Privacy Policy NZ


1. Our Commitment to Privacy

This privacy policy is provided by Alcidion NZ Limited (NZBN9429 034 954 874) (“Alcidion”, “us” or “we”).  It also represents Alcidion’s privacy Statement and provides notice to individuals about how we handle personal data as appropriate.

Alcidion recognises the importance of privacy. We take seriously our obligations under the Privacy Act 2020 – which includes the Information Privacy Principles (the “Privacy Act”) – and the requirements of the Health Information Privacy Code 2020.

This privacy policy applies to individuals (“you” or “your”) whose personal data is collected and used by Alcidion.


2. The personal information we collect and our lawful purpose and basis for doing so

We collect personal information of the following individuals in accordance with this policy:

(a) patients of health care providers who are our customers;

(b) clinicians and other individuals who work at organisations with whom we have a current or prospective business relationship, including our customers, partners and suppliers;

(c) individuals who visit our website; and

(d) our prospective, current and past employees.


We collect and use personal information for the following purposes:

Type of individual

What we use your personal information for

Personal contact details of employees, patients at NZ customer sites and other individuals working for our NZ customers. Providing our goods and services and managing the employment relationship and the business relationship with our existing customers
Personal contact details of individuals at potential NZ customers and other parties who are interesting in hearing about our products and services
  • Sending direct marketing information to you about our products and services.
  • Liaising with you about opportunities to work together.
  • Responding to queries from you about our products and services.
Personal contact details of individuals at our NZ suppliers, partners, subcontractors and other third parties Managing the relationship with such parties, communicating with you on day to day matters.
All personal data mentioned in this privacy policy Storing such data in the cloud – this is to ensure that all personal data is readily accessible, available 24/7 and is stored in highly secure data centres.


Under the Privacy Act, we need a lawful purpose and basis for collecting and using personal data.  In relation to the above uses of personal data, our lawful basis in each instance, is that the processing is in our legitimate interests. Any disclosure of such personal data to Alcidion AUS Pty Limited and/or another member of the Alcidion group is required as part of the general corporate group functions, relating to the overall purpose of managing our relationships with various parties.


3. What type of personal information do we collect?

The types of personal information that we may collect and hold about you are typically:

(a) your name;

(b) your email address, mobile phone number; and

(c) other business contact details, such as your job title and place of work.

Occasionally we may collect demographic information from you such as your preferences and interests for the purpose of conducting market surveys or offers.

Except in the case of health and medical related information referred to in 2(a), we will not collect sensitive data about you such as health-related information, details of your race or ethnic origin, political opinions, religious beliefs, association memberships, sexual preferences, criminal history, genetic or biometric information. We do not deal with your personal data in a way that unreasonably intrudes upon your personal affairs.


4. How we collect personal information

4.1   Collecting information from you

In most instances, we collect personal information directly from you or from your organisation,  for instance if you get in touch with us regarding a particular project or opportunity.

Depending on how you choose to interact with us, we may collect your personal information when you contact us or our service providers, by telephone, email, in person, through our website or when you complete a form or document and provide it us.

4.2 Collecting information from third parties

Patient identifiable information is collected from the healthcare providers who are our customers. Sometimes this information is transferred to us by the health care provider’s appointed service provider with whom we have a subcontract or partner agreement.

We may also collect information about you from other people, for instance through networking, social media including LinkedIn, or from other customers and contacts.  Sometimes we receive personal data through referrals, for instance where an existing customer recommends your services and passes on your contact details to us.

4.3   Collecting information from visits to our website – Cookies

We may collect information based on how you use our website, including through ‘cookies’, web beacons and other similar technologies.  Cookies are small text files that websites or apps may place on your computer or device and collect non identified/anonymous information about the users of its website such as the number of visitors, the number of pages viewed and the internet advertisements which bring visitors to the website.    We will only use cookies (except for strictly necessary cookies) where you have provided your consent to us doing so.

We use cookies to provide you with a more consistent experience across our website and where you have provided your consent to us doing so, we may ask advertisers or other partners to serve ads or services to your devices, which may use cookies or similar technologies placed by us or the third party. This information is collected to analyse and improve our website, our marketing campaigns and to record statistics on web traffic.


We use the following types of cookies on our website:

Name of cookie and what it is used for Provider of the cookie Type of cookie Persistent / session
Traffic Log:  Used to identify which website pages are visited and direct users based on region to the appropriate page. Native to Alcidion website Server / Traffic Log Session


No attempt is made by us to use this information to personally identify you.  We record a variety of information from interactions with our online services including IP address, locations data (where available and not disabled by the user), dates, times, and other user activity.  In most cases we will not be able to reasonably identify an individual from the information collected.  However, if cookie information is linked with personal information we hold about you as set out above, this cookie information becomes personal information and will be treated in the same manner as the personal information to which it has been linked.

4.4         Unsolicited information

If we receive personal information about you that we have not requested, or if we determine that the personal information received is not reasonably necessary to provide our services, we will take reasonable steps to delete it.


5. Security of your personal information

The security of your personal information is of paramount importance to us. We will take reasonable steps to protect the personal information we hold from misuse or loss and from unauthorised access, modification or disclosure.

Patients or other individuals whose sensitive health care data is transferred to Alcidion should refer to the privacy policy of the organisation who is providing the care or treatment with regard to consent for the disclosure of that information to us and the security measures employed by the organisation. We hold patient identifiable health and medical information subject to our agreements with our customers or their service providers about the use and security of that information.

We have a number of safeguards in place to protect the personal information we hold, including password protected databases, staff training and system firewalls. We maintain password security and restricted access to all electronic documents containing personal information and store hard copy documents in secured locations. We will take reasonable steps to delete or permanently anonymise personal information if it is no longer needed for the purpose for which the information was used or disclosed.


6. Use of your personal information

We use personal information to deliver our goods and services and to manage the relationship with our existing customers, partners and suppliers. We use the personal contact details of individuals at potential customers and other parties who are interested in hearing about our products and services in order to liaise about opportunities to work together.

We will not use or disclose personal information that we collect for purposes other than the above purposes unless the person consents to our doing so.


7. How is personal information disclosed to others? 

We do not sell, rent or trade personal information to, or with, third parties. Our website may contain links to other websites. We do not share your personal information with those websites and while we take all care in handling your personal information, we are not responsible for the privacy practices of linked websites.

In some circumstances your personal information may be disclosed to service providers that perform a range of services on our behalf including:

(a) mailing houses and printing companies;

(b) auditors and solicitors;

(c) information technology vendors, including hosting service providers; and

(d) other consultants.

If we transmit your personal information over the internet (for example to the above third parties) we will take reasonable steps to maintain the security of your personal information to prevent misuse and unauthorised access.  Despite these protection mechanisms, you should be aware there are inherent risks associated with the transmission of data over the internet and we cannot guarantee that any transmission will be completely secure.

Where we disclose your personal information to our service providers, we will take steps to ensure that they are authorised to only use personal information in order to perform the functions required by us and in accordance with applicable data protection law. We will ensure that we have a contract in place with our service providers, limiting their use of the personal information to only using it for the purpose of delivering the services to us and implementing suitable security measures.


8. International transfers

When personal information is being transferred outside New Zealand, we take steps to ensure that the transfer is performed in a manner that ensures that your personal information is adequately protected, including obtaining contractual commitments from the party to whom the information is being transferred.  We may from time to time, transfer information that we collect about you to our Alcidion group companies to allow these group companies to have visibility of our business relationships and to undertake corporate management functions.


9. Data Retention

We will only keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Policy and in order to comply with our legal and regulatory obligations, following which the data will be deleted or de-identified.


10. Keeping your personal information up to date and your Access right

To help us comply with our obligation to ensure that personal information is accurate and up to date, during the course of our relationship with you, we will ask you from time to time to tell us of any changes to your personal information. However, you can contact us at any time to seek confirmation of the personal information we hold about you, or to ask us to update your personal information or tell us that the information we hold about you is inaccurate or incomplete.

If you request access to your personal information, we will provide you with an electronic copy of your personal information that we hold. Generally, we will not charge for this.


11. Complaint handling 

If you are not satisfied with our use of your personal information or our response to your inquiry or request, you can complain to the contact listed at section 12 below. You may also complain to the Office of the Privacy Commissioner of New Zealand Commissioner (OPC) .  On receipt of a complaint, the OPC can decide whether or not to investigate a complaint, and/or whether to refer (part or all of) the complaint to another person, which may include an overseas privacy enforcement authority.


12. How to contact us

Correspondence for our Privacy Officer should be directed to our Company Secretary, whose details are:


Mail: Alcidion, Level 10, 9 Yarra Street, South Yarra Vic 3141


13. Changes to this policy

This policy was last reviewed on 10 February 2022. From time to time, we may change our policy on how we handle personal information or the sort of personal information that we hold. Any changes to our policy will be published on and can be viewed by accessing by checking our website