This policy sets out how we collect, use, disclose and protect personal information for our Users and Providers.
As a principle, Clearhead will never sell personal, identifiable information. Clearhead does collate personal information into aggregated, anonymised and de-identified data analytics at an employer, insurance provider, or community level. Aggregated and anonymised data analytics are used for the purposes of a third party better understanding and taking actions to address mental health and wellbeing trends using non-identifiable information. Personal information from Users and Providers will never be identifiable in these circumstances. The details of this are transparently outlined in this Policy.
Clearhead also endeavours to collect personal information from Users and Providers directly rather than via third parties. However, there are instances where information is obtained from third parties. We transparently outline these instances in this Policy.
We collect personal information from you, including information about your;
We collect your personal information in order to;
Besides our staff, we share information;
Providing some information is optional;
Maintaining the trust and privacy of our Users and Providers is extremely important to us. We keep your information safe by storing it in encrypted files and only allow essential staff access to it .
We keep your information for ten years in accordance with New Zealand Health Information Privacy Code 2020 guidelines, or seven years in accordance with Australian state or territory privacy laws, whichever is applicable, at which point we destroy it by securely digitally erasing all digital files.
You have the right to ask for a copy of any personal information we hold about you, and to ask for it to be corrected if you think it is wrong. If you would like to ask for a copy of your information, or to have it corrected, please contact us at [email protected] or +64 9 801 1532.
To register a compliment or complaint, including about how your personal information has been handled, please contact us at [email protected] or +64 9 801 1532. We will acknowledge your compliment or complaint within 14 calendar days and confirm any actions we are taking in response to your compliment or complaint within 20 working days.
We collect personal information from:
We use User and Provider personal information to:
We do not disclose personal information to any third parties except in the following circumstances:
Maintaining the trust and privacy of our Users and Providers is extremely important to us. Below are reasonable steps we have taken to keep Users and Providers personal information safe from misuse, interference, loss, unauthorised access, unauthorised modification, unauthorised disclosure, or other misuse:
Users and Providers acknowledge, however, that no efforts can completely guarantee the security of the stored data, in that breaches of security are still a possibility both regarding our systems and that a data security breach resulting in unauthorised access to Users and Providers information can occur in third party system (for example, third party providers and hosting services providers). As a result, we do not warrant or ensure the integrity and security of the data stored in its systems, including without limitation the personal information of our Users and Providers. While we take reasonable steps to maintain secure internet connections, if a User or Provider shares personal information with us over the internet, the provision of that information is at that User or Provider’s own risk.
Subject to certain grounds for refusal set out in legislation, Users and Providers have the right to ask for a copy of any personal information Clearhead holds about her/him/themselves, and to ask for it to be corrected if she/he/they think it is incorrect.
If you would like to ask for a copy of your information, or to have it corrected, please contact us at [email protected] or +64 9 801 1532.
Before a User or Providers exercises this right, we will need evidence to confirm that the person is the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that the User or Provider requested the correction.
We may charge a User or Provider our reasonable costs to provide copies of requested personal information or to correct requested information.
To register a compliment or complaint, including about how your personal information has been handled, please contact us at [email protected] or +64 9 801 1532.
We will acknowledge your compliment or complaint in writing within 14 calendar days.
We will confirm in writing any actions we are taking in response to your compliment or complaint within 20 working days.
This section provides information about third-party subprocessors ("Subprocessors") that we use to assist in delivering our services. We maintain contractual relationships with each Subprocessor that requires them to protect personal data in a manner consistent with our privacy obligations.
Infrastructure Subprocessors: We utilize the following Subprocessors to provide infrastructure and hosting services, which in turn host the data we process.
Processing and Auxiliary Services: The following Subprocessors provide various services that enhance our offerings and, in some cases, may process data.
Marketing & Customer Engagement: Platforms that assist with marketing, sales, and customer service operations.
We take privacy seriously and review our Subprocessors periodically to ensure they meet our data protection standards. We will update this list as our subprocessor relationships evolve.