In the course of carrying out our activities, Spark Up Pty Ltd (ACN 097 215 471) (Spark Up, we, us or our) will collect, store, use and disclose personal information. We are committed to the protection of your personal information and to compliance with applicable privacy laws.
Personal information is information or an opinion about an identified or reasonably identifiable individual, whether or not the information or opinion is true and whether or not the information is recorded in a material form.
Types of personal information we collect and hold
We collect and hold personal information about individuals in the course of undertaking our business activities, providing our services and the purposes connected to those activities (together, our activities).
The types of personal information we may collect, and hold over the course of our activities includes the following.
Identity and contact details. We collect information such as your name, address, telephone number, email address, job title, organisation details, and other identifying and contact information.
Health information. With your consent, we may collect information about medicines and pharmaceuticals you purchase, and a health service you’ve had or will receive.
Digital information.We collect text of written and oral communications gathered in the course of our interaction with you online, including where you interact on website and emails, provide feedback and online reviews and other information from your interactions with us online including cookie information, IP address, URLs, search histories and other associated information.
Consistent with our activities, we may need to collect your health information either directly from you or indirectly from third parties. Health information falls under a protected category of information called ‘sensitive information’, which is a subset of personal information under applicable privacy laws. If you provide us with your sensitive information voluntarily, you consent to our collection of such information. If we collect your sensitive health information from a third party, we will take reasonable steps to ensure that the third party has obtained valid consent from you.
If you voluntarily provide us with health information, and Spark Up has no purpose to collect or handle such health information, we will delete and destroy that information from our systems.
How we collect and hold personal information
The ways we may collect your personal information are as follows.
Directly from you. We may collect personal information directly from you in the course of undertaking our activities, from communications via phone, email and text.
From publicly available sources. We may also collect personal information from publicly available sources of information, including via websites, directories, and social media channels.
From third parties. Third parties we engage may provide us with your personal information for the purposes of engaging with our activities, including where you are an employee and/or customer of such third parties.
Spark Up takes reasonable steps to protect your personal information. Personal information is held securely and is subject to various security protections. Spark Up implements the following measures.
Password protection. Passwords are updated regularly to enhance access control and prevent unauthorised access.
Database management. Databases containing personal information are hard deleted once their intended use is fulfilled. Spark Up does not email databases internally, and if stored in a Microsoft Excel format, they are password protected on our main server.
Purposes for which we hold, use and disclose personal information
We will not use or disclose personal information for any secondary purpose, unless that secondary purpose is related to the primary purpose for which we have collected that information, and you would reasonably expect the disclosure in the circumstances, or unless you consent to that use or disclosure.
The purposes for which we collect, hold, use and disclose information may include:
conducting our business, which includes undertaking our activities engaging with you in respect of our activities;
to communicate information about our activities; and
to provide you with information or advertising relating to our activities (including targeted advertisements) or marketing communications we believe may be of interest to you;
to improve and optimise our platforms (including our websites) and services;
for our internal administrative, research, planning and marketing purposes; and
to comply with legal obligations and protect our legal interests and rights (including our intellectual property rights).
We may also disclose personal information to:
our affiliates and related bodies corporate; and
our third party service providers, including services providers who assist us with our activities.
Retention, access and correction
We will only keep records of your personal information as long as they are still necessary for the purposes listed above for which we collected such personal information.
We will take all reasonable steps to ensure any personal information we collect, use or disclose is up to date and accurate. If you believe personal information that we hold about you is not up to date or accurate, you may ask us to correct it.
You may ask us to provide you with details of the personal information we hold about you, and copies of that information. We will respond to your request and attempt to provide you with the data within 30 days of receipt of your request.
If we provide you with copies of the information you have requested, to the extent permitted by law, we may charge you a reasonable fee to cover the administrative costs of providing you with that information.
We may, in the course of conducting our activities, disclose personal information to overseas entities including when we use third party service providers to deliver our goods and/or products. Those overseas entities may be located in New Zealand.
Regardless of the location of our processing, we will impose adequate data protection safeguards and implement appropriate measures to ensure that your personal information is protected in accordance with applicable data protection laws.
If you consider a breach of the Privacy Act 1988 (Cth) has occurred, you may direct your query to our Privacy Officer using the details set out below and we will attempt to resolve your complaint.
If you do not consider our response satisfactory, you may contact the Australian Privacy Commissioner at its website oaic.giv.au or by telephone on 1300 363 992.
Australia: Unit 19/32-34 Campbell Avenue, Cromer, NSW, 2099, Australia