Privacy Policy

Last Updated: July 03, 2025

This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You under the GDPR, CCPA/CPRA, CalOPPA, and applicable New Zealand and U.S. laws.

By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Account means a unique account created for You to access our Service or parts of our Service.
  • Affiliate means an entity that controls, is controlled by or is under common control with a party.
  • Application refers to Eyeagnosis, the software program provided by the Company.
  • Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to NZ HEALTH CLINIC, 10 Rodeo Drive, Te Anau 9600.
  • Cookies are small files placed on Your device by a website to remember preferences and enhance the user experience.
  • Country refers to: New Zealand
  • Device means any device that can access the Service.
  • Personal Data is any information that relates to an identified or identifiable individual, including health data.
  • Service refers to the Application, Website, or both.
  • Service Provider means any party processing data on behalf of the Company.
  • Usage Data refers to data collected automatically during Service use.
  • Website refers to Eyeagnosis, accessible from https://eyeagnosis.com
  • You means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Payment information via Stripe, Apple In-App Purchases, or Google Play Billing
  • Eye images and related diagnostic data (sensitive health data)
  • Usage Data

Sensitive Health Data

We collect and process eye images and related information solely for diagnostic and clinical support purposes. This data is handled with strict confidentiality and is subject to encryption, access controls, and limited retention policies. We obtain your explicit consent before collecting or processing any health-related data.

Usage Data

Collected automatically using third-party tools like Google Analytics, including:

  • IP address
  • Browser details
  • Pages visited and interaction time
  • Device identifiers

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage Your Account: to manage Your registration as a user of the Service.
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
  • To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication.
  • To provide You with news, special offers and general information about other goods, services and events which we offer.
  • To manage Your requests: To attend and manage Your requests to Us.

Legal Basis for Processing and Data Rights

Legal Basis for Processing (GDPR)

  • Consent
  • Contractual necessity
  • Legitimate interest
  • Legal obligation

Data Subject Rights (GDPR)

  • Access, update, delete, or port your data
  • Withdraw consent anytime
  • Lodge a complaint with a supervisory authority

You may exercise these rights by contacting us at support@eyeagnosis.com.

CCPA/CPRA Rights

  • Know, delete, or opt-out of your data being sold or shared
  • Non-discrimination for exercising your rights

Compliance with Regional Laws

New Zealand Privacy Compliance

We comply with the Privacy Act 2020 and the Health Information Privacy Code 2020 with respect to the collection, use, and disclosure of health information in New Zealand. You may access and correct your personal information or file a complaint with the Office of the Privacy Commissioner. Visit privacy.org.nz for more information.

HIPAA Notice for U.S. Users

While Eyeagnosis collects health-related information, we are currently not classified as a Covered Entity or Business Associate under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). However, we handle all health information with confidentiality and secure processing in line with industry best practices.

CalOPPA Compliance

  • This policy is linked from our homepage.
  • Users are notified of changes via this page.
  • We honor Do Not Track browser signals.

Data Management

Data Retention

We retain personal and health data only as long as necessary for its intended purpose or as required by law. Diagnostic images are retained for no more than 2 years unless consent is renewed or deletion is requested.

Data Transfers

Your information may be transferred internationally. For EU users, we use Standard Contractual Clauses and other safeguards for lawful cross-border transfers.

Security of Your Personal Data

We use encryption, access controls, and secure storage. While no system is foolproof, we strive to protect your data using industry best practices. The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure.

Data Breach Notification

In case of a data breach, we will notify affected individuals and regulators within 72 hours in compliance with applicable laws.

Other Important Policies

Children’s Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

Cookie Policy

We use cookies for analytics and personalization. You can manage your cookie preferences using our Cookie Settings tool or through your browser.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services. We use the following third-party providers:

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page. We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

NZ HEALTH CLINIC
10 Rodeo Drive
Te Anau 9600
New Zealand
Email: support@eyeagnosis.com
Data Protection Officer: dpo@eyeagnosis.com