This website, www.aftpharm.com/nz-en (“Website”) is operated by AFT Pharmaceuticals Ltd and its affiliated entities (referred to on the Website as “AFT”, “we”, “our” or “us”). AFT is a publicly listed company registered in New Zealand under company number 9429038010415 and we have our registered office at Level 1, Nielsen Centre, 129 Hurstmere Road, Takapuna, Auckland, New Zealand 0622.
We have developed this privacy policy to inform you of the personal information we collect via or in association with the Website, what we do with your personal information, what we do to keep that data secure as well as the rights and choices you have over your personal information.
Throughout this policy, we refer to Data Protection Legislation which means the“Privacy Act 2020”and any subsequent or amending legislation. This includes any replacement legislation coming into effect from time to time.
We also refer to personal information, which means information that identifies you or can reasonably be used to identify you.
You do not have to provide any personal information to AFT. However, without certain data, AFT may not be able to provide products, services or information to you or may be limited in how we interact with you.
What Personal information do we Collect and When?
The type of personal information that we will collect from you, and you voluntarily provide to us on the Website will vary depending on our particular interaction or engagement with you. The kinds of personal information AFT may collect and hold about you may include some or all of the following depending on the type of user you are:
| Storage Type | What we Store |
| User-Generated Content/Data | Name, Email Address, Free Format Text (Subject and Message for “Contact us” submission including any information about complaints, feedback, testimonials and preferences) |
| Website Usage Data | IP Address, Browser Type and Version, Operating System, Device Information (e.g., device type, screen resolution), Date and Time of Website Visits, Pages Visited on the Website, Clickstream Data (User’s navigational path) |
| Cookies and Tracking Data | Cookies (e.g., session cookies, persistent cookies), User Tracking Information (for analytics and personalisation) |
AFT may also hold other kinds of personal information as permitted or required by law or other kinds of personal information that AFT notifies you of at or about the time of collection. This may include (but is not limited to):
- Payment information, such as credit or debit card details and transaction details
- Residential and delivery address
- Age, date of birth or gender
In some cases, AFT may also be required to collect sensitive information from you to the extent that it is reasonably necessary to provide our products or services, including health information (such as information about reactions and conditions or medications you have taken). If we do need to collect sensitive information about you, we will only do so with your consent or where we are required to do so by law.
If you are a health professional, we may also collect information about your professional details, practice areas and specialities, membership of associations, or dealings with us in respect of enquiries, reactions or other events, trial involvement or otherwise.
Why and How We Use and (in limited cases) Disclose Your Personal information
Personal information collated and held by or on behalf of AFT will or may be used for a variety of purposes, depending on the circumstances in which it was collected. These include communicating with you, providing a product or service you have requested, managing and complying with our legal requirements, facilitating product recalls and compliance, direct marketing, and to enable your participation in activities. These include the following:
When you use our website “Contact Us” submission form
When you make an enquiry on our website using the “Contact Us” section, we will use your name, email address, phone number, and any other information provided to contact you about, and manage your enquiry (including by providing services or information you may have requested).
If your enquiry relates to an adverse reaction to any product, we will hold and manage your information in order to meet our legal requirements and may disclose information to any relevant regulators to the extent we are legally required to do so. Wherever possible, and legally permitted, we will take steps to anonymise any information before it is transferred.
To Operate, Improve and Maintain our Business, Products, and Services
We use the personal information you provide to us to operate our business. For example, when you make a purchase, we use that information for accounting, audits, and other internal functions.
We may also use personal information about how you use our Website to enhance your user experience and to help us diagnose technical and service problems and administer our platform.
To Protect Our or Others’ Rights, Property, or Safety
We may also use personal information about how you use our Website and platform, to prevent, detect, or investigate fraud, abuse, illegal use, violations of our Terms of Use, and to comply with court orders, governmental requests, or applicable law. Information collected may also be used to facilitate and manage product recalls or product withdrawals.
Using Your Personal information: The Lawful Basis
To use, process and (in limited cases), disclose your personal information, we rely on certain lawful bases, depending on how you interact with our website, platform, or services. If we do use, process or (in limited cases) disclose your personal information, we may use one or more of the following lawful bases for processing:
The purpose for which the information is to be used is directly related to the purpose in connection with which the information was obtained, including:
- To recover outstanding proceeds from you (where applicable).
Because you have consented to or authorised that use, processing or disclosure, including:
- As set out in this policy
As necessary for our own legitimate interests or those of other persons and organisations, including:
- To provide our business or perform the services or provide the products you have requested
- For market research, analysis, and developing statistics
- To ensure the security of our website
As necessary to comply with a legal obligation, including:
- When you or any of your related persons exercise available rights under data protection law and make requests
- For compliance with legal and regulatory requirements (including, where relevant, in relation to product recalls and related requirements) and related disclosures
- For the establishment and defence of legal rights and for the conduct of proceedings
Sharing of Your Personal information
We do not sell your personal information.
We may share your personal information with other organisations in the following circumstances:
- We use data processors who are third parties who provide elements of services for us, such as cloud service providers and payment processing platforms. We have Data Processing Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processing Agreement. They will hold your personal information securely and retain it for the period we instruct. For more information about the third parties we work with, please refer to the “Third-Party Processors and Service Providers” subheading of this policy.
- AFT entities for the purposes and under the conditions outlined above. This includes our subsidiaries, related companies and affiliated companies.
Our Website contains links to websites owned and operated by third parties. If you use these links, you leave our Website. These links are provided for your information and convenience only and are not an endorsement by AFTof the content of such linked websites or third parties. AFT has no control over the contents of any linked website and is not responsible for these websites or their content or availability.
Cookies
We use cookies on our Website, which are small text files stored on your device. Using cookies is a way for us to make sure that our Website is continuously improved, meets your needs and can be used as a tool to optimise our marketing strategy. For us to do this, we place functional cookies to make the Website function as well as marketing cookies which help us target the right people and show them advertisements. Some of these cookies track your use of our Website and visits to other websites and allow us to show you advertisements when you browse other websites.
Please view our Cookie Policy for more information on our use of cookies.
Rights under Data Protection Law
The Right to be Informed about our Collection and Use of Personal information
You have the right to be informed about the collection and use of your personal information. We ensure we do this with our internal data protection policies and through this Privacy Policy. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.
Right to Access Your Personal Information
You have the right to access the personal information that we hold about you in many circumstances, by making a request. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 1 month from when your identity has been confirmed.
We may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.
If you would like to exercise this right, please contact us as set out below.
Right to Correction Your Personal Information
If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you may also ask us to correct it. If it is reasonable in the circumstances for us to do so, we will make the requested change or correction, otherwise we’ll take reasonable steps to mark that information as having been subject to a change or correction request.
If you would like to exercise this right, please contact us as set out below.
For More Information About Your Data Protection Rights and Complaints
If you have a privacy related complaint, please contact us at the details below. We’ll do our best to resolve your complaint straight away and, in complex circumstances, investigate it for you.
You may also make a complaint to the Office of the Privacy Commissioner at any time about the way we use your information.
Third-Party Processors and Service Providers
Our partners and service providers may process personal information about you on our behalf as described below:
| Service | Description | ||
| Security Vendors | These trusted experts employ advanced cybersecurity measures, such as intrusion detection, threat monitoring, and malware scanning, to protect your personal information from unauthorised access and cyber threats. | ||
| Customer Support Providers | We work with dedicated customer support providers. They assist in addressing your queries, resolving issues by securely managing and accessing relevant customer data. | ||
| Content Delivery Networks (CDNs) | To optimise the speed and reliability of our online services, we rely on Content Delivery Networks (CDNs). CDNs efficiently deliver web content to you by strategically distributing it across global servers. Personal information is cached and served from the nearest server, reducing latency, and enhancing your overall experience. | ||
| Content Management Systems | To assist us in the creation, management, and design of our website. | ||
| Analytics and Advertising | To improve our products and provide you with relevant content and advertisements, we collaborate with analytics and advertising partners. They analyse user behaviour, preferences, and demographics to personalise your experience and deliver targeted ads. | ||
| Hosting Services | Providing the facilities needed to create and maintain our Website, as well as make it accessible through the internet. | ||
| Third Party | Service Provided | Description of Service | |
| Podcom | IT infrastructure and development services | Podcom offers managed IT support and development services for AFT Group. | |
| Fastly | Content Delivery Network and Web protection services | Fastly offers web efficiency and protection services for our platform. Fastly – Privacy Policy | |
| P29 | Website Management and Administration | P29 offer website design and management services for our product. Platform29 – Privacy Policy | |
| WordPress | Content Management | WordPress offers web content management systems. WordPress – Privacy Policy | |
How Long We Keep Your Personal Information
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Where the same record has to be kept for more than one purpose and there is a different retention period for each of those purposes, the record is kept for the longer period.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Security
We have in place appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. Platforms, systems, and facilities in which personal information is processed are protected by secure network architectures that contain firewalls and intrusion detection devices.
In addition, we limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
Where We Store Your Personal Information and International Data Transfers
The personal information that we hold about you will be stored in servers which are located in Australia. Personal information may also be stored in New Zealand and other countries, and shared with third-party service providers based in New Zealand or overseas. Please note that the data protection requirements and other laws of countries outside New Zealand may not be as comprehensive as the laws of this country.
Where we disclose your data outside New Zealand, we endeavour to ensure a similar degree of protection by using contracts which set out comparable safeguards to those that exist under New Zealand’s Privacy Act 2020 or otherwise by ensuring the recipient is subject to laws that provide a comparable level of protection to those in place in New Zealand.
Contact Us
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, or the way your personal data is processed, please contact us by one of the following means:
AFT Pharmaceuticals Ltd, FAO Data Protection Officer (DPO)
PO Box 33-203 Takapuna, Auckland 0740
Email: customer.service@aftpharm.com
Phone: (+64) 0800 423 874
Changes to our Privacy Policy
We may change, amend, replace or modify this Privacy Policy from time to time. We will tell you about a change in the policy by posting an updated policy on our Website. Any change we make applies from the date we post it on the Website. Please review our policy each time that you provide us with personal information.