1. Background

1.1 General

Therapeutic Guidelines Limited (ACN  074 766 224) (we, us, our) is an independent, not for profit organisation which aims to promote the quality use of medicines through the writing, publication and distribution of therapeutic information.

We are committed to protecting your privacy, in accordance with applicable Australian privacy laws.

This Policy is designed to give you a greater understanding of how we collect, use, disclose and otherwise handle personal information.

A copy of this Policy is available on our website or you can request a copy by contacting our Privacy Officer (details under heading 11 below).

1.2 What is personal information?

Personal information means information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable. 

1.3 Our obligations

We are required to comply with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth) (Privacy Act).  The APPs regulate the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, security, accessibility and disposal.

We are also required to comply with more specific privacy legislation in some circumstances.

1.4 Employee records

Personal information directly related to a current or former employment relationship is ordinarily outside the scope of the Privacy Act and is therefore not dealt with in this Policy.  However, where State or Territory health privacy legislation applies to information we hold about you, we will protect the privacy of that information in accordance with the applicable legislation, regardless of whether that information was obtained in connection with your employment.

2. What we collect

2.1 General

The type of personal information that we collect about you includes but is not limited to:

  • information about purchasers of our books and subscribers to our online services, including name, address and contact details;
  • information verifying membership of an organisation or student status to validate a claimed discount on purchase price or subscription cost of our products or services;
  • information about applicants for employment, staff members, volunteers and service providers;
  • information about :
    • members and  prospective members of our Board,
    • members and  prospective members of our Expert Groups and
    • current and prospective external reviewers;
  • information about people who send us an enquiry, provide us with feedback or make a complaint;
  • information about people with whom we do business.

2.2 Sensitive information

Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection, such as health information about an individual, information relating to a person’s racial or ethnic origins, political opinions, religion, sexual preferences or criminal record.

We do not seek or collect sensitive information. If we receive unsolicited personal information, we will deal with it in accordance with the APP’s and section 3.3 below.

2.3 Collection of information other than personal information through our website

Site visit information

When you visit our website, some of the information that is collected about your visit is not personal information, as it does not reveal your identity. 

For example, we may record your server address, the date and time of your visit, the pages you visited, any documents you downloaded, the previous site you visited and the type of device, browser and operating system you used.

We use and disclose this information in anonymous, aggregated form only, for purposes including statistical analysis and to assist us to improve the functionality and usability of our website and products. You are not individually identified except if you are accessing one of our products by use of a user name and password.

Cookies

A cookie is a small string of information that a web server transfers to your browser.  The cookies we use do not identify individual users unless you are accessing one of our products by use of a user name and password, although they do identify the user’s web browser, IP address, web browser type and page viewed. 

We use cookies to hold session information.  This information is used to allow the web server to remember who you are by keeping server variables linked to your session.

2.4 What if you don’t provide us with your personal information?

In most cases, if you don’t provide us with your personal information when requested, we will not be able to provide you with the product or service that you are seeking or consider you for the position or appointment you are seeking.

However, you can access our website and make general phone enquiries without having to identify yourself.

3. How we collect personal information

3.1 Methods of collection

We collect personal information in a number of ways, including:

  • through orders for our products and services provided in hard copy, by telephone or online;
  • in person (for example, at face to face or online interviews or purchases made on the premises);
  • over the telephone;
  • through written correspondence (such as letters and emails);
  • we do not normally collect information from third parties or publicly available sources.

3.2 Collection notices

Where we collect personal information about you, we will take reasonable steps to provide you with certain details about that collection (such as why we are collecting the information and who we may share it with).  We will generally include this information in a collection notice. 

Collection notices provide more specific information than this Privacy Policy.  The terms of this Privacy Policy are subject to any specific provisions contained in collection notices and in the terms and conditions of particular offers, products and services.  We encourage you to read those provisions carefully.

3.3 Unsolicited information

Unsolicited personal information is personal information we receive that we have taken no active steps to collect (such as an employment application or CV sent to us by an individual on their own initiative, rather than in response to a job advertisement). 

We may keep records of unsolicited personal information if the Privacy Act permits it (for example, if the information is reasonably necessary for one or more of our functions or activities).  If not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

4. Why we collect personal information

The main purposes for which we collect, hold, use and disclose personal information are set out below:

  • to deal efficiently with our subscribers and customers and to enable us to supply them with our products and services, obtain payment from them, provide updates and deal with their queries;
  • for the proper administration of Therapeutic Guidelines Limited;
  • to answer queries and resolve complaints;
  • to recruit staff and contractors, including reference checking;
  • to recruit board members, members of Expert Groups and External Reviewers and to ensure that they are are sufficiently independent of third party influences and conflicts of interest to enable our independence to be maintained;
  • to obtain legal and other professional advice.

We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or:

  • which are required or authorised by or under law (including, without limitation, privacy legislation); and
  • for which you have provided your consent.

4.1 Direct marketing

We do not engage in direct marketing. If we decide to do so in the future we will seek your consent and provide a simple method for you to opt out of receiving marketing material.

5. Who we may share your personal information with

We may share your personal information with third parties where appropriate for the purposes set out in Section 4.

6. Cross border disclosure of personal information

Therapeutic Guidelines Limited works with overseas service providers to provide and support the Therapeutic Guidelines Limited website, Therapeutic Guidelines, Therapeutic Guidelines app.  Currently, all personal information provided to our service providers is stored in Australia.

If it becomes necessary to disclose information outside Australia we will comply with the requirements of the Privacy Act that apply to cross border disclosure of personal information.

7. Use of government related identifiers

We will not:

  • use a government related identifier of an individual (such as a Medicare number or driver’s licence number) as our own identifier of individuals; or
  • otherwise use or disclose such a government related identifier,

unless this is permitted by the Privacy Act (for example, use of an identifier to verify an individual’s identity or uses or disclosures required or authorised by or under an Australian law).

8. Data quality and security

8.1 General

We hold personal information in a number of ways, including in hard copy documents, electronic databases, email contact lists and in paper files held in drawers and cabinets.  We take reasonable steps to:

  • make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
  • protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and
  • destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the APPs.

You can help us keep your information up to date, by letting us know about any changes to your details, such as your address, email address or phone number. 

8.2 Security

The steps we take to secure the personal information we hold include computer and network protection measures (such as firewalls and anti-virus software), security restrictions on access to our computer systems (such as login and password protection), controlled access to our premises, controlled document storage and security, and personnel security (including restricting access to personal information on our systems to staff who need that access to carry out their duties).

Online credit card payment security

Online credit card payments are processed by Securepay and we do not receive credit card information you supply for this purpose.

Website security

While we strive to protect the personal information and privacy of users of our website, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk.  If you are concerned about sending your information over the internet, you can contact us by telephone or post (details under heading 11 below).

If you subscribe to our services online, you can also help to protect the privacy of your personal information by maintaining the confidentiality of your username and password and by ensuring that you log out of the website when you have finished using it.  In addition, if you become aware of any security breach, please let us know as soon as possible.

Third party websites

Links to third party websites that are not operated or controlled by us are provided for your convenience.  We are not responsible for the privacy or security practices of those websites, which are not covered by this Privacy Policy.  Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

9. Access and Correction

9.1 General

Please contact our Privacy Officer (details under heading 11 below) if you would like to access or correct the personal information that we hold about you.  

10. Complaints

If you have a complaint about how we have collected or handled your personal information, please contact our Privacy Officer (details under heading 11 below).  We will normally respond to a complaint within five business days.

If you are unhappy with our response or lack of response to a complaint, you can refer your complaint to the Office of the Australian Information Commissioner or, in some instances, other regulatory bodies, such as the Victorian Health Services Commissioner or the Australian Communications and Media Authority.

11. Our contact details

Please contact us if you have any queries about the personal information that we hold about you or the way we handle that personal information. Our contact details are set out below.

Mail: Privacy Officer, Therapeutic Guidelines Limited, 473 Victoria Street West Melbourne, 3003.

Email:  privacy@tg.org.au

Telephone: (03) 9326 6324

Further general information about privacy is available on the website of the Office of the Australian Information Commissioner at www.oaic.gov.au or by calling the OAIC’s enquiry line at 1300 363 992.

12. Changes to this Policy

We may amend this Privacy Policy from time to time.  The current version will be posted on our website and a copy may be obtained by contacting our Privacy Officer (details above).