Last updated December 1, 2020
This Privacy Policy governs Vensa Health Limited's collection, use and disclosure of personal information you may supply to us through your use of our products, services, website or applications. Please read this Privacy Policy carefully. If you don't agree with any term set out in this Privacy Policy you should not use our website, applications, or our products and services.
We may amend this Privacy Policy from time to time by posting the revised version on our website and applications. We will provide you with reasonable notice of any changes by email, push notification, or posting a statement on our Website. If you do not agree to any amendments, you should notify us and we will arrange for your personal information to be removed and your User Account (if you have one) to be closed. If you do not agree to any amendments, you may no longer use our website, applications, or our products and services after the date that any amendment takes effect.
1. Introduction 1.1 We are committed to safeguarding
our customers' personal information. Like all companies operating in New
Zealand, we are bound by the privacy principles set out in the Privacy Act
2020, together with the requirements of the Health Information Privacy Code
2020. 2. What personal information may we
collect and why? 2.1 We collect personal information
from you in order to enable you to engage with our services for your healthcare needs and to use our
website, applications, and any products or services that we provide to you. The
personal information we collect, may include some but not necessarily all, of the following details such as your name, address, date of birth, gender,
job title, organisation, location, network, telephone numbers and email address. If you use any billing services we may collect your billing or purchase information and other interactions with us. 2.2 We may also collect health
information from you, such as your medical history, symptoms, laboratory or investigation results,
medication, immunisation and prescription details, clinical notes, appointments and health services you
are currently being or have been provided, only to the extent necessary that
such health information is required for us to provide you with the requested
products and services. 2.3 Subject to your Health Provider's
privacy policy, we may also collect personal and health information about you
from your Health Provider, but only to the extent that such information is
necessary for us to provide certain products or services to you and/or your
Health Provider. In addition to the personal and health information listed
above, we may also collect from your Health Provider information such as your name,
date of birth, contact details, gender, ethnicity, health classifications,
enrolment details, appointment information, your National Health Index number, Health Practitioner index numbers, other Health Provider identifiers (including Practice Management System
identifiers), billing information, complaint information and communications
between you and your Health Provider (including text messages through our
Txt2Remind service). 2.4 In some situations, we may collect
someone else's personal information from you. For example, we may collect your
child's or legal dependenent's personal information when you book an appointment on their behalf.
Before providing us any dependant's personal information (other than your
child) you must: (a)
ensure the contents of this Privacy Policy are bought to their
attention; and (b)
ensure you receive their prior permission to the collection, use,
disclosure, storage and retention of their personal information in accordance
with this Privacy Policy. 2.5 Some of the information requested is optional, however If you do not provide us with
sufficient information where required, you may not be able to access our website,
applications, or the full range of our products or services. 3. How we may use that personal
information 3.1 The personal information that we
collect will only be accessed and used by us to provide you with the products
and services you have requested, which may include: (a)
processing your request to use our website or other applications and
registering your information on our database; (b)
providing you with demonstrations of our products as requested by you; (c)
providing you with our services, including contacting you with
notifications about appointments, prescriptions, or regarding your health; (d)
billing you or administering your User Account and/or any other account
that you hold with us, including accepting and processing payments; (e)
responding to requests, enquiries, or complaints and other customer
care related activities; (f)
carrying out market and product analysis (including analysing patterns
of use in relation to our products and services, our website and applications,
and your use of them) for the purposes of developing and amending marketing and
business strategies (provided that any information will be analysed in an
anonymous and aggregated form); (g)
subject to you providing your consent (in accordance with the
Unsolicited Electronic Messages Act 2007) sending you messages to promote and
market our products and services; (h)
contacting you about our services; (i)
carrying out any activity in connection with a legal, governmental or
regulatory requirement or in connection with legal proceedings, crime, or fraud
prevention, detection or prosecution; and (j)
conducting research relevant to public health (provided that any
information will be analysed in an anonymous and aggregated form), and
compiling and analysing statistics relevant to public health, all in a manner
permitted by New Zealand law. 3.2
We will not use personal information for purposes other than described above,
unless: (a)
we have your consent (or the consent of the person whose personal
information you have provided); or (b)
we are required to do so by law. 4. Sharing your personal information We will only disclose personal
information in accordance with this Privacy Policy, in accordance with your
specific instructions or authorisation, and/or in accordance with the specific
instructions or authorisation of the person whose personal information you have
provided. We may disclose your personal information to: (a)
another company in the Vensa group of companies, who may use your
information for the same purposes as us. (b)
Health Providers (and any other healthcare providers and medical
professionals such as doctors and pharmacies) with whom you: (i) have requested
an appointment; (ii) have registered as a patient or customer; and/or (iii)
requested products and services, using our services, products, website or
applications. (c)
our service providers that are providing a service to you or us in
relation to our website, applications or services, for example, third party
payment providers or our IT service providers. (d)
Third parties (including as part of a data sale) in an aggregated and
anonymised form. 5. Security and storage of your
personal information We will take reasonable steps to
ensure that the personal information that we hold is accurate, complete, up-to
date, stored in a secure environment, and protected from unauthorised access,
modification or disclosure. Information is held in New Zealand or in health-data certified use servers in Australia. Some information, particularly health
information, must be kept for a number of years to comply with legal
requirements, such as health records legislation. We use a Payment Card Industry Data Security Standard compliant
hosted payment service to process payment card transactions. We do not collect
or store your payment card details. Your payment card details will only be
collected and held securely by our third party payment processor. 6. How to access and correct your
personal information You (or the person whose personal
information you have provided) have the right to ask for a copy of any personal information we hold about you, and can request a correction of your (or
their) personal information by contacting us using the details in clause 7
below. We will process such requests within a reasonable time and may require
payment of reasonable charges incurred by us in complying with such requests. 7. How to contact us If you have any queries or concerns
about our privacy policy or our handling of your personal information please
contact us at Vensa Health Limited at P.O Box 8349, Symonds Street, Auckland,
New Zealand, attention Vensa Privacy Officer or call us on +64 9 0800 736 463
or email us on support@vensa.com. 8. DEFINED TERMS Unless the context otherwise requires,
in this Privacy Policy the following terms have the following meanings: (a)
"personal information" means any information about an identifiable
individual, including health information (as such term is defined in the Health
Information Privacy Code 2020); (b)
"we", "us" and "our" means Vensa Health
Limited, and may include any company within the group of companies of which
Vensa Health Limited forms part, as well as its affiliates, officers and
employees; and (c)
"you" means you, whether an individual, company or other form
of entity.