Carina Day & Night Pharmacy (ABN 57 631 737 009) ("Carina Day & Night Pharmacy", "we", "us", "our") operates this website and online store, including all related information, content, features, tools, products and services (the "Services"), to serve our patients and customers.

 

This Privacy Policy explains how we collect, use, and disclose your personal information when you use the Services or communicate with us. It has been prepared in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By using the Services, you acknowledge that you have read and understood this Policy. Where there is a conflict between this Policy and our Terms of Service, this Policy controls with respect to personal information.

 

"Personal information" means information that identifies or can reasonably be linked to you. Some of the information we collect may be health information — for example, where you purchase or enquire about prescription products or disclose a health condition to us. Health information is sensitive information under the Privacy Act and is afforded a higher level of protection. We only collect it where reasonably necessary for our Services or as required by law.

 

Depending on how you interact with us, we may collect:

 

•       Contact details — name, address, phone number, and email address.

•       Health and prescription information — prescription details, prescribing practitioner, approved indication, and health conditions you disclose to us.

•       Financial information — payment card details, transaction details, and payment confirmation.

•       Account information — username, password, and preferences.

•       Transaction information — items viewed, added to cart, purchased, returned, or cancelled.

•       Device and usage information — IP address, device identifiers, browser type, and how you navigate the Services.

•       Communications — information you include when contacting us for support or clinical enquiries.

 

 

We use personal information only for the purpose for which it was collected, a directly related secondary purpose, where you have consented, or as otherwise permitted or required by law. Our uses include:

 

•       Providing the Services: processing orders, payments, and returns; managing your account; arranging shipping; and creating a personalised experience.

•       Regulatory compliance: where products require a prescription, verifying prescriptions and maintaining records as required by the Therapeutic Goods Act 1989 (Cth), Therapeutic Goods Regulations 1990 (Cth), and applicable Queensland and other state health legislation.

•       Marketing: sending you marketing communications by email or other channels where you have expressly consented. We will not use your health information or prescription history for marketing without your separate explicit consent. You may withdraw consent at any time via the unsubscribe link in our emails or by contacting us.

•       Security and fraud prevention: authenticating your account and detecting fraudulent or malicious activity.

•       Legal compliance: responding to valid legal process, law enforcement requests, and potential violations of our terms.

 

 

We collect personal information:

 

•       Directly from you — when you create an account, make a purchase, submit a prescription enquiry, or contact us.

•       Automatically through the Services — via cookies and similar technologies when you visit our website.

•       From service providers — including Shopify (our e-commerce platform) and other third parties acting on our behalf.

•       From your prescribing practitioner or telehealth clinic — where you have authorised them to share information with us in connection with your prescription.

 

We only disclose personal information — including health information — in accordance with the APPs. We will only disclose sensitive information for the purpose for which it was collected, with your consent, or as required or authorised by law. We do not sell your personal information and do not share health information with marketing partners or advertising networks.

 

We may disclose your information to:

 

•       Service providers acting on our behalf — including Shopify (our e-commerce platform), payment processors, fulfilment providers, IT management, and cloud storage providers. Shopify may process your data in countries other than Australia. For more information, visit shopify.com/legal/privacy.

•       Your prescribing practitioner or telehealth clinic — where required for the safe supply of your prescription product or as you have authorised.

•       Regulatory authorities — including the TGA, Queensland Health, and other state or federal agencies, as required or permitted by law.

•       Law enforcement and courts — where required by valid legal process.

•       Acquirers in a business transaction — such as a merger or acquisition, subject to equivalent privacy obligations.

•       Third parties you direct us to — where you have explicitly consented.

 

We implement reasonable technical and organisational measures to protect your personal information from misuse, loss, and unauthorised access or disclosure, consistent with APP 11. No security measures are perfect — we recommend using secure channels for sensitive communications and keeping your account credentials confidential.

 

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations (including TGA and state health record-keeping requirements), resolve disputes, and enforce our policies.

 

Carina Pharmacy is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). If an eligible data breach occurs, we will assess it promptly, notify the Office of the Australian Information Commissioner (OAIC), and notify affected individuals as required. Breaches involving health or prescription information will be treated with particular urgency.

 

Some of our products may be lawfully prescribed to patients under 18 years of age. Where a patient is a minor, a parent or legal guardian must create and manage the account, consent to the collection and use of the minor’s personal information (including health information), and act as the responsible account holder. We do not knowingly collect personal information from minors without parental or guardian consent.

 

 

We use cookies and similar technologies to operate and improve the Services and analyse usage. Where you have consented, we may use them to support personalised experiences. You may control cookies through your browser settings, though disabling certain cookies may affect functionality.

 

 

Under the Privacy Act 1988 (Cth) and the APPs, you have the right to access the personal information we hold about you (APP 12), request correction of inaccurate or incomplete information (APP 13), and opt out of marketing communications at any time. We will not discriminate against you for exercising these rights. To make a request, contact us using the details in Section 9. We may need to verify your identity before processing your request.

 

If you have a complaint about how we have handled your personal information, please contact us first and we will respond within 30 days. If you remain unsatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au, by phone on 1300 363 992, or by post to GPO Box 5218, Sydney NSW 2001.

 

International transfers: We may transfer, store, and process your personal information outside Australia through service providers such as Shopify. Where we do so, we take reasonable steps to ensure the overseas recipient handles your information in a manner consistent with the APPs, as required by APP 8.

 

Changes to this Policy: We may update this Policy from time to time. We will post the revised Policy on our website and update the date above. Continued use of the Services after any update constitutes acceptance of the revised Policy.

 

Contact: If you have questions about this Policy or wish to exercise your rights, please contact our Privacy Officer:

 

•       Email: vapes@carinapharmacy.com.au

•       Post: Carina Pharmacy, 834 Old Cleveland Rd, Carina, QLD 4152