service experience possible on the Website and keep in touch with you about developments in our business.
- We customarily only disclose Personal Information to our service providers who assist us in operating the Website. Your Personal Information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties.
- By using our Website, you consent to the receipt of direct marketing material. We will only use your Personal Information for this purpose if we have collected such information direct from you, and if it is material of a type which you would reasonably expect to receive from use. We do not use sensitive Personal Information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature, such as an unsubscribe button link.
Security, Access and Correction
We store your Personal Information using systems and practices designed to reasonably protect it from unauthorised access, misuse, modification, or disclosure. These measures include:
- Secure, access-controlled environments
- Password-protected systems
- Role-based access controls (only authorised personnel have access)
- Regular software updates and security patches
- Data encryption at rest and in transit where applicable
- Firewall and antivirus protections
- When we no longer require your Personal Information for the purpose for which it was collected, we will take reasonable steps to securely destroy, de-identify, or anonymise it.
Most of the Personal Information stored in our client files and records is retained for up to 7 years to comply with our legal and professional record-keeping obligations.
The Australian Privacy Principles:
- permit you to obtain access to the Personal Information we hold about you in certain circumstances (Australian Privacy Principle 12); and
- allow you to correct inaccurate Personal Information subject to certain exceptions (Australian Privacy Principle 13).
Where you would like to obtain such access, please contact us in writing on the contact details set out at the bottom of this privacy policy.
Complaint Procedure
If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us as on the contact details set out at the bottom of this policy. All complaints will be considered by our team and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
Overseas Transfer
In some circumstances, the European Union General Data Protection Regulation (GDPR) provides additional protection to individuals located in Europe. The fact that you may be located in Europe does not, however, on its own entitle you to protection under the GDPR. Our website does not specifically target customers located in the European Union and we do not monitor the behaviour of individuals in the European Union, and accordingly the GDPR does not apply.Your Personal Information will not be disclosed to recipients outside Australia unless you expressly request us to do so, or unless required by law.If you request us to transfer your Personal Information to an overseas recipient, we will take reasonable steps to ensure that the overseasz recipient complies with privacy standards that are substantially similar to the Australian Privacy Principles, or that appropriate safeguards (such as contractual clauses or data protection agreements) are in place. In circumstances where such safeguards cannot be guaranteed, you will be informed, and your explicit consent will be obtained before proceeding with the transfer. By providing this consent, you acknowledge that the overseas recipient may not be subject to the same privacy obligations as under Australian law, and we may not be accountable for any misuse or mishandling of your information.
How To Contact Us About Privacy
If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact us through: enquiries@medphyssuplies.com.au.