ABOUT THIS POLICY
We are committed to providing you with professional and valuable products and services whilst safeguarding your privacy.
This Data Privacy Policy ("Policy") outlines when, why and how we collect, use, disclose and/or otherwise handle (collectively "process") personal data about (i) individuals associated with our customers (including opticians), (ii) individuals associated with potential customers, (iii) consumers of our products and/or services; (iv) individuals associated with suppliers, business partners, service providers or other types of third parties we engage, retain or otherwise interface with in our business operation; and (v) users of our online Platforms (including users of our online webinars, training and resources) ("Data Subjects"). "Platforms" include websites, mobile apps, electronic communications, social media platforms such as WhatsApp, electronic forms, online market surveys, and online points of sale and events.
"Personal Data" is any information relating to you, whether true or not, which can be used to personally identify you, either directly or indirectly. We will process your Personal Data, as described in this Policy and as described when we collect data from you. This Policy must be read together with any other legal notices or terms and conditions provided or made available to you when we collect data from you (or at a later stage) or that are available on other pages of our Platforms.
The provision of certain types of your Personal Data in connection with your use of our Platforms is mandatory, including, where you register for an account on our Platforms, your name, work phone and email address, so that we can ensure that only authorised persons may access the relevant Platform. If you do not provide such information, we may not be able to provide you with access to or full use of the Platform in question or provide you with the requested product/s or service/s. The provision of Personal Data in other contexts, such as visiting our websites (without registration), is voluntary.
In this Policy
- references to "we", "us" or "our" means CooperVision Australia Pty Ltd and/or the Affiliates (defined below); and
- references to "you" and "your" are to the Data Subjects.
WHATSAPP & OTHER SOCIAL MEDIA PLATFORMS
We are not responsible or liable for the collection, use, disclosure and processing by WhatsApp or any other social media platform providers of any content or Personal Data relating to you collected through WhatsApp or such other social media platforms. You are encouraged to carefully review WhatsApp's and such other social media platform providers’ privacy and cookie policies.
COOKIE POLICY
Where you use our Platforms, we will process your Personal Data collected by using cookies in accordance with this Section C.
A cookie is a small text file that a website, application or other online platform stores on your computer or mobile device when you visit the site. We may use cookies on our Platforms for a number of different purposes, e.g. for technical reasons like letting you navigate between pages efficiently, for storing your preferences and for generally improving your user experience of a Platform. If you do not wish to receive any cookies, you may set your browser to refuse cookies. Cookies must be enabled to use the services on the Platform. If you set your browser to refuse cookies, you will be unable to log into the Platform or use the services on the Platform.
WHO IS RESPONSIBLE FOR YOUR DATA?
CooperVision Australia Pty Ltd with its place of business at: Suite 2.01, 26 Rodborough Road, Frenchs Forest, NSW 2086 registered in Australia with company registration number ABN 12 060 200 553 ("CooperVision") is the data user in relation to your Personal Data.
Where CooperVision shares Personal Data with CooperVision affiliates ("Affiliates"), which means our subsidiaries, our ultimate holding company and its subsidiaries (including CooperVision, Inc., and other Affiliates located outside of Australia), the Affiliates are also data users as explained in this PolicyDetails of the Affiliates, including their locations, are listed here at https://coopervision.com.sg/APAC-Affiliates.
WHAT PERSONAL DATA DO WE PROCESS AND WHY?
We set out in the table below a non-exhaustive list of the types of Personal Data that we may collect and process and the purposes for which that Personal Data is collected and processed.
Data Subject category | Type of information | Purposes of processing |
Individuals associated with trade customers (including sole-practitioners, opticians working for companies or organizations, stores staff) |
|
|
Individuals associated with potential trade customers |
|
|
Consumers (including participants in promotional events) |
|
|
Individuals associated with suppliers, business partners, service providers or other types of third parties we engage, retain or interface with during operations |
|
|
Users of our Platforms |
|
|
* Where we do need to collect your sensitive information, we will only collect it with your consent, and we will only use it for the purpose for which you provided it.
We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your Personal Data but is not considered Personal Data in law to the extent that it will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Platform application feature. Usage Data includes information about how you use our Platforms, products and services. However, if we combine or connect aggregated data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Policy.
Our business purposes - we will also use your Personal Data for our internal business purposes including:
- for record keeping, statistical analysis, internal reporting and research purposes;
- to investigate any complaints you make;
- to provide evidence in any disputes or anticipated disputes between you and us;
- for the detection and prevention of fraud, other criminal offences and for risk management purposes;
- for business and disaster recovery (e.g. to create back-ups);
- to ensure network and information security;
- to host, maintain and otherwise support the operation of our Platforms, including to customise various aspects of our Platforms to improve your experience;
- for document and data retention/storage;
- to protect the rights, property, and/or safety of CooperVision, any of its Affiliates, its personnel and others; and
- to ensure the quality of the services we provide to our clients and other Data Subjects.
We may also be required to process your Personal Data to comply with our legal requirements or to enable us to fulfill the terms of any contract that we have with or in preparation of us entering into a contract with you.
HOW PERSONAL DATA IS COLLECTED AND HELD
We will collect Personal Data directly from you or from third parties including through our Platforms, when you contact us (via our Platforms or otherwise), or through our service providers. Where practicable, we will collect Personal Data directly from you. If we receive information about you from someone else, we will take reasonable steps to ensure you are aware that we have collected Personal Data about you and the circumstances of the collection.
We may hold Personal Data in a number of formats and in various types (both physical and electronic) of storage facilities (including the cloud) that may be owned by us, our Affiliates or our third party service providers.
HOW AND WHEN DO WE SHARE PERSONAL DATA WITH THIRD PARTIES?
This Section G describes with whom we may share your Personal Data.
- Data sharing within CooperVision group
CooperVision may share your Personal Data with its Affiliates:- where we need to do so in order to provide the products and/or services or information that you have requested; for example, we may transfer your Personal Data to CooperVision Inc. and Eye Care Prime, LLC for central support services; or
- for the purposes of IT support and maintenance; or
- internal governance and administration; or
- if you consent to us doing so; or
- to comply with our legal or regulatory obligations; for example, we may transfer your Personal Data to CooperVision Inc. in the US, which hosts our database of product and patient regulatory information.
- Data sharing with service providers
We also share your Personal Data with our third party service providers, whom we engage to provide various services, which include but are not limited to:- delivery of our products (e.g. couriers);
- our Platforms (e.g. hosting and maintaining our Platforms); and
- IT services and solutions (e.g. providing data storage, assisting us with database management).
- Data sharing with other recipients
We may also share your Personal Data with:- our accountants, auditors, lawyers or other professional advisers when we ask them to provide us with professional advice;
- any other third party if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or to protect the rights, property and/or safety of CooperVision, any of its Affiliates, its personnel and others;
- any other third party for the purposes of acting in accordance with the requirements of a court, regulator or government agency, for example, complying with a court order or acting in accordance with an applicable law or regulation;
- police and other law enforcement agencies in connection with the prevention and detection of crime; or
- prospective and actual investors and other relevant third parties in the event of a potential sale or other corporate transaction related to CooperVision and/or any of its Affiliates.
- Data sharing within CooperVision group
INTERNATIONAL TRANSFERS OF PERSONAL DATA
The transfer of your Personal Data to and between the Affiliates, service providers or other recipients may involve your Personal Data being sent to recipients outside of your jurisdiction, including to the United States, United Kingdom, Singapore and other countries in which our Affiliates are located. Where we transfer Personal Data overseas, we will implement appropriate and suitable safeguards to ensure that such Personal Data will be protected as required by applicable data protection law.
HOW LONG DO WE STORE PERSONAL DATA?
It is our policy to retain your Personal Data for the length of time required for the specific purpose or purposes for which it was collected (e.g., for the fulfillment of an agreement with you). However, we may be obliged to store some Personal Data for a longer time, taking into account factors including:
- legal obligation(s) under applicable law to retain data for a certain period of time (e.g. compliance with tax and accountancy requirements);
- the establishment, exercise or defence of legal claims (e.g., for the purposes of a potential dispute).
HOW DO WE PROTECT YOUR PERSONAL DATA?
We implement technical and organisational security measures to protect your Personal Data against the risk of accidental or unauthorised access, processing, erasure, loss, misuse, alteration or destruction. Such measures may include the use of firewalls, encryption (where appropriate), access rights management processes, careful selection of processors and other technically and commercially reasonable measures to provide appropriate protection for your Personal Data. Where appropriate, we may also make backup copies and use other such means to prevent accidental damage to or destruction of your Personal Data.
Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure. For any payments which we take from you online we will use a recognised online secure payment system, which may be subject to a third party's privacy policy.
YOUR RIGHTS
This Section K explains your data protection rights that you can exercise. The rights may only apply in certain circumstances and are subject to certain exemptions. You can exercise these rights using the contact details set out in Section M (How to Contact Us).
- The right to be informed - you have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data. This is why we are providing you with the information in this Policy and in any legal notices or terms and conditions provided to you.
- The right of access - you have the right to access your Personal Data that we hold about you, subject to certain exemptions.
- The right to rectification - you can ask us to take measures to correct your Personal Data if it is inaccurate or incomplete (e.g. if we have the wrong name or address for you).
Before assessing your request, we may request additional information in order to identify you. If you do not provide the requested information and, as a result, we are not in a position to identify you, we may refuse to action your request.
We may charge a fee that is not excessive in order to comply with a data access request.
THIRD PARTY LINKS
Our Platforms may include links to third-party websites, plug-ins, applications and platforms (collectively "Third-Party Platforms"). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these Third-Party Platforms and are not responsible for how they handle your Personal Data. When you leave one of our Platforms, we encourage you to read the privacy notice of every Third-Party Platform you visit.
HOW TO CONTACT US
If you wish to request further information regarding this Policy or the way we use your Personal Data, or if you wish to exercise any of the above rights set out in Section J or to make a complaint, you can contact us as follows:
Person-in-charge: Privacy Officer
Email: dpo@coopervision.com
Postal Address: PO Box 6520, Frenchs Forest, NSW 2086
Telephone:
• Australia: 1800655480
• New Zealand: 0800606060We will endeavour to respond to your enquiry or complaint within a reasonable period. If we fail to respond to a complaint within a reasonable time or if you are dissatisfied with our response, you may submit a complaint to your local data protection authority.