Medtronic Australasia Pty Ltd and Medtronic New Zealand Ltd
1. Commitment to Privacy
Medtronic Australasia Pty Ltd and Medtronic New Zealand Limited (hereinafter referred to “we”, “us”, "our" and “Medtronic”), are bound by the Australian Privacy Principles (“APPs”), contained in the Privacy Act 1988 (Cth) and the New Zealand Information Privacy Principles ("IPPs") contained in the Privacy Act 1993 ("ANZ Privacy Laws"). We may also be bound by State and Territory privacy laws in Australia, and to the extent we are bound by those laws, they form part of the ANZ Privacy Laws. The object of the ANZ Privacy Laws is to protect the confidentiality of “personal information” and the privacy of individuals by regulating the way in which personal information is managed.
Broadly, “personal information” means information or an opinion about an identified individual or from which an individual can be reasonably identified ("Personal Information").
Personal Information can include “health information”, which refers to information regarding an individual’s physical or mental health or a health service provided to an individual or "sensitive information", which includes information or an opinion about an individual's health, racial or ethnic origin, political opinions, philosophical criminal record and sexual orientation, amongst other things ("Sensitive Personal Information").
Medtronic is committed to protecting the Personal Information it collects and regularly monitors its systems and procedures to ensure compliance with the APPs, IPPs and this Policy. This Policy outlines the way in which Medtronic deals with the Personal Information it collects in Australia and New Zealand only. You should review the privacy statement posted on other Medtronic regional websites should you visit them.
We are not responsible for the privacy practices of any third party websites that may be linked on our website.
Medtronic collects Personal Information that is reasonably necessary for or directly related to our functions and activities as a provider of medical devices. In some cases, we are required by the Therapeutic Goods Act 1989 (Cth) to collect Personal Information in order to comply with our regulatory obligations such as responding to safety concerns about our products.
Medtronic collects Personal Information from or about you when we ask you for it and you provide it, and also through technology that collects the information automatically, such as cookies or other similar technologies.
The Personal Information we collect may include:
If you are a healthcare professional, additional Personal Information we may collect includes:
If you are a patient, additional Personal Information we may collect includes:
Personal Information may be collected by Medtronic in the course of:
3. Use and Disclosure
Medtronic will use your Personal Information for the primary purpose for which it is collected, which generally includes the following purposes:
We may also use your Personal Information to:
We will only use or disclose your personal information for a purpose that was not the primary purpose for which we collected it, if you would reasonably expect us to do so or if we have your permission, or if the purpose is in connection with the purpose with which the information was obtained or directly related to it.
We may disclose Personal Information:
If you do not wish to receive information or materials about Medtronic products and updates, you may request not to receive these marketing materials. Once Medtronic receives your request, we will add your name to a no contact list for marketing purposes.
Sometimes we may collect Sensitive Personal Information if you disclose it to us, or as part of providing services to you. When dealing with Sensitive Personal Information, such as your health information, for a purpose that is not directly linked to the primary purpose of collection, Medtronic will generally seek your consent before using Sensitive Personal Information. In only very limited circumstances, such as where required by law to disclose information or in the event of a serious threat to your life or health, will we disclose your health information to the extent necessary in the circumstances without your consent.
4. Cross Border Data Transfer
As part of a global group of companies located in many different countries, we may disclose your Personal Information to a Medtronic company or affiliate, or to our database or servers overseas which may be provided to us by our third party service providers. The countries to which we are likely to disclose Personal Information include the United States, Singapore, Switzerland and the Netherlands. In disclosing Personal Information offshore, Medtronic ensures that the use and disclosure of the personal information transferred is dealt with in accordance with this policy and the safeguards under ANZ Privacy Laws.
By providing Medtronic with your Personal Information, you consent to the transfer, storing, and processing of your personal information in other countries.
5. Transfer of Data to Third Parties
Medtronic will not sell your Personal Information to any third party for any purpose. Selected third parties may be used to provide Medtronic with support services in connection with our business operations; for example, database IT support. Such third parties may, from time to time, have access to your personal information to enable them to provide those services to Medtronic.
All companies providing such support services are required by Medtronic to process the Personal Information disclosed to them only for the purposes expressly authorised by Medtronic. Further, third parties are required by Medtronic to meet our standards of data protection and comply with the safeguards under ANZ Privacy Laws.
6. Data Security
Medtronic has put in place safeguards to protect the Personal Information we hold from misuse, loss, unauthorised access, modification or disclosure. Medtronic generally holds the Personal Information you provide to us in an electronic form on computer servers, which are password protected for limited access and are located in controlled facilities. However, Medtronic may also hold Personal Information in physical form, such as in paper hard copies. While Medtronic cannot guarantee against any loss, misuse or alteration to data, we take security safeguards as are reasonable in the circumstances to prevent such occurrences.
Access to the Personal Information is restricted to those employees who need to use the data, who have been trained to handle such data properly and observe strict standards of confidentiality.
Medtronic destroys or permanently de-identifies Personal Information that we no longer need, where permitted. Medtronic will not keep Personal Information for longer than required for the purposes for which the information may be lawfully used.
7. Access, Correction and Complaints
You have the right, in most cases, to access your Personal Information at any time. Medtronic takes reasonable steps to ensure that any information we hold about you is up-to-date, accurate, relevant, not misleading and complete. If you wish to request access or correct Personal Information we hold about you, or you have any questions about this Policy, please contact Medtronic’s Privacy Officer at firstname.lastname@example.org, setting out a full description of the request. We will respond to your requests to access or correct your Personal Information in a reasonable timeframe.
There is no charge for requesting access to your Personal Information but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs).
There are some circumstances in which we are not required to give you access to your Personal Information. Medtronic may not accommodate a request to access, change or delete Personal Information if it believes doing so would violate any law or legal requirement, or cause the information to be incorrect. In those circumstances, if requested by you, Medtronic shall take such steps as are reasonable, to attach a statement provided by you to the information of the corrections sought.
If you have a complaint about how we have handled your Personal Information or consider that we may have breached our obligations under ANZ Privacy Laws, please write to our Privacy Officer at email@example.com or at:
Medtronic Australasia Pty Ltd
Attention: Privacy Officer
2 Alma Road
Macquarie Park NSW 2113
We will respond to your complaint within a reasonable period, usually within 30 days. If you are unhappy with the resolution of your complaint, if you located in or reside in Australia, you may contact the Office of the Australian Information Commissioner (www.oaic.gov.au) or if you are located in or reside in New Zealand you may contact the Office of the Privacy Commissioner (https://www.privacy.org.nz/) for further guidance.