SumaNurica Website – Privacy Policy

LP Biotech Holdings Pty Ltd (ACN 640 378 561) (SumaNurica / we / us) is committed to protecting your personal privacy. This privacy policy (Policy) describes how the SumaNurica group of companies – SumaNurica and its affiliates and other related entities – collects, uses and discloses personal information about you, how we protect this information, and the rights you may have in relation to this information. .

By visiting our websites, including https://www.sumanurica.com.au/  (Site), and/or using the features made available to you through the website, you consent to us collecting, holding, using and disclosing your personal information in accordance with this Policy.

 

1.     Personal Information we collect

‘Personal information’ is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.

We collect information about you and your interactions with us, for example, when you purchase or use any of our products or services, call us or visit our website. We collect information about you from a variety of sources, including directly (e.g., when you contact us, provide feedback, sign up for emails, enter a promotion operated by us, respond to a survey or purchase products), automatically, (e.g., data collected from cookies), and from other sources, including commercially available sources, such as providers of consumer insights.

Information we collect directly from you

The categories of information that we may collect directly from you include the following:

• Identifying information: such as your name, postal address, email address, mobile number and other similar identifiers;
• Demographic information: such as your gender and age;
• Commercial information: such as products or purchase history, other transactions, product preferences, or information provided through social media networks; and
• Payment information:such as your credit card or debit card details.

We do not collect any health or other sensitive information about you without your prior consent.

It is voluntary for you to provide personal information to us, however we may be unable to perform certain services or provide you with goods if you do not provide us with such information, and certain functionality on our website may not be available. 

Information we automatically collect about you

We (including our service providers acting on our behalf) and other third parties may collect information about you automatically through the use of cookies and similar technologies.

The categories of information we may collect via such technologies include:

• Identifying information: such as unique device identifiers, cookie numbers, IP addresses, and other persistent identifiers;
• Geolocation information: such as precise location collected from your mobile device or location information inferred from your IP address or other network information;
• Commercial information: such as products or subscriptions purchased, content downloaded from our sites, or other transaction histories; and
• Internet or other electronic network activity information: such as information regarding your interactions with our Site, and information about the software and hardware you use.

Further information regarding cookies is set out in section 6 below.

Information we collect from other sources

We may collect information from other sources. For example:

• Identifying information: such as email addresses from marketing services, data suppliers, and social media services;
• Demographic information: such as your gender or age provided by marketing companies, data supplementation services, social media services, and digital advertising companies; and
• Commercial information: such as information on your purchasing history,

(collectively, Personal Information).

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

 

2.     How we use the Personal Information that we collect

SumaNurica collects and uses the Personal Information to carry on our business and to be able to provide you with the best service. This includes:

• to respond to your questions or requests concerning our Site, our products or other services offered by SumaNurica;
• to fulfill the terms of any agreement you have with us;
• to fulfill your requests for our services and orders for products or otherwise complete a transaction with you;
• to manage your participation in surveys, contests or promotions;
• to send you promotional materials or other information that is likely to be of interest to you, including newsletters, updates, or other communications (although we hope you find our marketing communications of interest, you may opt out of receiving them by unsubscribing);
• to process your payment or gift card transactions; to improve or personalise your user experience, for example by assisting with product selection and responding to your inquiries;
• to protect our rights and interests;
• to comply with legal and/or regulatory requirements; and
• to manage and improve our business, for example, in developing new products and improving products, enhancing user experience and communication, improving internal functionality and understanding more about our customers and website visitors, how they use our Site and related trends and interests.

SMS Marketing Notifications

By subscribing to SumaNurica's text notifications, you agree to receive marketing text messages (e.g. promotions and cart reminders) from us about our products and services at the phone number you provided when you subscribed. SumaNurica's website uses cookies to help keep track of items you put into your shopping cart, including when you have abandoned your cart. This information is used to determine when to send cart reminder messages via SMS. Message frequency is recurring. Consent is not a condition of purchase. Message and data rates may apply. Reply STOP or click the unsubscribe link (where available) to opt-out. You understand and agree that attempting to opt-out by any means other than texting the opt-out commands above is not a reasonable means of opting out. The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties.

3.     How we share Personal Information with other parties

We do not sell your Personal Information for money, however in certain circumstances we may share your Personal Information with other entities to enable us to carry on our business. Such circumstances, include, providing Personal Information to:

• SumaNurica affiliates or other related entities;
• service providers and business partners, who have been engaged by SumaNurica (or an affiliate or related entity) to assist with providing you our services. These service providers or business partners may perform marketing services, analytic and insight services, ICT services (including hosting), tracking mechanism services, help us process or ship orders, support email and messaging services, support our online advertising efforts, help us learn about customer trends and interests, analyse information and provide software services;
• any person or organisation if we are required to do so by law, for example we may share your personal information with law enforcement agencies, courts, other government authorities or other third parties where we believe necessary to comply with a legal or regulatory obligation or as reasonably necessary to support lawful investigations or otherwise to protect our rights or the rights of you or any other party; and
• any person or organisation involved in a transaction, for example we may share your personal information with potential transaction partners, service providers, advisors, and other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell or transfer all or a portion of our assets or business.

Disclosure outside of Australia

Personal Information and other data that we collect  may be transferred to entities located outside of Australia, for example the United States, the European Union, the United Kingdom and China (including, for these purposes, the Special Administrative Regions of Hong Kong and Macau) for the purposes described in this Policy. The privacy laws in these countries may be different from, and less stringent than, those in Australia. By using this Site or by providing any Personal Information or other data to us, you expressly consent to such transfer.

 

4.     Third party links

From time to time our Site may contain links to third party sites. Such third party sites are not subject to this Policy and we are not responsible for the privacy practices of third parties. We recommend you make your own enquiries into any third party 

 

5.     Security

SumaNurica uses commercially reasonable physical, technical, and administrative security measures to reduce the risks of loss, interference and misuse and unauthorised access, disclosure, and alteration of the personal information we hold. Please be aware, however, that no security measures are perfect or impenetrable and you remain responsible for protecting your own security, for example by protecting your username and password.

Your Personal Information is held by us in electronic form and is stored on our own software systems or the software systems of our affiliates or related entities, services providers or business partners. Generally SumaNurica seeks to ensure that any person that has access to such Personal Information (for example, a SumaNurica employee or a service provider) is subject to confidentiality obligations. Further, when you provide us with payment information, for example a credit card number, this information is automatically encrypted using secure socket layer technology (SSL).

Once we no longer require your Personal Information for the purposes for which it was collected or can otherwise be used by us, we may securely destroy or deidentify your Personal Information.

 

6.     Cookies and IP Addresses

We use cookies on the Site. A cookie is a small text file that the Site may place on your device to store information. Most browsers are initially set up to accept cookies. As set out in Section 1 above, we may use cookies to analyse trends, administer our Sites, track traffic patterns, and gather demographic information. Additionally, we may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our Site for any of your future visits to the Site. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on the Site.

If you are concerned about having cookies on your computer or device, you can set your browser to refuse all cookies or to indicate when a cookie is being set, allowing you to decide whether to accept it. You can also delete cookies from your computer or device. However, if you choose to block or delete cookies, certain features of the Site may not operate correctly and you may have limited use of the Site.

We and our partners use cookies and similar technologies to collect information about your use of the website to help create reports and statistics on the performance of the website. Analytics cookies such as Google Analytics collect information such as your IP address, device type and operating system, referring URLs, location and pages visited. If you don’t want Google Analytics to be used in your browser, you can install the ‘Google Analytics Opt-Out Browser Add-On’, provided by Google.

7.     Access to and correction of your Personal Information

You may request access to or correction of the Personal Information that we hold about you by contacting us.  Our contact details are set out below in Section 8.  There are some circumstances in which we are not required to give you access to or correct your Personal Information.

We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the Personal Information we hold about you remains accurate, up to date and complete. 

 

8.     How to contact us

If you have any questions, comments or complaints regarding our Policy or the way in which we handle your Personal Information, please contact us at:

525 Collins Street Melbourne 3000, Level 42 South Tower, Melbourne Victoria 3141, Australia
service@sumanurica.com

 

We will treat any request, question or complaint received from you confidentially. SumaNurica aims to resolve all complaints as efficiently as possible, and in any event within 30 business days of receiving the request, question or complaint.

You may also contact the Office of the Australian Information Commissioner (www.oaic.gov.au) at any time in respect of any privacy issues or complaints.

 

 

9.     Changes to this Policy

We reserve the right to amend this Policy at any time. We will post all changes to this Policy on this website, so you should review the Policy periodically. Any such amendments to this Policy may apply to information we collect in the future as well as any information we obtained prior to such amendment.

This Policy was last updated June 2022.

 

10.  GDPR – European grounds for processing personal data

This section applies if you are based in the European Economic Area (EEA) during your interactions with us and sets out the additional information that we are required to provide to you under the GDPR.

Under European data protection law, use of personal information must be based on one of a number of legal grounds and we are required to set out the grounds in respect of each use. We can only process personal data when the processing is permitted by the specific legal ground set out in the law.

In the table below, we have set out the relevant grounds that apply to each purpose of data processing that is mentioned in this Privacy Statement. You can find an explanation of each of the legal grounds for use of personal information below.

Why do we process your Personal Information?	What is our legal basis for using your Personal Information?
To enable you to access and use our Site and applications (and to provide you information about the Site and our products and/or services).	●      We need to use your Personal Information to provide you with services that we have contractually agreed to provide you with or take steps to enter into a contract with you (Contract Performance), for example taking payment from you to provide you with our products; ●      we need to use your Personal Information for legitimate interests that we have as a business (we only use your Personal Information in a way that is proportionate and respects your privacy rights) (Legitimate Interest), for example to make the Site and products available to you.
To operate, protect, improve and optimise our Site and applications, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing.	●      Contract Performance; or ●      Legitimate Interest, for example to allow us to maintain and improve the quality of our services and products.
To send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you.	●      Contract Performance; ●      Legitimate Interest, for example to allow us to correspond with you in connection with our services; or ●      we need to use your Personal Information to comply with a relevant legal or regulatory obligation that we have (Legal Obligation).
To ensure website content is relevant, including ensuring that content from our websites is presented in the most effective manner for you and for your device.	●      Contract Performance; or ●      Legitimate Interest, for example to allow us to maintain and improve the quality of our services.
To send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting.	●      You have provided your consent for us to use your Personal Information (which can be withdrawn at any time) (Consent).
To administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners.	●      Consent
We may also combine the information that we collect and hold about you for the purposes of creating insights about you and customer segmentation.	●      Contract Performance; or ●      Legitimate Interest, for example to allow us to perform our obligations and provide services to you.
To comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties.	●      Contract Performance; ●      Legitimate Interest, for example to allow us to guard against fraud or other unlawful activity; or ●      Legal Obligation.

 

Other rights available under European Law

If you are based in the EEA during your interactions with us in addition to the rights outlined above, under certain conditions, you may have the right under the GDPR to ask us to:

• provide you with further details on how we use and process your personal information;
• delete personal information we no longer have grounds to process; and
• restrict how we process your personal information whilst we consider an inquiry you have raised.

In addition, under certain conditions, you have the right to:

• where processing is based on consent, withdraw the consent;
• lodge a complaint with a supervisory authority;
• object to any processing of personal information that we process on the “legitimate interests” or “public interests” grounds, unless our reasons for the underlying processing outweighs your interests, rights and freedoms; and
• object to direct marketing (including any profiling for such purposes) at any time.

You can exercise these rights by contacting us (please refer to the contact details in Section 8 of this Policy).

Retention period under GDPR

Our retention periods for personal data are based on business needs and legal requirements. We retain Personal Information for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. When personal data is no longer needed, we either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the data.

Disclosure of information outside the EEA

Where we transfer personal information from inside the EEA to outside the EEA, we may be required by law to take specific measures to safeguard the relevant personal information. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries which have not had these approvals, we will use appropriate safeguards to protect any personal information being transferred, such as EU Commission-approved model contractual clauses or binding corporate rules permitted by applicable legal requirements.