New Zealand the Privacy Act 2020;
- the Health Information Privacy Code 2020 issued by the Office of the Privacy Commissioner;
- to the extent applicable, any legislation from time to time in force in New Zealand affecting privacy, personal information (including health records and information) or the collection, handling, storage, processing, use or disclosure of data; and
- any ancillary rules, binding guidelines, orders, directions, directives, codes of conduct, or other instruments made or issued by a government agency under an instrument identified in paragraphs (i) to (iii) above.
2 SCOPE OF POLICY
- This policy (together with our terms and conditions as set out at medimap.co.nz and medimap.com.au Terms and Conditions and conditions and any separate written agreements we require you enter into for use of any particular Software (as defined below) of ours (including without limitation any “Software As A Service Agreements”), constitute the legal agreement (“Licence Agreement“) between you and us that applies to your use of the following via any mobile telephone or other electronic device (“Device”):
- MEDI-MAP mobile application software, the data supplied with it, and the associated media (“Medi-Map Mobile App”);
- MEDI-MAP MY MEDS mobile application software, the data supplied with it, and the associated media (“Medi-Map My Meds”);
- Medi-Map Web Service (accessible at https://medi-map.co.nz,https://medi-map.com.au) (“Medi-Map Web Service); and
- Any of the services accessible through the Software (“Services”).
Medi-Map Mobile App, Medi-Map My Meds and Medi-Map Web Service are together referred to as the “Software”.
- By using the Software or any of the Services, you consent to us collecting and using technical information about the Devices and related software, hardware and peripherals for Services that are internet-based or wireless to improve our products and to provide any Services to you.
- Certain Services will make use of location data sent from the Devices. You can turn off this functionality at any time by turning off the location services settings for the Software on the Device. If you use these Services, you consent to us and our affiliates’ and licensees’ transmission, collection, maintenance, processing and use of your location data and queries to provide and improve location-based products and services. You may withdraw this consent at any time by turning off the location services settings on your device.
3. INFORMATION WE MAY COLLECT FROM YOU
- We may collect and process the following data about you:
- Information you give us (Submitted information): You may give us information about you through registration of and use of the Software, or by corresponding with us (for example, by e-mail or chat). This includes information you provide when you download or register any Software, subscribe to or use any of our Software or Services, or link to any other healthcare providers or family members with regard to services associated with your healthcare, and when you report a problem with any Software or our Services. The information you give us may include your name, address, e-mail address and phone number, the Device’s phone number, age, username, password and other registration information, personal description and medicine information.
- Information we collect about you and your device. Each time you use the Software we may automatically collect the following information:
- technical information, including the type of mobile device you use, a unique device identifier (for example, your Device’s IMEI number, the MAC address of the Device’s wireless network interface, or the mobile phone number used
by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, (“Device Information”);
- information stored on your Device, including login information, digital content, check ins related to your use of the Software, medicine information, medicine compliance information, repeat requests to pharmacy, your description of your feeling and language preference (“Content Information”);
- details of your use of any of the Software including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access (“Log Information”); and/or
- Location information. We may also use GPS technology or other location technology available through your Device to determine your current location. Some of our location-enabled Services require your personal data for the feature to work. If you wish to use those features, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by turning off the location-enabled services settings on your device but doing so may affect your ability to use some Services or features of the Software.
- Information we receive from other sources (“Third Party Information”). We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you.
- If you contact us, we may keep a record of that correspondence.
- Unique application numbers: when you install or uninstall any Software containing a unique application number or when a Service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.
- Cookies are small files that are placed on your browser or device by the website or app you’re using or ad you’re viewing. Pixel tags (also called clear GIFs, web beacons, or pixels) are small blocks of code on a webpage or app that allow them to do things like read and place other cookies and transmit information to us or our partners. The resulting connection can include information such as a device’s IP address, the time a person viewed the pixel, an identifier associated with the browser or device and the type of browser being used. Local storage is a technology that allows a website or app to store and retrieve data on a person’s computer, mobile phone or other device. Some examples include device or HTML5 local storage and caching.
- We use the following types of cookies:
- Persistent cookies – used to recognise you when you return to our website. This assists with our security services, and enables us to personalise our content for you, greet you by name and remember your preferences (for example, your region) and provide personalised features such as start page, or deliver ads that are relevant to you.
- Session cookies – used as an integral part of the identification process for our services. This is for security purposes to determine that you are who you say you are and to provide you with your confidential account information during a session. No personal information is kept in the cookie and the cookie is not written to your Device. When you log out of your session the cookie is no longer valid and is discarded when you close your browser.
- Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our Software when they are using it. This helps us to improve the way the Software works, for example, by ensuring that users are finding what they are looking for easily.
- Essential cookies – These are cookies that are required for the operation of our website. They include, for example, authentication cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services. For example, they help protect your account from being accessed by anyone other than you and let us know when several people have logged in from the same computer. With login approvals if someone logs into your account from a browser you’ve never used before, we may block them and ask for more information. They also help us implement login notifications, so you can be alerted when your account is accessed and disable any active sessions.
- Functionality cookies – These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your region). For example, we may store information in a cookie that is placed on your browser or device so you will see the site in your preferred language.
- Targeting cookies – These record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose but will never share any information which enables you to be identified.
- you may not be able to access all parts or features of the Software, or the Software may operate more slowly and require you to re-enter data previously entered on other occasions;
- Identify and disable the accounts of spammers;
- Recover your account if you ever lose access to it;
- Provide extra security features like login notifications and login approvals;
- Prevent people who are underage from signing up with a false birth date;
- Identify public computers so that we can discourage people from using ‘Keep me logged in’ and putting their account at risk; and
- Generate insights about the people who interact with our website, any services we provide, and the websites of our advertisers and partners; and
- Except for Essential cookies, all cookies we use will expire after they are no longer required for their original purpose.
5. USES MADE OF THE INFORMATION
- We use information held about you in the following ways:
- Submitted Information: To ensure the correct identifiers are used to identify your linked medicine information.
- Device information: To identify use of the Software and storage of data.
- Content Information: To ensure that your doctor and pharmacy or care organisation has up to date information on your medicine list and medicine use. This may include repeat of prescriptions and mood statements.
- Log information: To ensure appropriate use of the Software.
- Location information: For clarification of your location.
- Third Party Information: For notifications on missed medicine events and non-compliance notifications.
- Unique application numbers: To ensure the [UUID] of the device is linked to the correct patient medicine data in the Services.
- We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.
- We do not disclose information about identifiable individuals to advertisers.
- You acknowledge and agree that:
- we may derive or create data and information about the use of the Software and/or the Services by you and your authorised users (“Use Data”) and we may use the Use Data order to improve the Software and/or the Services; and
- we may obtain and aggregate technical and other data about your use of the Software and/or the Services (excluding any personally identifiable data with respect to you or your authorised users) (“Aggregated Anonymous Data“), and we may use the Aggregated Anonymous Data to analyse, improve, support and operate the Software and/or the Services and otherwise for any business purpose, during and after the term of the Licence Agreement, including without limitation to generate industry benchmarks or best practices guidance, recommendations or similar reports for distribution to and consumption by you. For the avoidance of doubt, this clause 6.4 does not give us the right to identify you as the source of any Aggregated Anonymous Data.
6. DISCLOSURE OF YOUR INFORMATION
- We may disclose your personal information to any member of our company as defined in the Companies Act 1993.
- We may share your information with selected third parties including:
- Other vendors in the health industry including but not limited to Pharmacy Dispense software, medical practitioner software, HNZ or MHO. We may provide them with resident demographic data and medication data.
- We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If we are substantially acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
- In order toenforce or apply the Licence Agreement and other agreements or to investigate potential breaches; or protect the rights, property or safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
7. WHERE WE STORE YOUR PERSONAL DATA
- All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts or features of the Software, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
- Unfortunately, the transmission of information via the internet is not completely secure. Although we will use reasonable physical and technical measures to protect your personal data, we cannot guarantee the security of your data transmitted to via our Software – any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, including shielded [VMs] and having the minimum number of administrators.
- Certain Services may include social networking, chat room or forum features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected, or used by other users.Medi-Map does not use any social media channels.
8. YOUR RIGHTS
- You can always choose not to provide us with any information, or to disable cookies although this may affect your ability to access or use the Software and/or the Services or any particular features of them, and we may not be able to process transactions with you.
9. EUROPEAN UNION AND EUROPEAN ECONOMIC AREA RESIDENTS’ RIGHTS
- In addition to the above-listed rights, the General Data Protection Regulation 2016/679 provides individuals within the European Union and the European Economic Area with enhanced rights in respect of their personal data. These rights may include, depending on the circumstances surrounding the processing of personal data:
- the right to object to decisions based on profiling or automated decision making that produce legal or similarly significant effects on you;
- the right to request restriction of processing of personal data or object to processing of personal data carried out pursuant to (i) a legitimate interest or (ii) performance of a task in the public interest (including processing for direct marketing purposes);
- in certain circumstances, the right to data portability, which means that you can request that we provide certain personal data about you that we process in a machine-readable format; and
- in certain circumstances, the right to erasure, which means that you can request deletion or removal of certain personal data we process about you.
- Note that we may need to request additional information from you to validate a request relating to the exercise of any of the rights above.
10. ACCESS TO INFORMATION
- You have the right to access information held about you. Your right of access can be exercised in accordance with that Act. If permitted by law, we may charge you a small fee for providing you with this ability. We may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. If you would like to make a request to access your information, please contact our customer service department at firstname.lastname@example.org.
11. DATA RETENTION
- We take reasonable steps to ensure that we retain information about you only for so long as is necessary for the purpose for which it was collected, or as required under any contract or by applicable law.
13. COMPLIANCE WITH OTHER APPLICABLE PRIVACY REQUIREMENTS
- We will take all reasonable steps to ensure that we comply with all applicable legal requirements relating to collection and use of personal data or information.
- We specifically confirm that the Software and Services are not targeted at children, that we will comply at all times with the requirements of the Children’s Online Privacy Protection Act and that we do not knowingly collect any information from anyone under 13 years of age.
- Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act.
14. THIRD PARTY WEBSITES AND SERVICES
- The Software and the Services may link to third-party websites and services that are outside our control. We are not responsible for the security or privacy of any information collected by websites or other services not operated by us. You should exercise caution and review the privacy statements applicable to any third-party websites and services you use.