Clinical Research Corporation Pty Ltd (ACN: 167 749 233) and its related body corporates (including iQN Ltd (ACN: 149 731 644)) (together referred to as ‘CRC’) are committed to protecting and respecting your privacy. CRC is bound by the Privacy Act 1988 (Cth), including the Australian Privacy Principles (‘APPs’). In order to provide services to our clients, we need to request and retain some personal information. This allows us to process your requests, administer your accounts, provide you with information and provide you with any of the services we offer. We may also use your personal details to communicate with you about services and comply with relevant laws.
The Information CRC Collects and Holds
In the course of our business and wherever practicable, CRC may collect personal information from you that is necessary for us to perform our functions. The personal information collected may vary depending on the type of interaction we have with you. Whenever it is reasonable and practicable to do so, CRC will only collect personal information which is reasonably necessary for it to:
- Function and carry out its usual activities;
- Consider requests you make to CRC;
- Provide you with quality services;
- Maintain your contact details; and
- Maintain our share register.
CRC generally holds personal information relating to:
- The services CRC provides or has provided to you;
- Details of your key personnel; and
- Personal identifiers where appropriate, such as your name, contact details, gender, role/position and bank account details, etc.
Collecting and holding this information is necessary for CRC to provide you with the respective services or information you require. If you do not provide the personal information requested, we may not be able to process a request, provide services to you, or provide you with information about our services.
The Principles require that sensitive information is only used and disclosed for the purposes for which it was provided, or for a directly related secondary purpose, unless you agree otherwise or for other specific reasons such as if the use or disclosure of this information is required by law or to prevent a serious and imminent threat to life or health of an individual.
CRC generally does not collect sensitive information about you, and will only do so if it is required by law and you have consented to the collection of this information.
How CRC Collects Your Personal Information
When collecting, using or disclosing personal information, CRC will take such steps as are reasonable in the circumstances to ensure that the information is accurate, up-to-date and complete. We may collect personal information from you when you submit your interest in, or complete a request for proposal or services, request for further information, engage in a transaction that involves CRC (or a related body corporate), speak to us on the telephone, provide your business card to us, or provide us with any information or other material about yourself or your business.
We may receive information about you from third parties that you have authorised us to deal with. This could be a financial adviser, broker, an accountant or other representative, such as your solicitor.
Collecting Personal Information
CRC will only collect personal information in a lawful and fair manner. Wherever possible, personal information will be collected directly from the individual, unless it is unreasonable or impracticable to do so. Sensitive information (e.g. Tax File Numbers and Bank Account Details) will only be collected where the individual consents to the collection of that information.
Receiving Unsolicited Personal Information
- that the unsolicited personal information has been collected;
- of the circumstances of that collection; and
If the personal information could not have been collected by CRC, it will destroy the information or ensure that the information is de-identified.
For what purposes do we use personal information?
CRC only collects, holds and uses personal information for the primary purpose it was provided, a related purpose or as required or permitted by law. This includes:
- providing you with information you have requested;
- to establish, maintain or administer your investment in CRC;
- to provide market commentary, information services that may be of interest, and marketing;
- to comply with our legal obligations including, but not limited to, record-keeping, reporting, tax withholding, and client identification requirements under applicable Australian laws which may include the following legislation: Corporations Act 2001 (Cth), Income Tax Assessment Act 2006 (Cth), and the Privacy Act 1988 (Cth); and
- communicating with investors and shareholders regarding the status of their investments in CRC, responding to your enquiries and information requests;
- processing dividend payments; and
- any other uses identified at the time of collecting your personal information.
Where CRC collects an individual’s personal information for a particular purpose (i.e. the primary purpose), it will not use that information for another purpose (i.e. a secondary purpose) unless the individual has consented to the use or disclosure of that information or:
- it would be reasonably expected that the information would be disclosed for a secondary purpose which is related to the primary purpose (and in relation to sensitive information for a secondary purpose which is directly related to the primary purpose); or
- the use or disclosure of the information is legally required, specifically authorised by the APPs or reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
Disclosing Your Information
We may be required by law to disclose personal information. For instance, we may be required to provide details to:
- Australian Government regulators such as the Australian Securities and Investments Commission (ASIC), Australian Tax Office (ATO), Australian Transaction Reports and Analysis Centre (AUSTRAC) and to other regulatory or government entities;
- as required by a court order;
- to other regulatory or governmental entities; and
- your spouse in accordance with the Family Law Act requirements.
With consent, CRC will disclose your personal information to an accountant, financial consultant or other person or organisation you nominate.
How CRC Holds and Protects Your Personal Information
CRC will ensure that in relation to any personal information it holds that it will take such steps as are reasonable in the circumstances to protect the information from:
- misuse, interference and loss; and
- unauthorised access, modification or disclosure.
If other organisations provide support services, CRC requires them to appropriately safeguard the privacy of the information provided to them.
If CRC holds information which it no longer needs (for any purpose for which the information may be used or disclosed) or it is no longer required to keep, it will take such steps as are reasonable in the circumstance to destroy the information or to ensure that the information is de-identified.
Access to & correction of information
You may request access to any personal information we hold about you. Generally, you can request CRC to correct any personal information it holds about you, however, this is subject to some exceptions allowed under the Privacy laws:
- if access to the information would pose a serious threat to the life or health of an individual, or to public health or public safety;
- if access to the information would have an unreasonable impact on the privacy of others;
- if the request is frivolous or vexatious;
- if the information relates to a commercially sensitive decision making process;
- if providing access would be unlawful;
- if access would prejudice enforcement activities relating to criminal activities and other breaches of revenue, or a security function;
- if there are legal proceedings and the information would not be accessible through discovery in those proceedings;
- where a third party has given us health information about you in confidence;
- denying access is required or authorised by or under law.
If access is denied and CRC relies on one of the exceptions or is unable to provide the personal information in the manner requested, it will take such steps (if any) as are reasonable in the circumstances to give access in a way that meets the needs of both yourself and CRC and it will provide a written notice setting out:
- the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
- the mechanisms available to complain about the refusal; and
- any other relevant matter.
Having regard to the purpose for which the personal information is held, if upon receiving a request from you, CRC is satisfied that the information is inaccurate, out of date or incomplete, we will take such steps as are necessary to correct that information.
If CRC refuses or is otherwise unable to correct your personal information it will provide a written notice to the individual setting out:
- the reasons for the refusal except to the extent that it would be unreasonable to do so;
- the mechanisms available to complain about the refusal; and
- any other relevant matter.
How to contact us
Clinical Research Corporation Pty Ltd
Level 7, 222 Clarence Street
Sydney NSW 2000
Privacy Officer, (02) 8239 5400
All complaints will be handled in accordance with the APPs and CRC’s Complaints Policy. If you are not satisfied with the outcome of your complaint, you can refer the matter to external dispute resolution or contact the Australian Privacy Commissioner through www.oaic.gov.au to discuss your concerns.