Onelink CommunityClient Management Service
Home Register About Us Contact Us

Privacy

ONELINK PRIVACY POLICY

February 2026

1 Introduction

1.1     Pharmacy Retailing NZ Limited (Company No 49549) trading as Onelink New Zealandand its related bodies corporate (Onelink, we, our and us) are committed to responsible privacy practices and to complying with thePrivacy Act 2020 (NZ) (Privacy Act), the privacy principles (Privacy Principles), Notifiable Privacy Breach contained in the Privacy Act, and where relevant, all applicable health records legislation and codes (Health Records Legislation) such as theHealth Information Privacy Code 2020 (NZ).

1.2      Where applicable, Onelink will handle personal information relying on the related bodies corporate exemption and the employee records exemption in the Privacy Act and any other applicable exemptions in the Privacy Act or other legislation.

1.3      This Privacy Policy sets out our policies on the management of personal information including how we collect and hold personal information, the purposes for which we use this information, and to whom this information is disclosed. We may change our Privacy Policy from time to time at our discretion. At any time, the latest version of our Privacy Policy is available from our website at https://www.onelink.co.nz/

1.4      Where it is practical and reasonable for us to allow you to do so, you may deal with us anonymously (for example when enquiring generally about our products and services).

2      What is personal information?

2.1      In this Privacy Policy, 'personal information' has the meaning set out in the Privacy Act. Essentially, personal information is information or an opinion about an individual who is or can be reasonably identifiable.

2.2      A reference to 'personal information' in this Privacy Policy includes "sensitive information" and "health information", as defined in the Privacy Act and applicable health records legislation. Essentially, health information is information or an opinion relating to the health or a disability of an individual who is reasonably identifiable.

3      What types of personal information does Onelink collect?

3.1      The types of personal information Onelink collects from you depends on the circumstances in which the information is collected.

3.2      Onelink may collect contact details including your name, occupation, address, email address, phone and fax numbers, your date of birth, IRD number, and details of police checks and court searches. We may collect answers you provide to questions we ask and other information in relation to your dealings with Onelink. If you purchase products or services from us, we may also collect certain transactional information and financial details to process the transaction.

3.3      If you are an individual contractor to Onelink, in addition to the information referred to insection 3.2we may also collect information relevant to your engagement with Onelink including qualifications, resume, reference information from your nominated referees, IRD number, bank details, feedback from supervisors and training records.

3.4      When you use our websites, we may collect website usage information such as the IP address you are using, the name of your Internet service provider, your browser version, the web site that referred you to us and the next website you go to, the pages you request, the date and time of those requests and the country you are in.

3.5      In certain circumstances we are required to collect government identifiers such as IRD numbers. We only collect, use and disclose such information as permitted or required by law.

3.6     In addition to the types of personal information identified above, Onelink may collect personal information as otherwise permitted or required by law.

 4      How do we collect and hold your personal information?

 4.1      Onelink collects personal information in a number of ways. The most common ways we collect your personal information are:

(a)      Directly from you when you provide it to us or our agents or contractors;

(b)     via our website or when you deal with us online (including through our social media pages);

(c)     if you are an individual contractor to Onelink, from your employer or recruitment agency;

(d)      from publicly available sources;

(e)     from credit reporting agencies;

(f)      from our related companies; and

(g)      from third parties in connection with your employment (eg from your referees), or in connection with your requirements (eg healthcare professionals, doctors, Accident Compensation Corporation, or insurance assessors) when providing products and service to you.

4.2      Most of the information that we hold about you will usually be stored electronically. We may store some of your information in secure data centres that are located in New Zealand or in other secure data centres of our contracted service providers (including cloud storage providers) that may be located outside of New Zealand. We may also store information that we hold about you securely in paper files or other hardcopy formats.

5      For what purposes do we collect, use and disclose your personal information?

5.1      The purposes for which we use and disclose your personal information will depend on the circumstances in which we collect it. Whenever practical we endeavour to inform you why we are collecting your personal information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal information.

5.2      We may use or disclose your personal information:

(a)     for the purposes for which we collected it (and certain secondary purposes where permitted by law);

(b)      for other purposes to which you have consented; and

(c)      as otherwise authorised or required by law.

5.3      In general we collect, use and disclose your personal information so that we can do business together and for purposes connected with our business operations.

5.4      Unless otherwise required or permitted by law, we will only collect health information about you with your consent and we will only use that information for the primary purpose for which it was collected. In some circumstances, we may collect your health information through third parties (e.g. from health care professionals, such as pharmacists, or other health professionals who are treating you). We will only do this if you have consented or where otherwise permitted or required by law.

5.5      Some of the specific purposes for which we collect, use and disclose personal information are:

(a)      to respond to you if you have requested information (including via our websites or via an email or other correspondence you send to us);

(b)     to provide goods or services to you, to assist a health professional or service provider to provide you with certain services (e.g. health services) or to receive goods or services from you;

(c)      to administer and manage services, including charging, billing and collecting debts;

(d)      to improve our products and services and keep you up to date on such improvements;

(e)      to understand our customer base and help tailor our products and services;

(f)     to allow performance reporting and benchmarking of your business, if applicable;

(g)      to contact you (directly or through our service providers) to obtain your feedback, to find out your level of satisfaction with our products and services and for other market research activities;

(h)     to verify your identity, including to identify you for building security, health and safety reasons when you attend at our premises for meetings or occasions when you may attend our premises for other business purposes;

(i)     to address any issues or complaints that we or you have regarding our relationship; and

(j)     to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone, by fax or in any other lawful manner.

5.6      We may also use and disclose your personal information for the purpose of direct marketing to you where:

(a)      you have consented to us doing so; or

(b)     it is otherwise permitted by law.

6      What happens if you don't provide personal information?

6.1     Generally, you have no obligation to provide any personal information requested by us. However, if you choose to withhold requested personal information, we may not be able to provide you with products and services that depend on the collection of that information.

7      To whom do we disclose personal information?

7.1      We may disclose your personal information to third parties in connection with the purposes described insection 5of this Privacy Policy.

7.2      This may include disclosing your personal information to the following types of third parties:

(a)     our related companies;

(b)      health service providers or treating health professionals (such as your doctor, pharmacist or hospital), in connection with providing health-related goods or services to you or as otherwise required or authorised by law;

(c)      our contractors and other third parties that provide goods and services to us (including suppliers, marketing agencies, data analysis specialists, data processing organisations, billing and debt recovery providers, website and data hosting providers, and other IT suppliers);

(d)      our accountants, insurers, lawyers, auditors and other professional advisers;

(e)     government and regulatory authorities, courts, tribunals and other bodies as required or authorised by law;

(f)     in an emergency, to medical and health service providers;

(g)     any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);

(h)      in the event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;

(i)     carefully selected third parties with whom we have data sharing arrangements;

(j)     third parties that require the information for law enforcement or to prevent a serious threat to public safety; and

(k)     otherwise as permitted or required by law.

7.3      Where we disclose your personal information to third parties we will take reasonable steps to ensure that such third parties only use your personal information as reasonably required for the purpose we disclosed it to them and in a manner consistent with the Privacy Principles and relevant health records legislation (e.g. by (where commercially practical) including suitable privacy and confidentiality clauses in our agreement with a third party service provider to which we disclose your personal information).

7.4     If you post information to public parts of our websites or to our social media pages, you acknowledge that such information (including your personal information) may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.

8     Disclosure of information outside the country of collection

8.1     Some of the third parties to whom we disclose personal information may be located outside New Zealand. The countries in which such third parties are located will depend on the circumstances. For example, we may disclose personal information to our related companies overseas and to our overseas service providers.

8.2      In the ordinary course of business we may disclose personal information to third party providers located overseas (for example, offshore data centres located in Australia).

8.3      We will only disclose that information to a third party outside New Zealand if we reasonably believe that the recipient of the information is subject to comparable safeguards to those in the Privacy Act. If your personal information will not be protected by comparable safeguards to those in the Privacy Act, we will tell you that this is the case, and only disclose your personal information with your consent.

8.4      Except in some cases where we may rely on an exception under the Privacy Act or other law, we will take reasonable steps to ensure that any overseas recipients of personal information handle that information in a manner consistent with the Privacy Principles.

8.5      In respect of health information covered by health records legislation, unless otherwise required or permitted by law, we will only disclose your health information to a third party outside the state/territory of collection if we reasonably believe that the recipient of the information is subject to a law, binding scheme or contract which upholds principles for fair handling of the information that are substantially similar to, or provides comparable privacy safeguards to (as the case may be) those in the applicable health records legislation or Privacy Act (as applicable).

9      How do we protect personal information?

9.1      Onelink will take reasonable steps to keep any personal information we hold about you secure and protected from misuse, loss and unauthorised access, modification of disclosure, including appropriate security measures, such as access controls. Please notify us immediately if you become aware of any breach of security.

10     Accuracy of the personal information we hold

10.1      We try to maintain your personal information as accurately as reasonably possible. We rely on the accuracy of personal information as provided to us both directly (from you) and indirectly.

10.2     You may contact us if you believe that the personal information we hold about you is incorrect, to notify us of a change in your personal information, or to request deletion. Our contact details are set out insection 14of this Privacy Policy. Any such requests are considered in accordance with applicable privacy laws and regulatory requirements.

10.3     Personal information is managed having regard to applicable privacy laws and our information governance practices.

11     Links, cookies and use of Onelink websites and applications

11.1     Onelink websites may contain links to other sites. This Privacy Policy applies to our websites and not any linked sites which are not operated or controlled by Onelink. We encourage you to read the privacy policy of each website that collects your personal information.

11.2      Onelink uses 'cookies' and similar technology on its websites and in other technology applications. The use of such technologies is an industry standard, and helps us monitor the effectiveness of our advertising and how visitors use our websites/applications. We use such technologies to generate statistics, measure your activity, improve the usefulness of our websites/applications and to enhance the 'customer' experience.

11.3      If you prefer not to receive cookies you can adjust your Internet browser to refuse cookies or to warn you when cookies are being used. However, our websites may not function properly or optimally if cookies have been turned off.

12      How can you access and correct personal information we hold about you?

12.1      You may seek access to personal information which Onelink holds about you by contacting us as described insection 14of this Privacy Policy. We will provide access to that information in accordance with the Privacy Act and health records legislation, subject to certain exemptions which may apply. We may require that the person requesting access provide suitable identification and where permitted by law we may charge an administration fee for granting access to your personal information.

12.2      If you become aware that any personal information we hold about you is incorrect or if you wish to update your information, please contact us (seesection 14of this Privacy Policy).

13      Queries, comments and complaints about our handling of personal information

13.1     If you have any questions, comments or complaints about our collection, use or disclosure of personal information, or if you believe that we have not complied with this Privacy Policy, the Privacy Act or applicable health records legislation, please contact us (seesection 14of this Privacy Policy).

13.2      When contacting us please provide as much detail as possible in relation to your question, comment or complaint.

13.3      Onelink will take any privacy complaint seriously and any complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

13.4      If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner (click here for information) or other relevant regulators.

14      How can you contact us?

14.1      Please address all privacy complaints and requests to update or access information to:

Attention: Privacy Officer
Onelink
(EBOS Group Ltd) Level 7
737 Bourke Street
Docklands, VIC 3008
OR
[email protected]  

14.2      To unsubscribe from our direct marketing, you can also contact us at [email protected] and set out the contact details that you no longer want used for direct marketing.

 

© 2011 Pharmacy Retailing (NZ) Ltd. All rights reserved.

Privacy Policy Security Can do, will do