Nyrada, Inc, and its subsidiaries, Norbio (No. 1) Pty Ltd (ACN 619956 722), Norbio (No. 2) Pty Ltd (ACN 619 956 973) and Cardio Therapeutics Pty Ltd (ACN 167 825 201) (collectively referred to as the Nyrada Group) are committed to managing personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and in accordance with other applicable privacy laws.
- WHAT INFORMATION DO WE COLLECT AND WHEN IS THE INFORMATION COLLECTED?
We collect personal information to provide the Services and for our business operations. If you choose not to provide the information we request from you, we may not be able to provide you with the services you require. We describe the main types of personal information we collect and the main reasons why we collect that information below.
Registration Information. If you register for or acquire a Service, for example, if you subscribe to our mailing list, the information collected may include your name and email address.
Shareholder information. If you are a shareholder, we may collect your name, address, information about your shareholding, banking details and your Tax File Number for the payment of dividends. This information may be collected from you, your representative or our share registry service provider.
- we hold about you once you become an employee; or
- we keep after your employment relationship with us ends,
where that collection, use or disclosure relates to your employment relationship with us and the records we hold about you as an employee.
Supplier information. We also collect personal information about our suppliers’ key contacts. Information collected may include names, job titles and contact details of key contacts at our suppliers.
You can use the settings in your browser to control how your browser deals with cookies. However, in doing so, you may be unable to access certain pages or content on our websites.
Information from Other Sources. We may supplement the information we collect about you with information from other sources, including:
- If you are a shareholder, as stated above, we may collect your personal information from your representative or our share registry service provider.
- If you are a job applicant, we may collect your personal information from a recruiter, your previous employers or referees you have provided.
Information may also be collected from publicly available sources (such as other published content) and data providers, as well as information from our business partners or related and affiliated companies in Australia or internationally.
- HOW DO WE USE YOUR INFORMATION?
We use the information we collect about you to provide the Services to you. We may use your personal information to:
- communicate with, and comply with our legal obligations to, our shareholders and to process payments to them;
- fulfil administrative functions associated with the Services and for internal business purposes;
- enter into contracts with you or third parties;
- measure and improve the Services and their individual features;
- improve your experience by delivering content we think you will find relevant, helpful or interesting; and
- respond to your enquiries.
When we collect your information, we may explain that we will use and disclose your information in other ways.
We may also remove certain information or alter the information we collect about you so you can no longer be identified from that information. We may do this so that we can use it or disclose it to third parties for other purposes.
We also use the information we collect about you for the following additional purposes:
Research and data analysis. We may also use your information for research and data analysis to improve the Services. We may do this research or engage a service provider to do so.
To allow service and content providers to assist us in providing and managing the Services. We may make your information available to certain third party service and content providers who help us manage or provide the Services or provide us with related services. This might include our share registry service provider, as well as providers of cloud services, website hosting service providers and direct marketing service providers. These third parties are usually located in Australia. Our agreements with these third party providers require them not to use your information except for the purpose for which your information was provided. We also require them to comply with relevant privacy laws and to reasonably protect your information.
To contact you. From time to time, we may send you promotional materials or other information which we think may interest you.
To protect the rights of the Nyrada Group and others. We may share your information with other third parties where we are lawfully entitled or legally required to do so. This includes when we have a reasonable basis to believe that sharing your information is necessary to:
- protect the safety, privacy, and security of users of the Services or members of the public;
- protect against fraud or for risk management purposes;
- comply with the law or legal process in any country; or
- respond to requests from public and government authorities.
To complete a merger or sale of assets. If we sell all or part of our business or assets, we may disclose your information to the party or parties involved in the sale transaction. We may also do this if we are involved in a merger or transfer of all or a material part of our business. We may disclose your information prior to the sale, transfer or merger so that the party or parties involved can consider the transaction and complete any due diligence.
- HOW DO WE KEEP YOUR INFORMATION?
We may store your information in hard copy or electronic format and keep it in storage facilities that we own and operate ourselves or that are owned and operated by service providers.
- HOW DO WE PROTECT YOUR INFORMATION?
We use reasonable measures to safeguard the personal information we hold about you from loss, theft and unauthorised use, disclosure or modification, including:
System security. We take reasonable steps to prevent unauthorised access to our online and computerised systems by using measures such as firewalls, data encryption, virus detection methods, and password restricted access.
Third parties. We take reasonable steps to ensure that third parties who store or assist us to store your personal information adopt appropriate security measures.
Periodic Reviews. We undertake periodic reviews of our security precautions and this Policy and take reasonable steps to ensure that our Policy remains compliant with relevant policies and practices.
We take reasonable steps to destroy or permanently de-identify your personal information if it is no longer needed for any purpose for which it may be used or disclosed, except in circumstances where we are required or authorised to retain this personal information (including as a result of the operation of tax, financial services or other applicable law).
- HOW CAN YOU ACCESS OR CORRECT YOUR INFORMATION?
If you would like to access, review, correct or update your personal information, you may contact us (see Section 8). When you contact us, please provide your name and contact details (including your full name, email address, address, and telephone number) and specify clearly what information you would like to access, review, correct or update. We will try to respond to your request as soon as reasonably practicable and ordinarily within 30 days of receiving your request.
We may decline your request to access or correct your personal information in certain circumstances in accordance with the Australian Privacy Principles. If we do refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.
- OTHER IMPORTANT INFORMATION FOR YOU
Location of Data. Our Services are hosted or managed in Australia.
The inclusion of links to third party websites on our websites in no way constitutes an endorsement of such website’s content, actions or policies. These linked sites are for your convenience and you access them at your own risk.
Complaints. If you think we have breached the Privacy Act 1988 (Cth) or other applicable privacy laws, you can contact us (see Section 8) to make a complaint. When you contact us, please include your name and contact details (including your email address, address, and telephone number) and clearly describe your complaint. We will contact you within 7 days to let you know the next steps in resolving your complaint and to obtain any further information we need to consider your complaint. As soon as reasonably practicable and in any event within 30 days, we will let you know our decision. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (www.oaic.gov.au).
- HOW YOU CAN CONTACT US
Mail: Privacy Officer, Nyrada Inc, Suite 2, Level 3, 828 Pacific Highway, Gordon. NSW 2072. AUSTRALIA
Email: +61 2 9498 3390
- EU GENERAL DATA PROTECTION REGULATION
If you are located in the EU, you have the following additional rights:
- The right to information – you can request confirmation about the following: whether your personal information is being processed by us; the purpose of processing; the categories of personal information which are processed; the recipients (or types of recipients) who may receive the personal information; the anticipated retention period of the personal information; and your rights to rectification, erasure, to restrict (or object) to processing and to lodge a complaint with a data protection supervisory authority.
- The right to object to our processing of your personal information for (i) direct marketing purposes; (ii) for scientific, historical research or statistical purposes; or (iii) where our processing is based on legitimate interest grounds or because it is in the public’s interest. However, there may be some circumstances where we are not required to stop processing your personal information. If this is the case, we will provide you with a written explanation.
- The right to erasure – you can request us to erase your personal information where it is no longer required for a purpose for which it was collected or where, for example, you have exercised successfully your right to object to processing. However, where there are legal or other reasons for us to retain your personal information, we will provide you with a written explanation.
- The right to restrict processing – in some circumstances, you can request us to restrict our use of your personal information in which case we will not use or disclose your personal information while it is restricted.
- The right to data portability – you can request us to provide you with a copy of the personal information you have provided to us. We are required to provide it to you in an electronic format that can be reused easily. You can also request us to transfer your personal information in an electronic format to another entity.
You can exercise any of these rights by contacting us using the contact details above.
You also have the right to:
- access your personal information and request the rectification of your personal information (see Section 6 above); and
- lodge a complaint with a data protection authority if you are unhappy with the outcome of a privacy complaint. The “Complaints” section above explains our complaints handling process. A list of EU data protection authorities is available at https://ec.europa.eu/.