Privacy Policy for Stela Clinic

Your privacy is paramount to us at Stela Clinic. We are committed to protecting your personal information and handling it with the utmost care and sensitivity. This policy outlines how we collect, use, store, and disclose your information, as well as your rights regarding your personal information. It has been prepared in accordance with the Privacy Act 2020 and the Health Information Privacy Code 2020 in New Zealand.

Who are we?

We are Stela Clinic, an online health platform dedicated to comprehensive weight management. When we refer to "Stela Clinic," "we," "us," or "our," we mean Stela Clinic.

What Personal Information Do We Collect About You?

We collect various types of personal information to provide you with our services and to ensure safe and effective care.

Background and Identity Information

  • Name, Date of Birth, Gender (assigned at birth)
  • Address, Phone Number, Email Address
  • Ethnicity: European, Māori, Pacific Peoples, Asian, Indian, Other (patient to specify)
  • Occupation
  • Proof of your identity, for example, driver’s license or passport, which we may request to protect against unauthorised access to your health information and to guard against fraud. We will access your National Health Index (NHI) to verify your personal identity and to provide efficient and timely medical care.

Health Information

We collect sensitive health information to provide personalized and safe medical care. This includes:

  • Your GP details: However, you may decline to answer.
  • Medical History: All medical conditions you may have.
  • Prescription Medications: A comprehensive list of all prescription medications you are currently taking, including dosage, frequency, and reason for taking.
  • Medication Allergies.
  • Weight History: Current weight, target weight, height, weight challenges as a child, weight when you left school, family history of obesity, duration of being overweight, heaviest weight, lowest weight, weight one year ago, and how many times you've lost at least 5-10kg.
  • Diet History: Detailed food and drink intake from the previous day, typical snacks and frequency, feeling of fullness after meals, frequency of takeaways, sweet tooth, grazing behavior, emotional eating, history of binge eating, history of making yourself vomit, situations/feelings that trigger eating, desire to eat when things go wrong, lonely, or down, desire to reward with food when upset, food allergies/intolerances/religious dietary requirements, and alcohol consumption details.
  • Exercise History: Exercise frequency and type.
  • Specific Medical Conditions: History of pre-diabetes or diabetes (including type), high blood pressure, high cholesterol, heart attack or stroke, kidney disease, constipation, pregnancy status, breastfeeding status, contraception use, menstrual cycle regularity, history of eating disorders, history of depression/anxiety (current or past treatment), sleep medication use, snoring and observed stopping breathing during sleep, reflux, painful joints, gallstone problems, chest pain, shortness of breath on exertion, palpitations, history of seizures, history of pancreatitis, glaucoma, family/personal history of thyroid cancer, and history of abdominal surgery.
  • Information collected during consultations: Any information gathered during video conferencing, phone calls, or text messaging interactions with our Stela Practitioners (doctors and nurses) and Stela Contributors (dietitians and support staff).
  • Pathology Test Results: Information from lab tests and radiology referrals.

In some instances, withholding information may affect whether Stela Clinic can provide services to you or the quality of care you receive.

Payment Information

Bank account or credit card number, account holder name(s), and other information needed to process payments. We do not directly collect or hold your full payment card information; all payment card collection, storage, and transactions are performed directly by our secure Payment Card Industry compliant third-party payment processor.

Information About Your Device and Stela Clinic Interactions

  • Location, internet protocol (IP) address, and session information.
  • Cookies and other tracking technologies (see "Cookies" section below).
  • Analytics and usage data relating to your interaction with the Stela Clinic website and online advertising.

What Are the Purposes for Which We Collect Your Personal Information?

Stela Clinic collects and uses your personal information for the following purposes, and other directly related purposes:

  • To confirm your identity and create your Stela Clinic account, and to protect against unauthorised access and fraud.
  • To provide Stela Clinic services to you, including:
    • Facilitating consultations and advice with our Stela Practitioners and Stela Contributors.
    • Conducting clinical obesity assessments.
    • Issuing prescriptions for medications (e.g., Wegovy).
    • Providing educational content, videos, and resources.
    • Facilitating the purchase and delivery of prescription and non-prescription medications from our partner pharmacy.
    • Issuing referrals for pathology tests and to other medical specialists or your GP where clinically appropriate.
    • Maintaining your comprehensive record of care in line with our legal obligations.
  • To administer Stela Clinic services and manage arrangements with our third-party contractors (e.g., Partner Pharmacy, Associate Couriers).
  • To ensure patient safety and determine your clinical eligibility and suitability for our services and medications.
  • To communicate with you about the services we are providing, updates, and new products and services, and to provide health promotion information.
  • To improve and enhance the services that Stela Clinic provides, and how we provide and promote those services.
  • To respond to funding or clinical audit requests or other inquiries and information requests when required by law or professional standards.
  • To manage payments, refunds, and cancellations related to our services.
  • To comply with our legal and regulatory obligations under New Zealand law, including the Privacy Act 2020 and the Health Information Privacy Code 2020.
  • To conduct internal research for service improvement and to develop and train healthcare professionals (in an anonymized or aggregated format where possible).

How and When Do We Share Your Personal Information?

In connection with the purposes set out above, Stela Clinic may disclose your personal information to the following third parties:

  • Stela Clinic clinicians (doctors and nurses), other employees, contractors, and Stela Contributors (e.g., dietitians, patient engagement specialists) who are involved in providing healthcare services to you.
  • Our partner pharmacy for the purpose of dispensing and delivering prescribed medications. This includes transmitting your prescription and payment information.
  • Associate Couriers for the delivery of your medications.
  • Your nominated General Practitioner (GP), if you provide your consent, to ensure continuous and coordinated care. We strongly suggest keeping your GP informed.
  • Other healthcare providers and agencies (e.g., laboratory testing and screening services, radiology, specialists, hospitals) where referrals are made or information sharing is necessary for your continued care.
  • Government agencies and regulators when we are required to do so by law, including the Coroner, Medical Council or Nursing Council of New Zealand, and Health and Disability Commissioner.
  • Credit reporting agencies or other identity verification services to confirm your address and identity as part of our verification processes.
  • Payment service providers for processing consultation and medication payments.
  • Third-party marketing partners (such as Google and Meta) who may receive your hashed contact information to create custom audiences and lookalike audiences, enabling us to deliver targeted advertisements to you and individuals with similar interests. You can unsubscribe from marketing communications at any point.

We will never share your personal health information for marketing purposes without your explicit consent.

How Do We Collect Personal Information?

We collect personal information in the following ways:

  • Directly from you:
    • When you complete our online assessment questionnaire.
    • When you sign up for Stela Clinic services and interact with our website or otherwise communicate with the Stela Clinic team via video conferencing, phone calls, or text messages.
    • During your consultations with our Stela Practitioners and Stela Contributors.
  • Indirectly, from other sources:
    • From other health agencies you or we interact with, which provide us with results, treatment, and other health-related information to enable us to provide healthcare services to you and to maintain your health records. These agencies may include laboratory testing and screening services, radiology, specialists, and hospitals following a referral.
    • From your bank and from payment service providers, relating to the payment of consultation fees.

Where Is Your Personal Information Stored?

We are committed to securing your personal and health information.

  • Your health records are stored in our Patient Management System (PMS) Elixir, which provides secure cloud-based data storage.
  • When you complete our online obesity questionnaire, the summarised results are temporarily sent to our secure Gmail account for administrative processing. This information is then promptly uploaded to your secure record in Elixir, after which the email containing your questionnaire summary is deleted from our Gmail account.
  • We are actively working on a direct integration solution to enable the automatic upload of questionnaire results into Elixir, bypassing the temporary Gmail step.
  • We protect our data with all reasonable technical and process controls to prevent unauthorised access, use, or disclosure across all stages of data handling.

How Do We Manage the Health Information of Dependents and Young Adults?

  • If you are under the age of 16 and wish to register with Stela Clinic, your parent or guardian must engage with our clinic on your behalf and attend all consultations with you. Your parent or guardian will normally be able to access your health information.
  • We provide treatment from age 12. For patients aged 12 to 18 (inclusive), a doctor's consultation is mandatory and requires a comprehensive review due to the complexity of adolescent consultations.
  • As a young adult, you may specifically ask us not to share your healthcare information with your parents and/or guardians. We will assess these requests on a case-by-case basis in accordance with the Health Information Privacy Code, Privacy Act, and Health Act 1956 to respect confidentiality and best interests.

What Are My Rights to Access My Information and Keep it Accurate?

You have important rights regarding your personal information:

  • Right to Access: You have the right to request access to, and a copy of, your personal and health information that we hold. You do not have to explain why you are requesting that information, but you may be required to provide proof of your identity. An administration fee may apply for extensive requests.
  • Right to Correction: You have the right to ask for health information about you to be corrected if you believe it is inaccurate, incomplete, or out-of-date. You can also provide a statement of correction. If our team is not willing to change that information as requested, they will attach your statement of correction to your file.

You can exercise these rights at any time by contacting us using the contact details provided under "Contact us" below.

How Long Will My Information Be Kept For?

We will retain your information in accordance with our obligations under New Zealand law and professional standards. Generally, this means that we will keep your information securely for at least 10 years after the date of your last appointment or interaction with Stela Clinic.

If you decide to cease using our services, we will continue to hold your information as required by law.

Cookies (and similar technologies)

We use various tracking technologies, including cookies, across our website and services to provide and improve your experience.

  • What are cookies? A cookie is a small text file stored on your computer's memory or hard disk for a predefined period.
  • How we use them: We use cookies to identify specific machines to collect aggregate information on how visitors experience our platforms. This helps us adapt our services to your requirements. We may also use third-party vendors to show our ads on the internet and serve these ads based on your prior visits to our platforms. We may use analytics data supplied by these vendors to inform and optimize our advertising campaigns.
  • Privacy: While cookies allow a computer to be identified, they do not contain personal information about a specific individual.
  • Your control: You can modify your device settings to control cookie acceptance. However, please note that some features of our services may not function properly if cookies are disabled. By using our services, you consent to our use of these tracking technologies in accordance with this policy.

Complaints

If you wish to make a complaint about your personal information or how it is collected, used, or disclosed, please contact us in the first instance.

  • Contact us directly: Please email your concerns to admin@stela.co.nz. We will investigate your complaint and respond to you.
  • Office of the Privacy Commissioner (OPC): If you are unable to resolve the issue with us to your satisfaction, you are entitled to take your complaint to the Office of the Privacy Commissioner (OPC). You can find more information on the OPC website: https://privacy.org.nz.

You also have rights under the Code of Health and Disability Services Consumers' Rights. If your concern is about an aspect of the health or disability services that we provide, you have a right to complain under this Code. You can make your complaint directly to us, or access free and independent support through the Health and Disability Commissioner’s Advocacy Office, or contact them on 0800 555 050. More information is available on the HDC website: https://www.hdc.org.nz.

Contact Us

If you have any questions regarding our Privacy Policy, or if you wish to exercise your rights, please contact us.

Email: admin@stela.co.nz