This Privacy Policy describes how CBD Force collects and process your personal information in connection with our websites, platforms, applications, products, software, or services (collectively, Services).
This Privacy Policy does not apply to our employee and contractor records.
If you have any questions or concerns about our use of your personal information, please contact us using the contact details provided at the bottom of this Privacy Policy.
Broadly speaking, the way in which we collect personal information about you will depend on your relationship or interactions with us.
Certain parts of our Services may ask you to provide personal information voluntarily. For example, we may ask you to provide your contact details in order to register an account with us, to subscribe to marketing communications from us, or to submit enquiries to us. The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.
When you access our Services online, we may collect certain information automatically from your device. Specifically, the information we collect automatically may include your internet protocol (IP) address, your login data, browser type and version, time zone setting and location and other technical information. We may also collect information about how your device has interacted with our Services, including what was accessed and the links clicked.
Collecting this information enables us to better understand the users of our Services, where they come from, and what content is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Services.
Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Online tracking and your choices” below.
Where possible, we collect information directly from you. However, there may be occasions where we receive information about you from third parties, such as your healthcare professional or pharmacy if you are a patient, your patient if you are a healthcare professional, or third parties with whom we have a relationship. For example, in some countries, regulations require us to obtain relevant documents from third parties which contain patient information before we can release products.
The list below sets out the types of personal information we collect, why we use it, and where required under applicable law, the lawful basis for processing that personal information.
The lawful basis for processing your personal information are as follows:
The lawful basis for processing your sensitive personal information are as follows:
Some of the information we collect and process may include sensitive personal information (also known as special category data).
Sensitive personal information is a subset of personal information that is generally afforded a higher level of privacy protection. It includes health and genetic information and information about racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record and some types of biometric information.
We will only collect sensitive information where it is reasonably necessary for our functions or activities, and with respect to CBD Force, where CBD Force has a lawful basis to do so under applicable laws as provided for in the list above.
As set out in the list above we may also use your information for scientific research and statistical reporting. However, we have taken a number of measures to ensure that this information is pseudonymised and cannot directly identify an individual. We only have access to your medical and treatment information for this purpose only and cannot directly identify you from this information.
Like many websites, we may analyse log file information and other data collected through cookies, web beacons, and other tracking technology, to collect information about your browsing behaviour when you visit our websites. This includes, for example, your browser type, domains, page views, IP address, referring/exit pages, information about how you interact with our website and with third-party links, traffic and usage trends on the service.
We use session cookies to keep you logged in while you use features of our website; these disappear after you close your browser. We also use persistent cookies, which stay in your browser and allow us to recognise you when you return to the website. We use this to remember your information, so you will not have to re-enter it, to better understand how you use our Services, to diagnose and fix technology problems, and otherwise enhance our Services. In some of our email messages, we use a ’click-through URL’ linked to content on our website. We track this click-through data to help us measure the effectiveness of our customer communications.
We may collect analytics data directly or through third party analytics tools (including Google Analytics) to assist us with analysing and improving our service, and measure traffic and usage trends for our products and services. These tools collect information sent by your browser or mobile device, including the pages you visit and other information that assists us in improving our Services.
Most internet browsers automatically accept cookies, but you may be able to change the settings of your browser to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you set your browser to reject cookies, parts of our website may not work for you. Please note, depending on your type of device or browser, it may not be possible to delete or disable all tracking mechanisms on your device. Your selection of the ’Do Not Track’ option provided by your browser may not have any effect on our collection of cookie information for analytic and internal purposes. The only way to completely “opt out” of the collection of any information through cookies or other tracking technology is to actively manage the settings on your browser or mobile device to delete and disable cookies and other tracking/recording tools.
We may share your personal information to the following categories of recipients:
We will check any third party that we use to ensure that they can provide sufficient guarantees regarding the confidentiality and security of your personal information.
We will have written contracts with them which provide assurances regarding the protections that they will give to your personal information and their compliance with our data security standards and international transfer restrictions.
Our websites may contain links to other websites operated by third parties and may include social media features such as Facebook and X buttons (such as “Like,” “Tweet” or “Pin”). These third-party sites may collect information about you if you click on a link and the social media sites may automatically record information about your browsing behaviour every time you visit a website that has a social media button. Your interactions with these features are governed by the privacy policy of the company providing the feature, not by this Privacy Policy. We do not control what information these third parties collect. Please review your privacy settings on your social media sites and think carefully before clicking on links which may take you to a third-party website.
We take security seriously and care about the integrity of your personal information. We use commercially reasonable physical, administrative, and technological methods to secure your personal information and protect it from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
In order to deliver our core functions and to ensure we meet our legal data protection and privacy obligations, we will retain your information for at least as long as your account is active, as needed to provide you services, as long as is needed to fulfil the purpose for which it was collected (and any other linked purpose) or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
When we have no ongoing legitimate business need to process your personal information (as described above), we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.
Personal information collected from interactions with CBD Force is stored securely within Australia. We will not transfer data collected and stored within Australia to any country outside of Australia that is not recognised as ensuring an adequate level of protection, without compliance with the relevant legal or regulatory requirements. We may disclose information outside of Australia where we have a legal right to do so and to its group companies located overseas in the normal course of its business. Our policy is to comply with the requirements of the applicable laws which apply to cross border disclosure of personal information.
You have the following data protection rights:
Where CBD Force is the controller of your personal information, you also have the following additional rights:
Where you exercise your data protection rights, our response will depend on our role as a controller or processor, our legal basis for processing and whether or not any exemptions are available under applicable privacy or data protection laws. If you wish to exercise any of these rights in relation to personal information provided to us by your healthcare professional and for which we are a processor, please contact your healthcare professional directly.
We respond to all requests we receive from individuals wishing to exercise their rights in accordance with applicable privacy and data protection laws. In order to comply with a request, we may ask you to identify yourself. In such a situation, we will only request information to the extent required to confirm your identity. You also have the right not to identify yourself when dealing with us where it is lawful and practicable for us to allow it. However, if you don’t provide us with your personal information when requested, we may not be able to respond to your request or provide you with the Service that you are seeking.
If you have a question, comment or complaint about how we have collected or handled your personal information, please contact our privacy officer using the contact information below and provide details of the incident so that we can investigate it.
If you are making a complaint, we will treat your complaint confidentially, investigate your complaint and aim to ensure that we contact you and your complaint is resolved within a reasonable time (and in any event within the time required by applicable law).
You also have the right to complain to the regulator, and to lodge an appeal if you are not happy with the outcome of a complaint.
In Australia, please contact the Office of the Australian Information Commissioner.
If you have any questions please contact our head office at:
Email: hello@cbdforce.com.au
Changes To This Privacy Policy We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy. You should check our website frequently to see any recent changes. Unless otherwise stated, our current Privacy Policy applies to all information that we have about you. We will not materially change our policies to make them less protective of personal information collected in the past without the consent of those affected.