Privacy Policy
Effective Date: Draft - to be set on publication
Our Privacy Commitment
- We never sell your personal data - Your information is not for sale, ever.
- We don't use your data for public AI training - Your learning content is not used to train AI models outside our Service.
- You control your data - You can access, export, or delete your data at any time. If your data has been de-identified and used for training or analytics, it cannot be individually identified and removed.
- No real patient data - The Service is for education only; never enter real patient information.
1. Introduction
Gestalt Ltd ("Gestalt", "we", "us", or "our") is committed to protecting your privacy in accordance with the New Zealand Privacy Act 2020 and the Information Privacy Principles (IPPs). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical education platform (the "Service").
By using the Service, you acknowledge the data practices described in this Privacy Policy. If you do not agree with our practices, please do not use the Service.
2. Information We Collect
2.1 Information You Provide
We collect information you voluntarily provide when using the Service:
- Account information: Name, email address, profile photo, and authentication credentials (when using third-party sign-in like Google or Microsoft).
- Profile information: Medical school or institution, year of study, and learning preferences.
- Learning content: Text you enter in chat sessions, OSCE scenarios, MCQ responses, and notes you create.
- Audio data: Voice recordings when using speech-to-text features (processed for transcription only).
- Feedback and support: Messages you send to our support team and feedback you provide.
- Payment information: Billing details if you purchase a subscription (processed by our payment provider).
2.2 Information Collected Automatically
When you use the Service, we automatically collect certain information:
- Device information: Device type, operating system, browser type, and screen resolution.
- Usage data: Pages viewed, features used, session duration, and interaction patterns.
- Log data: IP address, access times, and referring URLs.
- Learning analytics: MCQ scores, session completion rates, and progress metrics (used to personalise your experience).
2.3 Information from Third Parties
We may receive information from third-party services:
- Authentication providers: When you sign in with Google or Microsoft, we receive your name, email, and profile photo.
- Analytics providers: Aggregated usage data to help us improve the Service.
3. How We Use Your Information
We use the information we collect for the following purposes, each of which we consider connected to our functions and activities as an educational platform (consistent with IPP 1 and IPP 10):
3.1 Providing the Service
- Operate and maintain your account
- Deliver personalised learning experiences
- Process your requests and transactions
- Provide customer support
3.2 Improving the Service
- Analyse usage patterns to improve features and user experience
- Develop new educational content and learning tools
- Use de-identified, aggregated data for research and analytics
- Fix bugs and improve performance
3.3 Communication
- Send service-related notifications (e.g., account verification, security alerts)
- Respond to your inquiries and support requests
- Send educational updates and feature announcements (with your consent, in accordance with the Unsolicited Electronic Messages Act 2007)
3.4 Security and Compliance
- Protect against unauthorised access, fraud, and abuse
- Enforce our Terms of Service
- Comply with legal obligations
4. AI Processing and Third-Party Services
4.1 AI and Machine Learning
The Service uses artificial intelligence to provide educational features. When you use AI-powered features:
- Your inputs may be sent to AI providers (such as Anthropic, OpenAI, or similar services) to generate responses.
- We do not use your identifiable personal information to train public AI models.
- We may use de-identified and aggregated data to improve our internal educational AI capabilities.
- AI providers are bound by data processing agreements that restrict how they can use your data.
4.2 Transcription Services
When you use voice input features, your audio is processed by speech-to-text services. Audio data is:
- Transmitted securely and encrypted in transit
- Processed only for transcription purposes
- Not retained by transcription providers beyond processing
4.3 Other Third-Party Services
We use third-party services for various functions:
- Authentication: Google and Microsoft for secure sign-in
- Hosting: Google Cloud Platform / Firebase for infrastructure
- Payments: Stripe or similar for subscription billing
- Analytics: Privacy-focused analytics to understand usage
- Error tracking: Services to identify and fix technical issues
5. How We Share Your Information
We do not sell your personal information. We may share your information only in the following circumstances:
5.1 Service Providers
We share information with trusted service providers who help us operate the Service (hosting, analytics, payment processing, AI providers). These providers are contractually obligated to protect your data and use it only for the services they provide to us.
5.2 Institutional Access
If your account is managed by or associated with an educational institution (e.g., medical school), we may share anonymised and aggregated usage summaries and progress data with authorised institutional contacts for research and reporting purposes. We will only do so with your explicit consent, obtained at the time of enrolment or account linking. This does not include your personal notes, chat content, or any individually identifiable information.
5.3 Legal Requirements
We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to:
- Comply with legal obligations
- Protect our rights, property, or safety
- Protect users or the public from harm
- Detect, prevent, or address fraud or security issues
5.4 Business Transfers
If Gestalt Ltd is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.
5.5 With Your Consent
We may share your information for other purposes with your explicit consent.
6. Data Retention
We retain your information for as long as necessary to provide the Service and fulfil the purposes described in this Privacy Policy:
- Account data: Retained for the duration of your active account plus 12 months after deletion, to comply with legal obligations and allow for account recovery.
- Learning content: Retained for the duration of your active account plus 12 months after deletion. You can delete individual sessions or your entire account at any time.
- Audio recordings: Retained for up to 90 days to support transcription quality and service improvement, then deleted.
- Log data: Retained for up to 90 days for security and troubleshooting purposes.
- De-identified data: May be retained indefinitely for analytics and research purposes.
When you delete your account, we will delete or anonymise your personal information within 30 days, except where retention is required by law.
7. Your Rights
Under the NZ Privacy Act 2020, you have the following rights regarding your personal information:
7.1 Access (IPP 6)
You can access your personal information through your account settings. You can also request a copy of your data in a portable format by contacting us.
7.2 Correction (IPP 7)
You can update or correct your account information at any time through your account settings, or by contacting us.
7.3 Deletion
You can delete your account and personal data by contacting us or using the account deletion feature in your settings. Some information may be retained as required by law.
7.4 Opt-Out
- Marketing emails: You can unsubscribe from marketing communications at any time using the link in our emails.
- Cookies: You can control cookies through your browser settings. Note that some features may not work properly without cookies.
7.5 Additional Rights in Other Jurisdictions
If you are located in a jurisdiction with additional data protection rights (such as the European Economic Area under GDPR, or California under CCPA/CPRA), you may have further rights including the right to object to processing, restrict processing, withdraw consent, or lodge a complaint with a local supervisory authority. Contact us at contact@gestalt.ac to exercise any of these rights.
7.6 Complaints
If you are not satisfied with how we have handled your personal information, you have the right to make a complaint to the Office of the Privacy Commissioner at privacy.org.nz. We encourage you to contact us first so we can try to resolve your concern.
8. Data Security
We implement industry-standard security measures to protect your information:
- Encryption: Data is encrypted in transit (TLS/HTTPS) and at rest.
- Access controls: Strict access controls limit who can access personal data.
- Authentication: Secure authentication with support for multi-factor authentication.
- Monitoring: Continuous monitoring for security threats and unauthorised access.
- Regular audits: Periodic security assessments and vulnerability testing.
While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.
9. Cookies and Tracking Technologies
We use cookies and similar technologies for:
- Essential cookies: Required for authentication, security, and core functionality.
- Preference cookies: Remember your settings and preferences (e.g., theme, language).
- Analytics cookies: Help us understand how you use the Service to improve it.
We do not use cookies for advertising or cross-site tracking. You can manage cookie preferences through your browser settings.
10. International Transfers
Your information may be transferred to and processed in countries other than New Zealand, including countries where our service providers operate. These countries may have different data protection laws.
When we transfer data internationally, we implement appropriate safeguards, including:
- Data processing agreements with service providers
- Contractual commitments to protect your data to a standard consistent with the NZ Privacy Act 2020
- Compliance with applicable data transfer frameworks
11. Children's Privacy
The Service is intended for medical students. We do not knowingly collect personal information from children.
If we learn that we have collected personal information from a child, we will delete that information promptly. If you believe we have collected information from a child, please contact us at contact@gestalt.ac.
12. Do Not Enter Real Patient Information
The Service is designed for educational purposes only. You must never enter real patient information, including:
- Patient names or identifiers
- Medical record numbers
- Dates of birth or other demographic information
- Diagnoses, test results, or treatment details
- Any other protected health information (PHI)
If you inadvertently enter real patient information, please contact us immediately so we can delete it.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Effective Date" at the top of this page
- Notify you via email or through the Service for significant changes
- Provide reasonable notice before changes take effect
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
14. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Gestalt Ltd
Privacy enquiries: contact@gestalt.ac
General support: support@gestalt.ac
To make a complaint about how your personal information has been handled, you may also contact the Office of the Privacy Commissioner at privacy.org.nz.