Home

Privacy Policy

Last updated: 14 May 2025

1. Introduction and Purpose

1.1 Introduction

This Privacy Policy describes how GAIASO Theranostics Pty Ltd (ACN 685 022 271) (GAIASO) collects, uses, discloses, and protects your personal information.  It has been developed in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles made under that Act, and will apply to you if we collect your personal information for any reason.

1.2 GAIASO

GAIASO is currently not trading and is in its start up phase, engaging presently in research and development and capital raising activities, and in other activities preparatory to our proposed business.

GAIASO’s ultimate goal is to change outcomes for female cancers and make them curable.  Our vision is to create better solutions for women with cancer by leading the way in molecular targeted radiotherapy.  We aim to eliminate treatment gaps, accelerate breakthroughs, and redefine oncology for women.

Our mission is to design and develop next-generation theranostic products, combining cutting-edge technology with molecular and clinical expertise to rapidly advance new solutions for women with cancer.  We want to change paradigms by combining therapies, enabling earlier and more precise diagnoses, and disrupting traditional development pathways.

We propose to engage all stakeholders — from patients to clinicians — to deliver the treatments women deserve, faster.

1.3 Purpose

This Privacy Policy explains how and why we collect, use and disclose your Personal Information, along with your rights to access and correct any Personal Information we obtain from you.

We review and update our Privacy Policy from time to time to ensure regulatory compliance.  The most up to date Privacy Policy can be found at all times on our website.

2. Definitions

a. In this Privacy Policy:

  • GAIASO has the meaning set out under heading 1.1 above.
  • Privacy Act means the Privacy Act 1988 (Cth).
  • Privacy Policy means this document.
  • Privacy Principles means the Australian Privacy Principles made under the Privacy Act.
  • Personal information means information or an opinion about an identified individual or an individual who is reasonably identifiable:
    • whether the information or opinion is true or not; and
    • whether the information or opinion is recorded in a material form or not.

    Personal information includes sensitive information.

  • Sensitive information means personal information that includes information or an opinion about your racial or ethical origin, political opinions or associations, religious beliefs or affiliations, philosophical beliefs, trade union membership or associations, sexual orientation or practices, criminal record, health or genetic information and some biometric information.
  • We, Our and Us means GAIASO.
  • Website means our website as described under heading 1.3 above.
  • You or Your means any person whose Personal Information we collect for any reason.

b. This Privacy Policy applies to information provided to us whether via our website, in connection with the services we offer, or by any other means and demonstrates our policies, procedures and practices for compliance with the Privacy Principles under the Privacy Act.

c. If you have any further questions or if you wish to receive more information on our information practices and Privacy Policy, please contact us (see Contact Us below).

3. Our Collection of Personal Information

3.1 Methods of Collection

We may collect your personal information from you via various means including via:

  • our Website, including via contact forms on the Website;
  • email, telephone or face to face contact with you; and
  • third parties if we are from time to time referred to you by third parties such as current or potential investors or business partners or other parties assisting us in our start up phase.

3.2 General Personal Information

The general personal information we collect from you will depend upon the reason you are contacting us and/or the reason we are collecting it from you.  Depending upon the context, this might include:

  • full name, title, date of birth, gender, and contact details (e.g. phone number, email address, residential and/or postal address);
  • employment-related information (such as CVs, references, qualifications, and working history);
  • identity documents and verification information (e.g. driver’s licence, passport, Medicare number);
  • financial and billing information (e.g. bank account details, payment information, tax file number if required); and
  • information provided in communications with us (including emails, phone calls, or through our Website or social media).

3.3 Health and Sensitive Information

In the context of research and clinical trials, and where permitted or required by law (including with informed consent), we may also collect:

  • health information, including medical history, current and past treatments, pathology and diagnostic results, imaging data, and responses to investigational therapies;
  • genetic or genomic data where relevant to theranostic research;
  • biometric information (e.g. imaging scans) and biological samples;
  • information about racial or ethnic origin where relevant to clinical study inclusion criteria; and
  • clinical trial data collected during the conduct of trials or studies (whether anonymised, pseudonymised, or identifiable).

3.4 Information Collected from Employees and Candidates

From current and prospective employees, contractors, and collaborators, we may collect:

  • employment eligibility information (e.g. visa status, right to work);
  • police checks, working with children checks (if required), and vaccination status; and
  • superannuation details and emergency contact information.

3.5 Investor and Stakeholder Information

If you are an investor or potential investor, we may collect:

  • contact and identity verification information;
  • banking or payment details for investment processing; and
  • records of communications and legal or financial documents relating to shareholdings or funding arrangements.

3.6 Website and Digital Interaction Data

When you interact with our website or digital platforms, we may collect:

  • technical information including IP address, browser type, operating system, and analytics data; and
  • usage information such as pages visited, duration of visit, and navigation patterns.

3.7 General Purpose of Collection

  • All personal information that we collect is reasonably necessary for the provision of our services or for entry into whatever relationship with you that we are discussing with you.
  • We will not collect personal information (including sensitive information) unless the information is reasonably necessary for, or directly related to, one or more of our functions or activities or for the purposes of furthering our relationship with you.
  • If we are unable to collect the personal information (including sensitive information) that we reasonably require for those purposes, we reserve the right to stop engaging with you or the organisation with which you are connected.

3.8 Sensitive Information

We may collect your sensitive information where you have consented to the collection of the sensitive information and the information is reasonably necessary for our functions or activities, including for the purposes of furthering our relationship with you.

4. Use and disclosure of personal information

4.1 Use

  • We may use personal information about you for the primary purpose of providing our services, and for which you would reasonably expect us to use that information.
  • We will use personal information about you to:
    • assess your suitability for working with us, whether as an employee, contractor, investor, business partner, supplier, customer or clinical trial participant;
    • deliver our services to you;
    • receive your services from you;
    • deal with you in the ordinary course of our relationship with you;
    • further any clinical trials in which we are engaged and in which you are involved directly or indirectly;
    • comply with any regulatory requirements; and
    • undertake other activities with your consent.

4.2 Disclosure

  • We will not disclose information that personally identifies you to any third party other than as set out in this Privacy Policy.
  • In order to deliver the services that we provide, we may disclose your personal information to other organisations, only in relation to providing our services to you. We take reasonable steps to ensure that these organisations are bound by privacy obligations in relation to the protection of your personal information.
  • If you are our employee or contractor, we may provide your details to the Australian Tax Office or other governmental, regulatory or enforcement authorities as required by law.
  • We may share with third parties information that is not associated with your name or identity, such as Website usage information or non-personally identifiable demographic information.

4.3 Unauthorised access use or disclosure

In the event of a security incident involving unauthorised access, use or disclosure of personal information where a third party with whom we share personal information is involved, we will seek to work cooperatively with them to protect the personal information we have shared with them.

5. Third Parties and your information

a. Where reasonable and practicable to do so, we will collect your personal information only from you.

b. However, in some circumstances we may be provided with information by third parties (such as where you are their emergency contact or where they have referred us to you for some purpose). In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party and to confirm the accuracy of that information with you.

c. We will only collect, store, use or disclose personal information as set out in this Privacy Policy unless we are required by law to use that information to protect our rights or property (or those of any third party), or to avoid injury to any person or otherwise to comply with any legal requirements.

d. Although our Website may link directly to websites operated by third parties (Linked Websites), you acknowledge that Linked Websites are not operated by us. We encourage you to always read the applicable Privacy Policy of any Linked Website on entering the Linked Website. We are not responsible for the content or practices of the Linked Websites nor their privacy policies regarding the collection, storage, use and disclosure of your personal information.

6. Disclosure of Information Overseas

a. Our services may be accessed and used by individuals residing in various countries. Although some customers complete our services remotely from their current country of residence, the primary purpose of our services is to support our customers in Australia.

b. Our Website may be accessed from any location worldwide. However, the majority of users are based in Australia.

c. All personal information is collected and managed from within Australia. We do not have personnel based overseas collecting personal information on our behalf. Any data you provide will be processed in accordance with Australian privacy laws.

7. Cookies and other Analytics

We may use cookies from time to time – that is, snippets of code which can be used to collect and track personal information and usage information.  Details of our use of cookies is set out in our Cookies Policy which can be accessed here.

8. Storage and security

a. We will use all reasonable endeavours to keep your personal information in a secure environment, however, this security cannot be guaranteed.

b. In general, we retain personal information for as long as necessary to provide our services or as required under Australian Privacy laws. The length of time we retain personal information depends on:

  1. the type of information ;
  2. the reason it was collected;
  3. any legal obligations; and
  4. our operational needs.

c. We store personal information in both physical and electronic forms. Physical records are stored in a secure site. Electronic data that is stored is encrypted both at rest and in transit, and access is protected by strong passwords and two factor authentication.

d. Platforms used to store electronic data may include Microsoft 365.

e. When information is no longer required, it will be securely destroyed or deidentified accordingly.

f. Data stored using our Microsoft 365 platform the data will be stored as per Microsoft guidelines, such as these.

9. Variation and consent to variation

We may vary the terms of this Privacy Policy at any time. You should check this Privacy Policy regularly so that you are aware of any variations made to this Privacy Policy. You will be deemed to have consented to such variations by your continued use of the Website or our services following such changes being made.

10. Accuracy of your information

a. We take all reasonable steps to ensure that your personal information held by us is accurate, up-to-date, complete, relevant and not misleading. If you believe that any of your personal information is not accurate, up-to-date, complete, relevant and not misleading, please contact us.

b. You can help us in ensuring that our records are accurate by informing us of any changes to your name and contact details.

11. Access to information we hold about you

a. You may request to access the personal information we hold about you. We will endeavour to respond to any such request within a reasonable period of time and as required under the Privacy Act and, where reasonable and practicable, give access to the information in the manner you request. This will be subject to any exemptions allowed under the Privacy Act. You may request this information by contacting us.

b. If a fee is to be imposed for providing access to your information, you will be advised of the cost in advance.

c. There are some circumstances (including for example legal reasons), where access to your information will be denied. If this is the case, we will advise you of the reason in writing.

12. Complaints or Disputes

a. If you have any questions about privacy-related issues or wish to complain about a breach of the Australian Privacy Principles or the handling of your personal information by us, please contact us as below:

GAIASO Theranostics Pty Ltd
Level 8, 14-20 Blackwood Street
North Melbourne VIC 3051

b. You may lodge your complaint in writing. Any complaint will be investigated by us and you will be notified of the making of a decision in relation to your complaint as soon as is practicable after it has been made, usually within 30 days.

c. If we do not adequately answer your concerns, you have the right to make a complaint to the Office of the Australian Information Commissioner.

13. Contact Us

a. If you have any questions relating to this Privacy Policy or your personal information, please contact us as below:

GAIASO Theranostics Pty Ltd
Level 8, 14-20 Blackwood Street
North Melbourne VIC 3051

b. When contacting us or using our services, you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if it is impracticable for us to communicate with you that way. We are required to verify your identity if you wish to exercise any of your rights in relation to your personal information held by us.