Privacy Policy

We value our website users' privacy and aim to provide an open and transparent privacy policy.

Table of Content
Introduction
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
1. Introduction

This Privacy Policy applies to CardiAction, owned by CardiAction Pty Ltd (ABN 41 619 022 141).

We respect your privacy and are committed to complying with Australian privacy laws, the General Data Protection Regulation (GDPR) (where applicable), and other relevant laws.

By using our Website, you acknowledge and agree to the terms outlined in this Privacy Policy.

2. Legal Basis for Processing (GDPR-Specific)

If you are located in the EU or EEA, we process your personal data based on one of the following legal bases under Article 6 of the GDPR:

  • Consent: When you explicitly consent to providing data (e.g., opting in for updates).

  • Contractual Necessity: When processing is necessary for providing our services.

  • Legitimate Interests: When processing is required for business operations, provided it does not override your rights.

  • Legal Obligation: When we must process data for legal compliance.

3. Your Rights Under GDPR

If you are an EU/EEA user, you have the following rights under GDPR:

  • Right to Access – Request a copy of your personal data.

  • Contractual Necessity: When processing is necessary for providing our services.

  • Right to Rectification – Correct inaccurate or incomplete data.

  • Right to Erasure (“Right to Be Forgotten”) – Request deletion of your data.

  • Right to Restriction of Processing – Restrict how we process your data.

  • Right to Object – Object to processing based on legitimate interests.

  • Right to Withdraw Consent – Withdraw consent at any time (without affecting prior processing).

  • Right to Lodge a Complaint – File a complaint with a data protection authority in your country

To exercise these rights, please contact email

4. International Data Transfers

As CardiAction is based in Australia, your personal data may be stored or processed outside the EU/EEA. If we transfer your data internationally, we implement appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.

  • Data processing agreements (DPAs) with third-party service providers.

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy or as required by law.

6. Data Breach Notification

If a data breach occurs that may affect personal data of EU/EEA users, we will notify the relevant Data Protection Authority (DPA) and affected individuals within 72 hours, as required under GDPR.

7. Cookies and Tracking Technologies

We use cookies and analytics tools to improve user experience. Under GDPR, users from the EU/EEA must provide explicit consent before cookies are stored on their device. You can manage cookie settings through our settings.

8. Contact Information for GDPR Compliance

For GDPR-related inquiries or to exercise your data protection rights, please contact:

Data Protection Officer (DPO): Privacy Officer
Email: privacy@cardiaction.com


This Privacy Policy was last updated on Mar 20, 2025.

Table of Content
Introduction
Legal Basis for Processing
Your Rights Under GDPR
Data Retention
Data Breach Notification
Cookies and Tracking Technologies
Contact Information for GDPR Compliance

We're here to help you

Have questions? Our team is ready to assist you with your cardiovascular health inquiries.

Quick Links
Legal
Socials
Quick Links
Socials
Legal
Copyright © 2025 CardiAction
Copyright © 2025 CardiAction