Privacy and Cookie Policy

Your privacy is important to Eye Institute Limited (referred to in this Privacy Policy as we, our or us). This Privacy Policy explains how we collect, hold, use and disclose the personal information that we collect from you or which we have obtained about you from a third party, in compliance with the Privacy Act 2020 and Health Information Privacy Code 2020. It also sets out various rights that you have in relation to that personal information. Please take a moment to read and understand this Privacy Policy.

We may modify or amend this Privacy Policy from time to time by posting an updated version on our website (at https://www.eyeinstitute.co.nz/) (Website). By continuing to use the Website or any of our products or services, you consent to us using your personal information in accordance with any such modifications or amendments.

If you do not provide to us all the personal information we request from you, you may not be able to access and use, and we may be unable to provide to you, all of our products and services.

This Privacy Policy explains:

  • how we collect personal information;
  • the kind of personal information we collect;
  • how we use, and may share, your personal information;
  • how we use cookies;
  • the basis on which we provide links to third party websites;
  • how you can access/amend your personal information;
  • how long we hold personal information; and
  • who you can contact for further information.

We may collect personal information about you by the following means:

  • from you when you sign up to our services;
  • from persons who refer you to us, or who you nominate to provide a referral for you, including medical professionals, referees, DHBs;
  • in the course of providing our products and services to you;
  • when you use our Website and the products, services and functionality offered through it;
  • when you create an account with us and when you update your account information;
  • when you sign up to our mailing list to receive direct marketing; and
  • when you contact us, including through our Website such as the online chat feature, social media, email, phone, or in person, for information about our products or services or for any other purpose.

If you are a health care professional, in addition to the above, we may also collect personal information about you by the following means:

  • when you request information or resources from us;
  • when you provide a patient referral to us; and
  • when you register for and/or attend professional development / education events, including through our Website, social media, events pages or webinars.

We may also collect any other personal information you may choose to provide to us, or from persons who you have authorised to provide information to us.

Heidi Transcription Software – As part of your consultation, our medical professionals may use transcription software to capture the notes from your consultation. Conversations are transcribed simultaneously while they happen. These notes are them saved to our patient management system. The transcription software used is compliant with the Privacy Act 2020 and the New Zealand Information Privacy principals. The information management systems are ISO27001 accredited for data security. All data is encrypted, securely and confidentially stored on Heidi’s cloud servers, adhering to high industry standards. Due to cloud infrastructure limitations within New Zealand, data for NZ users is stored in Australia.

We collect the personal information you give us or that you may authorise others to provide to us. This information may include name, address (physical, mailing and email), telephone numbers, NHI number, date of birth, ethnicity, iwi, smoking status, name of doctor, name of optometrist, details of insurer, next of kin, prescription/condition details.

We use your personal information for the following purposes:

  • to provide Eye Institute’s services to you, including registering you as a patient or client and booking appointments, or as a referring healthcare professional, as applicable;
  • responding to questions or requests for information from you or someone you have authorised to ask those questions or make those requests on your behalf;
  • to create an individual profile for you so that we can enhance your user experience;
  • to provide you with information and offers in relation to the products and services offered by us that we think may be of interest to you if you have indicated that you would like to receive this information (if you are a healthcare professional, this may include upcoming educational events, webinars, and other marketing material);
  • to manage your customer account and transactions, including the performance of any contract we may have with you;
  • to enforce our contracts with you (including to supply, and invoice for, products and services ordered by you, and to collect payment);
  • to comply with our healthcare provider obligations (including reporting obligations) to Primary Health Organisations, District Health Boards and the Ministry of Health;
  • to help us improve the products and services that we offer and to develop new products and services, including marketing, business development, research and statistical analysis;
  • to comply with relevant laws and regulations;
    for any specific purpose which we notify you of at the time your personal information is collected; and
  • for our administrative purposes, including audit and reporting purposes.
  • Conduct regular surveys to gain an understanding of individual needs

We will never use your personal information for a purpose which you have not been notified of before or at the time your personal information was collected. If we need to use your personal information for a new purpose, we will always obtain your express authorisation before doing so.

We may disclose information about you:

  • if you are a patient, to your health professional (such as doctor or optometrist) and health insurer, in each case if authorised by you;
  • to Primary Health Organisations, District Health Boards and the Ministry of Health to comply with our healthcare provider obligations (which include reporting obligations);
  • to other third parties to the extent reasonably required to carry out any of the purposes for which we may use your personal information (as outlined above);
  • if we are requested to do so in the course of legal proceedings or other investigations; or
  • with your authorisation or where we are otherwise permitted to do so by applicable law.

We may also disclose information about you to our service providers (including our website hosting, marketing and communications (Mailchimp), online booking (MyHealth1st), call tracking (Nimbata), online chat (Zendesk), data storage and payment providers). These service providers may use or disclose your information in accordance with their privacy policies. They may not be required to protect the information in a way that, overall, provides comparable safeguards to those under the Privacy Act.

We may use “cookies” and collect session information to provide you with access to tailored information and products on the Website.

A cookie is a small data file that the Website sends to your browser, which may then store it on your system for later retrieval by the Website. Cookies record information about your online preferences and allow us to tailor the Website to your interests. Information supplied by cookie and session information can help us to analyse the profile of the Website’s visitors and help us to provide you with a better user experience.

Users have the opportunity, using their browser settings, to set their devices to accept all cookies, to notify them when a cookie is issued, deleted, or not to receive cookies at any time. If you reject cookies, you may still use our Website, but your ability to use some of their features or functionality may be limited.

For further information on cookies and how to switch them off see www.allaboutcookies.org.

We also use call analytics tools to keep track of our telephone calls, and web analytics tools, including the Google Analytics service and Google Tag Manager. The Google Analytics Service analyses non-identifiable traffic data relating to use of our website, using its own cookies and anonymous identifiers for mobile devices (eg Android Advertising Identifier or Advertising Identifier for iOS) or similar technology used to collect data. For more information on how Google collects and processes data, please click here. Please refer to Google’s Privacy Policy for more information.

This Website may contain links to third party websites or refer to third party services which may collect your personal information. These websites or third party services have not been prepared by us and are not managed by us. They are provided for your convenience only, and do not imply that we check, endorse, approve or agree with third party websites or third party services that this Website links or refers to. We encourage you to be aware when you leave our website and to read the privacy statements of each and every third party website you visit.

More information about our Website, and the terms of use applicable to it, can be found at ( https://www.eyeinstitute.co.nz/).

If you wish to obtain confirmation that we hold personal information about you and to access that information, or you wish to request a correction to your personal information that we hold, please contact us at stacy.v@eyeinstitute.co.nz.

If you request access to, or a copy of, your personal information, then subject to any lawful grounds for withholding the information, we will provide you with a copy of the personal information we keep about you, if that information is held in a way that it can be readily retrieved. However, we reserve the right to charge you a reasonable amount for providing copies of any personal information you request, to take into account the time, cost and effort involved.

If you request a correction to your personal information you may also provide us with a statement of the correction sought (statement of correction). If we agree that your personal information needs correcting, an amended record of your personal information will be provided back to you. If we do not agree to your request for a correction and you have provided us with a statement of correction, you may request that we attach the statement of correction to the information and we will take reasonable steps to do this.

You may also amend your personal information associated with your account by updating your account details.

We will not keep your personal information for longer than is necessary to achieve the purposes for which we may lawfully use it. We comply with the Health (Retention of Health Information) Regulations 1996.

If you have any queries about this Privacy Policy or personal information we have collected about you, please contact:

Name: Stacy Valentine
Postal Address: 123 Remuera Road, Remuera, Auckland
Phone number: 09 522 2125
Email Address: stacy.v@eyeinstitute.co.nz