1. Data privacy:
Subject of the Data Privacy Statement
The responsible operator of the websites www.au.croma.at (hereinafter "Website") is Croma Australia Pty Ltd, AU-Sydney, NSW, 2000, 1 Bligh Street, Level 26, email: firstname.lastname@example.org (hereinafter “Croma”, "we, "ours" or "us")
The protection of your privacy is an important concern to us. We collect, retain, use and disclose certain personal data about individuals in the ordinary course of business, in accordance with the Australian Privacy Principles (APPs) as outlined in the Privacy Act 1988 (the "Act"). This Statement provides information on what personal data we collect about you and for what purpose, how we use that personal data, to whom we transmit the personal data and what your rights are regarding that personal data. It contains information about how you may access the personal data we hold about you and seek the correction of such data. It also contains information about how you may complain about a breach of the APPs and how we will deal with such a complaint.
This Data Privacy Statement applies to our Website and does not apply to websites of third-party providers that can be called up via this Website. We have no influence on the data processing by such third-party providers and do not provide any warranty nor accept liability in connection with such websites.
This Data Privacy Statement describes, and applies to all aspects of, how we collect, hold, use and disclose personal data.
Collection of personal data
The personal data we may collect about you will depend on the circumstances of collection and the nature of your dealings with us, including whether we collects the information from you as a health professional, supplier, contractor, job applicant or in some other capacity.
- typically collect and hold the following kinds of personal data about customers as appropriate to our dealings with them: name, address, e-mail address, telephone number, date of birth, order information, credit card information, history with the organisation (including communications between you and us) and specific interests;
- typically collect and hold the following kinds of personal information about health professionals: name, business address, e-mail address, business telephone number, professional qualifications, speciality, membership of a professional or trade association, history with the organisation (including communications between you and us) and specific interests;
- typically collect and hold the following kinds of personal information about contractors, service providers and suppliers: name, job title, business contact details of company representatives with whom we deal, financial information and banking details, history and background checks and credit records; and
- in the context of our recruitment process for employees and contractors, may collect and hold the following kinds of additional personal information about you: name, email address, telephone number, address, financial details (including banking details), date of birth, citizenship, employment references, civil, credit and criminal records, driver's licence information, education, employment history, marital status, membership of a professional or trade association, membership of a trade union and health information.
In most cases, we collect personal data about you directly from you, through meetings with you, or via other contact methods such as by telephone, facsimile, email and mail, or when you complete forms, transact or request further information through our Website. We may also collect personal data about you from the following third parties: government agencies, publicly available records, service providers, parties to whom you refer us or from whom you authorise collection, on-line searches and social media.
You can also use our Website without disclosing your personal data. Information on the operating system, browser, your IP address, the previous website called up by you (“referrer URL”) and the date of your visit to our Website are gathered automatically by means of cookies during your visit for the exclusive purpose of statistical analysis of our online presentation.
We gather this data solely for statistical purposes to be able to further optimise our internet appearance and make it more attractive. The gathering and temporary storage takes place exclusively in anonymised form without permitting any conclusions as to your identity in the course of this use.
Using and disclosing personal data we collect
We collect, hold, use and disclose your personal data for the following purposes:
- to facilitate the delivery of our products and services to you;
- to maintain, manage and develop our relationship with you;
- to respond to any of your questions or comments;
- to contract out some of our functions to external service providers and suppliers (such as some parts of our IT);
- to send you information about our (or our related entities') products or services that may be of interest to you. If at any time you no longer wish to be notified about our or our related entities' products or services please contact us at the contact details set out below;
- to assess and consider applications from prospective job applicants, contractors and service providers;
- such purposes for which we may obtain consent from time to time; and
- to comply with our legal and regulatory obligations.
If you do not provide the personal information we request or consent to the collection and use of your personal information for the purposes outlined in this Data Privacy Statement, we may not be able to do any of the things set out above.
Registration of health professionals
To view content on our Website intended exclusively for health professionals, you have to register with us, by specifying your name and email address and confirming that you are a practicing health professional. This personal data will be stored in our database for the purpose of later processing your login and verifying that you actually are a practicing health professional.
Newsletter and information about events
Additionally, you can also tell us if you would like to receive a newsletter and if you wish to receive information about future events.
If you sign up for our newsletter with your email address, we will use this email address for our own advertising purposes until you unsubscribe the newsletter. Unsubscribing the newsletter is possible at any time by clicking the corresponding link in the respective newsletter or by sending an email to email@example.com stating the accordant wish.
Data privacy – dissemination of personal data to third parties
We may disclose your personal data to companies affiliated in the Croma Group, which are located outside of Australia and in and outside of the European Union, in countries such as Austria, Germany, Switzerland, Portugal, Spain, France, the Netherlands, Poland, Romania, Brazil, USA and Canada (these include: Croma-Pharma GmbH, Croma GmbH, Croma Pharma Produtos Medicos Ltda, Croma Aesthetics Canada Ltd., Croma Schweiz GmbH, Laboratorios Croma Estetica, SL, Croma France SASU, Croma Nederland B.V:, Croma-Pharma Sp. Z o.o., Croma Pharma Romania SRL, Croma USA Inc.). Furthermore, we may disclose your personal data to external service providers located outside of Australia and in and outside of the European Union, in countries such as Austria and the European Union.
When we disclose your personal data to other Croma Group affiliates, we ensure that these companies undertake to process the data in accordance with the Data Privacy Statement and the applicable data protection law, and thereby guarantee an equivalent protection of your personal data.
Likewise, when we disclose your personal data to external contracted data processors, we ensure that these entities undertake to process the data solely on our behalf and for our purposes, and that they comply with the Data Privacy Statement and the applicable data protection law.
Our Website uses Google Analytics, an advertising analysis service of Google Inc. ("Google"). Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that enable an analysis of the website utilisation by you. The information generated by the cookie about your utilisation of this website is generally transmitted to and saved on a server of Google in the USA. However, because of the IP anonymisation that is activated on this Website (“anonymizeIP”), your IP address will be truncated beforehand by Google within Member States of the European Union or in other signatory states of the Treaty on the European Economic Zone (so-called IP masking). The complete IP address will only be transmitted in exceptional cases to a Google server in the USA and it will be truncated there before further processing. By order of the operator of this Website, Google will use this information in order to analyse your utilisation of the website, compile reports about website activities, and perform additional services for Croma, which relate to the website utilisation and internet use. The IP address transmitted from your browser in the context of Google Analytics will not be combined with other data of Google. You can prevent the storing of the cookies by a corresponding setting of your browser software; however, we point out that you might not be able to use all functions of this website to full extent in that case. In addition, you can prevent the gathering of the data that is generated by the cookie and relates to your utilisation of the website that (incl. your IP address) from being transmitted to Google, as well as the processing of this data by Google by downloading and installing the browser plug-in from the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
When using our Website as a health professional who has registered with us, data will be stored automatically in our logfiles, which we receive from your browser during the visit (a browser is, for example, Internet Explorer, Firefox, Safari, etc.) This means that we know the IP address and that a cookie will be created automatically on your computer. These small files are pure information carriers that serve to recognise your browser, and optimise and simplify the use of our online offer. No viruses are produced, the computer will not be attacked and you will not be identified personally or be phished.
This cookie enables us to store your email address, so that you will be recognised and logged in automatically on your next visit.
Of course, you can also view our Website without cookies. If you do not want us to recognise your computer, you can prevent the storing of cookies on your hard drive by deactivating the storing of cookies in your browser settings. To find out how this works exactly, please refer to the instructions of your browser manufacturer. If you do not accept any cookies, however, this can result in functional limitations of our offers.
Our Website can use so-called social plug-ins ("Plugins") of the social networks (1) Facebook, (2) Instagram, (3) LinkedIn, (4) Xing, (5) Vimeo and (6) Youtube ("Social Networks"). These are operated by (1) Facebook Inc., (2) INSTAGRAM, Inc., (3) LinkedIn Ireland Unlimited Company, (4) XING SE, (5) Vimeo LLC and (6) YouTube, LLC ("Providers").
When you call up a website that contains Plug-ins, your browser will establish a direct connection to the servers of the respective Provider. The content of the Plug-in is transferred by the respective Provider directly to your browser and integrated by it in the Website. By embedding the Plug-in, the corresponding Provider receives information that your browser has called up our Website. This takes place regardless of whether you have a profile with the relevant Social Network or are currently logging in.
If you are logged into the respective Social Network, it is able to attribute the visit of our Website to your profile on the respective Social Network. If you interact with the Plug-in, for example, with the “Like” button of Facebook or if you enter a comment, the corresponding information will be transmitted from your browser directly to the relevant Provider where it will be stored.
You can find information in the respective Provider’s data privacy statements regarding the purpose and scope of the personal data gathering, the further processing, and use of the data by the respective Provider, as well as your rights in this regard and optional settings for the protection of your privacy.
For the map display on our Website, we use Google Maps (operator: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Through the use of Google Maps, information about the use of this Website including your IP address can be transmitted to Google.
When you call up a sub-page of our internet appearance that contains Google Maps, your browser will establish a direct connection to the servers of Google. The content of the map is transferred by the Google directly to your browser, which integrates it in the Website. We therefore have no influence on the scope of the data gathered by Google this way.
You can find details on the purpose and scope of the data gathering, the further processing, and use of the data by Google, as well as your rights in this regard and optional settings for the protection of your data privacy in Google’s data privacy policies at: https://www.google.com/policies/privacy/
Storage of your personal data
Personal data we collect may be held in hard copy or digital or other format. We store hard copy files in secure filing cabinets at access controlled premises. We store electronic records on secure servers of Croma-Pharma GmbH (located in Austria).
Period of storage, right to obtain information, correction, objection and deletion of the personal data, right to revoke consent
Subject to any exceptions in the Act, where we hold personal data about you that can readily be retrieved, you have the right at any time to obtain information free of charge about that personal data, to have access to it and have it corrected if necessary. You may also limit or prohibit the further use of your personal data, or revoke the consent to the further data processing, object to the further processing and have the personal data deleted, subject to any exceptions in the Act, provided that no legal retention obligation is opposed or the personal data is invariably required for the fulfilment of any legal or contractual obligations.
If it is reasonable and practicable to do so, you have the right to receive from us the personal data relating to you, which you have provided to us, in a structured, common and machine-readable format.
A correct recording of your personal data is always an important concern to us. In order to have your personal data be corrected or deleted, please send an email to firstname.lastname@example.org specifying “Change of customer data at homepage” in the subject line.
Change of this Data Privacy Statement
The perpetual further technical development of the internet and any potential changes in the legal framework conditions may require adjustments to our Data Privacy Statement from time to time. We therefore reserve changing this Data Privacy Statement accordingly. Changes will apply from publication of the changed Data Privacy Statement on our Website.
If you have any questions regarding this document, or if you have a complaint regarding our handling of your personal information please contact us:
Person: Gary Bird
We will respond to complaints within a reasonable period of time. If you disagree with our decision, you may refer the complaint to the Office of the Australian Information Commissioner by visiting www.oaic.gov.au, calling 1300 363 992 or by emailing email@example.com.
Contents of external websites to which we refer directly or indirectly in our web appearance (by means of “hyperlinks” or “deep links") are outside of our sphere of control and responsibility and they are not appropriated by us. We have no influence whatsoever on the current and future design or the contents of the linked pages and the copyrights authorisation in this regard. For this reason, we expressly disclaim any contents of any linked pages that were changed after the link was set. This determination applies to all links and references contained in our online appearance. Solely the provider of the linked page is liable for illegal, false or incomplete contents and in particular, for any damages that arise from the use of the information presented on the linked website. If we take notice of any illegal, criminal or false contents on websites that we link to, we will remove the link to them.