Privacy Policy

PALETTE LIFE SCIENCES, INC. PRIVACY POLICY

LAST UPDATED: July 10, 2020

This Privacy Policy describes how Palette Life Sciences, Inc., (“Palette”, “we”, “us”, “our”) collects, uses, and shares Personal Data Information (as defined in this Policy) that you submit to us and that we collect through our website www.deflux.com.au (the “Site”) or through other means (including through meetings in-person). The Site provides a venue to obtain information about Palette’s Deflux Product, our company, to search for paediatric urologists and other services we may offer (collectively, the “Services”). Palette acknowledges and recognizes that the protection of individuals’ privacy is important and required under Australian law. This Privacy Policy will be made available to any person requesting a copy free of charge.

Palette reserves the right (at its discretion) to modify, amend or to replace this Policy from time to time. Palette will make the Policy (including as amended, modified or replaced) available on its website.

INFORMATION WE COLLECT

For purposes of this Privacy Policy, “Personal Data” means any information or opinion about an identified individual or an individual who is reasonably identifiable, whether the information or opinion is true or not. As described in detail below, we may collect certain Personal Data from or about you in connection with your use of, or your submissions to, the Site or through other interactions with Palette.

We may collect Personal Data as follows:

  • When you communicate with us, sign up for materials, and interact with the Site. We may collect Personal Data, such as your name, address, phone number, email address and, in the case of medical practitioners, information about your practice, numbers of patients and business contact information, when you communicate with us or submit information to us. We may also collect Personal Data when you interact with our Site or utilize Site features including any searches on this Site to find paediatric urologists, and when you sign up to receive newsletters, updates, or other information.
  • When we collect data from third parties or publicly-available sources. In accordance with our statutory obligations, we endeavour to collect personal information about an individual from the individual concerned, except where it is unreasonable or impracticable to do so. In certain circumstances, we may obtain certain data about you from third-party sources to help us provide and improve the Services. We may combine your Personal Data with data we obtain from our services, other users, or third parties to enhance your experience and improve the Services.
  • When we leverage and/or collect cookies, device IDs, location, data from the environment, and other tracking technologies. We may collect certain Personal Data using cookies and other technologies, such as web beacons, device IDs, geolocation, HTML5 local storage, Flash cookies, and IP addresses. For further information, please refer to the section below dealing with “Use of Cookies and Similar Technologies”.

ANONYMITY AND PSEUDONYMITY

Where it is lawful and reasonable for you to do so, you have the right to deal with us on an anonymous or pseudonymous basis. As permitted by law, and subject to the following, we will give you the option of not identifying yourself, or of using a pseudonym in dealing with us.

However, if you choose to interact with us in an anonymous or pseudonymous fashion, or you do not provide us with the Personal Information on request, then we may be unable to provide you with the Services.

Further, we reserve the right to verify your identity in certain circumstances. For example, we may need to verify your identity when you request that we provide certain products or services to you, in order to liaise with other service providers and in order to comply with our statutory and regulatory obligations. Additionally, when you request access to or correction of the Personal Information we hold about you, or when you wish to make a complaint regarding how we have handled your Personal Information, we reserve the right to verify your identity and contact details in order to facilitate our satisfaction of your access or correction request, or to investigate and to deal with your complaint.

RECEIPT OF UNSOLICITED PERSONAL INFORMATION

Generally, we only collect Personal Data when it is specifically requested or when we take active steps to collect that information. From time to time, however, Personal Data about an individual may be provided to us on an unsolicited basis. Where we receive Personal Data on an unsolicited basis, then in accordance with our statutory obligations, Palette will promptly determine whether such Personal information could lawfully have been collected had Palette requested the Personal Data or otherwise had actively sought the provision of such Personal Data.

USE OF COOKIES AND SIMILAR TECHNOLOGIES

The Site uses cookies and similar technologies to improve user experience, for performance and analytics, and to improve our content, products, and services. We specifically use browser cookies for different purposes, including cookies that are strictly necessary for functionality and cookies that are used for personalization and performance/analytics. When you visit the Site, we may also automatically collect certain data about your device, including information about your web browser, IP address, your geographic location and time zone. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We also use cookies and similar technologies for purposes of marketing and advertising.

A “cookie” is a small text file that a web server stores in browser software. A browser sends cookies to a server when the browser makes a connection to the server (for example, when requesting a web page from the same domain that created the cookie). The purpose of cookies is to remember the browser over time and distinguish one browser instance (or user) from all others. Some cookies and other technologies may serve to track Personal Data previously entered by a web user on our Site. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them. Cookies can remember login information, preferences, and similar information.

Cookies, as well as other tracking technologies, such as HTML5 local storage, and Local Shared Objects (such as “Flash” cookies), and similar mechanisms, may record information such as a unique identifier, information you enter in a form, IP address, and other categories of data.

We may also use web beacons or “pixels,” and in certain circumstances may collect IP address, screen resolution and browser software and operating system types, clickstream patterns, dates and times that our site is accessed, and other categories of data.

If you want to block the use and saving of cookies from the Site on to your computer’s hard drive, you should take the necessary steps within your web browser’s settings to block all cookies from the Site and its external serving vendors, or use the cookie control system, if available upon first visit. Please note that if you choose to erase or block your cookies, certain parts of our Site may not function correctly or at all. For information on how to disable cookies, refer to your browser’s documentation.

Our Site may use the following technologies to implement cookies and pixels:

  • Google Analytics. In order to ensure that the content from the Site remains up to date, user-oriented and comprehensive, this website employs Google Analytics, a web-analysis tool from Google Inc. (“Google”) that enables us to optimize our Services for you. Google Analytics uses cookies that track your preferences during your visit to our websites. This allows us to simplify navigation, for example, thereby helping us to make the site more user-friendly. The information that is generated in this process (including the IP address) is anonymized, making personal identification impossible. An evaluation for reporting purposes is carried out only after the anonymization process. The data, generated by this Cookie are usually transferred and stored on a server in the USA. As a user of our websites, you always have the option of disabling cookies in your browser settings. Most browsers allow cookies as a default setting. Should you change this setting, this may disrupt certain functions of our Site. Furthermore, you can prevent Google’s acquisition and processing of the information that is generated by the cookie and concerns your activity on the website (including your IP address) by downloading and installing a browser plug-in. In this process, your IP-Address is in a first step reduced to Countries in the European Union or other Countries in the European Economic Community. The actual link to the tool is: http://tools.google.com/dlpage/gaoptout?hl=us. Further information on the terms of use and the privacy options of Google are available on: http://www.google.com/analytics/terms/us.html
  • Google AdWords. As an AdWords customer, the Site uses Google conversion tracking by Google on some pages. This means that Google AdWords places a cookie on your computer (“conversion cookie”) if you have accessed our webpage via a Google ad. These cookies become invalid after 30 days. If you visit certain pages on our website and the cookie has not yet expired, we and Google can recognize that someone has clicked on an ad and been directed to our page as a result thereof. Each AdWords customer receives a different cookie. Cookies can therefore not be tracked via the websites of AdWords customers. The information collected with the help of the conversion cookie allows us to prepare conversion statistics to optimize our services. AdWords customers know, for instance, the total number of customers who have clicked on their ad and been redirected to a page with a conversion tracking tag. But they do not receive any information by which users can be personally identified. If you do not want to participate in the tracking, you can prevent the placement of the necessary cookie – for instance through a browser setting that deactivates the automatic placement of cookies in general. “You can also deactivate conversion tracking cookies by setting your browser to block cookies from the domain googleadservices.com.”
  • Google Remarketing. Moreover, the Site uses Google’s Remarketing technology on some pages. With this technology, users who have already visited our web pages and online services and shown in interest in what we have to offer are shown targeted advertising on other websites of the Google Partner network. The ads are displayed through the use of cookies, by means of which the user’s behavior during his or her visit to the website is analyzed and then used for targeted product recommendations and interest-based advertising.

If you do not wish to receive any interest-based advertising, you can deactivate Google’s use of cookies for these purposes by going to https://www.google.com/settings/ads. Alternatively, users can deactivate cookies from third-party providers by going to the network advertising initiative’s deactivation page (link: http://www.networkadvertising.org/managing/opt_out.asp).

  • Facebook Pixel. The Site uses the “Facebook pixel” provided by the social network Facebook (“Facebook”). As a result, so-called tracking pixels are integrated into our web pages. When you visit our web pages, the tracking pixel will create a direct link between your browser and the Facebook server. Thus, Facebook will receive the information from your browser that our web page was accessed from your device. If you are a Facebook user, Facebook can therefore associate your visit to our pages with your user account. Please note that we as the provider of these web pages are not notified of the content of the data transmitted or of the use thereof by Facebook. We can merely specify the segments of Facebook users (based on criteria such as age, interests) on whose pages we would like our ads to be displayed. Moreover, when this pixel is called up later on from your browser, Facebook can then determine whether an ad on Facebook was successful, for instance whether it has led to an online purchase. We receive from Facebook merely statistical data on this, without any references to a specific individual. This allows us to collect information about the effectiveness of the Facebook ads for statistical and market research purposes. For more information concerning this topic, please see Facebook’s privacy policy at https://www.facebook.com/about/privacy/. Please visit http://www.aboutads.info/choices or http://www.youronlinechoices.eu/ if you do not wish to have your data collected via the Facebook pixel.

Please note that Google and Facebook have their own privacy policies which are independent from ours. We do not accept any responsibility or liability for these policies and procedures. Before using our website, please inform yourself about Google’s privacy policy (Link: http://www.google.com/privacy.html) and Facebook’s data policy (Link: https://www.facebook.com/about/privacy/).

THE PURPOSES FOR WHICH WE COLLECT PERSONAL DATA AND ITS USES

We are obliged to only use and disclose Personal Data for the primary purpose(s) for which the information was collected, any secondary purpose that is related to the primary purpose for which you would reasonably expect us to use or disclose that collected information, and as otherwise permitted or required by law.

We may collect, use and process Personal Data for a variety of different purposes as set out in further detail below. Subject to applicable law, the purposes for which we collect, use and process Personal Data, and (where the GDPR applies) the legal basis for such processing, are set forth below.

  • For our legitimate Interests. To operate our business and provide the Services to you including:
    • To maintain the Site and provide the Services, including for technical support;
    • To communicate with you regarding the Services, including to provide you important notices regarding changes to our Terms of Use;
    • To address and respond to your requests, inquiries, and complaints;
    • For quality assurance purposes, including to develop, provide, and improve the Site and Services, including to better tailor the features, performance, security and support of our Services and the Site, and for statistical and analytics purposes;
    • For our direct marketing purposes, including to send information updates, marketing materials and newsletters about news that may be of interest to you, our company (and our Affiliates) and our (and our Affiliate’s) products and services to individuals who have consented to receive such information and provided that they have not opted out of receiving such information;
    • For fraud, loss, and other crime prevention purposes;
    • To assist in the investigation of suspected illegal or wrongful activity, and to protect and defend our rights and property, or the rights or safety of third parties;
    • To enforce our Terms of Use, this Privacy Policy, or agreements with third parties;
    • To comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process; or
    • Subject to applicable contractual or legal restrictions, in connection with a contemplated reorganization or an actual reorganization of our business, in connection with financing, a sale or other transaction involving the disposal of all or part of our business or assets, including for the purpose of permitting the due diligence required to decide whether to proceed with a transaction; and
    • To maintain a safe working environment for our staff and contractors.
  • To deal with a request or complaint. To deal effectively and efficiently with a request or complaint made to us.
  • For the performance of a contract. To perform our contractual obligations to you, including to fulfil your request for Services, to contact you in relation to any issues with our Services, where we need to provide your Personal Data to our service providers, or to take steps in response to information or inquiries you may submit prior to entering into a contract or partnership with us.
  • To comply with legal obligations. To comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process. This may include, but is not limited to, using and disclosing Personal Data to generate aggregated and de-identified statistical information for the purpose of reporting to governmental regulatory agencies.
  • To protect data subjects’ vital interests. To protect the vital interests of you or of another person.

In some cases where we are not already authorized to process the Personal Data under applicable law, we may ask for your consent to process your Personal Data:

  • Special Categories of Personal Data. We generally do not collect or require special categories of Personal Data (such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health information, biometric data, or sexual orientation) in order to access our Site or utilize the Services. In the event we may need to collect such information to provide a specific Service to you, we will obtain your consent as required by law. In certain circumstances, subject to applicable law, we may process or otherwise disclose special categories of Personal Data without consent, such as to protect the vital interests of you or of another person.
  • Cookies. We may also request consent for some cookies in accordance with our cookie policy.

DISCLOSURE OF PERSONAL INFORMATION

We may disclose Personal Data collected from individuals to third parties but only on an as-needs basis and only in order to fulfil one or more of the purposes for which the Personal Information was collected, any secondary purpose related to the primary purpose(s) of collection or otherwise as required or authorized by law.

  • Affiliates. We may disclose some or all of your Personal Data to our subsidiaries, joint ventures, and other companies under our common control (collectively, “Affiliates”), for the purposes described in this Privacy Policy. Where we share Personal Data with our Affiliates, we will require our Affiliates to honor this Privacy Policy.
  • Service Providers. We may disclose Personal Data to business partners, distributors, service providers, marketing partners, and vendors in order to maintain the Site and provide, improve, and personalize the Services. We may also share Personal Data for other technical and processing functions, such as sending e-mails on our behalf, technical support, or otherwise operating the Site, for analytics, and for marketing purposes. Such third parties may have access to Personal Data only as needed to perform their functions for us, and they may not use Personal Data for other purposes.
  • Pursuant to Legal Process and Protection of Rights. We may also disclose Personal Data to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful request for information we receive, or as otherwise pursuant to legal process. We may also use and disclose Personal Data to establish or exercise our legal rights, to enforce our Terms of Use and other contracts, this Privacy Policy, or agreements with third parties, to assert and defend against legal claims, or if we believe such disclosure is necessary to investigate, prevent, or take other action regarding actual or suspected illegal or fraudulent activities or potential threats to the physical safety or well-being of any person.
  • Corporate Transactions. Subject to applicable law, Palette reserves the right to sell or transfer Personal Data in the event that Palette is acquired by or merged with another company or in connection with the potential sale or transfer of some or all of the business assets of the Site or Palette, including for the purpose of permitting the due diligence required to decide whether to proceed with a transaction. If the sale occurs, the purchaser will be entitled to use and disclose the Personal Data collected by us, and the purchaser will assume the rights and obligations regarding Personal Data as described in this Privacy Policy.
  • Professional advisers, insurers and auditorsWe may also disclose Personal Data to any of our professional advisers (including our lawyers and accountants), our insurers and our auditors for the purpose of our advisers, insurers and auditors completing their obligations owed to us.

OUR USE AND DISCLOSURE OF DE-IDENTIFIED OR ANONYMOUS DATA

We may create de-identified or anonymous data from Personal Data by removing data components (such as your name, email address, or linkable tracking ID) that makes the data personally identifiable to you or through obfuscation or through other means. Our use and/or disclosure of anonymized data is not subject to this Privacy Policy.

DO-NOT-TRACK

Do-Not-Track is a public-private initiative that has developed a “flag” or signal that an Internet user may activate in the user’s browser software to notify websites that the user does not wish to be “tracked” by third-parties as defined by the initiative. The online community has not agreed on what actions, if any, should be taken by the websites that receive the “do not track” signal, and therefore Do-Not-Track is not yet standardized. Please note that the Site does not alter its behavior or use practices when we receive a Do Not Track signal from your browser.

Information from Children Under 13 Years of Age

We do not knowingly collect information from minors under the age of 13 years without parental consent. If you become aware that an individual under 13 years of age has provided us with Personal Data without parental consent, please contact us at support@palettelifesciences.com. If we become aware that an individual under 13 years has provided us with Personal Data without parental consent, we will take steps to remove the data as permitted by law.

LINKS TO OTHER SITES

Our Site may contain links or otherwise provide access to another website, mobile application, or Internet location (collectively “Third-Party Sites”). We provide these links merely for your convenience. Palette has no control over, does not review, and is not responsible for Third-Party Sites, their content, or any goods or services available through the Third-Party Sites, or the privacy practices of the owner or operator of the relevant Third-Party Site. Our Privacy Policy does not apply to Third-Party Sites. We encourage you to read the privacy policies of any Third-Party Site with which you choose to interact.

EUROPEAN UNION DATA SUBJECT RIGHTS

Data subjects in the European Economic Area and certain other jurisdictions may have certain rights under applicable data protection law (including the EU General Data Protection Regulation (GDPR)), including the right to request confirmation from us as to whether or not we are processing your Personal Data. Where we are processing your Personal Data, subject to the GDPR, you also have the right to:

  • Request access to, modification or rectification, or deletion. You may have the right to request access to, modification of, or deletion of your Personal Data we maintain.
  • Request restriction of processing. You may have the right to request that we restrict processing of your Personal Data in certain circumstances, such as where you believe that the Personal Data we hold about you is inaccurate or our processing is unlawful.
  • Object to processing. In certain circumstances, you may have the right to request that we stop processing your Personal Data, such as a request to stop sending you direct marketing communications. To opt-out of direct marketing communications, please see the instructions in the “Withdrawing Your Consent” section of this Privacy Policy.
  • Data portability. In certain circumstances, you may have the right to receive the Personal Data concerning you that you provided to us or to request that we transmit your Personal Data to another data controller.
  • Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority.

To exercise your rights, you may contact us as at support@palettelifesciences.com. As permitted by law, certain data elements may not be subject to access, modification, portability, restriction, and/or deletion. Furthermore, where permissible, we may charge for this service. We will respond to reasonable requests as soon as practicable and as required by law. To protect your privacy and security, we may take steps to verify your identity in order to respond to your request.

WITHDRAWING YOUR CONSENT

In most cases, we need to use or process certain of your Personal Data in order to fulfil our the purpose(s) for which we collected the information (including for our legitimate interests). If you do not wish us to use, process or disclose your Personal Data, you may contact us at support@palettelifesciences.com.

Where you are covered by the GDPR and the basis of processing is legitimate interests, you have a right to object to the processing of your Personal Data. Please note that, subject to applicable law, we may continue to process your Personal Data even where you object if there are compelling legitimate grounds for processing that override your interests and rights, or where processing is necessary to establish, exercise, or defend legal claims.

Where you are covered by the GDPR and consent is the basis of processing, you may at any time withdraw the consent you provided for the processing of your Personal Data for the purposes set forth in this Privacy Policy by contacting us at support@palettelifesciences.com, provided that we are not required by applicable law or professional standards to retain such information.

If you would like to stop receiving newsletters or other marketing or promotional messages, notifications, or updates, you may do so by following the unsubscribe instructions that appear in our e-mail communications to you. Alternatively, you may contact us at support@palettelifesciences.com to opt-out of direct marketing. Please be advised that you may not be able to opt-out of receiving certain service or transactional messages from us, including legal notices and certain communications related to the provision of the Services.

Please note that if you do not provide consent, if you withdraw your consent or object to processing, or if you choose not to provide certain Personal Data, we may be unable to provide you some or all of the Services.

TRANSFER OF PERSONAL DATA

Please note that if you are visiting the Site from outside of the United States, your Personal Data may be transferred to, stored, and/or processed in this country. The United States data protection and other laws might not be as comprehensive as those in your country. If you are located outside of the United States, the transfer of Personal Data is necessary to provide you with the requested information and Services and/or to perform any requested transaction. By using any portion of the Site, you acknowledge and consent to the transfer of your information to our facilities in the United States.

From time to time, we may disclose Personal Data to our Affiliates, service providers and others in accordance with this Privacy Policy who may be located in the United States or other countries outside Australia. By submitting Personal Data to us, you acknowledge and agree that we are not responsible for any breach of the Australian privacy laws by the overseas recipient.

Please note that we may store, process or back up Personal Data on servers (including servers offered through third party service providers under contract to Palette) that are located in a jurisdiction outside Australia.

If you communicate with Palette via email, through a social network service or through some other electronic process, the communication may be routed through servers that are located outside Australia and, in relation to a message sent through a social network service (such as Twitter or Facebook), the social network provider and its partners may collect, hold and process Personal Data in a jurisdiction outside Australia.

If you are covered by the GDPR, please note that some countries outside the United Kingdom or the European Union do not have the same data protection laws as the United Kingdom or the European Union. We will ensure that any transfer to such countries of Personal Data in cases where the GDPR applies to such transfer, either by us or by any third party supplier to whom we provide your Personal Data, will (unless the European Commission considers their laws to be adequate) be subject to appropriate or suitable relevant safeguards to the extent required under the GDPR that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Information.

DATA RETENTION

We will retain your Personal Data for as long as is necessary to provide the Services, or for such longer period as may be required or permitted by applicable law. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

SECURITY

We take all reasonable steps to protect all Personal Data which we hold from misuse, interference and loss, and from unauthorized access, modification or disclosure. Palette uses technical and organizational security measures designed to secure and protect Personal Information. Please note, however, we cannot fully eliminate security risks associated with the storage and transmission of Personal Data.

QUALITY OF PERSONAL DATA

We take reasonable steps to ensure that the Personal Data collected, used and disclosed is accurate, complete and up-to-date. However, the accuracy, completeness and currency of the Personal Data we hold largely depends on the accuracy of the information you supply to us. If at any time you discover that any Personal Data held about you is inaccurate, incomplete, outdated, irrelevant or misleading, please contact us to request correction of the information. We will handle a correction request in accordance with the following procedures. In doing so, we reserve the right to verify the identity of the person making a correction request before processing the request.

ACCESS TO AND CORRECTION OF PERSONAL DATA

We will provide access to your Personal Data within a reasonable period of time following our receipt of your request, unless an exception applies. The exceptions include where the access poses a serious threat to the life or health or safety of the individual, public health or public safety, where the request is frivolous or vexatious, where the request relates to existing or anticipated legal proceedings or to current negotiations between you and us, the request is unlawful, would impede or prejudice any investigation of unlawful activity, or where we are required or authorized by or under Australian law or a court/tribunal order to not comply with the request. Where we do not provide you with access to your Personal Data, we will explain to you the reason for denying access and provide details in relation to the relevant complaint process, should you not agree with our reasons.

While we will not charge a fee for making an access request, we reserve the right to charge a reasonable fee to cover our costs incurred in providing access to your Personal Data.

If you can establish that the Personal Data we hold about you is not accurate, complete or up-to-date, or is irrelevant or misleading, we will take reasonable steps to correct the information. If we have disclosed inaccurate, incomplete, out-of-date, irrelevant or misleading information to a third party, we will take reasonable steps to ensure that the recipient is aware of the correction to the Personal Data.

We may request from you information in order to verify your identity and your connection to the individual about whom you request Personal Data (if you are not the individual about whom Personal Data has been collected). Further, we reserve the right (to the maximum extent permitted by law) to redact information included in the Personal Data, in order to protect the privacy of other individuals.

Please note that if the GDPR applies to you, then you will have additional rights (see “EU Data Subject Rights” above) and where those rights are different, then we will respect those rights in preference to the rights above.

COMPLAINT PROCEDURE

To make a complaint about how we have handled your Personal Data, please write to us, at the details set out below. We will provide a response to you within a reasonable time period following receipt in accordance with applicable law. We reserve the right to verify the identity of the person making the complaint and to seek (where appropriate or reasonable) further information from the complainant about the circumstances of the complaint. We reserve the right to refuse to investigate or to otherwise deal with a complaint where permitted by law. For example (without limitation), we may refuse to investigate or to otherwise deal with a complaint if we consider the complaint to be vexatious or frivolous.

If you are not satisfied by our determination, you may escalate the complaint to the Office of the Australian Information Commissioner. Please note that where the GDPR applies to you, the GDPR also gives you right to lodge a complaint with a supervisory authority, in particular in the EU (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at support@palettelifesciences.com or by mail at the following address:

Palette Life Sciences, Inc.
27 E Cota Street
Suite 402
Santa Barbara, Santa Barbara County 93101

X