Effective: March 2021
SCOPE OF THIS NOTICE
Please read this privacy notice (“Notice”) carefully to understand our policies and practices regarding your Personal Data and how we will treat it. This Notice applies to individuals who interact with Nestlé services as consumers (“you”). This Notice explains how your Personal Data is collected, used, and disclosed by Nestle Australia Ltd (“Nestlé”, “We”, Us”). It also tells you how you can access and update your Personal Data and make certain choices about how your Personal Data are used.
This Notice covers both our online and offline data collection, including Personal Data that We collect through our various channels such as website and our Consumer Engagement Service.
If you do not provide necessary Personal Data to us, we may not be able to provide you with our goods and/or services.
1. SOURCES OF PERSONAL DATA
This Notice applies to Personal Data that We collect from or about you, through the methods described below (see Section 2), from the following sources:
Nestlé websites. Account registration on the NCare website operated by operated by Nestlé.
Nestlé CES. Your communications with our Consumer Engagement Centre (“CES”).
Offline registration forms. Printed or digital registration and similar forms that We collect via, for example, postal mail.
Data We create. In the course of our interactions with you, we may create Personal Data about you (e.g. we have record of your purchases on the NCare Website).
2. PERSONAL DATA THAT WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
Depending on how you or your health care professional interact with Nestlé (online, offline, over the phone, etc.), We collect various types of information from you, as described below.
Personal contact information. This includes any information you provide to Us that would allow Us to contact you and facilitate delivery of products, such as your name, postal address, e-mail address, or phone number.
Consumer feedback. Any information that you voluntarily share with Us about your experience of using our products and services.
Payment and Financial information. Any information that We need in order to fulfil an order, or that you use to make a purchase, such as your debit or credit card details (cardholder name, card number, expiration date, etc.) or other forms of payment (if such are made available). In any case, We or our payment processing provider(s) handle payment and financial information in a manner compliant with applicable laws, regulations and security standards such as PCI DSS.
Call to Consumer Engagement Services. Communications with a CES can be recorded or listened into, in accordance with applicable laws, for local operational needs (e.g. for quality or training purposes). Payment card details are not recorded. Where required by law, you will be informed about such recording at the beginning of your call.
Sensitive Personal Data. We may process certain sensitive personal data with your consent.
3. COOKIES/SIMILAR TECHNOLOGIES, LOG FILES AND WEB BEACONS
4. USES MADE OF YOUR PERSONAL DATA
The following paragraphs describe the various purposes for which We collect and use your Personal Data, and the different types of Personal Data that are collected for each purpose. Please note that not all of the uses below will be relevant to every individual:
- A. Order fulfilment. We use your Personal Data to process and ship your orders, inform you about the status of your orders, conduct identity verification and other fraud detection activities. This involves the use of certain Personal Data and payment information.
- B. Consumer service.We use your Personal Data for consumer service purposes, including responding to your enquiries. This typically requires the use of certain personal contact information and information regarding the reason for your inquiry (e.g. order status, technical issue, product question/complaint, general question, etc.).
- C. Marketing (Health Care Professionals only.. With your consent (where required), We use your Personal Data to provide you with information about goods or services (e.g. marketing communications). This can be done via means such as email, SMS, phone calls and postal mailings to the extent permitted by applicable laws. Some of our campaigns are run on third party websites and/or social networks. This use of your Personal Data is voluntary, which means that you can oppose (or withdraw your consent) to the processing of your Personal Data for this purposes. For detailed information on how to modify your preferences about marketing communication, please see Sections 8 and 9 below.
5. DISCLOSURE OF YOUR PERSONAL DATA
We also share your Personal Data with Service providers. These are external companies that We use to help Us run our business (e.g. order fulfilment, payment processing etc.). Service providers, and their selected staff, are only allowed to access and use your Personal Data on Our behalf for the specific tasks that they have been requested to carry out, based on your instructions, and are required to keep your Personal Data confidential and secure
6. RETENTION OF YOUR PERSONAL DATA
In accordance with applicable laws, We will use your Personal Data for as long as necessary to satisfy the purposes for which your Personal Data was collected or to comply with applicable legal requirements, after that we will destroy or de-identify in a secure manner.
7. DISCLOSURE, STORAGE AND/OR TRANSFER OF YOUR PERSONAL DATA
We use appropriate measures (described below) to keep your Personal Data confidential and secure.
People who can access your Personal Data. Your Personal Data will be processed by our authorised staff or agents, on a need to know basis, depending on the specific purposes for which your Personal Data have been collected (e.g. our staff in charge of consumer care matters will have access to your consumer record).
Measures taken in operating environments. We store your Personal Data in operating environments that use reasonable security measures to prevent unauthorised access. We follow reasonable standards to protect Personal Data. The transmission of information via the Internet is, unfortunately, not completely secure and although We will do our best to protect your Personal Data, We cannot guarantee the security of the data during transmission through our Websites/apps.
Measures We expect you to take. It is important that you also play a role in keeping your Personal Data safe and secure. When signing up for an online account, please be sure to choose an account password that would be difficult for others to guess and never reveal your password to anyone else. You are responsible for keeping this password confidential and for any use of your account. If you use a shared or public computer, never choose to have your login ID/email address or password remembered and make sure to log out of your account every time you leave the computer. You should also make use of any privacy settings or controls We provide you in our Website/app.
Transfer of your Personal Data.
Our servers are located in Australia and We do not transfer your personal data overseas. We use distribution partners to manage home delivery. Those distribution partners and their logistics providers, contractors and agents may transfer your information overseas, however, it is not practical to list every country where your personal information is processed and stored. If you would like further information on the countries where Nestlé distribution partners are accessing and storing your personal Information, please contact the Nestlé Privacy Officer by emailing Privacy.Officer@au.nestle.com.
8. YOUR RIGHTS
Access to Personal Data. You have the right to access and review to the information held about you. You also have the right to request information on the source of your Personal Data.
These rights can be exercised by sending Us an email to Privacy.Officer@au.nestle.com or writing to us at Nestlé Australia Ltd, Building D, 1 Homebush Bay Drive, Rhodes, NSW 2138. If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected. Please note that any identification information requested by Us will only be processed in accordance with, and to the extent permitted by applicable laws.
9. YOUR CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR PERSONAL DATA
We strive to provide you with choices regarding the Personal Data that you provide to Us. The following mechanisms give you the following control over your Personal Data:
Cookies/Similar Technology. You manage your consent via (i) our consent management solution or (ii) your browser so as to refuse all or some cookies/similar technologies, or to alert you when they are being used. Please see Section 4 above.
Advertising, marketing and promotions. You can consent for your Personal Data to be used by Nestlé to promote its products or services through tick-box(es) located on the registration forms or by answering the question(s) presented by our CES representatives. If you decide that you no longer wish to receive such communications, you can subsequently unsubscribe from receiving marketing-related communications at any time, by following the instructions provided in each such communication. To unsubscribe from marketing communications sent by any medium, including third party social networks, you can opt-out at any time by unsubscribing through links available in our communications, logging into the Websites/apps or third party social networks and adjusting your user preferences in your account profile by unchecking the relevant boxes or by calling our CES. Please note that, even if you opt-out from receiving marketing communications, you will still receive administrative communications from Us, such as order or other transaction confirmations, notifications about your account activities (e.g. account confirmations, password changes, etc.), and other important non marketing related announcements.
10. CHANGES TO THIS NOTICE
If We change the way We handle your Personal Data, We will update this Notice. We reserve the right to make changes to our practices and this Notice at any time, please check back frequently to see any updates or changes to our Notice.
To ask questions or make comments on this Notice and our privacy practices or to make a complaint about our compliance with applicable privacy laws, please contact Us at: Privacy.Officer@au.nestle.com or writing to us at Nestlé Australia Ltd, Building D, 1 Homebush Bay Drive, Rhodes, NSW 2138 or call our CES on 1800 671 628 or contact us online.
We will acknowledge and investigate any complaint about the way We manage Personal Data (including a complaint that We have breached your rights under applicable privacy laws).