Medtracos Pty Ltd trading as “H. E. Kugelman & Co” (ABN 95 621 302 501) (“we”, “us” or the
“Company”) is committed to privacy protection. At https://kugelmans.com (“this site”), we understand
Policy”) describes generally how we manage personal information and safeguard privacy. If you
would like more information, please don’t hesitate to contact us.
We care about your privacy:
We will never rent, trade or sell your email address to anyone.
We will never publicly display your email address or other personal details that identify you
The Australian Privacy Principles
We will treat all personal information in accordance with any and all obligations that are binding upon
us under the Privacy Act 1988 (Cth) (“Privacy Act”). The Privacy Act lays down 13 key principles in
relation to the collection and treatment of personal information, which are called the “Australian
What is “personal information”?
Personal information held by the Company may include your:
• name and date of birth;
• residential and business postal addresses, telephone/mobile/fax numbers and email addresses;
• bank account and/or credit card details for agreed billing purposes;
• any information that you provided to us by you during your account creation process or added
to your user profile;
• preferences and password for using this site and your computer and connection information;
• any information that you otherwise share with us.
Information provided to Square
All purchases that are made through this site are processed securely and externally by Square. Unless
you expressly consent otherwise, we do not see or have access to any personal information that you
may provide to Square, other than information that is required in order to process your order and
deliver your purchased items to you (eg, your name, email address and billing/postal address).
How we may collect your personal information
At this site, we only collect personal information that is necessary for us to conduct our business as the
oldest surviving herbal company in Australia. We seek to continue our legacy of supplying our
customers with high-quality herbal products through the 21st century and onwards, which includes
(without limitation) enabling users to order and pay for products.
Information that you provide to us
We may collect personal information that you provide to us about yourself when you:
• use this site, including (without limitation) when you:
− create a user account;
− add information to your user profile;
− purchase any products and/or services through this site;
− add reviews, forum or chat room messages or comments in any elements of this site that
permit user-generated content;
− register for access to premium content or request certain premium features; or
− complete an online contact form to contact us;
• provide information to us by telephone or through marketing or competition application forms;
• send us an email or other communication.
This site may also collect Internet Protocol (IP) addresses. IP addresses are assigned to computers on
the internet to uniquely identify them within the global network. The Company collects and manages
IP addresses as part of the service of providing internet session management and for security purposes.
The Company may also collect and use web log, computer and connection information for security
purposes and to help prevent and detect any misuse of, or fraudulent activities involving, this site.
This site uses “cookies” to help personalise your online experience. A cookie is a text file or a packet
of information that is placed on your hard disk by a web page server to identify and interact more
effectively with your computer. There are two types of cookies that may be used at this site: a
persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the
“Cookies” folder on your computer and remains in that folder after you close your browser, and may
be used by your browser on subsequent visits to this site. A session cookie is held temporarily in your
computer’s memory and disappears after you close your browser or shut down your computer.
Cookies cannot be used to run programs. Cookies are uniquely assigned to you, and can only be read
by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and
store personal information about you. The Company extends the same privacy protection to your
personal information, whether gathered via cookies or from other sources.
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a
cookie is sent. Please refer to your internet browser’s instructions to learn more about these functions.
Most web browsers automatically accept cookies, but you can usually modify your browser settings to
decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience
the interactive features of this site
• remember your preferences for using this site;
• manage the signup process when you create an account with us;
• recognise you as logged in while you remain so. This avoids your having to log in again every
time you visit a new page;
• facilitate e-commerce transactions, to ensure that your order is remembered between pages
during the checkout process;
• show relevant notifications to you (eg, notifications that are relevant only to users who have,
or have not, created an account or subscribed to newsletters or email or other subscription
• remember details of data that you choose to submit to us (eg, through online contact forms or
by way of comments, forum posts, chat room messages, reviews, ratings, etc).
Many of these cookies are removed or cleared when you log out but some may remain so that your
preferences are remembered for future sessions.
Third party cookies
In some cases, third parties may place cookies through this site. For example:
• Google Analytics, one of the most widespread and trusted website analytics solutions, may use
cookies de-identified data about how long users spend on this site and the pages that they visit;
• Google AdSense, one of the most widespread and trusted website advertising solutions, may
times that a particular advertisement is shown to you; and
• third party social media applications (eg, Facebook, Twitter, LinkedIn, Pinterest, YouTube,
plugins in this site.
How we may use your personal information
Your personal information may be used in order to:
• verify your identity;
• assist you to place orders through this site;
• process any purchases of products and/or services that you may make through this site,
including charging, billing and collecting debts and shipment of products to you;
• make changes to your account;
• respond to any queries or feedback that you may have;
• conduct appropriate checks for credit-worthiness and for fraud;
• prevent and detect any misuse of, or fraudulent activities involving, this site;
• conduct research and development in respect of our products and/or services;
• gain an understanding of your information and communication needs or obtain your feedback
or views about our products and/or services in order for us to improve them; and/or
• maintain and develop our business systems and infrastructure, including testing and upgrading
of these systems,
and for any other purpose reasonably considered necessary or desirable by the Company in relation to
the operation of our business.
From time to time we may email our customers with news, information and offers relating to our own
products/services or those of selected partners. Your personal information may also be collected so
that the Company can promote and market products and services to you. This is to keep you informed
of products, services, and special offers we believe you will find valuable and may continue after you
cease acquiring products and services from us. If you would prefer not to receive promotional or other
material from us, please let us know and we will respect your request. You can unsubscribe from such
communications at any time if you choose
When we may disclose your personal information
In order to deliver the products/services you require or for the purposes set out above, the Company
may disclose your personal information to organisations outside the Company. Your personal
information may be disclosed to these organisations only in relation to this site, and the Company
takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy
obligations in relation to the protection of your personal information. These organisations may carry
out or provide:
• customer enquiries;
• mailing systems;
• billing and debt-recovery functions;
• information technology services;
• marketing, telemarketing and sales services;
• market research; and
• website usage analysis.
In addition, we may disclose your personal information to:
• your authorised representatives or legal advisers (when requested by you to do so);
• credit-reporting and fraud-checking agencies;
• credit providers (for credit-related purposes such as creditworthiness, credit rating, credit
provision and financing);
• our professional advisers, including our accountants, auditors and lawyers;
• government and regulatory authorities and other organisations, as required or authorised by
• organisations who manage our business strategies, including those involved in a transfer/sale
of all or part of our assets or business (including accounts and trade receivables) and those
involved in managing our business risk and funding functions; and
• the police or other appropriate persons where your communication suggests possible illegal
activity or harm to others
Contacting us about privacy
If you would like more information about the way we manage personal information that we hold about
you, or are concerned that we may have breached your privacy, please contact us by email to
email@example.com or by post.
Access to your personal information
In most cases, you may have access to personal information that we hold about you. We will handle
requests for access to your personal information in accordance with the Australian Privacy Principles.
All requests for access to your personal information must be directed to the Privacy Officer by email
using the email address provided above or by writing to us at our postal address. We will deal with all
requests for access to personal information as quickly as possible. Requests for a large amount of
information, or information that is not currently in use, may require further time before a response can
be given. We may charge you a fee for access if a cost is incurred by us in order to retrieve your
information, but in no case will we charge you a fee for your application for access.
In some cases, we may refuse to give you access to personal information that we hold about you. This
may include circumstances where giving you access would:
• be unlawful (eg, where a record that contains personal information about you is subject to a
claim for legal professional privilege by one of our contractual counterparties);
• have an unreasonable impact on another person’s privacy; or
• prejudice an investigation of unlawful activity.
We may also refuse access where the personal information relates to existing or anticipated legal
proceedings, and the information would not be accessible by the process of discovery in those
If we refuse to give you access, we will provide you with reasons for our refusal.
Correcting your personal information
We will amend any personal information about you that is held by us and that is inaccurate,
incomplete or out of date if you request us to do so. If we disagree with your view about the accuracy,
completeness or currency of a record of your personal information that is held by us, and you ask us to
associate with that record a statement that you have a contrary view, we will take reasonable steps to
Storage and security of your personal information
We are committed to maintaining the confidentiality of the information that you provide us and we
will take all reasonable precautions to protect your personal information from unauthorised use or
alteration. In our business, personal information may be stored both electronically (on our computer
systems and with our website hosting provider) and in hard-copy form. Firewalls, anti-virus software
and email filters, as well as passwords, protect all of our electronic information. Likewise, we take all
reasonable measures to ensure the security of hard-copy information.
Third party websites
You may click-through to third party websites from this site, in which case we recommend that you
and the Company assumes no responsibility for the content of any third party websites.
We may use the Google AdWords and/or Facebook re-marketing services to advertise on third party
websites to previous visitors to this site based upon their activity on this site. This allows us to tailor
our marketing to better suit your needs and to only display advertisements that are relevant to you.
Such advertising may be displayed on a Google search results page or a website in the Google Display
Any data so collected by Google and/or Facebook will be used in accordance with their own
respective privacy policies. None of your personal Google and/or Facebook information is reported to
You can set preferences for how Google advertises to you using the Google Ads Settings page
(https://www.google.com/settings/ads). Facebook has enabled an AdChoices link that enables you to
opt out of targeted advertising.
The Company welcomes the General Data Protection Regulation (“GDPR”) of the European Union
(“EU”) as an important step forward in streamlining data protection globally. Although we do not
operate an establishment within the EU and do not target any offering of services towards
customers/clients in the EU specifically, we intend to comply with the data handling regime laid out in
the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
The requirements of the GDPR are broadly similar to those set out in the Privacy Act and include the
• you are entitled to request details of the information that we hold about you and how we
process it. For EU residents, we will provide this information for no fee;
• you may also have a right to:
− have that information rectified or deleted;
− restrict our processing of that information;
− stop unauthorised transfers of your personal information to a third party;
− in some circumstances, have that information transferred to another organisation; and
− lodge a complaint in relation to our processing of your personal information with a local
supervisory authority; and
• where we rely upon your consent as our legal basis for collecting and processing your data,
you may withdraw that consent at any time.
If you object to the processing of your personal information, or if you have provided your consent to
processing and you later choose to withdraw it, we will respect that choice in accordance with our
legal obligations. However, please be aware that:
• such objection or withdrawal of consent could mean that we are unable to provide our services
to you, and could unduly prevent us from legitimately providing our services to other
customers/clients subject to appropriate confidentiality protections; and
• even after you have chosen to withdraw your consent, we may be able to continue to keep and
process your personal information to the extent required or otherwise permitted by law, in
− to pursue our legitimate interests in a way that might reasonably be expected as part of
running our business and which does not materially impact on your rights, freedoms or
− in exercising and defending our legal rights and meeting our legal and regulatory obligations.
Storage and processing by third parties
Data that we collect about you may be stored or otherwise processed by third party services with data
centres based outside the EU, such as Google Analytics, Microsoft Azure, Amazon Web Services,
Apple, etc and online relationship management tools. We consider that the collection and such
processing of this information is necessary to pursue our legitimate interests in a way that might
reasonably be expected (eg, to analyse how our customers/clients use our services, develop our
services and grow our business) and which does not materially impact your rights, freedom or
The Company requires that all third parties that act as “data processors” for us provide sufficient
guarantees and implement appropriate technical and organisational measures to secure your data, only
process personal data for specified purposes and have committed themselves to confidentiality.
Duration of retention of your data
We will only keep your data for as long as is necessary for the purpose for which it was collected,
subject to satisfying any legal, accounting or reporting requirements. At the end of any retention
period, your data will either be deleted completely or anonymised (for example, by aggregation with
other data so that it can be used in a non-identifiable way for statistical analysis and business
planning). In some circumstances, you can ask us to delete your data.
Keeping your information up-to-date
To ensure that your personal information is accurate and up to date, please promptly advise us of any
changes to your information by contacting our data protection officer by email at
firstname.lastname@example.org or by post.
accordance with any applicable requirements under the Privacy Act and the Australian Privacy
If you require any further information about the Privacy Act and the Australian Privacy Principles, you
can visit the Federal Privacy Commissioner’s website (see www.privacy.gov.au).