This website and the Stroke Riskometer app are owned and operated by AUT University with the trademark registration number 1191892. In this policy, "us", "we" or "our" means AUT University.
This policy addresses the following:
- How and when AUT University collects personal information
- How AUT University uses and discloses personal information
- How AUT University keeps personal information secure
- How an individual can access and correct their personal information
- How AUT University will facilitate or resolve a privacy complaint.
2. Personal information
2.1 What is Personal Information?
- Personal information is defined under the New Zealand Privacy Act 2020 to mean information about an identifiable individual and includes information relating to a death that is maintained by the Registrar-General pursuant to the Births, Deaths, Marriages, and Relationships Registration Act 1995, or any former Act (as defined by the Births, Deaths, Marriages, and Relationships Registration Act 1995).
3. Collection of your personal information
3.1 We will only collect information that is necessary for us evaluate your stroke risk after you accept the Disclaimer. Personal information is only collected if you wish to be contacted for the Stroke Riskometer E-Health Research Project (RIBURST) which aims to better understand the risk factors associated with stroke. This study is approved by the AUT University Ethics Committee (Reg #19/236).
3.2 The type of information may include the following:
- Smoking status
- Alcohol use
- Diet (servings of fruit and vegetables)
- Level of physical activity
- History of significant mental/emotional stress
- Family history (parents) of stroke or heart attack
- Systolic blood pressure
- Use of BP medication
- Presence of diabetes
- History of heart or peripheral artery disease
- History of left ventricular hypertrophy
- History of atrial fibrillation
- Presence of cognitive problem or dementia
- Presence of poor memory
- History of traumatic brain injury
- History of stroke or transient ischaemic attack
- Your full name (first and last) and e-mail address
- Alternative contact details (such as the e-mail address of a close family member)
3.4 Depending upon the reason for requiring the information, some non-identifiable information has been identified as mandatory. If you do not provide the mandatory data, we may be unable to provide or effectively provide our services to you. Any personal information (whether mandatory or voluntary) is solely collected if you show interest in our research.
4. Use and disclosure of your personal information
4.1 We will only use or disclose your personal information for the primary purposes for which it was collected or as consented as set out in the Participant Information Sheet and Consent Form.
4.2 We may seek your additional consent to disclose your personal information for future research purposes. If you wish to participate in a study, you will need to proceed to the “Research” section of the app, read the Participant Information Sheet and Consent Form, and sign it if you agree.
4.3 The questionnaire responses are stored on a secure server of the Auckland University of Technology (AUT) and reported in a de-identified manner (not linked with your personal data) with all appropriate technical, organisational and contractual safeguards to ensure the protection of your personal data. The data sharing procedure follows the New Zealand Privacy Act 2020 and, the General Data Protection Regulation (if you are in the European Union). A report of the study may be submitted for publication, but individual participants will not be identifiable in such a report.
4.4 If you share your personal details, the team may contact you for future research. However, you can always opt out for any such future communications. If you have received communications which you no longer wish to receive, please contact us at email@example.com and we will ensure that future communications cease.
5. Data quality and security
5.1 We have taken steps to help ensure your personal information is safe. You will appreciate, however, that we cannot guarantee the security of all transmissions or personal information, especially where the Internet is involved.
5.2 The data will be kept in a secure database and the communications between the Stroke Riskometer App and the data collection services will be encrypted. If you participate in the Stroke Riskometer E-health Research Project, your data will be encrypted and kept in a secure database located on the premises of AUT in New Zealand; a country which the European Union Commission has deemed as having an adequate level of data protection. The data will be stored securely and destroyed after 15 years. The data will be preserved by technical, physical and administrative measures from loss, unauthorised access/disclosure or change.
5.3 The data collected as part of the study will be the responsibility of the principal investigator of the study in accordance with the requirements of the New Zealand Privacy Act 2020.
5.4 Notwithstanding the above, we will take reasonable steps to:
- Make sure that the personal information we collect, use or disclose is the correct information as submitted by the user,
- Protect your personal information from misuse, loss, unauthorised access, modification or disclosure both physically and through computer security methods, and
- Destroy or permanently de-identify personal information if it is no longer needed for its purpose of collection.
5.5 The accuracy of personal information depends largely on the information you provide to us, so we recommend that you:
- Let us know if there are any errors in your personal information, and
- Keep us up to date with changes to your personal information (such as your name or address).
6. Access to and correction of your personal information
6.1 You are entitled to have access to any personal information relating to you which we possess, except in some exceptional circumstances provided by law. You are also entitled to edit and correct such information if the information is inaccurate, out of date, incomplete, irrelevant or misleading.
6.2 Please feel free to email us at firstname.lastname@example.org if you have any questions regarding data safety, to amend/delete any information shared, or if you wish to restrict how we process your personal information.
7.3 If you wish to withdraw your consent at any stage, please email email@example.com. You can always decide if you want us to keep or delete any information you already shared after withdrawing from the study.
8. Resolving Privacy Complaints
8.1 We have put in place an effective mechanism and procedure to resolve privacy complaints. We will ensure that all complaints are dealt with in a reasonably appropriate timeframe so that any decision (if any decision is required to be made) is made expeditiously and in a manner that does not compromise the integrity or quality of any such decision.
8.2 If you have any inquiries, concerns or complaints about the manner in which we have collected, used or disclosed and stored your personal information, you can tell us by contacting us.
8.3 In order to resolve a complaint, we:
- Will liaise with you to identify and define the nature and cause of the complaint
- May request that you provide the details of the complaint in writing
- Will keep you informed of the likely time within which we will respond to your complaint, and
- Will inform you of the legislative basis (if any) of our decision in resolving such complaint.
8.4 We will keep a record of the complaint and any action taken in a privacy register.
8.5 Persons can refer their complaint to the Office of the Privacy Commissioner if they are not satisfied with the result of their complaint.
Contact Details for Privacy Officer of AUT University
Phone: +64 9 921 9879