Guiding women on a compassionate journey to rediscover freedom, purpose and inner strength. it's time she got her groove back.

Privacy Policy

Privacy and Security Policy for

TE HAERENGA THERAPY

1. Introduction

TE HAERENGA THERAPY is committed to protecting the privacy and security of client information. This policy outlines our procedures for managing personal information in accordance with the New Zealand Privacy Act 2020 and the Health Information Privacy Code 2020. This policy applies to all personal information collected, stored, used, and disclosed by TE HAERENGA THERAPY, whether in paper or electronic form.

2. Scope

This policy applies to all employees, contractors, and any other individuals or organisations working on behalf of TE HAERENGA THERAPY. It covers all personal information collected from clients, including:

  • Name, address, and contact details

  • Date of birth

  • Health information, including reasons for seeking hypnotherapy, medical history, and progress notes

  • Payment information

  • Any other information collected during the course of providing hypnotherapy services

3. Principles

TE HAERENGA THERAPY adheres to the following principles:

  • Lawfulness: We will only collect personal information for a lawful purpose.

  • Purpose of Collection: We will only collect personal information that is necessary for the purpose of providing hypnotherapy services.

  • Collection from the Individual: We will, where possible, collect personal information directly from the individual.

  • Manner of Collection: We will collect information lawfully, fairly, and not in an unreasonably intrusive way.

  • Storage and Security: We will take reasonable steps to ensure that personal information is securely stored and protected from loss, unauthorised access, use, modification, or disclosure.

  • Access to Information: Individuals have the right to access their personal information held by us.

  • Correction of Information: Individuals have the right to request that their personal information be corrected if it is inaccurate.

  • Accuracy Before Use: We will take reasonable steps to ensure personal information is accurate, up to date, complete, relevant, and not misleading before using it.

  • Retention of Information: We will not keep personal information for longer than is required for the purposes for which it may lawfully be used.

  • Limits on Use of Information: We will only use personal information for the purpose for which it was collected, or a directly related purpose.

  • Disclosure of Information: We will only disclose personal information in accordance with the Privacy Act 2020 and the Health Information Privacy Code 2020.

  • Disclosure Outside New Zealand: We will only disclose personal information to an overseas agency if certain conditions are met under the Privacy Act 2020.

  • Unique Identifiers: We will only assign unique identifiers to individuals if it is necessary.

4. Data Collection Procedures

  • Initial Consultation: At the initial consultation, clients will be informed about the information we collect, the purpose of collection, who will have access to it, and how it will be stored.

  • Client Consent: We will obtain informed consent from clients before collecting any personal or health information. This consent will be documented.

  • Information Collected: We will only collect information that is necessary for providing hypnotherapy services. This may include:

    • Client intake forms

    • Session notes

    • Progress reports

    • Communication records

  • Method of Collection: Information will be collected through:

    • In-person consultations

    • Telephone conversations

    • Email communication

    • Online forms (if applicable)

5. Data Storage and Security

[Your Hypnotherapy Business Name] will implement the following measures to ensure the security of personal information:

  • Electronic Records:

    • All electronic records will be stored on password-protected computers and/or secure cloud storage with appropriate access controls.

    • Software will be kept up to date with the latest security patches.

    • Regular backups of electronic data will be performed.

    • Encryption will be used for sensitive data where appropriate.

    • Strong passwords will be used and regularly changed.

    • Access to electronic records will be restricted to authorised personnel only.

  • Paper Records:

    • All paper records will be stored in locked filing cabinets in a secure location.

    • Access to paper records will be restricted to authorised personnel only.

  • Disposal of Records:

    • Electronic records will be securely deleted.

    • Paper records will be shredded or destroyed in a secure manner.

  • Website Security:

    • Our website will have a privacy policy that is easy to find, read and understand.

    • If contact forms are used, data will be collected, stored and used in accordance with this policy.

    • We will ensure our website is secure (e.g. using SSL certificates).

6. Data Use and Disclosure

  • Use of Information: Personal information will only be used for the purpose for which it was collected, including:

    • Providing hypnotherapy services

    • Communicating with clients

    • Internal record-keeping

    • Responding to client inquiries

  • Disclosure of Information: Personal information will only be disclosed in accordance with the Privacy Act 2020 and the Health Information Privacy Code 2020. This may include:

    • With the client's express consent

    • To other healthcare providers with the client's consent, or where there is a serious risk to the client's health or safety

    • When required by law (e.g., in response to a court order)

    • To the Privacy Commissioner

  • Overseas Disclosure: We will only disclose information to someone overseas if the Privacy Act 2020 allows it. This means we have to make sure that the information will be protected in a way that is similar to the protection in New Zealand.

7. Data Retention

TE HAERENGA THERAPY will retain personal information for as long as necessary to fulfil the purposes for which it was collected and to comply with any legal or professional requirements. Specifically:

  • Client records will be retained for [10 years] after the last session, as recommended by professional guidelines or legal requirements.

  • After the retention period, records will be securely destroyed.

8. Access to and Correction of Information

  • Access: Clients have the right to request access to their personal information held by TE HAERENGA THERAPY. Requests for access should be made in writing to [Gabrielle Stewart – Privacy Officer]. We will respond to requests within 20 working days.

  • Correction: Clients have the right to request that their personal information be corrected if it is inaccurate, incomplete, or misleading. Requests for correction should be made in writing to [the Privacy Officer]. If we agree that the information is inaccurate, we will correct it. If we do not agree, the client may request that a statement of correction be attached to the information.

9. Privacy on our Website

  • Privacy Statement: Our website will display a clear and comprehensive privacy statement that outlines how we collect, use, and protect the personal information of website visitors.

  • Information Collection: We will only collect personal information through our website if it is necessary for a lawful purpose, and we will inform individuals about the purpose of collection.

  • Security Measures: We will implement appropriate security measures to protect personal information collected through our website from unauthorised access, use, or disclosure.

  • Cookies: If cookies are used on our website, we will disclose this in our privacy statement and explain the purpose of the cookies.

  • Links to Other Websites: If our website contains links to other websites, we are not responsible for the privacy practices of those websites. We encourage users to review the privacy policies of any linked websites.

10. Training

All staff and contractors will receive training on this policy and their responsibilities regarding the handling of personal information. Ongoing training will be provided to ensure that staff remain up-to-date with the requirements of the Privacy Act 2020 and the Health Information Privacy Code 2020.

11. Policy Review

This policy will be reviewed [every two years] to ensure that it remains up-to-date with legal requirements and best practices.

12. Complaints

Any complaints regarding the handling of personal information should be directed to [the Privacy Officer]. We will investigate all complaints and take appropriate action. Individuals also have the right to complain to the Privacy Commissioner.

13. Availability of this Policy

This policy will be made available to clients and staff in the following ways:

  • A copy will be provided to all new staff and contractors.

  • A copy will be available on our website.

  • A copy will be provided to clients upon request.

Contact Information

If you have any questions about this policy or the handling of your personal information, please contact:

[Gabrielle Stewart - Privacy Office]

Date of Last Review: [7 MAY 2025]

tehaerengatherapy website is owned by Te Haerenga Therapy, which is a data controller of your personal data.

We have adopted this Privacy Policy, which determines how we are processing the information collected by tehaerengatherapy, which also provides the reasons why we must collect certain personal data about you. Therefore, you must read this Privacy Policy before using tehaerengatherapy website.

We take care of your personal data and undertake to guarantee its confidentiality and security.

Personal information we collect:

When you visit the tehaerengatherapy, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the installed cookies on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products you view, what websites or search terms referred you to the Site, and how you interact with the Site. We refer to this automatically-collected information as “Device Information.” Moreover, we might collect the personal data you provide to us (including but not limited to Name, Surname, Address, payment information, etc.) during registration to be able to fulfill the agreement.

Why do we process your data?

Our top priority is customer data security, and, as such, we may process only minimal user data, only as much as it is absolutely necessary to maintain the website. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding website usage. This statistical information is not otherwise aggregated in such a way that it would identify any particular user of the system.

You can visit the website without telling us who you are or revealing any information, by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the website’s features, or you wish to receive our newsletter or provide other details by filling a form, you may provide personal data to us, such as your email, first name, last name, city of residence, organization, telephone number. You can choose not to provide us with your personal data, but then you may not be able to take advantage of some of the website’s features. For example, you won’t be able to receive our Newsletter or contact us directly from the website. Users who are uncertain about what information is mandatory are welcome to contact us via gabbystewart48@gmail.com.

Your rights:

If you are a European resident, you have the following rights related to your personal data:

  • The right to be informed.

  • The right of access.

  • The right to rectification.

  • The right to erasure.

  • The right to restrict processing.

  • The right to data portability.

  • The right to object.

  • Rights in relation to automated decision-making and profiling.

If you would like to exercise this right, please contact us through the contact information below.

Additionally, if you are a European resident, we note that we are processing your information in order to fulfill contracts we might have with you (for example, if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information might be transferred outside of Europe, including Canada and the United States.

Links to other websites:

Our website may contain links to other websites that are not owned or controlled by us. Please be aware that we are not responsible for such other websites or third parties' privacy practices. We encourage you to be aware when you leave our website and read the privacy statements of each website that may collect personal information.

Information security:

We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We keep reasonable administrative, technical, and physical safeguards to protect against unauthorized access, use, modification, and personal data disclosure in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed.

Legal disclosure:

We will disclose any information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Contact information:

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send an email to gabbystewart48@gmail.com.

Te Haerenga Therapy

Join us on a journey of self-discovery today.

gAbrielle

TIME TO GET YOUR GROOVE BACK, LET'S gO!

@tehaerengatherapy.com

+0212437013

© 2025. All rights reserved.