1. Your privacy: Smile Zone Ltd (trading as One Dental) (“we”, “us”, “our”) is committed to ensuring the privacy of your information, and to meeting the requirements of the New Zealand Privacy Act 1993. We want to make sure that you understand how we collect and treat your personal information so please read this Privacy Policy carefully.
2. Application of this Privacy Policy: This Privacy Policy applies to all personal information that you submit on or through our website at onedental.co.nz (the “Websites”), and any information that may be automatically retrieved through your use of the Websites.
3. Your consent: By accessing or using the Websites, you consent to the collection, use, disclosure, storage and processing of your information in accordance with this Privacy Policy.
4. What information we collect about you: We collect personal information about you when you voluntarily provide it to us (eg by contacting us with an inquiry or requesting an appointment via the Websites) and when you access and use the Websites. The kinds of information we collect may include:
(a) your name;
(b) your contact details;
(c) details you provide regarding the nature of any appointment you request via the Websites;
(d) any information you choose to disclose using the ‘Chat’ function on the Websites;
(e) information about how the Websites are used (for example, traffic volumes, time spent on pages);
(f) your IP address and/or other device identifying data; and
(g) other information required to provide a service you requested.
You are under no obligation to provide us with any such information. However, if you choose to withhold requested information, we may not be able to provide you with certain products or services.
5. Cookies: We use session-based cookies to collect information relating to usage of the Websites and analyse Website traffic. Cookies are small pieces of information that are stored in a browser-related file on your computer or device when you use the Websites. The cookies we use do not collect any personally identifiable information.
6. What we do with the information we collect: We will use the personal information we collect to:
(a) respond to requests or inquiries made through the Websites;
(b) provide you with a requested quotation for services;
(c) provide you with requested services;
(d) issue you with an invoice;
(e) carry out research and marketing analysis so we can better understand and serve you;
(f) communicate with you in relation to the Websites and any other services we provide from time to time;
(g) monitor and enforce compliance with the law and applicable terms and conditions;
(h) verify and carry out financial transactions in relation to services we provide; and
(i) co-operate with any government, industry or regulatory authorities.
7. Opting-out: You can unsubscribe from any marketing communications from us by following the instructions on any communications sent to you. You can also exercise this right at any time by contacting us using the details at the end of this Privacy Policy.
8. Disclosure: Unless you have authorised us to do so, we will not rent or sell your personal information and will not disclose it to any third party except:
(a) where disclosure is connected to the purposes for which the information was collected as listed in clause 6;
(b) to relevant authorities, parties and/or applicable intellectual property rights holders (or their representatives) if we consider that you are in breach of the law or our rights; or
(c) where required, or permitted, by law.
9. Access and correction: You have the right under the Privacy Act 1993 to access and/or correct your personal information held by us at any time. You can do this by contacting us using the details at the end of this Privacy Policy.
10. Storing personal information and health information: We take all reasonable and appropriate steps (including organisational and technological measures) to protect your personal information and health information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. Some of the ways this is done include:
- requiring our staff to maintain confidentiality
- implementing document storage security
- imposing security measures for access to our computer systems
- providing a secure environment and access control for confidential information
- only allowing access to personal and health information where the individual seeking access has satisfied our identification requirements
Where we store your personal information and health information depends on what interaction you have had with us. These include:
- electronic databases, including those for processing customer enquiries or feedback
- email databases for marketing communications
- paper based forms
However, the Internet is not in itself a secure environment and we cannot give an absolute assurance that your personal information will be secure at all times. Transmission of personal information over the Internet is at your own risk and you should only enter, or instruct the entering of, personal information within a secure environment.
11. Data breaches: The NZ Privacy Act requires us to notify the New Zealand Privacy Commissioner about ‘notifiable privacy breaches’ and may require us to notify you. A notifiable privacy breach occurs when the following criteria are met in relation to personal information held by us:
- there is: (i) unauthorised or accidental access to that information; or (ii) disclosure, alteration, loss, or destruction of that information; or (iii) an action that prevents us from accessing that information on either a temporary or permanent basis (privacy breach); and
- it is reasonable to believe the privacy breach has caused serious harm to an affected individual or individuals or is likely to do so.
If it is not clear whether a suspected privacy breach meets these criteria, we will investigate and assess the breach to determine whether the breach is a ‘notifiable privacy breach’ that requires us to notify the affected individuals. This is to ensure that, subject to the NZ Privacy Act, you are notified if your personal information is involved in a privacy breach that has caused or is likely to cause serious harm. Even if the criteria are not met, we may decide it appropriate to notify you anyway as part of our commitment to taking privacy seriously.
12. Keeping personal information and health information accurate and up to date: It is your responsibility to ensure that the personal information or health information you provide us is accurate, complete and up-to-date. However, as required by Applicable Privacy Law, we will also endeavour to ensure that the personal information and health information collected from you is up to date, accurate and complete.
Medical records are our property – however you have a right to access them subject to some exceptions allowed by applicable laws. In the case of pathology services, it is recommended that you obtain the information from the referring doctor. We will disclose the medical record to an authorised personal representative or legal adviser where you have provided written authority, unless any of the applicable legislative exceptions apply.
You may request access to or correction of your personal information and health information we hold about you at any time by contacting the relevant Privacy Officer using the details set out at the end of this Policy. We will need to verify your identity. Subject to any applicable exceptions or requirements, we will provide you with access to the personal information or health information you request within a reasonable time and usually within 28 days in Australia and 20 working days in New Zealand. If we decide to refuse your request, we will tell you why in writing and how to complain.
We may charge a reasonable fee for collating and providing access to personal and health information.
13. Retention of your information: We will only retain your personal information for as long as is required for any of the purposes described in clause 5 above.
14. Changes to our Privacy Policy: We may amend or update this Privacy Policy from time to time, with or without notice to you. You agree to be bound by the Privacy Policy that is in effect at the time you use the Website. Revised versions will be effective immediately once posted on the Websites.
15. Contact us: If you have any questions about this Privacy Policy or if you would like to request access to, or correction of, your personal information, you can get in touch by emailing us at stoke@onedental.co.nz, or via the “Contact Us” pages of the Websites.
16. More information about privacy: This Privacy Policy is governed by New Zealand law. For more information about privacy issues in New Zealand and protecting your privacy, visit the New Zealand Privacy Commissioner’s website: www.privacy.org.nz.