PRIVACY POLICY – Champion Dental Limited (T/A Champion Dental Centre)

Last Updated: 23 May 2026
Effective Date: 23 May 2026

 

1. OUR COMMITMENT TO YOUR PRIVACY

At Champion Dental Limited, we recognise that your health and personal information are deeply private. Safekeeping this data is a core part of the trust you place in us as your dental care provider.

This Privacy Policy outlines how we collect, use, store, and protect your information across our clinical practice, administrative operations, and digital platforms. By engaging with our services, visiting our practice, or using our website, you acknowledge the practices described in this document.

2. LEGAL FRAMEWORK & KEY TERMS

Our privacy practices are designed to comply with New Zealand law, including the Privacy Act 2020, the Health Information Privacy Code 2020 (HIPC), and the Unsolicited Electronic Messages Act 2007.

To keep this policy clear, we use the following definitions:

  • “We”, “our”, or “us” refers explicitly to Champion Dental Limited.
  • Personal Information: Any data that identifies you as an individual or allows your identity to be reasonably determined (such as contact details, date of birth, or financial details).
  • Health Information: A specialised category of sensitive data protected under the HIPC. This includes your medical and dental history, clinical notes, radiographs (X-rays), treatment plans, and diagnostic results.

3. ANONYMITY AND PSEUDONYMITY

You have the right to interact with us anonymously or use a pseudonym if you are making general enquiries about our services, pricing, or treatment options. However, because we provide specialised medical care, we cannot safely diagnose, treat, or book you for clinical appointments without verifying your identity, contact details, and medical history.

4. PURPOSE OF COLLECTION

We only collect information that is directly necessary to deliver dental care and operate our practice safely and efficiently. Specifically, we utilise your data to:

  • Assess, diagnose, and safely deliver clinical dental treatments.
  • Communicate vital clinical information, updates, and follow-up care instructions.
  • Manage appointment scheduling and issue automated confirmation reminders.
  • Process billing, health fund claims, ACC claims, and manage account payments.
  • Address patient enquiries, feedback, or formal complaints effectively.
  • Improve our practice standards through internal reviews, quality audits, and optional patient satisfaction surveys.
  • Comply with mandatory legal, regulatory, or public health reporting obligations.

If you choose not to provide requested personal or health information, we may be unable to safely provide treatment, schedule appointments, process funding claims, or deliver certain services to you.

5. THE TYPES OF INFORMATION WE COLLECT

Depending on your relationship with our practice, we may collect and hold the following details:

Patient Information

  • Identity & Demographics: Full name, date of birth, gender, and preferred pronouns.
  • Contact Information: Physical address, billing address, email, and phone numbers.
  • Clinical Records: Dental charts, medical history (including allergies, current medications, and underlying health conditions), treatment notes, photographs, and X-rays.
  • Financial Details: Payment methods, credit card details for transaction processing, or structural details for customised payment plans.
  • Funding & Identifiers: National Health Index (NHI) numbers, ACC claim numbers, and private health insurance details.
  • Emergency Contact: The name and phone number of a nominated emergency contact or legal guardian.

Employment & Business Applicants

If you apply to work with us or discuss a professional partnership, we may also collect your CV, professional registration details, references, and academic transcripts. Where relevant to the position and permitted by law, we may also conduct background, credit, or criminal history checks with your knowledge and consent.

6. HOW WE COLLECT YOUR INFORMATION

We collect information through two primary pathways: directly from you, or transparently from authorised third parties.

Direct Collection

Whenever practical, we collect data directly from you. This happens when you complete a new patient intake form, speak with our clinical or front-desk team, book an appointment online, or send us an email.

Phone calls with our practice may be recorded for quality assurance, training, and service improvement purposes.

We may also use trusted technology providers, including artificial intelligence (AI) assisted systems, to help transcribe phone conversations, support clinical note-taking, and assist with the analysis of diagnostic images.

Any AI or technology providers we engage are required to maintain strict privacy, confidentiality, and security standards designed to protect personal and health information in accordance with applicable legal obligations.

Indirect Collection & Transparency (IPP 3A Compliance)

To ensure you receive the safest possible care, we may occasionally need to collect your health or personal information from external sources. This includes:

  • Other dental practitioners, specialists, or medical GPs who have previously treated you.
  • Public health organisations, ACC, or your private health insurance provider.
  • A parent, designated caregiver, or legal guardian if you are a minor or unable to provide consent directly.

Our obligations under Information Privacy Principle 3A

If we collect your information from a third party, we will take all reasonable, practical steps to make you aware of this collection. We will inform you that the collection has occurred, the reasons behind it, who will see the information, and remind you of your rights to access and correct it.

We will not inform you of collection of your information where we know or reasonably believe that you have already been informed of the information transferred to us by the third party.

We will do this before or at the time of collection, or as soon as reasonably possible afterward, unless a legal exemption applies (for example, if notification would compromise your health, safety, or violate a clear statutory exception).

7. WHEN WE SHARE YOUR INFORMATION

We maintain strict clinical confidentiality. We will never sell, rent, or trade your data. Your information is only disclosed to third parties under limited circumstances, including:

  • Continuity of Care: Sharing clinical details with dental laboratories, dental specialists, or your GP to ensure seamless execution of your treatment plan.
  • Administration & Claims: Disclosing necessary treatment details to health insurance providers or ACC to secure funding or process claims on your behalf.
  • Support Services: Utilising secure, trusted third-party IT platforms, cloud storage providers, or financial processors who are contractually or legally required to protect your information.
  • Emergency Situations: Conveying critical medical data to emergency services or close family if you are incapacitated or unable to communicate.
  • Legal Obligation: Where we are required by New Zealand law, court order, or regulatory authority to release information.

Some of our trusted service providers may store or process information outside New Zealand. In particular, Principle Dental, our practice management software provider, stores information using Google Cloud’s ISO/IEC 27001 compliant managed cloud infrastructure.

All data is encrypted both at rest and in transit using industry-standard AES256 encryption and other recognised security practices. Data is stored within Google Cloud’s Australian data centres.

Where information is stored or processed overseas, we take reasonable steps to ensure providers are subject to privacy and security safeguards comparable to those required under New Zealand law.

8. MARKETING AND DIGITAL COMMUNICATIONS

We may occasionally contact you via email or SMS regarding practice updates, oral health information, newsletters, or promotional content where you have consented to receive these communications or where otherwise permitted by law.

We respect your inbox. You can opt out of non-clinical communications at any time by clicking the “unsubscribe” link in a digital message or by contacting our reception team.

Opting out of marketing communications will not affect essential clinical communications such as appointment reminders, treatment updates, or post-treatment instructions.

9. DIGITAL BROWSING & COOKIES

When you navigate our website, small text files called cookies may be saved to your device. These cookies help our website function effectively, remember your preferences, support online booking functionality, and help us understand how visitors use our website.

We may use trusted third-party services such as Google Analytics or similar technologies to collect website usage information. These tools may collect information about your device, browser, pages visited, and interactions with our website.

Cookies and analytics technologies generally do not directly identify you personally, but they may collect information associated with your device or browsing activity.

You can disable cookies through your browser settings, although doing so may affect the functionality of some website features, including online booking services.

10. INFORMATION SECURITY AND RETENTION

We employ industry-standard digital and physical security measures to protect your data from unauthorised access, loss, modification, or disclosure. This includes encrypted dental software networks, strict password protocols, restricted staff permissions, and secure on-site storage.

As a healthcare provider, we retain clinical health records for the minimum period required by applicable New Zealand legal and professional obligations, generally at least 10 years from the date of your last treatment, after which records are securely destroyed or permanently de-identified where appropriate.

CCTV and On-Site Security

To help maintain the safety and security of our patients, staff, and premises, CCTV surveillance may operate in certain public areas of our practice.

CCTV footage is only accessed where reasonably necessary for security, safety, incident investigation, or operational purposes, and access is restricted to authorised management personnel. Signage is displayed where CCTV monitoring operates.

11. NOTIFIABLE DATA BREACHES

If a privacy breach occurs involving your personal or health information, and we believe the breach is likely to cause serious harm, we will notify you and the Office of the Privacy Commissioner as required by law.

We may contact you by phone, email, or post using the contact details we hold for you. Our notification will generally outline the nature of the breach, the information affected, the steps we are taking in response, and any recommended actions you should take to help protect yourself.

If you have questions regarding a privacy incident, you may contact us at [email protected] or by mail at 4a Champion Street, Ranui, Porirua.

12. YOUR RIGHTS: ACCESS AND CORRECTION

You have a legal right to request a copy of the personal and health information we hold about you, and to request corrections if you believe any detail is inaccurate or out of date.

  • How to request: Please send a written request to our Privacy Officer using the contact details below. We may need to verify your identity before releasing records.
  • Our Timeline: We will respond to your request within 20 working days from receipt, as required by the Privacy Act 2020.
  • Costs: Requesting access to your personal health records is generally free of charge. If a request is exceptionally complex or requires substantial historical retrieval, we may charge a reasonable administrative fee as permitted by law, which will be disclosed to you in advance.

13. CHILDREN AND YOUNG PERSONS

Where patients are under the age of 16, we may collect information from or provide information to a parent, guardian, or authorised caregiver where appropriate and permitted by law.

In some circumstances, young persons may have the legal right to make decisions about their own health information depending on their level of understanding and the nature of the treatment involved.

14. AUTOMATED DECISION-MAKING

While we may use technology tools, including AI-assisted systems, to support administrative and clinical processes, clinical decisions regarding your care are always reviewed and made by appropriately qualified healthcare professionals.

15. PRIVACY QUERIES AND COMPLAINTS

If you have any questions about this policy, want to update your communication preferences, or wish to lodge a complaint regarding how your data has been handled, please contact us directly:

  • Attention: Hamish Anson – Privacy Officer
  • Email: [email protected]
  • Postal Address: 4a Champion Street, Ranui, Porirua

We take all privacy concerns seriously and will work to resolve your issue transparently and promptly.

If you feel we have not addressed your concern satisfactorily, you have the right to escalate your complaint to the independent authority:

16. POLICY UPDATES

We review and update this Privacy Policy periodically to align with evolving clinical practices, technological upgrades, or updates to legislation.

Any revisions will be published on this page and will apply to information held by us at that time.

DIGITAL TERMS OF USE (SUMMARY)

By browsing this website, you acknowledge that you have read and understood this Privacy Policy and our standard Terms of Use.

You are responsible for complying with applicable laws and regulations while interacting with our online booking systems.

The digital materials, branding, and content displayed on this website are protected under copyright and trademark law.

Download Our Privacy Policy

Book A Dentist Appointment