Personal information is information or an opinion about an identified individual, or an individual who is reasonably identified, whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not (Personal Information).
In Vitro holds Personal Information such as: full name, address and contact details (i.e. telephone, email, and postal address), credit card and bank account details; photo identification and video and photographic images of individuals.
Personal Information is collected in the following ways:
a) Our commitment
In Vitro places a great importance on the security of all information associated with our clients and others who deal with us. We have security measures in place to reasonably protect against the loss, misuse, unauthorised access and alteration of Personal Information and other data under our control.
b) Security and storage methods
All Personal Information and other data held is kept securely and that which is held electronically is held on secure servers in controlled facilities.
Personal Information is de-identified or destroyed securely when no longer required by us.
Information stored within the In Vitro computer systems or by our agents who provide electronic storage facilities can only be accessed by those entrusted with authority and computer network password sanctions.
In Vitro consults with IT service providers to implement reasonable levels of firewall, malware detection and data security procedures.
c) Electronic transmissions
No data transmission over the internet can be guaranteed to be absolutely secure. As a result, whilst we strive to protect users' personal information (including Personal Information), In Vitro cannot ensure or warrant the security of any information transmitted to it or from its online products or services, and users do so at their own risk. Once In Vitro receives a transmission, we make every effort to ensure the security of such transmission on our systems.
d) Data breach and response
In Vitro has developed a data breach response plan which ensures compliance with the mandatory notification requirements of Part IIIC of the Privacy Act 1988 (C’th).
As part of this plan, In Vitro will:
If notification of the breach is required, In Vitro will:
To enable us to fulfil our responsibilities as an integrated provider of Medical, Scientific and Diagnostic consumables and equipment and, we collect Personal Information about you to enable us to effectively conduct our business.
a) Collection and use of Personal Information
The Personal Information we collect may be used:
We will only collect Personal Information and Personal data to the extent that it is required for the specific purposes set out in this policy or notified to you at the time of collection.
b) Disclosure of Personal Information
We utilise various third party service providers to whom we provide your personal information to, including:
All information provided to any of the abovementioned service providers is provided on a confidential basis and for the purpose of conducting and performing the required services only.
a) We may carry out direct marketing
As part of In Vitro’s functions and business activities and to promote the services we can provide to our customers, including in respect of In Vitro credit-related activities, In Vitro may be permitted to use personal information about individuals that individuals have provided to In Vitro for the purposes of direct marketing. Direct marketing includes, but is not limited to, sending information to and/or contacting individuals in relation to promotions relating to In Vitro.
b) Opting out of Direct Marketing
All recipients, including individuals, can opt out of receiving direct marketing communications by unsubscribing in the email through Active Campaign.
In any direct marketing communication we remind recipients of their right to opt out of receiving direct marketing communications. Moreover, as a general rule, a credit provider such as In Vitro is not permitted to disclose to others Personal Information about individuals for the purposes of direct marketing.
c) Anonymity and Pseudonymity
Individuals would generally have the option of dealing with In Vitro anonymously. However, this only applies where it is not impracticable for In Vitro to deal with individuals acting anonymously or under a pseudonym. For example, individuals making general enquiries of In Vitro may do so anonymously or under a pseudonym. However, if the dealing with In Vitro is for In Vitro to supply goods and services and/or to enter into contractual relations (such as a commercial credit account) with a customer that is the individual or is associated with the individual or in a company with the In Vitro capacity as an agent for other credit providers, then it is impractical for such individuals to deal with In Vitro on an anonymous basis or under a pseudonym.
a) In Vitro websites
In Vitro advertises and carries on business through:
b) In Vitro Website terms and conditions
In Vitro collects personal (including Personal Information) pursuant to this policy except as otherwise stated on the website.
A website may display additional terms and conditions for access and use of the website which apply in addition to this policy.
In Vitro may collect information from its websites using IP files or “cookies”. When a user visits the In Vitro’s websites to read, browse or download information, our system may record/log the user’s IP address (the address which identifies the user’s computer on the internet and which is automatically recognised by our web server), date and time of the visit to our website, the pages viewed and any information downloaded.
Cookie information collected will only be used for the purpose of site analysis and to help us offer improved online services. We may automatically collect non-personal information about users such as the type of Internet browsers used or the website from which the user linked to our websites. Individuals cannot be identified from this information and it is only used to assist us in providing an effective service on our websites.
d) Third party links
Our websites may contain links to other websites and those third party websites may collect personal information about individuals. We are not responsible for the privacy practices of other businesses or the content of websites that are linked to our websites. In Vitro encourage users to be aware when they leave our website and to read the privacy statements of each and every website they frequent.
a) Our commitment
In Vitro is committed to and takes all reasonable steps in respect of maintaining accurate, timely, relevant, complete and appropriate information about our customers, clients and website users.
b) Access to information
Any individual may request access to personal information (including Personal Information) about them held by In Vitro. Such a request for access to personal information is to be made to In Vitro Privacy email, details are set out below.
In Vitro will respond to any requests for access or correction within a reasonable time of receipt of the request, but by no later than 30 days of the request being received.
Please note that In Vitro do require that, as part of any request by an individual for access to personal information (including Personal Information), the individual verify their identity so that In Vitro may be satisfied that the request for access is being made by the individual concerned.
Please note that In Vitro is not required to give an individual access to Personal Information about them in circumstances where:
If we refuse to provide an individual with access to their Personal Information or to correct the Personal Information held by us about them, then we will provide reasons for such refusal. Such reasons will set out the grounds for refusal, the mechanisms available to complain about the refusal and any other matters that are required by the Act.
c) Correction of Information
Inaccurate information will be corrected upon receiving advice to this effect. To ensure confidentiality, details of an individual’s personal information (including Personal Information) will only be passed on to the individual if we are satisfied that the information relates to the individual.
From time to time, and having regard to the purpose of the collection and use of personal information (including Personal Information) about individuals, we may contact individuals to seek confirmation that the personal information provided to us by the individual is accurate, up-to-date and complete.
a) Making a complaint
If an individual has a complaint about this policy or/or In Vitro’s collection, use or safe disposal or destruction of Personal Information about the individual, any complaint should be directed in the first instance to the In Vitro’s Privacy email at the contact details set out in the ‘Contacting us’ section of this policy.
b) Investigation and Resolution Procedure
Upon receiving such a complaint we will, within 7 days, give the complainant written notice acknowledging receipt of the complaint and setting out the process of how we will deal with it.
We aim to resolve all privacy complaints within 30 days of receipt. If we cannot resolve a complaint within 30 days we will notify the complainant of the reasons and specify a date when we expect a decision or resolution will be made and seek the complainant’s agreement to extend the 30 period – if the complainant does not agree then we may not be able to resolve the complaint
It may be necessary (and it may be required by the Act), in order to deal with a complaint, to consult with a CRB or another credit provider. Further, if, while a complaint remains unresolved, we are disclosing information subject to the complaint to a third party, we may be required to advise the third party about the complaint.
If we find a complaint is justified we will resolve it and do what is required to rectify any breach. In Vitro are committed to fulfilling its obligations as an APP entity and a credit provider under the Act.
The complainant may refer their complaint to the Office of the Australian Information Commissioner. The website for the OAIC is: www.oaic.gov.au
a) Use of cloud services
In Vitro may utilise local and overseas cloud services for the purpose of storing information. Your Personal Information may be disclosed to the In Vitro’s cloud service provider for that purpose. While the In Vitro’s cloud service providers are located in Australia, the country location of our cloud service providers may periodically change.
b) Other disclosures
Except as provided in clause 9, In Vitro are unlikely to disclose Personal Information of an individual to overseas recipients. Personal information will only be disclosed by In Vitro to overseas recipients in accordance with Australian Privacy Principle 8, such as if the disclosure is required by Australian law.
If In Vitro decide to or are required to change this policy, we will notify you of such amendments on our websites and post changes on this policy webpage so that users may always be aware of what information is collected by us, how it is used and the way in which information may be disclosed. As a result, please refer back to this policy regularly to review any amendments.
For concerns, complaints or further information regarding this policy and our policies and procedures regarding privacy and data security, please contact us at the following address:
|Position:||In Vitro Privacy Officer|
|Telephone:||1300 552 003|
|| 7-9 Summit road
Noble Park, Vic 3175