Finger-Ink's Privacy Policy
Brendan Kilfoil avatar
Written by Brendan Kilfoil
Updated over a week ago

👇 Last updated 10 July 2018

Introduction

FingerInk Limited NZ Company No. 3897416 (we, us, our, Finger-Ink) complies with the Privacy Act 1993 (New Zealand) (the NZ Privacy Act) and other applicable laws when dealing with personal information. Personal information is information about an identifiable individual (a natural person).

This policy sets out how we will collect, use, disclose and protect your personal information. This policy should be read in conjunction with our Cookie Policy.

If you are based in the European Union and use our website, products and/or services the additional terms in the addendum (GDPR Terms) to this policy apply to you.

This policy does not limit or exclude any of your rights under the NZ Privacy Act and other applicable laws. If you wish to seek further information on the NZ Privacy Act, see www.privacy.org.nz.

Changes to this policy

We may change this policy by uploading a revised policy onto our website (finger-ink.com) (the website). Unless stated otherwise, the change will apply from the date that we upload the revised policy.

What personal information do we collect

We collect, hold and process two categories of personal information

Account and Marketing Data is personal information that we collect about you:

  • in connection with the creation or administration of a customer account

  • if you ask to receive information about us or our services and products

  • when you contact us directly (e.g. telephone call, email, through the user portal or through the app)

  • when you visit our website.

The Account and Marketing Data we collect may include company/personal names, usernames, phone numbers, email addresses, your location, billing information, information about how you use our website or the Services (for example, traffic volumes, time spent on pages), your IP address and/or other device identifying data, and other information required to provide a service or information you have requested from us.

Patient or Client Data is personal information about our customers' patients that is input into the Service (as defined in the Finger-Ink Terms of Service). Patient or Client Data may include patients’ first and last names, titles, dates of birth, photographs, medicare numbers, email addresses, phone numbers, addresses, emergency contacts, and any other information that our customer decides to capture about its patients.

We will not disclose, move, access, process or use Patients Data except as provided in our Terms of Service (including, if applicable, the Finger-Ink Data Processing Addendum) and we require our customers to comply with applicable privacy and data protection laws.

The remainder of this privacy policy sets out how we will collect, use, disclose and protect Account and Marketing Data and does not apply to Patient or Client Data.

Who do we collect your personal information from

We collect personal information about you from:

  • you, when you provide that personal information to us, including via our website and the Service, through any registration process, through any contact with us (e.g. telephone call, email or through the user dashboard)

  • third parties where you have authorised this or the information is publicly available.

If possible, we will collect personal information from you directly.

When you visit or use our website or the Service, we may collect information about you through the use of cookies and similar storage technologies. Please refer to our Cookie Policy for further information, including information on how you can disable these technologies.

Some provision of personal information is optional. However, if you do not provide us with certain types of personal information, you may be unable to enjoy the full functionality of our website or the Services.

We may also conduct user surveys to collect information about your preferences. These surveys are optional and if you choose to respond, your responses will be kept anonymous.

How we use your personal information

We will use your personal information:

  • to verify your identity

  • to provide services and products to you

  • to market our services and products to you, including contacting you electronically (e.g. by text or email for this purpose)

  • to improve the services and products that we provide to you

  • to bill you and to collect money that you owe us, including authorising and processing credit card transactions

  • to respond to communications from you, including a complaint

  • to conduct research and statistical analysis (on an anonymised basis)

  • to protect and/or enforce our legal rights and interests, including defending any claim

  • for any other purpose authorised by you, the NZ Privacy Act or other applicable law.

Disclosing your personal information

We may disclose your personal information to:

  • any other company within our group for the purposes described in this policy

  • any business that supports our services and products, including any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products or that assists us with our marketing and customer care activities.

  • other third parties (for anonymised statistical information)

  • a person who can require us to supply your personal information (e.g. a regulatory authority)

  • any other person authorised by the Act or another law (e.g. a law enforcement agency)

  • any other person authorised by you

  • any other company in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.

A business that supports our services and products may be located outside New Zealand. This may mean your personal information is held and processed outside New Zealand.

We also share information about your use of our website with our trusted social media, advertising and analytics partners through the use of cookies, pixel tags and similar storage technologies. Please refer to our Cookie Policy for further information.

Protecting your personal information

We will take reasonable steps to keep your personal information safe from loss, unauthorised activity, or other misuse.

You can play an important role in keeping your personal information secure by maintaining the confidentiality of any password and accounts used in relation to our products and services. Please do not disclose your password to third parties. Please notify us immediately if there is any unauthorised use of your account or any other breach of security.

Accessing and correcting your personal information

Subject to certain grounds for refusal set out in the NZ Privacy Act or other applicable law, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

If you want to exercise either of the above rights, email us at privacy@finger-ink.com. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, or the correction, that you are requesting).

Internet use

While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.

If you follow a link on our website or in the Service to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information.

Contact us

If you have any questions about this privacy policy or our privacy practices, you can contact us at privacy@finger-ink.com.


GDPR addendum

If you are based in the European Union (EU) and use our website and/or our services, these additional terms (GDPR Addendum) form part of our privacy policy.

The General Data Protection Regulation (GDPR) regulates the collection, processing and transfer of EU individuals’ personal data (as defined in the GDPR). The personal information described in our privacy policy is personal data under the GDPR. We are committed to complying with the GDPR when dealing with Account and Marketing Data (as defined in the privacy policy) about our website visitors and service users based in the EU.

This GDPR Addendum was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. Any requests for further information should be sent to privacy@finger-ink.com.

For the purposes of the GDPR:

  • we are the data controller (as defined in the GDPR) when processing Account and Marketing Data; and

  • our customers are the data controller when processing Patient or Client Data (as defined in the privacy policy).

By nature, the Patient of Client data we collect on behalf of our customers may qualify as special categories of personal data under the GDPR. We will not process Patient or Client Data except as provided in our Terms of Service (including, if applicable, the Finger-Ink Data Processing Addendum) and we require our customers to comply with applicable privacy and data protection laws, including complying with additional requirements around special categories of personal data. If we receive any data subject requests relating to Patient or Client Data, such as requests to access personal data, we will forward this request to our relevant customer.

The remainder of this GDPR Addendum applies to Account and Marketing Data only, and does not apply to Patient or Client Data.

This GDPR Addendum was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we are happy to provide any additional information or explanation needed. Any requests for further information should be sent to privacy@finger-ink.com.

Processing personal data

The Account and Marketing Data we may process is described in our privacy policy. This Account and Marketing Data may be processed for the purposes outlined in our privacy policy.

The legal basis for our processing of Account and Marketing Data is your consent and, for certain Account and Marketing Data, processing is necessary for the performance of a contract to which you are a party.

Despite the above, we may process any of your personal data where such processing is necessary for compliance with applicable laws.

You do not have to provide us with your name or contact information to access and use the website. However, you must provide us with your name and contact information when using the Service and some of our other services. The consequence of not providing your name and contact information is that we will not be able to provide all of our services to you.

Your Rights

Your rights in relation to your personal data under the GDPR include:

  • right of access- if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data.

  • right to rectification- if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take every reasonable step to ensure personal data which is inaccurate is rectified. If we have shared your personal data with any third parties, we will tell them about the rectification where possible.

  • right to erasure- we delete your personal data when it is no longer needed for the purposes for which you provided it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable laws. If we have shared your personal data with any third parties, we will take reasonable steps to inform those third parties to delete such personal data.

  • right to withdraw consent- if the basis of our processing of your personal data is consent, you can withdraw that consent at any time.

  • right to restrict processing- you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with third parties, we will tell them about this request where possible.

  • right to object to processing- you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR.

  • right to data portability- you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal data directly to another data controller.

  • the right to complain to a supervisory authority- you can report any concerns you have about our privacy practices to the relevant data protection supervisory authority.

Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.

If you would like to exercise any of your above rights, please contact us at privacy@finger-ink.com, or our nominated Representative. If you are not satisfied by the way your query is dealt with by our data protection officer, you may refer your query to your local data protection supervisory authority e.g. in the United Kingdom, this is the Information Commissioner’s Office.

EU Representative

The nominated Representative for data protection matters within the European Union, pursuant to Art. 27 of Regulation (EU) 2016/679 (the General Data Protection Regulation, or GDPR), is:

Adaptant Solutions AG

Rosenheimer Str. 139

81671 Munich

Germany

Inquiries may also be submitted through Adaptant’s contact form at: https://www.adaptant.io/contacts-locations.

Children

We do not intend to collect personal data from children aged under 16. If you have reason to believe that a child under the age of 16 has provided personal data to us through our website and/or by using our services, please contact us at privacy@finger-ink.com.

Please note that the above statement relates only to personal data where we are the data controller (i.e. Account and Marketing Data as defined in our privacy policy). If you or a child under your care uses the Finger-Ink app in connection with a visit to one of our health practitioner customers, our customer is the data controller when processing Patient or Client Data about you (or that child). Please contact the relevant health practitioner if you have any concerns about its processing of Patient or Client Data.

Cookies

We use cookies and similar storage technologies. Please refer to our Cookie Policy for further information, including information on how you can disable these technologies.

International transfer of data

The Account and Marketing Data may be transferred to, and stored in, a country operating outside the European Economic Area (EEA). Under the GDPR, the transfer of personal data to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal data provided appropriate safeguards are in place.

Some of the Account and Marketing Data we collect is processed in New Zealand (where our registered office is located). New Zealand is recognised by the European Commission as a country that ensures an adequate level of data protection and we rely on this decision in transferring personal data to New Zealand.

Some of the Account and Marketing Data we collect is processed by third party data processors in other countries, including United States. Where Account and Marketing Data is transferred outside the EEA or New Zealand, it will only be transferred where the transfer complies with the GDPR (e.g. to organisations in the United States under the EU-U.S. Privacy Shield framework or by entering into the European Commission’s Standard Contractual Clauses). For further information, please contact us using the details set out in set out in our privacy policy.

Data retention policy

Account and Marketing Data that we collect and process will not be kept longer than necessary for the purposes for which it is collected, or for the duration required for compliance with applicable law, whichever is longer.

Contact us

You can contact us at privacy@finger-ink.com.


Cookie Policy

Your continued use of our website or the Service, including the Finger-Ink App, (both as defined in the Finger-Ink Terms of Service) will signify your acceptance of this Policy. We may modify this Policy without notifying you, so we encourage you to check this Policy from time to time.

By using the website or the Service, you are agreeing that we can use the cookies described in this Cookie Policy. You can stop cookies by changing the settings on your browser.

Changes to this policy

We may change this policy by uploading a revised policy onto our website (finger-ink.com) (the website). Unless stated otherwise, the change will apply from the date that we upload the revised policy.

What are cookies?

Cookies are text files containing small amounts of information which are downloaded to your browsing device, e.g. a computer or smartphone, when you visit a website. Cookies can be recognised by the website that downloaded them, or other websites that use the same cookies. This helps websites know if the browsing device has visited them before.

Cookies do lots of functions, like helping us understand how the website is being used, letting users navigate between pages effectively, remembering your preferences, and generally improving your browsing experience. Cookies can also help ensure marketing you see online is more relevant to you and your interests.

In this policy, we also use the term cookie to refer to similar technologies such as pixel tags. A pixel tag (also known as a web beacon) is a small string of code that represents a clear graphic image and is used in conjunction with a cookie. In contrast to cookies, which are stored on a user's computer hard drive, pixel tags are embedded invisibly on web pages or in emails. A pixel tag allows us to capture certain additional types of information about a visitor's actions on a web site, such as a visitor's cookie number, the time, date, duration and number of page views, a description of the page where the tag is placed and details about any items that were purchased. Pixel tags help us analyse our customers' online behaviour and measure the effectiveness of our website and our advertising. We work with service providers that help us track, collect and analyse this information.

What types of cookies does Finger-Ink use?

The types of cookies used by most websites can generally be put into five categories: Strictly Necessary, Performance, Functionality, Tailored Content and Targeting. We only use Strictly Necessary, Performance and Functionality Cookies.

Strictly necessary cookies

These cookies are essential for the full functionality of our website and the Service. They enable you to navigate around our website and the Service and use their features, such as accessing secure areas. Without these cookies, you may not be able to access all the functions of our website or the Service.

Performance cookies

These cookies collect information about how you use our website or the Service, e.g. which pages are the most visited and if you receive any error messages from any pages. These cookies do not gather information that identifies you. All information these cookies collect is anonymous and only used to improve how our website and the Service works.

Functionality cookies

These cookies allow our website and the Service to remember the choices you make, e.g. your user name, language or your region. These cookies can also be used to remember the changes you made to text size, font, and other parts of pages that you can customise. They may also be used to provide services you have requested, e.g. watching a video or commenting on a post. The information these cookies collect may be anonymous and they cannot track your browsing activity on other websites.

How long will cookies stay on my browsing device?

The length of time a cookie will stay on your browsing device depends on whether it is a persistent or session cookie. Session cookies will only stay on your browsing device until you stop browsing.

Persistent cookies will stay on your browsing device until they expire or are deleted.

First and third party cookies

First party cookies are cookies that belong to Finger-Ink, while third party cookies are cookies that another party places on your browsing device through our website or the Service.

How to control and delete cookies through your browser

The browser you are using to view the website or use the Service can enable, disable or delete cookies. To do this, please follow the instructions provided for your browser.

Please note that if you set your browser to disable cookies, you may not be able to access certain parts of the website or the Service. Other parts of the website or the Service may also not work properly. You can find out more information about how to change your browser cookie settings at http://www.aboutcookies.org.uk.

Third party website cookies

Other websites may use different cookies from those Finger-Ink uses. You acknowledge and agree that Finger-Ink is not responsible for any third party websites or applications and you access third party websites and applications at your own risk. Please understand other websites and applications are independent from Finger-Ink so you must inform yourself of their separate cookie policies.

Did this answer your question?