Privacy Policy

1.
Medi-Map NZ Limited and Medi-Map Group Pty Limited (“we”) are committed to protecting and respecting your privacy and will comply at all times with relevant rivacy laws including but not limited to:
(a)
New Zealand
(i)
the Privacy Act 1993;
(ii)
the Health Information Privacy Code 1994 issued by the Office of the Privacy Commissioner;
(iii)
to the extent applicable, any legislation from time to time in force in New Zealand affecting privacy, personal information (including health records and information) or the collection, handling, storage, processing, use or disclosure of data; and
(iv)
any ancillary rules, binding guidelines, orders, directions, directives, codes of conduct, or other instruments made or issued by a government agency under an instrument identified in paragraphs (i) to (iii) above.
(b)
Australia
(i)
the Privacy Act 1988 (Cth);
(ii)
the Spam Act 2003 (Cth);
(iii)
the Do Not Call Register Act 2006 (Cth);
(iv)
to the extent applicable, any legislation from time to time in force in Any Australian jurisdiction (which includes the Commonwealth of Australia and any state of territory of Australia) affecting privacy, personal information (including health records and information) or the collection, handling, storage, processing, use or disclosure of data; and
(v)
any ancillary rules, binding guidelines, orders, directions, directives, codes of conduct, or other instruments made or issued by a government agency under an instrument identified in paragraphs (i) to (iv) above.
2.
We will use all reasonable endeavours to cooperate with, and assist you to respond to, any complaint or investigation by relevant authorities (including but not limited to the investigator, a Coroner, the Privacy Commissioner and the Police) relating to privacy issues arising from your use of the Software or the Services (both as defined below).
3.
SCOPE OF POLICY
3.1
This policy (together with our terms and conditions as set out at medimap.co.nz and medimap.com.au Terms and Conditions and conditions and any separate written agreements we require you enter into for use of any particular Software (as defined below) of ours (including without limitation any “Software As A Service Agreements”), constitute the legal agreement (“Licence Agreement”) between you and us that applies to your use of the following via any mobile telephone or other electronic device (“Device”):
(a)
MEDI-MAP LINX mobile application software, the data supplied with it, and the associated media (“Medi-Map Linx”);
(b)
MEDI-MAP MY MEDS mobile application software, the data supplied with it, and the associated media (“Medi-Map My Meds”);
(c)
Medi-Map Web Service (accessible at https://medi-map.co.nz, https://medi-map.com.au ) (“Medi-Map Web Service); and
(d)
Any of the services accessible through the Software (“Services”).
Medi-Map Linx, Medi-Map My Meds and Medi-Map Web Service are together referred to as the “Software”.
3.2
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, through or in relation to the Software or the Services, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. It is important that you read this Privacy Policy carefully because anytime you use our Software or Services, you consent to the practices we describe in the Licence Agreement (including this Privacy Policy). If you do not agree to the practices described in the Licence Agreement, you should not use the Software or the Services.
3.3
By using the Software or any of the Services, you consent to us collecting and using technical information about the Devices and related software, hardware and peripherals for Services that are internet-based or wireless to improve our products and to provide any Services to you.
3.4
Certain Services will make use of location data sent from the Devices. You can turn off this functionality at any time by turning off the location services settings for the Software on the Device. If you use these Services, you consent to us and our affiliates’ and licensees’ transmission, collection, maintenance, processing and use of your location data and queries to provide and improve location-based products and services. You may withdraw this consent at any time by turning off the location services settings on your device.
4.
INFORMATION WE MAY COLLECT FROM YOU
4.1
We may collect and process the following data about you:
(a)
Information you give us (Submitted information): You may give us information about you through registration of and use of the Software, or by corresponding with us (for example, by e-mail or chat). This includes information you provide when you download or register any Software, subscribe to or use any of our Software or Services, or link to any other healthcare providers or family members with regard to services associated with your healthcare, and when you report a problem with any Software or our Services. The information you give us may include your name, address, e-mail address and phone number, the Device’s phone number, age, username, password and other registration information, financial and credit card information, personal description and photograph, and medicine information.
(b)
Information we collect about you and your device. Each time you use the Software we may automatically collect the following information:
(i)
technical information, including the type of mobile device you use, a unique device identifier (for example, your Device’s IMEI number, the MAC address of the Device’s wireless network interface, or the mobile phone number used by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, (“Device Information”);
(ii)
information stored on your Device, including login information, digital content, check ins related to your use of the Software, medicine information, medicine compliance information, repeat requests to pharmacy, your description of your feeling and language preference (“Content Information”);
(iii)
details of your use of any of the Software including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access (“Log Information”); and/or
(iv)
Location information. We may also use GPS technology or other location technology available through your Device to determine your current location. Some of our location-enabled Services require your personal data for the feature to work. If you wish to use those particular features, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by turning off the location-enabled services settings on your device but doing so may affect your ability to use some Services or features of the Software.
(c)
Information we receive from other sources (“Third Party Information”). We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you. We may also receive information about you from third-party social networking services when you choose to connect with those services.
(d)
Unique application numbers: when you install or uninstall any Software containing a unique application number or when a Service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.
5.
COOKIES
5.1
We use cookies to distinguish you from other users of the Software. This helps us to provide you with a good experience when you use the Software or browse any of the sites and also allows us to improve the Software and our sites.
5.2
Cookies are small files that are placed on your browser or device by the website or app you’re using or ad you’re viewing. Pixel tags (also called clear GIFs, web beacons, or pixels) are small blocks of code on a webpage or app that allow them to do things like read and place other cookies and transmit information to us or our partners. The resulting connection can include information such as a device’s IP address, the time a person viewed the pixel, an identifier associated with the browser or device and the type of browser being used. Local storage is a technology that allows a website or app to store and retrieve data on a person’s computer, mobile phone or other device. Some examples include device or HTML5 local storage and caching.
5.3
We use the following types of cookies:
(a)
Persistent cookies – used to recognise you when you return to our website. This assists with our security services, and also enables us to personalise our content for you, greet you by name and remember your preferences (for example, your region) and provide personalised features such as start page, or deliver ads that are relevant to you.
(b)
Session cookies – used as an integral part of the identification process for our services. This is for security purposes to determine that you are who you say you are and to provide you with your confidential account information during a session. No personal information is kept in the cookie and the cookie is not written to your Device. When you log out of your session the cookie is no longer valid and is discarded when you close your browser.
(c)
Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our Software when they are using it. This helps us to improve the way the Software works, for example, by ensuring that users are finding what they are looking for easily.
(d)
Targeting cookies – These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose but will never share any information which enables you to be identified..
(e)
Essential cookies – These are cookies that are required for the operation of our website. They include, for example, authentication cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services. For example, they help protect your account from being accessed by anyone other than you, and let us know when several people have logged in from the same computer. With login approvals if someone logs into your account from a browser you’ve never used before, we may block them and ask for more information. They also help us implement login notifications, so you can be alerted when your account is accessed and disable any active sessions.
(f)
Functionality cookies – These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your region). For example, we may store information in a cookie that is placed on your browser or device so you will see the site in your preferred language.
5.4
You can block cookies if you wish by activating settings on your Device to refuse cookies. However, if you block or refuse all cookies:
(a)
you may not be able to access all parts or features of the Software, or the Software may operate more slowly and require you to re-enter data previously entered on other occasions;
(b)
we still use some cookies if you don’t have an account or have logged out of your account. For example, if you have logged out of your account we use cookies to help:
(i)
Identify and disable the accounts of spammers;
(ii)
Recover your account if you ever lose access to it;
(iii)
Provide extra security features like login notifications and login approvals;
(iv)
Prevent people who are underage from signing up with a false birth date;
(v)
Identify public computers so that we can discourage people from using ‘Keep me logged in’ and putting their account at risk; and
(vi)
Generate insights about the people who interact with our website, any services we provide, and the websites of our advertisers and partners; and
(c)
Third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These are likely to be analytical/performance cookies or targeting cookies.
5.5
Except for Essential cookies, all cookies we use will expire after they are no longer required for their original purpose.
6.
USES MADE OF THE INFORMATION
6.1
We use information held about you in the following ways:
(a)
Submitted Information: To ensure the correct identifiers are used to identify your linked medicine information.
(b)
Device information: To identify use of the Software and storage of data.
(c)
Content Information: To ensure that your doctor and pharmacy or care organisation has up to date information on your medicine list and medicine use. This may include repeat of prescriptions and mood statements.
(d)
Log information: To ensure appropriate use of the Software.
(e)
Location information: For clarification of your location.
(f)
Third Party Information: For notifications on missed medicine events and non-compliance notifications.
(g)
Unique application numbers: To ensure the [UUID] of the device is linked to the correct patient medicine data in the Services.
6.2
We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.
6.3
We do not disclose information about identifiable individuals to our advertisers, but we may provide them with anonymous aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.
6.4
You acknowledge and agree that:
(a)
we may derive or create data and information about the use of the Software and/or the Services by you and your authorised users (“Use Data”) and we may use and disclose Use Data to our third party service providers in order to improve the Software and/or the Services; and
(b)
we may obtain and aggregate technical and other data about your use of the Software and/or the Services (excluding any personally identifiable data with respect to you or your authorised users) (“Aggregated Anonymous Data”), and we may use the Aggregated Anonymous Data to analyse, improve, support and operate the Software and/or the Services and otherwise for any business purpose, during and after the term of the Licence Agreement, including without limitation to generate industry benchmarks or best practices guidance, recommendations or similar reports for distribution to and consumption by you and other customers or prospective customers of ours. For the avoidance of doubt, this clause 6.4 does not give us the right to identify you as the source of any Aggregated Anonymous Data.
7.
DISCLOSURE OF YOUR INFORMATION
7.1
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in the Companies Act 1993.
7.2
We may share your information with selected third parties including:
You acknowledge and agree that:
(a)
Business partners, suppliers and sub-contractors who we engage to perform functions on our behalf. They will have access to your personal information as necessary to perform their functions, but may not use it for other purposes. They must also process the personal information in accordance with this Privacy Policy and as permitted by applicable data protection laws;
(b)
Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users. We may also use such aggregate information to help advertisers reach their target audience. We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience;
(c)
Analytics and search engine providers that assist us in the improvement and optimisation of our site;
(d)
Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you; and/or
(e)
Other vendors in the health industry including but not limited to CC.Net, SmartWard, Datacom, MPS, Suremed and Doseaid. We may provide them with resident demographic data and medication data.
7.3
We may disclose your personal information to third parties:
You acknowledge and agree that:
(a)
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
(b)
If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
(c)
If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
(d)
In order to:
(i)
enforce or apply the Licence Agreement and other agreements or to investigate potential breaches; or
(ii)
protect the rights, property or safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
(e)
Access to medical information: In a “Break the Glass” action where a health professional informs us that they need access to your medical information, we will provide them with that information, but will first issue a warning regarding the access to this information and the person attempting to access your medical information will be advised the following:
“Medical – In Confidence”: The information you are about to access is deemed Medical – In Confidence and is owned by the identified person. The data and information is theirs and they are granting you access to this information in the interests of their personal health care in an emergency situation. The access to this information will be permanently recorded and all activity subject to audit and/or investigation if deemed necessary.”
8.
WHERE WE STORE YOUR PERSONAL DATA
8.1
The data that we collect from you may be transferred to, and stored at, a destination outside New Zealand and Australia. It may also be processed by staff operating outside New Zealand and Australia who work for us or for one of our suppliers. These staff may be engaged in the fulfilment of your request, order or reservation, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
8.2
All information you provide to us is stored on our secure servers. Any payment transactions carried out by us or our chosen third-party provider of payment processing services will be encrypted using Secured Sockets Layer technology. Where we have given you (or where you have chosen) a password that enables you to access certain parts or features of the Software, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
8.3
Unfortunately, the transmission of information via the internet is not completely secure. Although we will use reasonable physical and technical measures to protect your personal data, we cannot guarantee the security of your data transmitted to via our Software – any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, including shielded [VMs] and having the minimum number of administrators.
8.4
Certain Services may include social networking, chat room or forum features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.
9.
YOUR RIGHTS
9.1
You can always choose not to provide us with any information, or to disable cookies although this may affect your ability to access or use the Software and/or the Services or any particular features of them, and we may not be able to process transactions with you.
9.2
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at office@medimap.co.nz.
9.3
The Software and our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
10.
EUROPEAN UNION AND EUROPEAN ECONOMIC AREA RESIDENTS’ RIGHTS
10.1
In addition to the above-listed rights, the General Data Protection Regulation 2016/679 provides individuals within the European Union and the European Economic Area with enhanced rights in respect of their personal data. These rights may include, depending on the circumstances surrounding the processing of personal data:
You acknowledge and agree that:
(a)
the right to object to decisions based on profiling or automated decision making that produce legal or similarly significant effects on you;
(b)
the right to request restriction of processing of personal data or object to processing of personal data carried out pursuant to (i) a legitimate interest or (ii) performance of a task in the public interest (including processing for direct marketing purposes);
(c)
in certain circumstances, the right to data portability, which means that you can request that we provide certain personal data about you that we process in a machine-readable format; and
(d)
in certain circumstances, the right to erasure, which means that you can request deletion or removal of certain personal data we process about you.
10.2
Note that we may need to request additional information from you to validate a request relating to the exercise of any of the rights above.
11.
ACCESS TO INFORMATION
11.1
You have the right to access information held about you. Your right of access can be exercised in accordance with that Act. If permitted by law, we may charge you a small fee for providing you with this ability. We may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. If you would like to make a request to access your information, please contact our customer service department at office@medimap.co.nz.
12.
DATA RETENTION
12.1
We take reasonable steps to ensure that we retain information about you only for so long as is necessary for the purpose for which it was collected, or as required under any contract or by applicable law.
13.
CHANGES TO PRIVACY POLICY
13.1
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or when you next start the Software. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the Software or the Services. By using the Software and Services after such changes, you also confirm your agreement to the new practices identified in the update. The current version of this Privacy Policy will always be available here https://medi-map.co.nz/Docs/Privacy Policy. You can check the “effective date” posted at the top to see when this Privacy Policy was last updated.
14.
COMPLIANCE WITH OTHER APPLICABLE PRIVACY REQUIREMENTS
14.1
We will take all reasonable steps to ensure that we comply with all applicable legal requirements relating to collection and use of personal data or information.
14.2
We specifically confirm that the Software and Services are not targeted at children, that we will comply at all times with the requirements of the Childrens Online Privacy Protection Act and that we do not knowingly collect any information from anyone under 13 years of age.
14.3
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act.
15.
THIRD PARTY WEBSITES AND SERVICES
15.1
The Software and the Services may link to third-party websites and services that are outside our control. We are not responsible for the security or privacy of any information collected by websites or other services not operated by us. You should exercise caution, and review the privacy statements applicable to any third-party websites and services you use.
16.
CONTACT
16.1
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to office@medimap.co.nz.