Discount Drug Stores Online Store is owned and operated by Sigma Company Limited ABN 004 132 923
Sigma Healthcare Limited, including all of its Related Bodies Corporate (as defined in the Corporations Act 2001 (Cth)) (Sigma) is committed to maintaining your privacy in accordance with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Cth). This document sets out Sigma’s policy regarding the collection, access, storage and use of personal information which we may obtain during the course of operating our business.
Sigma’s Credit Reporting Policy is at the end of this policy and sets out how we manage your credit information and credit eligibility information where this is relevant to you, and is our credit reporting policy for the purposes of Part IIIA of the Privacy Act.
Sigma’s Privacy Officer is the company’s General Counsel and Company Secretary.
Contact details are:
General Counsel and Company Secretary
3 Myer Place
telephone 03 9215 9215
facsimile 03 9215 9799
If you have any issues regarding privacy with Sigma you should contact your usual Sigma representative or the Privacy Officer.
2. Collection of personal information by us
Sigma will only collect information (including sensitive information) that is reasonably necessary for one or more of its functions or activities. Sigma will only collect sensitive information with your consent or as permitted or required by law.
Except to the extent Sigma is not permitted to do so by law or where it is impractical to do so, we will give you the option of not identifying yourself or using a pseudonym. However, in most cases that may be impractical or Sigma may be required to collect your personal information in order to provide you with products or services. If Sigma cannot collect that information, Sigma may not be able to provide you with goods or services.
The kinds of personal information we collect and store will depend on what products and services you request from us. However, it may include (amongst other things):
• your name, address, date of birth, telephone numbers, e-mail address, financial information (including credit card details or bank account numbers);
• your opinion/preferences about specific products and services,
• transactional information about your use of our products and service; and
• to the extent required or permitted by law, a government related identifier.
In some cases the information we collect will be sensitive information including for example information regarding membership of a professional or trade association, health information, genetic information that is not otherwise health information or biometric information.
The lists above are not exhaustive. We may sometimes need to collect additional information.
We may collect your information in a number of ways, including:
• directly from you (such as where you provide information to us when complete an application form or agreement for one of our services, or contact us with a query or request);
• from third parties such as our related entities, business or commercial partners, credit reporting bodies (for more details see our Credit Reporting Policy below), or third parties listed in part 4 (Exchange of personal information with third parties) below;
• from publicly available sources of information; or
• from our records of how you use the products or services provided by us including in respect of any website controlled by us.
3. How your personal information may be used and disclosed
We collect your personal information so that we can use it for our functions and activities which include, amongst other things:
• activating accounts with us and verifying your identity;
• providing goods and services to you;
• being aware of any special product and service requirements you may have;
• providing you with electronic confirmation of your orders (where applicable) and advising you of any changes to our products and services;
• confirming your identity when you contact us;
• to comply with any legal or regulatory obligations imposed on us;
• to charge and bill you for the products and services we provide to you, and to collect any amounts you may owe us;
• addressing any feedback or complaints you may have;
• any purposes for which it was requested and any secondary purposes to which you have consented or for which we are lawfully allowed to use your information;
• developing, improving and marketing our products and services; and
• sending you marketing materials in connection with any products or services offered by Sigma unless you opt out.
If you do not provide us with your personal information, we may be unable to do one or more of the above (including being unable to accept any orders and service requests).
Personal information we collect from you may be disclosed:
• to any entity to which we are required or authorised by or under law to disclose such information (for instance, Federal or State law enforcement agencies and investigative agencies, courts, various other Federal or State government bodies);
• to others that you have been informed of at the time any personal information is collected from you;
• to our business associates and others for purposes permitted under this policy;
• to our management and personnel;
• to our professional advisors and other contractors (for example IT consultants and mailing houses);
• to third parties in a de-identified format for research purposes (including the development of third party products and services); or
• with your consent (express or implied), to others.
We may also obtain personal and other information from some or all of the above to enable us to provide our services or products to you. When we obtain personal and other information from third parties whom we are referred to by you we will assume and you will ensure that you have made that third party aware of the referral of the persons and purposes involved in the collection, use and disclosure of the relevant personal or other information.
Your consent to a third party obtaining or accessing information may be implied from your use of the third party’s goods or services which involve obtaining or accessing persona information from us or organisations like us or you enabling a third party to access your information held by us.
Where we disclose your information, where we are required to, we will take such steps that are reasonable in the circumstances to de-identify the information.
4. Taking care of your personal information
We may store your information electronically or in hard copies. Sigma will take reasonable steps to protect the personal information it holds from misuse, interference and loss and from unauthorised access, modification or disclosure.
Sigma will take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed.
5. Quality, access and correction of our personal information
We will take such steps as are reasonable in the circumstance to ensure that the personal information that we collect or disclose is accurate, up-to-date and complete (in the case of disclosure, having regard to the purpose of the disclosure).
You can ask to obtain access to your personal information that we and/or our contractors hold, although under some circumstances permitted by law, we may not provide such information to you. Also, we may not be able to require our contractors to provide personal information to you.
We may ask you to put your request in writing and pay a reasonable fee levied by us for this.
It is important to us that the personal information we hold about you is accurate, complete and up to date. If you are aware that this is not the case and would like your personal information corrected, or simply desire access to your personal information, please contact us at:
General Counsel and Company Secretary
3 Myer Place
telephone 03 9215 9215
facsimile 03 9215 9799
6. Transfer of your personal information overseas
Generally, Sigma will not disclose your personal information to overseas recipients but Sigma may do so in some circumstances including for the purposes permitted in this policy or expressly agreed to by you. Sigma will only do so to the extent it is lawful including where:
• Sigma has taken such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the APPs;
• Sigma reasonably believes that the recipient of the information is subject to a law or binding scheme which effectively protects information in a manner that is substantially similar to the APPs; or
• the inpidual consents to the transfer or the disclosure is allowed or required by law.
Any complaint by an inpidual regarding Sigma’s management or handling of personal information should be directed to Sigma’s Privacy Officer. Contact details are set out at the commencement of this Policy.
To enable a complaint to be properly understood and acted upon it is requested that it be made in writing, specifying the personal information involved and the contact or process at Sigma that is the subject of the complaint.
All complaints will be acknowledged within 3 business days of receipt. Contact details of the person in Sigma dealing with the complaint and the Privacy Officer will also be advised to the inpidual making the complaint at this time.
Complaints will be responded to within 15 business days. If this is not possible the inpidual will be advised as to when Sigma expects to be able to respond.
If Sigma’s response does not resolve the complaint Sigma and the inpidual will in good faith promptly agree a process and time frame for dealing with the complaint.
Credit Reporting Policy
This Credit Reporting Policy relates to Sigma and to our Related Bodies Corporate that are deemed to be credit providers or affected information recipients for the purposes of the Privacy Act 1988 (Cth).
We may provide credit as contemplated in the Privacy Act to our customers in connection with our products and services (for example, trade credit accounts) and, as a result, we may collect credit information and credit eligibility information about you as referred to in the Privacy Act. This Credit Reporting Policy sets out how we collect, manage and disclose that information.
2. How we collect and hold credit information and credit eligibility information about you
Credit information relates primarily to your credit related dealings with us and other credit providers and includes various types of information that can be collected by Credit Reporting Bodies (CRBs) that report on consumer credit worthiness. We may collect credit information directly from you or from third party sources like CRBs.
Credit information includes:
• identification information (including for example your date of birth, your address and driver’s licence numbers);
• information about your credit account (for example when it was opened) and information about your liabilities including for example the type, character and limits of any credit provided to you;
• details of repayment history and credit applications;
• any assessment of your financial condition;
• details about information requests we make about you to CRBs;
• information about certain overdue payments, default listings and about serious credit infringements and information about payments or subsequent arrangements in relation to either of these; and
• various publicly available information like bankruptcy and credit-related court judgements.
3. How we use and when we disclose your credit information and credit eligibility information
We may disclose your credit information to CRBs. Those CRBs may then include that information in credit reporting information that they provide to other credit providers to assist them to assess your credit worthiness.
Our use and disclosure of credit eligibility information is regulated by Part IIIA of the Privacy Act and the Credit Reporting Privacy Code. We will only use or disclose such information for purposes permitted by these laws, such as:
• processing credit-related applications and managing credit that we provide;
• assisting you to avoid defaults;
• collecting amounts you may owe us in relation to such credit and dealing with serious credit infringements;
• assigning our debts;
• participating in the credit reporting system;
• dealing with complaints or regulatory matters relating to credit or credit reporting; or
• when required or authorised by another law.
4. How to access or correct your credit information
We may apply an administrative charge for providing access to your credit eligibility information, depending on the request.
5. How to make a complaint regarding our compliance with Part IIIA of the Privacy Act and these Credit Reporting Privacy Terms
We will acknowledge your complaint in writing as soon as practicable within 7 days. We will aim to investigate and resolve your complaint within 30 days of receiving it. If we need more time, we will notify you about the reasons for the delay and ask for your agreement to extend this 30 day period (if you do not agree, we may not be able to resolve your complaint).
We may need to consult with a CRB or another credit provider to investigate your complaint. While we hope that we will be able to resolve any complaint without needing to involve third parties, if you are not satisfied with the outcome of your complaint you can make a complaint to the Australian Information Commissioner (www.oaic.gov.au).