Skip to Content

Privacy Policy

Commitment to PrivacyComplaints HandlingContact UsUpdates to this Privacy Policy

Commitment to Privacy

 At Iris Ethics, we are committed to protecting the privacy of individuals and ensuring that personal information is handled in a safe and responsible manner. This Privacy Policy outlines how we collect, use, disclose, and protect personal information in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

What is Personal Information?

Personal information is defined as any information or opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.

Types of Personal Information Collected

We may collect a range of personal information from individuals, including but not limited to:

  • Contact information: such as name, address, email, and phone number.
  • Demographic information: such as age, gender, occupation, and education.
  • Financial information: such as bank account details and payment information.
  • Professional information: such as job title, company name, and work experience.
  • Survey responses: information provided in response to surveys or questionnaires.
  • Technical information: such as IP address, browser type, and log data.

Collection of Personal Information

We collect personal information in various ways, including but not limited to:

  • Directly from individuals through online forms, surveys, email, phone, or in person.
  • Indirectly through third parties, such as market research organisations or social research providers. 
  • Automatically through our website and digital services, using cookies and analytics tools.

Use of Personal Information

We use personal information for purposes including but not limited to:

  • Conducting ethical reviews for market research, social research, and evaluation projects.
  • Communicating with individuals about our services and responding to inquiries.
  • Improving our services and website functionality.
  • Complying with legal and regulatory obligations.

Disclosure of Personal Information

We may disclose personal information to third parties, including but not limited to:

  • Service providers who assist us in delivering our services.
  • Regulatory bodies and government agencies, as required by law.
  • Other third parties with the individual's consent or where disclosure is necessary to achieve the purpose for which the information was collected.

Specific cases of disclosure that are undertaken by Iris Ethics include:

  • Disclosure of information on the membership and activities of our committee to the National Health and Medical Research Council to meet registration and reporting requirements
  • Disclosure of employee information to relevant authorities for managing employment, such as the Australian Taxation Office, regulatory authorities, and superannuation providers.
  • External audit firms

Security and Retention of Personal Information

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorized access, modification, and disclosure. This includes implementing secure storage systems, access controls, and encryption where appropriate.

Data relating to the operations of Iris Ethics (including employee data, website data and client contact details) are hosted in a secure database provided by Odoo SAS on accredited cloud servers. Data relating to specific applications for review (including research/evaluation protocols and consent/information materials) as well as records of committee activities are hosted in the Microsoft 365 cloud environment with AU data residency.

In most cases, we retain records of review-related activities for 15 years after the completion of the activities under review, in compliance with the National Statement on Ethical Conduct in Human Research (2025). Once records are no longer required, these are deleted electronically.

We have protocols in place for ensuring the security of data, including two-factor authentication, access policies to limit access to data to authorised personnel, and the encryption of data both in transit and at rest.

Access to and Correction of Personal Information

Individuals have the right to request access to and correction of their personal information held by us. Requests can be made by contacting us using the details provided below. We will respond to requests within a reasonable period and in accordance with the APPs.


Complaints Handling

If you have any concerns or complaints about how we handle your personal information, please contact us using the details provided below. We take all complaints seriously and will investigate and respond within a reasonable timeframe. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC).

Contact Us

For any inquiries, requests, or complaints regarding this Privacy Policy or our handling of personal information, please contact us at:

Iris Ethics

Email: info@irisethics.com.au  

Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or regulatory requirements. The latest version will be available on our website. We encourage individuals to review this policy periodically to stay informed about how we protect personal information.