Privacy Policy (New Zealand)
Effective date: 10 May 2026
The key point: Your Booking does not store patient data. Patient information passes through our servers in real time to facilitate bookings, but is never saved to our database. Your patients' health information stays in your practice's Optomate system.
1. Who we are
Your Booking ("we", "us", "our") is an online appointment booking platform for New Zealand optometry practices. The service is operated by Robert McQualter Pty Ltd (an Australian company, ABN 49 126 850 851) and is accessible to New Zealand practices at yourbooking.nz.
Because we provide services to health agencies (optometry practices) and handle health information about identifiable individuals in the course of doing so, we are a "health agency" under the New Zealand Health Information Privacy Code 2020 (HIPC). We comply with the HIPC and the underlying Privacy Act 2020, including the 13 Information Privacy Principles (IPPs) as modified by the HIPC's Health Information Privacy Rules.
2. What personal information is involved
When a patient uses Your Booking, the following personal information may be transmitted through our servers:
- Name (given name and surname)
- Date of birth
- Mobile phone number
- Email address
- National Health Index (NHI) number, if entered during booking
- Appointment details (date, time, type, optometrist)
This information originates from the practice's Optomate system and is relayed in real time. None of this patient data is stored in our database.
3. What we do store
Our database stores only:
- Practice configuration — branding, appointment types, scheduling rules, optometrist profiles, business hours
- Booking audit records — an Optomate patient ID number and appointment ID number for each booking, with no patient name, contact details, or health information
- Notification records — a log of reminders and recalls sent, referencing Optomate ID numbers only, to prevent duplicate sends
- Practice administrator credentials — hashed passwords for practice admin and staff login
4. How patient information flows — including cross-border transfer
Your Booking acts as a relay between the patient's browser and the practice's Optomate system:
- The patient's browser connects to our server over HTTPS (encrypted in transit)
- Our server forwards requests to a lightweight agent installed at the practice, via an encrypted WebSocket connection
- The agent queries the practice's local Optomate system (located at the New Zealand practice) and returns the response
- Patient data passes through our server's memory only and is not written to any database or log file
Cross-border processing notice: Our servers are hosted in Melbourne, Australia. Patient information is therefore transiently processed outside New Zealand while a booking is in flight, before being relayed to the practice's local Optomate system in New Zealand. Australian privacy law (the Privacy Act 1988 (Cth) and the Australian Privacy Principles) provides safeguards comparable to those required by the New Zealand Privacy Act 2020, including a notifiable data breach scheme and equivalent obligations around access, correction, security, and retention. No patient data is stored on our Australian servers — it is held only momentarily in memory while the request is in flight.
5. Temporary session data
When a patient identifies themselves to make a booking, a short-lived session is created in our Redis cache containing their Optomate patient ID and basic details. This session expires automatically (typically within 30 minutes) and is not backed up or persisted to disk. Sessions are stored on our Australian servers under the same comparable-safeguards basis described in section 4.
6. SMS and email communications
When Your Booking sends appointment reminders, recall notifications, or manage links on behalf of a New Zealand practice:
- SMS messages — at the time of writing, the SMS reminders module is not yet available to New Zealand practices. When it launches, SMS will be delivered via Kudosity, an Australian SMS gateway. The patient's mobile number and message content will be transmitted to Kudosity for delivery. Kudosity's privacy policy applies to their handling of this data.
- Email messages are sent via the practice's own SMTP server where configured, or via our central mail relay (Mailroute) for system notifications. Patient email addresses are used only for delivery and are not retained beyond the send.
7. Third-party service providers
We use the following third-party providers to operate the service. All currently operate from Australia or are global infrastructure providers; none are based in New Zealand.
- Binary Lane (Melbourne, Australia) — server hosting
- Cloudflare — DNS and SSL certificate management (global)
- Kudosity (Australia) — SMS delivery (when SMS module is available)
- Mailroute — outbound email relay for system notifications
Each provider processes only the minimum data necessary for their function. Where information leaves New Zealand, the same comparable-safeguards basis described in section 4 applies.
8. Data security
We take reasonable steps to protect information in our care:
- All connections use HTTPS/TLS encryption
- Server access is restricted to SSH key authentication only
- A firewall permits only web traffic (ports 80/443) and SSH
- Intrusion prevention (fail2ban) is active
- Security headers (HSTS, X-Content-Type-Options, Referrer-Policy, Permissions-Policy) are enforced
- Database backups are encrypted in transit and stored on infrastructure within Australia
- The agent connection from the practice is outbound-only — no inbound ports need to be opened at the practice
9. Data retention and deletion
Because we do not store patient data, there is no patient data to retain or delete.
Practice configuration data is retained for the duration of the service agreement. If a practice discontinues the service, their configuration data and associated audit/notification records are deleted upon request.
10. Access and correction
Under Rule 6 (Access) and Rule 7 (Correction) of the HIPC, individuals have the right to access and seek correction of health information held about them. Because the practice — not Your Booking — is the holder of patient health records (in their Optomate system), patients seeking access or correction should contact their optometry practice directly.
Practice administrators can view and update their practice configuration through the admin dashboard at any time.
11. Notifiable privacy breaches
In the unlikely event of a privacy breach that is likely to cause serious harm, we will notify affected practices and the Office of the Privacy Commissioner (OPC) in accordance with Part 6 of the Privacy Act 2020. Where the breach affects information about identifiable individuals in New Zealand, notification will be made to the OPC at privacy.org.nz.
12. Cookies and analytics
Your Booking uses browser local storage to maintain login sessions. We do not use third-party tracking cookies or analytics services on the patient booking pages.
13. Changes to this policy
We may update this policy from time to time. Material changes will be communicated to practices via email. The effective date at the top of this page indicates when the policy was last revised.
14. Privacy Officer and contact
Our Privacy Officer (as required under section 201 of the Privacy Act 2020) is Robert McQualter. Questions about this policy, requests under the HIPC, or privacy complaints can be sent to:
Your Booking — Privacy Officer
Email: rob@yourbooking.nz
Web: yourbooking.nz
If you are not satisfied with our response, you have the right to make a complaint to the Office of the Privacy Commissioner: privacy.org.nz.