Privacy Policy

1. Introduction

Dr Glenn Fitzpatrick (ABN 69 377 937 786), trading as Scalable Trials ("Scalable Trials," "we," "us," or "our"), is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.scalable-trials.com (the "Website") or engage our consulting services.

We are bound by the Australian Privacy Principles ("APPs") contained in the Privacy Act 1988 (Cth) ("Privacy Act"). This policy also addresses requirements under the European Union General Data Protection Regulation ("GDPR") for individuals located in the European Economic Area.

By accessing or using our Website or services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Website or engage our services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

• Complete our contact form (name, email address, company name, message content)
• Send us emails or other correspondence
• Engage our consulting services (business contact information, project details)
• Subscribe to our communications
• Request information about our services

2.2 Information Collected Automatically

When you visit our Website, we may automatically collect certain information, including:

• Device Information: Browser type and version, operating system, device type
• Usage Information: Pages visited, time spent on pages, navigation paths
• Network Information: IP address, internet service provider, general geographic location (city/country level)
• Referral Information: The website or source that referred you to our Website

2.3 Information We Do Not Collect

We do not knowingly collect:

• Sensitive information (health information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation) unless directly relevant to providing our services and with your explicit consent
• Financial information such as credit card numbers (we do not process payments through this Website)
• Government identifiers unless required for contractual purposes

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

• To respond to your inquiries and provide requested information
• To provide consulting services you have engaged
• To communicate with you about projects and engagements
• To send administrative information (confirmations, invoices, updates)

3.2 Website Operation and Improvement

• To maintain and improve our Website functionality
• To understand how visitors use our Website
• To diagnose and resolve technical issues
• To ensure Website security and prevent fraud

3.3 Legal and Compliance

• To comply with applicable laws and regulations
• To enforce our Terms of Service
• To protect our rights, privacy, safety, or property
• To respond to lawful requests from public authorities

4. Legal Basis for Processing

Under the Australian Privacy Principles and GDPR (where applicable), we process your personal information based on the following legal grounds:

• Consent: Where you have provided explicit consent for specific processing activities
• Contractual Necessity: Where processing is necessary to perform a contract with you or take steps at your request before entering a contract
• Legitimate Interests: Where processing is necessary for our legitimate business interests (such as improving our services), provided those interests do not override your rights
• Legal Obligation: Where processing is necessary to comply with applicable laws

5. Disclosure of Information

5.1 Categories of Recipients

We may disclose your information to:

• Service Providers: Third-party vendors who assist with website hosting, email delivery, analytics, and other business operations, subject to confidentiality obligations
• Professional Advisors: Lawyers, accountants, and other professional advisors as necessary
• Legal Requirements: Government authorities, regulators, or other third parties where required by law or to protect our legal rights

5.2 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and your choices regarding your information.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL protocols
• Secure hosting infrastructure with reputable providers
• Access controls limiting information access to authorized personnel
• Regular security assessments and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

• Inquiry/Contact Information: Retained for the duration of our business relationship plus 7 years for legal and tax compliance purposes
• Website Analytics Data: Retained in aggregated, anonymized form indefinitely; identifiable data retained for up to 26 months
• Contractual Records: Retained for 7 years after the conclusion of the engagement as required by Australian law

Upon expiration of retention periods, personal information is securely deleted or anonymized.

8. Your Rights

8.1 Rights Under Australian Privacy Law

Under the Privacy Act 1988, you have the right to:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate, incomplete, or outdated information
• Complaint: Lodge a complaint with us or the Office of the Australian Information Commissioner (OAIC) if you believe we have breached your privacy

8.2 Additional Rights for EEA Residents

If you are located in the European Economic Area, you may also have the right to:

• Erasure: Request deletion of your personal information in certain circumstances
• Restriction: Request restriction of processing of your personal information
• Portability: Receive your personal information in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

8.3 Exercising Your Rights

To exercise any of these rights, please contact us using the details provided in Section 13. We will respond to your request within 30 days (or 30 days for GDPR requests). We may need to verify your identity before processing your request.

9. Cookies and Tracking Technologies

9.1 What Are Cookies

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work efficiently and provide information to website owners.

9.2 Cookies We Use

Our Website may use the following types of cookies:

• Essential Cookies: Necessary for the Website to function properly (e.g., session management)
• Analytics Cookies: Help us understand how visitors interact with our Website (e.g., Google Analytics)
• Functional Cookies: Remember your preferences and settings

9.3 Managing Cookies

You can control and manage cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Website. Most browsers provide options to:

• View what cookies are stored and delete them individually
• Block third-party cookies
• Block cookies from specific sites
• Block all cookies
• Delete all cookies when you close your browser

9.4 Do Not Track

Our Website does not currently respond to "Do Not Track" signals from browsers. However, you can opt out of analytics tracking by using browser extensions or the opt-out mechanisms provided by analytics providers.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Australia, including the United States, where our service providers may be located. These countries may have different data protection laws than Australia.

Where we transfer personal information internationally, we take steps to ensure appropriate safeguards are in place, including:

• Contractual clauses requiring recipients to protect personal information
• Ensuring recipients are bound by privacy laws providing comparable protection
• Obtaining your consent where required

11. Children's Privacy

Our Website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child, we will take steps to delete that information as soon as possible.

If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post a notice on our Website
• Where appropriate, notify you by email

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Complaints

If you are not satisfied with our response to your privacy concern, you may lodge a complaint with the Office of the Australian Information Commissioner: