Privacy policy

The last update to this document was 25 November 2024.

Introduction

Coral Healthcare Pty Ltd ACN 75 140 734 783 (Coral Healthcare, we, us, our) is committed to complying with applicable privacy laws in relation to the personal information that we collect in the course of running our business.  Our brands include ‘Coral Healthcare’ and ‘Moments Condoms’.

Please take a moment to read our Privacy Policy as it explains:

• how we collect and handle personal information; and
• your rights in relation to any of your personal information that we hold about you.

Where applicable privacy laws provide for exceptions or exemptions, we may rely on those exceptions or exemptions in our information handling practices.

This Privacy Policy (other than section 11) explains how we manage personal information about individuals other than employees.  Section 11 explains the position of employees.

Key definitions

In this document:

• "APPs" means the Australia Privacy Principles set out in the Privacy Act;
• "personal information" has the meaning set out in the Privacy Act, and (in summary) means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or otherwise;
• "Privacy Act" means the Privacy Act 1988 (Cth); and
• "sensitive information" has the meaning set out in the Privacy Act, and includes certain specific types of personal information such as health information, and information about a person's racial or ethnic origin, sexual orientation or practices, criminal record, religious beliefs or affiliations, political opinions, membership of a political, professional or trade association, and biometric and genetic information.

1. 1. How we collect your personal information

   We will collect and hold your personal information in a fair and lawful manner, and not in an intrusive way.  

   Some of the common ways in which we may receive personal information directly from you include:

   • when you make an inquiry or order in relation to goods or services, including through our websites, including those located at www.coralhealthcare.com.au and www.momentscondoms.com.au  (each a Website);
   • when you enter into contracts with us for our goods or services;
   • when we administer and perform any contracts with service providers;
   • when you apply for a role with us;
   • from correspondence (whether in writing or electronically) or when you contact us via telephone, e-mail or other means;
   • when you upload content to or interact (in an identifiable manner) with our Website or our social media pages;
   • through our mobile applications, if any (apps);
   • when you participate in our customer satisfaction and market research surveys;
   • if you attend any of our premises, we may record certain contact details so that we can comply with applicable laws, and we may also record your image and/or voice if we have surveillance systems operating at those premises;
   • when administering any of our services; and
   • as otherwise required to manage our business.

   Where it is reasonably practical to do so, we will collect your personal information directly from you.  However, in certain cases we may collect personal information from publicly available sources and third parties, such as:

   • our suppliers, contractors, clients and business partners; and
   • if you are applying for a role with us, recruitment agencies, your employers, referees, government bodies (e.g. police checks, if required), academic and professional bodies (e.g. to validate details and currency of your qualifications).

   If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.

2. 2. Types of personal information we collect

   The types of personal information we collect about you depends on the circumstances in which the information is collected.  

   Typically, the types of personal information we may collect can include (but is not limited to) your name, address, email address and phone numbers.

   If we you request or purchase goods or services from us or have any other commercial dealings with us, we may also collect additional information such as your payment and billing information and (depending on the circumstances) your signature, date of birth, credit card and /or banking details.

   If you are an individual contractor to us or apply for a role with us, we may also collect information relevant to your engagement with us including qualifications, length of engagement, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of your usage of our equipment (e.g. phones, computers and vehicles).

   If we need to verify your identity, we may ask to see a copy of appropriate identification (and, if reasonably necessary, take a copy of that identification).

   If you access our Websites or if you download and access any of our apps, we may:

   • utilise cookies to collect additional information about your use of our Website and apps, such as your internet protocol (IP) address, device information, browser information, and details on your usage.  Please see section 7 of this Privacy Policy; and
   • if you have provided us with permission to access your device location when using our Website or app, we may collect information about your geographical location.  

   If we communicate with you by email, we may use technology to identify you so that it will be in position to know when you have opened the email or clicked on a link in the email.  See section 6.4 of this Privacy Policy for further details.

   If you attend a premises we operate or manage, we may:

   • collect certain contact details that you provide to us (which may be via digital check-in apps), including the date and time of attendance, including so that we can comply with applicable laws (such as public health directives).  If we collect such information to comply with a particular law, we will only use and disclose it in accordance with applicable laws; and
   • record your image and/or voice through the use of Closed-Circuit Television (CCTV) systems for the purposes of managing security of the premises and health and safety of occupants and the public generally.

   We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act.

   If you do provide sensitive information to us for any reason (for example, if you provide us with information about a health condition or disability you have), you consent to us collecting that information and to us using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Privacy Act and other relevant laws.

   In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law.

   Where you do not wish to provide us with your personal information, we may not be able to provide you with requested goods or services and/or certain functionality of our Websites and apps.

3. 3. Our purposes for handling your personal information

   As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances.  The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it.  Whenever practical we endeavour to inform you why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.

   We may use or disclose your personal information:

   • for the purposes for which we collected it (and related purposes which would be reasonably expected by you);
   • for other purposes to which you have consented; and
   • as otherwise authorised or required by law.

   In general we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations.

   Some of the specific purposes for which we collect, hold, use and disclose personal information are as follows:

   • to provide you with our goods and services;
   • to receive goods or services from you;
   • to consider you for a role (whether as an employee or contractor) or other professional / business relationship with us;
   • to provide you with tax invoices for our goods and services and, if you have ordered goods from us, dispatch and tracking information, returns and exchange authorisations;
   • to operate, monitor, develop and improve our Websites, mobile applications and our goods and services;
   • to verify your identity;
   • to optimise and customise the user experience (including content and advertising) for users of the Websites, mobile applications and services;
   • where you have provided us with access to your geographical location via our Website or any of our mobile applications, we use this information to better understand our customer base and to inform our marketing and advertising activities
   • to facilitate your entry and participation in a competition or trade promotion;
   • to protect the security and integrity of our Websites, apps and services;
   • to contact you (directly or through our service providers and marketing research agencies) to obtain your feedback and to find out your level of satisfaction with our goods and services;
   • to comply with our legal and regulatory obligations;
   • to protect the security, health and safety of our premises, facilities, personnel and visitors;
   • to address any issues or complaints that we or you have regarding our relationship; and
   • to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.
   
   
4. 4. Who we disclose your personal information to

   We may disclose your personal information to third parties in connection with the purposes described in section 3 of this Privacy Policy.  This may include disclosing your personal information to the following types of third parties:

   • our suppliers, contractors and organisations that provide us with technical and support services or who manage some of our business functions;
   • our related entities (who may use and disclose the information in the same manner we can);
   • our accountants, insurers, lawyers, auditors and other professional advisers;
   • any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
   • in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors; and
   • debt collection agencies.

   We may also disclose your personal information in accordance with any consent you give or where disclosure is authorised, compelled or permitted by law.

   If we disclose information to a third party who is handling it on our behalf, we generally require that the third party protect your information to the same extent that we do.

   If you post information to certain public parts of our Website or to our social media pages, you acknowledge that such information may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.

5. 5. Storage and protection of personal information

   We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers.  We use a range of security measures to protect the personal information we hold, including by implementing IT security tools to protect our electronic databases.

   We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.  We may need to retain records containing personal information to comply with record keeping obligations, and for other legitimate business purposes (such as quality assurance).

6. 6. Our marketing and advertising activities

   6.1        Overview

   Like most businesses, marketing and advertising is important to our continued success.  We therefore like to stay in touch with customers and let them know about new offers and opportunities.  

   We may provide you with information and advertisements about products, services and promotions either from us, or from third parties which may be of interest to you, where:

   • you have asked us to (or have otherwise consented to us doing so); or
   • it is otherwise permitted by law.

   6.2        Direct marketing

   We conduct direct marketing through various channels, including over the phone and by e-mail, SMS and post.

   If you would like us to stop sending you direct marketing communications, you can request this by contacting our Privacy Officer (see contact details in section 12 of this Privacy Policy).

   Please note that there are certain types of communications that you may not be able to opt-out from, such as communications that we are required or permitted by law to send you.

   6.3        E-mail analytics

   Like many organisations, we use e-mail analytics to track and measure the success of our e-mail newsletters, fundraising e-mails and other e-mail campaigns.

   We use various technologies (such as tracking pixels) to collect information such as: which of our emails you have opened, which links you have clicked, which email client you are using, whether you opened our e-mail on a computer or mobile device, and the geolocation of your IP address.  We use this data to analyse and improve the performance of our e-mail campaigns.

   6.4        Internet advertising

   We may also use your information with online targeted advertising services that help our ads to reach you (and other people who may be interested in our products and services) on websites, apps and social media platforms across the Internet.  These online targeted advertising services are operated by third party vendors.  The advertising service providers that we may use include Facebook (which also operates Instagram), Google (which also operates YouTube) and LinkedIn.

   Some of these services work by using non-identifying data about your behaviour and demographics that has been collected through cookies and other tracking technologies (such as pixels and device identifiers) when you use the Internet, including when you move between different websites and apps and use different devices.  For example, third-party vendors, such as Google, may use cookies and/or device identifiers to serve ads based on your past visits to our websites.  Your browser or device may provide you with the option to disable or opt-out of some of these cookies and other tracking technologies (such as device identifiers).

   Other services require us to use limited amounts of your personal information.  For example, we may include your information in a customer list that we provide to selected online advertising service providers (such as Facebook, LinkedIn and Google) so that we can conduct audience-based advertising.  This allows us to show our ads to you (if you also use those platforms) and to other users of those platforms who share similar characteristics with you.  The customer list is usually hashed (to improve security and confidentiality) before it’s processed by the service provider to target and serve our ads.

   Our online advertising service providers also help us by measuring the effectiveness of our ad campaigns and providing us with analytics data that we use to inform and optimise our ad campaigns.  The analytics data we receive is generally aggregated and non-identifying.

   When we use any advertising service that requires us to use or disclose your personal information, we will only do so if we are permitted to do so by applicable privacy laws.  You can notify us at any time if you would like us to stop using your personal information for these targeted advertising purposes. Our contact details are set out in section 12 of this Privacy Policy.

   You can also:

   • Opt-out of certain online targeted advertising networks directly by visiting:
   • the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/; and
   • the Network Advertising Initiative’s opt-out page: http://www.networkadvertising.org/managing/opt_out.asp 
   • Use Facebook’s settings you to manage the types of advertising you are shown: https://www.facebook.com/settings/?tab=ads 
   • Use Google’s settings to manage your ad preferences and opt-out of Google’s use of cookies and device identifiers: http://www.google.com/settings/ads.
   • Use LinkedIn provides settings to manage your ad preferences and control data collected about you: https://www.linkedin.com/psettings/advertising.
   
   
7. 7. Cookies

   A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time.  We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing our Websites.  This information will help us to better adapt our Websites to suit personal requirements.  While cookies allow a computer to be identified, they do not permit any reference to a specific individual.  For information on cookie settings of your internet browser, please refer to your browser’s manual.

   As described in section 6.4 of this Privacy Policy, we may use third party vendors to show our ads on sites on the Internet and serve these ads based on a user’s prior visits to our Websites and other internet activity.  We may also use analytics data supplied by these vendors to inform and optimise our ad campaigns based on your prior visits to our Websites.

8. 8. Social media platforms

   We use social media platforms such as Instagram, Facebook, TikTok, YouTube, Twitter and LinkedIn to communicate with the public about our services and businesses.  We may collect the information that you choose to share with us through these platforms, including photos, videos and comments and posts.

   These social media platforms have their own privacy policies and may handle your information for their own purposes.  You can access the privacy policies for these platforms on their websites.

   If you choose to use these social media platforms to communicate with us or with other users, please be mindful that certain pages within these platforms may be publicly available.  We encourage you to use the privacy settings available on each platform.  If you would like to contact us directly, you can do so using the contact details in section 13.

9. 9. Accessing and correcting your personal information

   You may contact our Privacy Officer (see section 13) to request access to the personal information that we hold about you and/or to make corrections to that information, at any time.  On the rare occasions when we refuse access (which we will only do in accordance with applicable laws), we will provide you with a written notice stating our reasons for refusing access.  We may seek to recover from you reasonable costs incurred for providing you with access to the personal information we hold about you.

   We are not obliged to correct any of your personal information if we do not agree that it requires correction and may refuse to do so.  If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing.

   We will respond to all requests for access to or correction of personal information within a reasonable time.

10. 10. Overseas transfers of personal information

    We do not generally disclose personal information to recipients located outside Australia.

    If we do transfer personal information outside of Australia, we will do so in accordance with the requirements of applicable privacy and data protection laws.

11. 11. Employees

    We collect information in relation to employees as part of their job application and during the course of their employment, either from the employee directly or, in some cases, from third parties such as recruitment agencies, referees, government bodies (e.g. police checks, if required) and academic and professional bodies (e.g. to validate details and currency of qualifications). 

    The information we collect may include contact details, qualifications, resume, current and former employment details, pay rate and salary, bank details, feedback from supervisors, training records and logs of the employee’s usage of our equipment (e.g. phones, computers and vehicles).

    We may also collect details of disabilities, allergies and health issues that may impact the employee’s role, or which arise while on our premises or in the performance of the employee’s duties, so we can accommodate and otherwise assist the employee with any such health requirements or incidents.

    Under the Privacy Act, personal information about a current or former employee may be held, used or disclosed in any way that is directly connected to the employment relationship.  We handle employee information in accordance with legal requirements and our applicable policies in force from time to time.

12. 12. Resolving personal information concerns

    If you have any questions, concerns or complaints about this Privacy Policy or how we handle your personal information, including if you believe we have breached the APPs, please contact our Privacy Officer (see section 13).

    When contacting us please provide as much detail as possible in relation to your question, concern or complaint.

    We take all complaints seriously and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

    If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:

    Office of the Australian Information Commissioner

    GPO Box 5218, Sydney  NSW  2001

    Telephone: 1300 363 992

    Email: enquiries@oaic.gov.au

13. 13. Contact details of Privacy Officer

    The contact details for our Privacy Officer are as follows:

    Postal address: PO Box 2480, Rowville, Victoria 3178, Australia

    Telephone: 1800 823 523

    Email: info@coralhealthcare.com.au

14. 14. Links

    Our Websites may contain links to other websites operated by third parties.  We make no representations or warranties in relation to privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website.  Third party websites are responsible for informing you about their own privacy practices and procedures.

15. 15. Changes

    We reserve the right to change the terms of this Privacy Policy from time to time, without notice to you.  An up-to-date copy of our Privacy Policy can be found on each of our Websites.