Version 2.0 (September 2024)

About this Policy

Cardiobase Pty Ltd (“Cardiobase”) is committed to managing personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth), European Union General Data Protection Regulation, UK Data Protection Act and other applicable privacy laws.

In this Privacy Policy, “you” refers to any individual about whom Cardiobase collects personal information.

What Personal Information Is Collected

Cardiobase collects personal information deemed necessary to provide its services. This may include:

• General Information: Name, date of birth, address, gender, contact details.

• Medical Information: For example medical history, medications, notes, allergies, adverse events, immunisations, ethnic and family history, risk factors, physiological measurements.

• Service Information: Details of services provided to you, and records of communications with Cardiobase.

  
  

How Is Personal Information Collected

Cardiobase collects personal information through various means, including when you:

• Visit the Cardiobase website, send an email or SMS, or communicate via social media.

• Express interest in or use Cardiobase services.

• Complete forms or questionnaires.

• Apply for or work with Cardiobase as an employee, contractor, or volunteer.

• Seek to engage Cardiobase.

In some cases, we may also collect information from third parties, including:

• Healthcare providers.

• Your guardian or responsible person.

• When applying to work for or with Cardiobase, third parties including recruitment agencies and referees.

• When engaging with Cardiobase.

  
  

How Is Personal Information Used

By providing your personal information, you consent to its use for the following purposes:

• Managing services provided to you.

• Researching and improving Cardiobase services and business operations.

• Conducting satisfaction surveys.

• Promoting Cardiobase’s services and capabilities.

• Complying with legal obligations and conducting business-related activities.

• To engage with you as an employee or a potential employee, contractor, or volunteer or client.

  
  

With Whom Is Your Personal Information Shared

Cardiobase may share personal information with:

• Third parties conducting who work with Cardiobase, such as investigators and external laboratories, and data monitoring companies.

• Healthcare providers and related bodies corporate.

• Outsourced service providers, including IT providers and professional advisors.

• Organisations involved in a sale or transfer of Cardiobase assets.

• Government and regulatory authorities as required by law.

Only people that need to access your personal information will be able to do so. Other than as set out in this policy, Cardiobase will not share your personal information with any third party without your consent. Where practicable, before personal information is provided to a third party it will be de-identified so as to no longer be capable of identifying you.

How Is Your Personal Information Stored and Protected

Your personal information may be stored physically and electronically. Cardiobase takes reasonable steps to ensure its security, including:

• Requiring confidentiality from staff and service providers.

• Implementing security measures for document storage and computer systems.

However, please note that data transmission over the internet cannot be guaranteed as completely secure.

How To Access Your Personal Information

You generally have a right to access and correct your personal information. If you wish to access your personal information or believe any information is incorrect or requires updating, please click on the “contact us” link at the top of this page. Please remember to provide as much detail as you can as this will help Cardiobase to find the information.

What If You Don’t Provide Personal Information

You can choose to remain anonymous when visiting our website. However, if you wish to engage with Cardiobase services, personal information will be required.

Cookies and Similar Technologies

Cardiobase may use Google Analytics and cookies to collect non-identifying information about website traffic. Data Tools may collect and store personal information, and this policy applies to such information. You may adjust your browser settings to disable these tools, but doing so may limit your access to some services.

What If There Is a Problem or You Want to Update Your Information

For any inquiries, corrections, or concerns regarding privacy, please refer to the Contact Us page of our website to get in touch.

This Policy May Change

This policy may be updated over time. All changes will be published on our website.