Compound Direct

Privacy Policy

The Compound Direct software, website, application and all other associated services (Services) are provided by Compound Direct Pty Ltd ACN 652 134 739 (us, we, our).

Your privacy is important to us, which is why we want to make sure that any personal information you provide to us while using our Services is protected. Before interacting with our Services, please read this Policy which sets out what information we collect from you and how we use it. Please note that this Policy forms part of our Customer and End User Software Licence Agreements and you accept and agree to this Policy by continuing to use our Services.

What information do we collect and hold? 

We may collect and hold a variety of information from you while using our Services. This may include information which can be used to personally identify you or another individual (Personal Information). Some types of Personal Information we may collect, depending on your use of the Services, includes:

  1. names;
  2. age and date of birth;
  3. e-mail addresses;
  4. street addresses;
  5. telephone numbers and other contact details;
  6. credit card details;
  7. government identifier details, such as Medicare card numbers;
  8. health information such as current and historical medical conditions and prescribed medications.

By providing us with Personal Information, to the extent consent is required by us, you consent to our use of that information in accordance with this Policy, or where you are providing us with Personal Information of another individual, you warrant that you have obtained the necessary consent to disclose that Personal Information to us.

We may also collect and hold other information when you use our Services, which may or may not include Personal Information, such as:

  1. data which provides descriptive, technical, statistical and other metadata type information regarding your use of our Services;
  2. information about your purchase, supply and enquiry history with us and third parties who you liaise with via the Services (e.g. ingredient suppliers);
  3. any other information you disclose to us through interacting with the Services, our support team, message boards, surveys, promotional offers, reviews or otherwise.

It is optional for you to provide us with Personal Information. However, we may not be able to provide some or all of our Services to you without certain Personal Information.

How do we collect Personal Information? 

How we collect and store your Personal Information depends on which Services you use and how you choose to interact with them.

We generally collect Personal Information directly from you in the following ways:

  1. through your use of our Services, such as when you upload data;
  2. through communications between you and our representatives or support team;
  3. whenever you create an account with us;
  4. whenever you make purchases through the Services;
  5. whenever you participate in our promotional offers or surveys;
  6. whenever you provide us with feedback or any other information or documentation about the Services.

We may also collect your Personal Information from third parties such as:

  1. our business partners and contractors, such as third party software providers who you have provided Personal Information to via the Services;
  2. social media sites where you have connected your account with our Services or where you have visited our social media pages such as those on Facebook and Instagram;
  3. government bodies, departments or agencies; and
  4. pharmacists or their authorised representatives whenever they upload Personal Information about an individual via the Services.


How do we hold Personal Information? 

We carry on our business operations from Australia.

Any Personal Information held by us is securely physically stored on our business premises in Australia and/or stored digitally on third party servers hosted in Australia. Stored Personal Information about you may be combined or linked with any other information about you that we hold about you, including any information we receive from third parties.

We have taken all reasonable steps, including implementing a number of industry standard security systems and protocols, to prevent any misuse, loss, interference, modification or unauthorised access or disclosure of Personal Information held by us or our data processors.

We will only retain your Personal Information for as long as necessary to fulfil the purpose/s for which the Personal Information was obtained.

We may however retain your Personal Information for a period longer than above where necessary for us to fulfil any legal obligation or in order to protect the vital interests of yourself or another person.

If you are a European Economic Area (EEA) resident, we ensure that the transfer of your Personal Information to Australia will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission, a copy of which can be obtained from the European Commission website, by ensuring the recipient has adopted binding corporate rules or ensuring that the recipient provides an appropriate level of data protection based on an adequacy decision of the European Commission.

What do we use Personal Information for? 

We may collect, hold, use and disclose Personal Information and other information for the following purposes:

  1. to assess your identity and eligibility for the Services;
  2. to provide, monitor and improve the Services;
  3. to provide you with updates on the Services;
  4. to arrange for third party services to be provided or received by you, as applicable;
  5. to provide you with news and information on promotional offers, upcoming events and products offered by us or our business partners;
  6. to provide support and communicate to you as our customer;
  7. to manage any accounts you have with us;
  8. to investigate any complaint or issue arising in connection with your use of the Services and intervene in any dispute;
  9. to process payments from you;
  10. to collect and pay any amount on your behalf or to make a payment to you;
  11. to provide information to our related bodies corporate in order to carry out our business operations;
  12. to our external service providers such as our data hosting partners and IT service providers in order for our Services to be provided;
  13. to display content and/or advertising that is relevant to you;
  14. our marketing, planning, research, maintenance and administrative purposes;
  15. to provide to third parties where disclosed to you in this Policy or otherwise where authorised by you;
  16. to provide to our third party payment service providers as necessary to process a payment to or from you;
  17. to obtain an overview of how you use our Services and for profiling so that we may provide advertising more relevant to you;
  18. to disclose as part of a transfer of our assets should we propose or proceed to sell, merge or otherwise alter ownership of our business;
  19. to initiate or respond to a claim or other legal action;
  20. to carry out research and fulfil other public health purposes, in which case Personal Information is de-identified to protect the individual’s privacy;
  21. to disclose information to credit reporting agencies, courts, tribunals and other regulatory agencies; and
  22. as permitted or required by law.

We process Personal Information to the extent necessary to carry out our legitimate business purposes and interests as listed above or otherwise, unless we are required by law to obtain your consent to process Personal Information in a specific way, in which case we will rely on any consent obtained in order to carry out that processing.

When Personal Information is disclosed by us to our related entities or third parties as listed above, Personal Information will only be disclosed to that party to the extent necessary for the disclosure purpose identified in the list above to be carried out by that party.

Depending on how you use our Services, processing of your Personal Information may also be necessary in order for us to fulfil contractual obligations to you (such as where you have placed an order with us).  

Where we determine it is commercially viable to do so, we will attempt to carry out any of the above listed purposes without using Personal Information or by de-identifying Personal Information first, so that an individual cannot be recognised by that information.

Except where retention is required by law, we will take reasonable steps to de-identify or destroy any Personal Information where it is no longer needed for the purposes provided for in this policy.

Accessing, updating and deleting your Personal Information 

You have a right to request access to and seek correction of any Personal Information we hold about you, such as information which you believe is incorrect, incomplete, outdated, misleading or irrelevant. You may also request additional information from us regarding the purposes for which we process your Personal Information and the types of third parties to whom we disclose your Personal Information.

You may access and amend your Personal Information by logging into any account you have with us via the Services or by sending us an email via the contact details at the end of this Policy. We may charge a reasonable access fee if multiple requests for access are made by you.

If you are an EEA resident, in addition to the above, you have the following rights in relation to your Personal Information:

  1. the right to withdraw consent or ‘opt out’ from us processing your Personal Information (the lawfulness of processing prior to the withdrawal of consent will not be affected);
  2. the right to have us delete your Personal Information from our database without undue delay if you withdraw your consent (where our use was based on consent) or the information is no longer required for the purpose/s for which it was obtained;
  3. the right to restrict how we process your Personal Information, such as where the information is inaccurate or the use is unlawful;
  4. the right to receive access to your Personal Information as held by us, in a form that is accessible and commonly used;
  5. the right to object to the processing of your Personal Information in a particular way (including direct marketing purposes, profiling or automated decision making for direct marketing purposes).

The above is a summary of your rights only, for example, some rights may only be exercisable in certain circumstances or our obligation to fulfil your request may be subject to certain exemptions. You should make your own enquiries into the full extent of your rights at law.

If you wish to exercise any of the above rights in relation to your Personal Information, you can make this request via the email or postal contact details at the end of this Policy. Where applicable to you, some of the above rights, such as to ‘opt out’ of further emails from us or to delete the Personal Information held by us can be carried out by deleting your account with us or clicking the ‘unsubscribe’ link at the bottom of an email from us.  

Other Information & Third Parties 

Whilst you are using our Services, we, our advertisers, business partners and other third parties may also collect and hold other information by using cookies or other technologies. Cookies allow tracking and storage of information about your use of the internet and our Services either directly or through third parties, such as Google Analytics.

In some cases, you can choose not to provide us with information by setting your browser to refuse cookies, however this may restrict your ability to fully interact with our Services. Where cookies are not mandatory in order for our Services to be provided, we will request your consent to our use of cookies when you first use our Services.

Cookies are used by us for various reasons including to:

  1. store your username and password for any account you hold with us on a device so you do not have to re-enter it;
  2. generate statistical information and reports about your use of the internet and our Services;
  3. to understand your interests, demographic and location details to provide you with a more customised experience when using our Services;
  4. to personalise advertising to suit your interests and prevent the same advertisement appearing to you repeatedly; and
  5. to combine information about your usage patterns with similar information obtained from other users to help enhance our Services (e.g. to learn which features are used most frequently).

We may also implement other technologies to obtain information for reasons similar to those above. This information may occasionally be shared with our advertisers and business partners, but this does not include Personal Information. However, please note that we cannot control or accept responsibility for the use of cookies or other technologies implemented by third parties.

Supply lists, promotional offers, comments, opinions or any other content or website that is created or hosted by a third party, but is accessed by you via our Services (through embedding, hyperlink, plug in or otherwise), may be subject to that third party’s own privacy and data collection policies and practices which may vary from our own. You enter into any transactions with a third party via the Services at your own risk and we are not a party to those transactions.

If you voluntarily disclose Personal Information via a publicly accessible feature of our Services you do so at your own risk, as this information may be publicly available around the world and third parties may access and use this Personal Information to send you unsolicited material or otherwise use your Personal Information in a manner we cannot control.

Please do not provide us with Personal Information of a third party unless requested by us. If you provide us with Personal Information about a third party, you warrant that you have the consent of that third party to provide that Personal Information.

Complaints 

If you have complaints, comments or concerns regarding this Policy, please first contact us directly via the details at the end of this Policy. We will endeavour to get back to you as soon as possible, but we ask that you allow us up to 30 days to respond before taking any other action. We will investigate your complaint in a timely manner and advise you of the outcome of our investigation, including what steps, if any, we propose to take to handle or remedy your complaint.  

If you are an EEA resident, despite the above, you have the right to complain directly to a supervisory authority which is responsible for data protection at any time.

Updates 

We may update this Policy from time to time; the most current version of this Policy will always apply. We may notify you of updates to this Policy by email or the Services from time to time.