Privacy Policy

We value our website users' privacy and aim to provide an open and transparent privacy policy.

Table of Content
Introduction
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
Heading lorem ipsum dolor sit
1. Introduction

This Privacy Policy applies to CardiAction, owned by 3P Healthcare
Pty Ltd (ABN 41 619 022 141).

We respect your privacy and are committed to complying with
Australian privacy laws, the General Data Protection Regulation
(GDPR) (where applicable), and other relevant laws.

By using our Website, you acknowledge and agree to the terms outlined
in this Privacy Policy.

2. Legal Basis for Processing (GDPR-Specific)

If you are located in the EU or EEA, we process your personal data
based on one of the following legal bases under Article 6 of the GDPR:

  • Consent: When you explicitly consent to providing data (e.g.,
    opting in for updates).

  • Contractual Necessity: When processing is necessary for
    providing our services.

  • Legitimate Interests: When processing is required for business
    operations, provided it does not override your rights.

  • Legal Obligation: When we must process data for legal
    compliance.

3. Your Rights Under GDPR

If you are an EU/EEA user, you have the following rights under GDPR:

  • Right to Access – Request a copy of your personal data.

  • Contractual Necessity: When processing is necessary for
    providing our services.

  • Right to Rectification – Correct inaccurate or incomplete data.

  • Right to Erasure (“Right to Be Forgotten”) – Request deletion
    of your data.

  • Right to Restriction of Processing – Restrict how we process
    your data.

  • Right to Object – Object to processing based on legitimate
    interests.

  • Right to Withdraw Consent – Withdraw consent at any time
    (without affecting prior processing).

  • Right to Lodge a Complaint – File a complaint with a data
    protection authority in your country

To exercise these rights, please contact email

4. International Data Transfers

As CardiAction is based in Australia, your personal data may be stored
or processed outside the EU/EEA. If we transfer your data
internationally, we implement appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the
    European Commission.

  • Data processing agreements (DPAs) with third-party service
    providers.

5. Data Retention

We retain personal data only as long as necessary for the purposes
outlined in this Privacy Policy or as required by law.

6. Data Breach Notification

If a data breach occurs that may affect personal data of EU/EEA users,
we will notify the relevant Data Protection Authority (DPA) and
affected individuals within 72 hours, as required under GDPR.

7. Cookies and Tracking Technologies

We use cookies and analytics tools to improve user experience. Under
GDPR, users from the EU/EEA must provide explicit consent
before cookies are stored on their device. You can manage cookie
settings through our settings.

8. Contact Information for GDPR Compliance

For GDPR-related inquiries or to exercise your data protection rights,
please contact:

Data Protection Officer (DPO): Privacy Officer
Email: privacy@cardiaction.com


This Privacy Policy was last updated on Feb. 14, 2025.

Table of Content
Introduction
Legal Basis for Processing
Your Rights Under GDPR
Data Retention
Data Breach Notification
Cookies and Tracking Technologies
Contact Information for GDPR Compliance

We're here to help you

Have questions? Our team is ready to assist you with your cardiovascular health inquiries.

Quick Links
Legal
Socials
Quick Links
Socials
Legal
Copyright © 2025 CardiAction
Copyright © 2025 CardiAction