Privacy policy

This Policy applies as between you, the User of this Web Site and Herba Meditari the owner and provider of this Web Site. This Policy applies to our use of any and all Data collected by us in relation to your use of the Web Site and any Services or Systems therein.

1.              General

1.1          HERBA MEDITARI PTY LTD is a company registered in Australia with company number ACN 614 654 974 and whose registered address is BDO Services Pty Ltd Level 10 12 Creek Street Brisbane QLD 4000 (Herba Meditari).

1.2          Herba Meditari operates this website

1.3          Herba Meditari respects your right to privacy and is committed to safeguarding the privacy of its customers and website visitors. This Privacy Policy sets out how Herba Meditari collects and treats your Data.

1.4          Defined words for this Policy are set out in Schedule 1.

1.5          Type of Data relevant to this Policy are set out in Schedule 2.

1.6          Herba Meditari adheres to the Australian Privacy Principles (APP) and to the extent applicable, the General Data Protection Regulation(GDPR).

1.7          It is important that you read this Policy together with any other privacy notice or fair processing notice Herba Meditari may provide on specific occasions when Herba Meditari is processing Data about you so that you are fully aware of how and why Herba Meditari is using your Data. This Policy supplements the other notices and is not intended to override them.

2.              Purpose

2.1          This Policy aims to give you information on how Herba Meditari collects and processes your Data, which Herba Meditari receive from Website forms to register, through physical and digital surveys and through your use of the Website.

3.              Data Protection Officer

3.1          Herba Meditari has appointed a Data Protection Officer (DPO). If you have any questions about this Policy or about how  Herba Meditari   manages your Data, including any requests to exercise your legal rights, please contact the DPO. 

3.2          The current DPO is Lee Carroll who can be contacted at

4.              What is Collected

4.1          Herba Meditari will, from time to time, receive and store Data and other information you submit to the Website, provide to Herba Meditari directly, give to Herba Meditari in other forms or through your interactions with Herba Meditari.

5.              Failure to provide Data

5.1          When Herba Meditari needs to collect Data because of an obligation or for  the provision of its goods or services and you fail to provide that Data when requested, the functionality of the Website or goods or services provided to you may be affected. 

6.              How Herba Meditari collects your Data

6.1          Herba Meditari collects Data from you through your interaction with Herba Meditari electronically or in person, when you access the Website, when Herba Meditari engages in business activities with you or from third parties.

6.2          By providing Herba Meditari with Data, you consent to the provision of that Data subject to the terms of this Privacy Policy.

7.              How Herba Meditari uses your Data

7.1          Herba Meditari may use Data collected from you to provide you with information about Herba Meditari’s goods, services and opportunities.  

7.2          Herba Meditari will use Data only for the purposes that you consent to. This may include to:

7.2.1                provide you with goods or services offered by Herba Meditari, including but not limited to the sale of courser, books and natural medicines;

7.2.2                coordinate Herba Meditari’s business administration;

7.2.3                manage, research and develop goods or services offered by Herba Meditari;

7.2.4                provide you with information about goods or services offered by Herba Meditari;

7.2.5                communicate with you;

7.2.6                investigate complaints; and

7.2.7                comply with Herba Meditari’s legal and contractual obligations.

7.3          If there is a change of control in Herba Meditari’s business or a sale or transfer of business assets, Herba Meditari may transfer, to the extent permissible at law, Herba Meditari’s user databases, together with any Data and non-data contained in those databases.

8.              Disclosure of your Data

8.1          Herba Meditari may at its discretion disclose your Data to any of Herba Meditari’s employees, officers, insurers, professional advisors, agents, suppliers or subcontractors for the provision of its goods or services.

9.              GDPR for the European Union (EU)

9.1          Herba Meditari will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use;

9.2          Herba Meditari processes your Data as a processor and/or to the extent that Herba Meditari is a controller as defined in the GDPR;

9.3          Herba Meditari will establish a lawful basis for processing your Data. The Herba Meditari’s current basis for processing types of Data collected under this Policy is set out in Schedule 3;

9.4          Herba Meditari will only collect your Data with your express consent for a specific purpose and any Data collected will not be excessive for its purpose;

9.5          Herba Meditari will keep your Data safe and secure;

9.6          Herba Meditari will process your Data if it is necessary for Herba Meditari’s legitimate interests, or to fulfil a contractual or legal obligation;

9.7          Unless Herba Meditari has obtained your consent, Herba Meditari  does not collect or process any Data from you that is considered “Sensitive Personal Information” as defined in the GDPR;

9.8          Herba Meditari does not knowingly collect or process the Data of children.

10.          Your rights

10.1       You have certain rights as to how your Data is obtained and used under the APP or GDPR. Herba Meditari complies with your rights under the APP and GDPR as to how your Data is used and controlled.

10.2       Except as otherwise provided in the APP or GDPR, you have the right to be informed how your Data is being used; access your Data; correct your Data if it is inaccurate or incomplete; delete your Data; restrict processing of your Data; retain and reuse your Data for your own purposes; dispute the use of your Data; and dispute any automated decision-making or profiling.

10.3       Please verify your identity and contact the DPO at any time to exercise your rights under the APP or GDPR.

11.          Hosting

11.1       The hosting facilities for the Website are located on, AWS , Google Cloud Platform servers through LearnWorlds Data Center and Wix. The location of these facilities are set out in the privacy policies of Wix and Google Cloud

11.2       Transfer of Data  will be protected by appropriate safeguards, which includes either the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website or a variant used by Herba Meditari which you can obtain from the DPO.

11.3       You acknowledge that Data that you submit for publication through the Website or services may be available, via the internet, around the world. Herba Meditari cannot prevent the use or misuse of such Data by others.

12.          Security of your Data

12.1       Herba Meditari  is committed to ensuring that the Data or information you provide to Herba Meditari  is secure. In order to prevent unauthorised access or disclosure, Herba Meditari  has put in place suitable physical, electronic and protocols to safeguard and secure Data and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

12.2       Where Herba Meditari  employs data processors to process Data on Herba Meditari’s behalf, Herba Meditari  only does so on the basis that such data processors comply with the requirements under the GDPR and the APP.

12.3       The transmission and exchange of Data or information is carried out at your own risk. Herba Meditari cannot guarantee the security of any Data or information that you transmit to us, or receive from us. Although Herba Meditari takes measures to safeguard against unauthorised disclosures of Data or information, Herba Meditari  cannot assure you that Data that Herba Meditari  collects will not be disclosed in a manner that is inconsistent with this Policy.

13.          Access to your Data

13.1       You may request details of Data that Herba Meditari holds about you in accordance with the provisions of the Privacy Act 1988 (Cth), and to the extent applicable the EU GDPR. If you would like a copy of the Data which Herba Meditari  holds about you or believe that any information Herba Meditari  holds on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email the DPO.

13.2       Herba Meditari  may refuse to provide you with information that Herba Meditari  holds about you as set out in the Privacy Act or any other applicable law.

14.          Retaining Data

14.1       Herba Meditari  retains Data that it collects for as long as it is needs to provide access to the Website or offer the goods or services.

14.2       In some circumstances, we may anonymise your Data for research, marketing or statistical purposes in which case we may use this Data indefinitely without further notice to you.

15.          Complaints about privacy

15.1       If you have any complaints about Herba Meditari’s privacy practices, please feel free to send in details of your complaints to the Office of the Australian Information Commissioner. Herba Meditari  take complaints very seriously and will respond shortly after receiving written notice of your complaint.

16.          Changes to Privacy Policy

16.1       Please be aware that Herba Meditari  may change this Policy in the future. Herba Meditari  may modify this Policy at any time, in Herba Meditari’s sole discretion and all modifications will be effective immediately upon Herba Meditari’s posting of the modifications on the Website or notice board. The most up to date Policy will be available on the Website.

16.2       This version was last updated on  DATE \@ "d MMMM yyyy" 13 February 2023. Historic versions are archived and can be obtained by contacting the DPO.

17.          Website

17.1       When you visit the Website


When you come to the Website, Herba Meditari  may collect certain information such as browser type, operating system, website visited immediately before coming to the Website etc. This information is used in an aggregated manner to analyse how people use the Website, such that Herba Meditari  can improve Herba Meditari’s service.

17.2       Cookies

Herba Meditari  may from time to time use Cookies on the Website.You may prevent Cookies from accessing your computer however any prevention may impact your use of the Website or access to goods or services.

17.3       Third party sites

The Website may from time to time have links to other websites not owned or controlled by Herba Meditari. Links to third party websites do not constitute Herba Meditari’s endorsement or approval of these websites. Herba Meditari  is not responsible for the privacy or practises of third party websites. Herba Meditari  encourages you to be aware of, and understand, the third party's privacy practices.



Schedule 1 - Index





the Australian Privacy Principles contained in the Privacy Act 1988 (Cth);


those files used by Herba Meditari  on its Website to identify you when you come back to the site and to store details about your use of the Website;


includes each of those types of Data set out in Schedule 2 and 3;


the EU General Data Protection Regulation;


this Privacy Policy.



Schedule 2 – Data Types


Data Type


Aggregate Data

includes information and Data about groups or categories of individuals which does not identify and cannot reasonably be used to identify an individual;

Anonymous Data

includes information and Data about groups or categories of individuals which does not directly or indirectly identify and cannot reasonably by used to identify an individual;

Contact Data

includes email addresses, postal address, phone numbers and other information which allows Herba Meditari to directly contact you; 

Financial Data

includes bank account and other payment details;

Identity Data

includes data such as name, gender, country and age;

Marketing and Communications Data

includes your user preferences for marketing and communication you may receive from Herba Meditari and third parties;

Personal Information

includes information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.

Profile Data

includes information such as usernames and passwords, feedback, personality information, and survey responses. 

Technical Data

includes information about the technical makeup of the devices and systems you are using including but not limited to internet protocol (IP) addresses, your browser plug-ins and versions, operating system and platform and the like you use to access the Website.

Transaction Data

includes details about payments to and from you and other details of goods or services you have purchased from Herba Meditari.

Usage Data

includes information about how you use the Website and services.



Schedule 3 –Basis


Type of Data

Lawful basis

Anonymization of data for use in marketing goods or services offered by Herba Meditari

·       Anonymous;

·       Aggregate;

·       Marketing and Communications;

·       Profile Data;

·       Necessary for Herba Meditari’s legitimate interests to develop goods or services;

Marketing of goods or services offered by Herba Meditari to Third Parties

·       Anonymous;

·       Aggregate;

·       Marketing and Communications;


·       To engage in marketing;

To administer Herba Meditari’s business and Website. Note, we may use third parties for the hosting of data, applications, website and technical support..

·       Identity

·       Contact

·       Technical

·       Necessary for the administration of Herba Meditari;

·       Necessary to comply with Herba Meditari’s  legal obligation

To enable you to complete a survey or provide feedback.

·       Identity

·       Contact

·       Profile

·       Usage

·       Marketing and Communications

·       Necessary for business development of Herba Meditari;

To manage Herba Meditari’s relationship with you

·       Identity

·       Contact

·       Profile


·       comply with Herba Meditari’s legal obligations

To process and deliver your purchases or orders including the management, payment and delivery of goods or services of Herba Meditari

·       Identity

·       Contact

·       Financial

·       Transaction

·       Marketing and Communications

·       To manage the payment and delivery of goods or services;  

To provide access to Herba Meditari’s goods or services and for updates about Herba Meditari’s goods or services and register you as a user.

·       Identity

·       Contact


·       Performance of a contract

·       Necessary for Herba Meditari’s legitimate interests


To use data analytics to improve the Website and Herba Meditari’s goods or services;

·       Technical

·       Usage

·       Necessary for the functionality of the Website and development of Herba Meditari’s business;



Created with