1. Application

We take your privacy seriously and understand the importance of protecting your personal information and health information.

This Privacy Policy (Policy) explains how I and any clinics I operate out of including any website we operate (website), collect, handle and protect your personal information and health information.

This Policy outlines the types of personal information and health information that we usually collect, the purposes for which we collect it, to whom we disclose it, how we hold and keep it secure and your rights in relation to your personal information and health information, including how to complain and how we deal with complaints. This Policy should be read together with our respective website Terms and Conditions and any location specific legal notice.

By visiting our website or providing us with your personal information or health information (either directly or allowing another person to do so on your behalf), you acknowledge and agree that the personal information or health information we collect about you will be collected and handled in accordance with this Policy. If you do not agree with any part of this Policy, you must not provide your personal information or health information to us.

We may collect information from you or about you, including your:
Personal information means information or an opinion about you, whether true or not, from which your identity is apparent or can reasonably be ascertained or as otherwise defined by applicable privacy law. This is whether the information is recorded in a material format or not. Personal information may also include information we may collect about your individual preferences. It does not include information that is de-identified (anonymous data).

Health information means personal information about your health such as your medical history or medical conditions or disabilities as more particularly described under New Zealand’s HIPC. We will always comply with the Privacy Act 1993, Privacy Principles, Health Information Privacy Code (HIPC) and Unsolicited Electronic Messages Act 2007.

2. Dealing with us anonymously

Where it is lawful and practicable to do so, you may deal with us anonymously (e.g. when enquiring about our services generally). However, we usually need your name, contact information and other details to enable us to provide our services or products to you.

3. Why do we collect personal information or health information?

We will only collect personal information or health information from you when it is reasonably necessary to undertake our business activities and functions, or as otherwise permitted by law. We may also collect your personal information or health information for one or more of the following purposes:
to gain an understanding of your needs so we may provide you with the required service and advice
to contact you to provide advice or information in relation to the way in which the service will be or has been provided
to provide and administer dental and associated services to you
to send appointment reminders to you
to analyse our services and customer needs with a view to developing new and/or improved services
for surveys, direct marketing, promotions and/or competitions
to ensure the proper function of the website and online software
for our marketing, planning, product development and research requirements
to administer and manage our services including charging, billing and collecting debts
to respond to your requests, questions, comments and complaints
to notify you about special offers and products or services available from us or our participating partners, either directly or via a third party advertising platform
to resolve disputes or resolve problems
to prevent prohibited or illegal activities
fulfilling any mandatory reporting obligations required by applicable law, including communicating with you if a notifiable data breach has occurred in relation to your personal information
to assess your application for a role with us and to take references
any purpose for which you have consented
any related secondary purpose which we believe you would reasonably expect when we collected your personal information or as a result of our ongoing relationship with you
any purpose for which we are required or authorised by the Applicable Privacy Laws
to respond to and manage inquiries, complaints, feedback and claims, defend our legal interests and investigate and protect against fraud, theft and other illegal activities
We may also use your personal information or health information for other purposes not listed above which will be made clear to you at the time we collect your personal information, or for such purposes as may be required or permitted by the Applicable Privacy Laws.

4. What personal information do we collect and hold?

The personal information or health information collected depends on the dealings you have with us, and may include your:
date of birth
address (postal and email)
telephone numbers
Medicare, health fund and health insurance cover details
medical history, test results, medication and other health information
financial information (including credit card details)
your IP address and/or other device identifying data
other information necessary for our functions and activities
nominated person to contact in case of emergency
opinion in relation to any of our business activities via surveys and/or competitions and trade promotions
other such information (including proof of identity) that is relevant for us to provide our products and services to you in the manner that you have requested, or to comply with the Applicable Privacy Laws

5. Sensitive information

We only collect sensitive information where it is reasonably necessary for our functions or activities and either you have explicitly consented, or we are required or authorised by law to do so. This may include health information, medical history, details about medication you take.

6. Financial information

We may collect your credit card details or other financial information where you provide them to us at one of our clinics for the purposes of arranging direct debit or payment plans you have requested. We will only use your financial information for the purpose for which it was collected and in accordance with this policy. We may also collect financial information from you through our sales facilities, to be used by us solely to facilitate payment for the services you have requested. Financial or credit card information we collect from you is strictly confidential and held on secure servers in controlled facilities.

7. How is personal information or health information collected?

We will, if reasonable and practicable to do so, collect personal and health information directly from you. This may take place when you fill out documents such as a form. Information may also be collected from you in other ways, including:
when you attend an appointment at one of our practices
via our websites or online chat rooms
via our social media pages
if you complete an entry form for any competition and/or trade promotion whether operated by us or one of our practices
if you complete any survey
if you post us your information
if you call us
if you provide us with your information in any other format such as verbally or via text message
if you apply for any job vacancy
if you make a complaint to us
We may collect personal and health information from third parties such as:
your health service provider
a health professional who has treated you
your family or legal guardian
other sources where necessary to provide a health service

8. Using and disclosing personal information and health information

We will not sell, distribute, rent, licence, disclose or reveal, share or pass your personal information or health information on to any third parties, other than in accordance with this Policy, and to those who are contracted to us to keep personal information or health information confidential.
We may disclose personal information or health information:
to our related bodies corporate, suppliers, consultants, contractors or agents so that they can provide you with products or services on our behalf or help us to provide you with the requested products or services including contacting you in relation to the products or services
if we merge with or are acquired by another entity, to that entity as a part of the merger or acquisition
to relevant government (including federal, state or territory) authorities and agencies for the purpose of investigating a health issue, including a workplace health and safety matter
to other health service providers in relation to continuity of care where that service provider is involved in your treatment or diagnostic services
when conveying information to a responsible person (e.g. parent, guardian, spouse) when you are incapable or cannot communicate, unless you have requested otherwise
when conveying information to close family members in accordance with the recognised customs of medical practice

9. Disclosure overseas

We operate and communicate with organisations throughout Australia, New Zealand and the United States. Therefore some disclosures may occur outside your country. We will only disclose information to an organisation in a foreign country which has a substantially similar privacy regime or where the overseas organisation has agreed to comply with the Applicable Privacy Laws.

10. Marketing and your consent/opting out

We may use your personal information to identify a product or service that you may be interested in or to contact you about an event or promotion. We may with your consent or where required by Applicable Anti-Spam Laws, use the contact details you have provided to contact you from time to time (whether by phone, email or SMS) to tell you about new products or services and special offers that we believe may be of interest to you.
You can withdraw your consent to receiving direct marketing communications from us at any time by unsubscribing from the mailing list by clicking ‘unsubscribe’ at the bottom of any email from us, by contacting us on the details at the end of the policy or by using the unsubscribe facility set out in any other electronic communication you receive. Once you have unsubscribed from the electronic communication, you will be removed from the corresponding marketing list as soon as is reasonably practicable and in accordance with Applicable Anti-Spam Laws.
We may occasionally engage other companies to provide marketing or advertising services on our behalf. Those companies will be permitted to obtain only the personal information they need to deliver the service. If we provide those companies with any of your personal information, it is to provide you with a better or more relevant and personalised experience and to improve the quality of those services. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
We may also use your personal information and information collected about you using third parties such as Google Analytics to provide you with a better or more personalised and relevant experience when using our website. We may do this by combining behavioural data we collect by the use of cookies and combining it with the personal information we have collected from you.

11. Information via the website and online software

Every time you use our website, information may be collected by us or on our behalf via services such as Google Analytics. Types of information collected may include:
the date and time of your visit to our website and online software
your IP address
the address of the documents you access
the type of browser and operating system you are using
any address of a recurring site and any other website you are about to visit
the information you submit regarding payment particulars
The information that may be collected provides us with details about how the website is being used including the frequency and duration of visits, and which web pages you have accessed on the website.
We may provide third parties with aggregate statistics about our visitors, traffic patterns and related site information. This data reflects site-usage and does not contain identifying information.

12. Cookies

Most commercial websites use cookies. Cookies are data that a website transfers to your browser and are stored in your hard drive, and are be used to track your ongoing access to and use of the website. We may use cookies to allow us to track usage patterns and help us improve and tailor our service to you. Cookies are used to ‘remember’ when your computer or device accesses our website. Cookies are essential for the effective operation of our website and to help you interact with us online. They are also used to tailor the products and services offered and advertised to you, both on our website and elsewhere. Cookies will not identify you personally. If you would prefer not to receive cookies, you can alter your security settings on your web browser to disable cookies or to warn you when cookies are being used. However this may mean you may not be able to take advantage of all features of the website.

13. Links to other websites and third party advertising services

Our websites may contain links to other websites that are not under our control. These websites may use cookies. It is the responsibility of those third parties to collect appropriate consents from you in order to permit their own cookies (to the extent this is required by law) and to inform you about the cookies they use. You should check the Privacy Policy on all third party websites to ensure you are comfortable with third party cookies.
We may also utilise certain third-party advertising services (e.g. organizations such as FastClick or Google) to display advertising for our advertisers. These third-party services may also place a cookie on your computer for the purposes of ad tracking and presentation. We do not share personally identifiable visitor information with these third-party services.
We have no responsibility for linked websites or third-party advertising services, and provide them solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or warranties about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.

14. Storing personal information and health information

We take all reasonable and appropriate steps (including organisational and technological measures) to protect your personal information and health information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. Some of the ways this is done include:
requiring our staff to maintain confidentiality
implementing document storage security
imposing security measures for access to our computer systems
providing a secure environment and access control for confidential information
only allowing access to personal and health information where the individual seeking access has satisfied our identification requirements
Where we store your personal information and health information depends on what interaction you have had with us. These include:
electronic databases, including those for processing customer enquiries or feedback
email databases for marketing communications
paper based forms
However, the Internet is not in itself a secure environment and we cannot give an absolute assurance that your personal information will be secure at all times. Transmission of personal information over the Internet is at your own risk and you should only enter, or instruct the entering of, personal information within a secure environment.

15. Keeping personal information and health information accurate and up to date

It is your responsibility to ensure that the personal information or health information you provide us is accurate, complete and up-to-date. However, as required by Applicable Privacy Law, we will also endeavour to ensure that the personal information and health information collected from you is up to date, accurate and complete.
Medical records are our property – however you have a right to access them subject to some exceptions allowed by applicable laws. In the case of pathology services, it is recommended that you obtain the information from the referring doctor. We will disclose the medical record to an authorised personal representative or legal adviser where you have provided written authority, unless any of the applicable legislative exceptions apply.
You may request access to or correction of your personal information and health information we hold about you at any time by contacting the relevant Privacy Officer using the details set out at the end of this Policy. We will need to verify your identity. Subject to any applicable exceptions or requirements, we will provide you with access to the personal information or health information you request within a reasonable time and usually within  20 working days.. If we decide to refuse your request we will tell you why in writing and how to complain.
We may charge a reasonable fee for collating and providing access to personal and health information.

16. Contact us

If you have a question or comment regarding this Policy or wish to make a complaint or exercise your privacy rights, please contact me at steven@drstevencasci.co.nz 

I will need to verify you, and will respond to you within a reasonable period of time to acknowledge your complaint and inform you of the next steps we will take in dealing with your complaint.

If you are not satisfied with our response, you may complain to:

New Zealand: the New Zealand Privacy Commissioner via the website: https://www.privacy.org.nz/your-rights/making-a-complaint/

17. Changes to our Privacy Policy

We may revise this Policy from time to time as we add new features to the website or to refelct changes in New Zealand legislation. When we make changes to our Privacy Policy, they are reflected on this page. Any revised Privacy Policy will apply both to information we already have about you at the time of the change, and any personal information or health information created or received after the change takes effect. We encourage you to periodically reread this Privacy Policy, to see if there have been any changes to our policies that may affect you. Your continued use of our services following an update to this Privacy Policy constitutes acceptance of those changes.
Website Terms and Conditions of Use

By accessing this web site, you are agreeing to be bound by these web site Terms and Conditions of Use, our Privacy Policy and all applicable laws and regulations, and agree that you are responsible for compliance with any applicable local laws. If you do not agree with any of these terms, you are prohibited from using or accessing this site. The materials contained in this web site are protected by applicable copyright and trade mark law.