Top Notch Bodyworks – Updated 2025
At Top Notch Bodyworks, we are committed to protecting your privacy and handling your personal and health information in accordance with the Privacy Act 2020 and the Health Information Privacy Code 2020 (HIPC). This Privacy Policy explains how we collect, use, store, and protect your information.
Top Notch Bodyworks is a multi-modality health clinic providing osteopathy, massage therapy, acupuncture, and related services. We are located in West Auckland, New Zealand, and are an ACC and Southern Cross Treatment Provider.
We may collect:
Personal details: name, date of birth, contact details.
Health information: medical history, treatment notes, ACC numbers, referral letters.
Administrative details: payment information, insurance claims, appointment history.
Website/online data: cookies, IP addresses, online bookings, Google Analytics, advertising pixels.
Directly from you (intake forms, consultations, emails, phone calls, online bookings).
From third parties (ACC, insurance providers, other health professionals) when authorised.
Through our website and online services (cookies, analytics, ad campaigns).
We collect and use information for the following purposes:
To provide safe and effective treatment and care.
To manage bookings, payments, and ACC/insurance claims.
To communicate with you regarding your care.
To improve our services through feedback and analytics.
With your consent, to send marketing updates or newsletters.
Within our clinical team for continuity of care.
With ACC, insurers, or referral practitioners when required or authorised.
With trusted third-party providers (e.g., booking systems, email platforms, secure AI tools).
We do not sell personal or health information to third parties.
To support accuracy and efficiency in patient note-taking, we may use a trusted AI scribe tool called Heidi.
De-identified Processing: Only de-identified text is used for AI transcription. Identifiable details are replaced with pseudonyms.
Data Location: Heidi securely stores and processes information in Australia. While this is outside New Zealand, Heidi applies strong privacy and security safeguards.
Clinician Review: All notes generated by Heidi are reviewed, edited, and approved by your practitioner before becoming part of your official health record.
Access & Audit: Heidi staff can only access information for troubleshooting with your consent, and all access is logged.
Deletion: Data used by Heidi is deleted after transcription and finalisation, with no long-term backups retained.
Electronic records are kept in secure, password-protected systems with limited staff access.
Any physical files are scanned to your profile and securely disposed.
We use encryption and secure connections to protect online data.
Health records: at least 10 years after your last treatment, as required under the HIPC.
Financial/admin records: as required under NZ tax law.
Marketing consents: until you withdraw consent.
You have the right to:
Access your personal or health information.
Formally request to share your health information to another regulated or unregulated health professional through written constent. For regulated healthcare providers we are able to send directly to them, based on your consent. For unregulated health practitioners (massage therapists) your records will be sent directly to you to pass onto that unregulated healthcare provider.
Request correction of your information.
Withdraw consent for non-essential uses (e.g., marketing).
Complain to us, or to the Office of the Privacy Commissioner if you are not satisfied.
We use cookies and tools such as Google Analytics and Facebook Pixel to improve our website and advertising.
You can disable cookies through your browser if you prefer.
Our appointed Privacy Officer is:
Top Notch Bodyworks – Privacy Officer
📧 Email: info@topnotchbodyworks.co.nz
📞 Phone: 09 212 8753
📍 Address: 4/402 Don Buck Road, Massey, 0614
We may update this Privacy Policy from time to time. The latest version (25 August 2025) will always be available on our website.
