Philia Labs is committed to providing quality services. This policy outlines our ongoing obligations in respect of how we manage sensitive information, including both business information and personal data of employees, contractors and external stakeholders including regulators, partners, suppliers and customers.
This Policy includes principles that ensure we comply with Privacy requirements as outlined in:
– The Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act) which govern the way in which we collect, use, disclose, store, secure and dispose of Personal Information;
– The Essential Principles that form part of the Therapeutic Goods (Medical Devices) Regulations 2002, which all medical devices must adhere to;
– The Health Insurance Portability and Accountability Act (HIPAA) of 1996, the main Federal law that protects health information in the US;
– The California Consumer Privacy Act (CCPA) (2018) which regulates consumer rights for data access, deletion, opt-out and non-discrimination; and
– The General Data Protection Regulation (GDPR) which regulates the processing of personal data and the freedom of movement of that data in the EU
The purpose of the policy is to outline how we protect data privacy and security to maintain appropriate standards and measures of security. By doing this, we protect our reputation, uphold appropriate regulatory and industry standards, and build trust and confidence with our target customers.
The scope of this policy includes all internal and external areas of business where sensitive information including personal data is created, collected, processed, used, transferred, stored and or disposed.
Statement 1: How we Collect and Use Personal Information
Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect include: names, addresses, email addresses and phone numbers, date of birth and biometric information.
Philia Labs collects personal Information in many ways including interviews, correspondence, by telephone and facsimile, by email, via our website www.philialabs.com.au, from your website, from media and publications, from other publicly available sources, from cookies and from third parties. We cannot guarantee website links or policy of authorized third parties.
We collect Personal Information for the primary purpose of providing services to our market, providing information to our clients and marketing. We may also use Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.
When we collect Personal Information we will, where appropriate and where possible, explain why we are collecting the information and how we plan to use it.
Statement 2: How we Collect and Use Sensitive Information
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
If collected at all by Philia Labs, sensitive information will be used by us only:
- For the primary purpose for which it was obtained
- For a secondary purpose that is directly related to the primary purpose
- With your consent; or where required or authorised by law.
Statement 3: Information Provided by Third Parties
Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
Statement 4: Disclosure of Personal Information
Your Personal Information may be disclosed in a number of circumstances including the following:
- Third parties where you consent to the use or disclosure; and
- Where required or authorised by law.
Statement 5: Security of Personal Information
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.
Statement 6: Access to Your Personal Information
You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.
Philia Labs will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
Statement 7: Maintaining Your Personal Information
It is an important to us that all Personal Information is up to date. We will take reasonable steps to make sure that all Personal Information we store is accurate, complete and up-to-date. If any individual deems the information we have is not up to date or is inaccurate, they may contact us as soon as practicable so we can update our records and ensure we can continue to maintain the quality of that information.
Statement 8: Policy Updates
Philia Labs reserves the right to update this policy from time to time.