Privacy policy

This Privacy Policy applies to all personal information collected by Health and Balance Vitamins LLC t/a NOVUM via the website located at https://novumpcos.com/

1. Personal Information

1.1 The Privacy Act defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:

  • whether the information or opinion is true or not; and
  • whether the information or opinion is recorded in a material form or not.

1.2 If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “personal information” and will not be subject to this Privacy Policy.

1.3 Such personal information may include, but is not limited to:

  • names;
  • addresses;
  • social media details;
  • email addresses;
  • occupations; and
  • relationship details.

2. Collection of Your Personal Information

2.1 Personal information may be received and held by the Company either as a hard copy, paper, or a soft copy being electronic data, in any available form. In either case, the Company takes the security of personal information very seriously.

2.2 The Company may collect personal information from you whenever you input such information into the website.

2.3 The Company collects cookies from your computer which enable us to tell when you use the website and also to help customize your website experience. As a general rule, however, it is not possible to identify you personally from our use of cookies.

3. Purpose of Collection of Personal Information

3.1 All data is processed by the business on a lawful basis. The purposes for which we collect, hold, use, and disclose personal information are:

  • to offer our products and services to our clients. In doing so, we may disclose personal information to other people or entities involved in the provision of the product or service, such as government departments and individuals. Unless compelled by law, we will never disclose personal information without the client’s knowledge and consent;
  • to facilitate our internal and external administrative processes, including financial and business operations and reporting requirements;
  • to obtain, maintain, and comply with the terms of our professional indemnity and other insurance policies; and
  • to comply with applicable laws.

4. Access and Correction of Personal Information

4.1 The Client can contact the Company to access, correct, or update their personal information pursuant to the Australian Privacy Principles 12 and 13. Unless the Company is subject to confidentiality obligations or some other restriction on giving access to the information and we are permitted to refuse you access under the Privacy Act, we will endeavor to make your information available to you within 30 days.

4.2 Examples of circumstances where we may refuse to give you access to your personal information include where:

  • Giving access would be unlawful;
  • Giving access would have an unreasonable impact on the privacy of others; and
  • Giving access could prejudice the taking of appropriate action in relation to unlawful activity.

4.3 Clients will be formally identified prior to the Company releasing or amending any personal information.

5. Disclosure of Personal Information Outside Australia

5.1 Your personal information will not be disclosed to recipients outside Australia unless you expressly request us to do so. If you request us to transfer your personal information to an overseas recipient, the overseas recipient will not be required to comply with the Australian Privacy Principles, and we will not be liable for any mishandling of your information in such circumstances.

6. Security

6.1 The Company takes reasonable physical, technical, and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification, and disclosure.

7. Complaints Procedure/Contact Us

7.1 If you have a complaint concerning the manner in which we maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by the Company, and we may seek further information from you to clarify your concerns. If we agree that your complaint is well-founded, we will, in consultation with you, take appropriate steps to rectify the problem.

7.2 If a breach of this Privacy Policy occurs, a complaint may be made to us by sending it to:

  • support@novumpcos.com
  • 7.3 We will endeavor to respond to any complaint within 30 days. If you remain dissatisfied with the outcome, you may seek a review by contacting the Office of the Australian Information Commissioner using the information available at http://www.oaic.gov.au/privacy/privacy-complaints.

8. Data Breaches

8.1 All staff are responsible for protecting the confidentiality of client information and business information. Refer any data breaches, or suspected data breaches, to the customer services team as soon as possible.

8.2 An eligible data breach, defined in s 26WE(2) of the Privacy Act, is when:

  • both of the following conditions are satisfied:
  • there is unauthorized access to, or unauthorized disclosure of, the information;
  • a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates; or
  • the information is lost in circumstances where:
  • unauthorised access to, or unauthorised disclosure of, the information is likely to occur; and
  • assuming that unauthorised access to, or unauthorised disclosure of, the information were to occur, a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates.

8.3 If the Company suspects there has been an eligible data breach, a reasonable and expeditious assessment will be conducted within 30 days.

8.4 If the Company believes or has reasonable grounds to believe there has been a breach, then a statement will be prepared setting out:

  • the business’s details;
  • a description of the breach;
  • the kind or kinds of information concerned; and
  • recommendations about the steps that we will take in response to it.

If practicable, we will advise the contents of the statement to each of the affected Clients who may be at risk from the breach. If this is not practicable, we will publish the statement on our website and take other reasonable steps to publicise its contents. Communications with individuals will be via their preferred communication method.

8.5 The statement will be submitted to the Privacy Commissioner.

9. Exception to Reporting

9.1 Mandatory notification requirements are waived if remedial action can be taken that results in a reasonable person concluding that the access or disclosure is not likely to result in serious harm to any of those individuals.