Privacy Policy: VoyceForge Limited

Last Updated: 10 March 2026

At VoyceForge, we are committed to protecting the privacy of our clients (Healthcare Practices) and their patients. This policy outlines how we collect, use, store, and disclose personal information in accordance with the New Zealand Privacy Act 2020 and the Health Information Privacy Code 2020.

1. Information We Collect

VoyceForge acts as a service provider (agent) for Healthcare Practices. In the course of providing automated phone coverage, we may collect:

  • Patient Details: Names, contact numbers, and dates of birth.

  • Health Information: Nature of the inquiry (e.g., emergency triage details, prescription requests, or appointment reasons).

  • Call Data: Audio recordings and text transcriptions of calls handled by our digital assistants for accuracy and integration purposes.

  • Practice Data: Staff names and clinic contact information.

2. Purpose of Collection

We collect this information solely to:

  • Facilitate appointment bookings and patient inquiries on behalf of the Practice.

  • Ensure accurate triage and relay of information to the Practice’s CRM or clinical staff.

  • Improve the accuracy of our conversational AI to better serve New Zealand patients.

3. Use and Disclosure

We do not sell, rent, or lease patient data to third parties. Information is only disclosed:

  • To the Healthcare Practice: The primary recipient of all data collected.

  • For Legal Compliance: If required by New Zealand law or a court order.

  • To Sub-processors: Secure technical partners (e.g., cloud hosting or AI processing) who are contractually bound to New Zealand privacy standards.

4. Storage and Security

We take the security of health information seriously.

  • Encryption: All data is encrypted in transit and at rest.

  • Storage Location: Where possible, data is stored on secure servers that meet New Zealand’s offshore disclosure requirements (Privacy Principle 12).

  • Retention: We only retain personal information for as long as necessary to provide our services or as required by the Health Information Privacy Code.

5. Access and Correction

Under the Privacy Act 2020, individuals have the right to request access to and correction of their personal information.

  • Patients wishing to access their records should primarily contact their Healthcare Practice.

  • VoyceForge will assist Practices in fulfilling these requests promptly.

6. Privacy Breaches

In the event of a "notifiable privacy breach" that is likely to cause serious harm, VoyceForge will:

1. Notify the affected Healthcare Practice immediately.

2.Assist the Practice in notifying the Office of the Privacy Commissioner as per the mandatory reporting requirements of the Privacy Act 2020.

7. Contact Us

If you have any questions regarding this policy or how we handle data, please contact our Privacy Officer:

The Privacy Officer VoyceForge Limited Auckland, New Zealand Email: [Your Email Address]

Important Implementation Notes for You:

  • The Health Code: Because you are dealing with dental/medical clinics, you fall under the Health Information Privacy Code. This is stricter than the general Act. Ensure your "Sarah" assistant explicitly states that calls are recorded for booking purposes at the start of the interaction.

  • Data Sovereignty: Many NZ medical practices prefer data to stay in NZ or Australia. If your tech stack (like GoHighLevel or Retell) uses US-based servers, you must ensure they are "Privacy Shield" compliant or have robust Data Processing Agreements (DPAs) in place.

  • The "Sarah" Disclaimer: It is best practice to have your AI say: "Hi, I'm Sarah, the digital assistant for [Clinic Name]. Just so you know, this call is recorded to help us manage your booking."

Privacy Policy: VoyceForge Limited

Last Updated: 10 March 2026

At VoyceForge, we are committed to protecting the privacy of our clients (Healthcare Practices) and their patients. This policy outlines how we collect, use, store, and disclose personal information in accordance with the New Zealand Privacy Act 2020 and the Health Information Privacy Code 2020.

1. Information We Collect

VoyceForge acts as a service provider (agent) for Healthcare Practices. In the course of providing automated phone coverage, we may collect:

  • Patient Details: Names, contact numbers, and dates of birth.

  • Health Information: Nature of the inquiry (e.g., emergency triage details, prescription requests, or appointment reasons).

  • Call Data: Audio recordings and text transcriptions of calls handled by our digital assistants for accuracy and integration purposes.

  • Practice Data: Staff names and clinic contact information.

2. Purpose of Collection

We collect this information solely to:

  • Facilitate appointment bookings and patient inquiries on behalf of the Practice.

  • Ensure accurate triage and relay of information to the Practice’s CRM or clinical staff.

  • Improve the accuracy of our conversational AI to better serve New Zealand patients.

3. Use and Disclosure

We do not sell, rent, or lease patient data to third parties. Information is only disclosed:

  • To the Healthcare Practice: The primary recipient of all data collected.

  • For Legal Compliance: If required by New Zealand law or a court order.

  • To Sub-processors: Secure technical partners (e.g., cloud hosting or AI processing) who are contractually bound to New Zealand privacy standards.

4. Storage and Security

We take the security of health information seriously.

  • Encryption: All data is encrypted in transit and at rest.

  • Storage Location: Where possible, data is stored on secure servers that meet New Zealand’s offshore disclosure requirements (Privacy Principle 12).

  • Retention: We only retain personal information for as long as necessary to provide our services or as required by the Health Information Privacy Code.

5. Access and Correction

Under the Privacy Act 2020, individuals have the right to request access to and correction of their personal information.

  • Patients wishing to access their records should primarily contact their Healthcare Practice.

  • VoyceForge will assist Practices in fulfilling these requests promptly.

6. Privacy Breaches

In the event of a "notifiable privacy breach" that is likely to cause serious harm, VoyceForge will:

1. Notify the affected Healthcare Practice immediately.

2.Assist the Practice in notifying the Office of the Privacy Commissioner as per the mandatory reporting requirements of the Privacy Act 2020.

7. Contact Us

If you have any questions regarding this policy or how we handle data, please contact our Privacy Officer:

The Privacy Officer VoyceForge Limited Auckland, New Zealand Email: [Your Email Address]

Important Implementation Notes for You:

  • The Health Code: Because you are dealing with dental/medical clinics, you fall under the Health Information Privacy Code. This is stricter than the general Act. Ensure your "Sarah" assistant explicitly states that calls are recorded for booking purposes at the start of the interaction.

  • Data Sovereignty: Many NZ medical practices prefer data to stay in NZ or Australia. If your tech stack (like GoHighLevel or Retell) uses US-based servers, you must ensure they are "Privacy Shield" compliant or have robust Data Processing Agreements (DPAs) in place.

  • The "Sarah" Disclaimer: It is best practice to have your AI say: "Hi, I'm Sarah, the digital assistant for [Clinic Name]. Just so you know, this call is recorded to help us manage your booking."