Terms and Conditions

Heartbeat is a Service provided by Heartbeat Health Limited (HHL) to those that are customers of our Insurance Partners (The Customer). The Customer uses the Heartbeat Service to request from their own Doctor, their personal Health Summary. Heartbeat is provided free to the Customer by their Insurer.

The Heartbeat Health Summary is encrypted. Security is based on two Factor Authentication and enables The Customer to use Facial recognition to open their Heartbeat Account.

Conditions of Use:

1. The Customer Use of Heartbeat

  1. The Customer warrants that Heartbeat will only be used for the purpose that it is designed e.g. Travelling, Claiming and Managing one’s own health
  2. The Customer will be responsible for maintaining and protecting their Username, Login Password and their Personal Data
  3. The Customer will be responsible for any Doctor Consultation Costs associated with obtaining the Health Summary from your Doctor
  4. The Customer in-conjunction with their Doctor, will be responsible for the accuracy of the information contained in the Customer’s personal Heartbeat Health Summary
  5. The Customer gives consent to Heartbeat (HHL) to use non-identified Personal Data to support and improve its services e.g.  providing travel health notifications and alerts to The Customer
  6. In the event that The Customer discloses or fails to protect their; Username, Login Password and the Encryption Key, thereby enabling access to their personal data by unauthorised Third Party(s), Heartbeat (HHL) accept no Legal Responsibility or Financial Liability for damages or breach of privacy in such circumstances/events
  7. Where the Customer has consented too and approved Break the Glass Service to their Insurer to access their Health Summary in a medical emergency, it is the responsibility of the Insurer, to record all voice conversations and keep accurate records of correspondence. HHL accepts no responsibility or liability for The Insurer’s Medical Emergency processes and procedures

2. Privacy

  • Heartbeat (HHL) warrants that the personal Heath Summary Data is protected and encrypted from access by HHL’s personnel
  • The Customer acknowledges they have read and accepted the Heartbeat (HHL) Privacy Policy as published on the HHL Web site

3. IP & Data Protection

  • Heartbeat (HHL) Trademarks and Intellectual Property are owned by HHL and are protected by New Zealand Law. They cannot be used by any other party without the written consent of Heartbeat (HHL)
  • Heartbeat (HHL) warrants that it will not access, disclose or use the personal identified medical data contained in the Health Summary for any of its services

Heartbeat Privacy Disclosure Policy

In order to provide you with our products and services including answering your questions and administrative support, we need to hold, and process your personal information. We also need to disclose it in certain circumstances.

Personal Information

Meaning information or opinion about you, which you have provided to us, you authorised us to collect from others or third parties who are authorised to disclose information about you to us.

How We Collect Information

We collect personal information in a number of ways:

  • Directly from you (such as when you fill out an application form, call or write to us);
  • From third parties (such as medical practitioners, your insurers and their emergency assistance providers); and
  • Information will only be collected where necessary for the assessment or administration of your Heartbeat Services.

How We Use Your Information

We use your personal information for the following purpose:

  • Verification of your identity
  • Assessment of any applications you make to us; and
  • Managing, and administering the products and services we supply you; and
  • Assisting you with your insurance products relating to your health
  • We may also use your information to contact you about Travel Alerts, other products and services we think you may be interested in. If you do not wish to receive such information please let us know. To opt out, Email us at support@heartbeat.nz.

How We Store Your Information

We currently use cloud-based solutions for our information systems, which includes data potentially being stored overseas. All reasonable steps will be taken to keep such information secure (whether in New Zealand or overseas). When your Heartbeat Account has expired, your personal Information is removed from the Heartbeat System.

Disclosing Personal Information

In order to provide you with our products and services you authorise us to disclose your information to the following third parties:

  • Any providers of medical related services to you;
  • Any providers of emergency related services to you in connection with those medical related services;
  • The underwriters of all current insurance policies you hold, where you have given your prior consent to us. This includes (where necessary) the underwriters’ reinsurers and agents, as well as any contractors the underwriters use to assist with any medical related claim you make.

There may also be circumstances where we are required to disclose personal information by law, for example to government and regulatory authorities.

Email and Telephone

We know the information you provide us with is important to you and we take pride in keeping your personal information safe. Sometimes, however, a particular means of communication is open to abuse by third parties, for example when you email or telephone us. While we will take all reasonable steps to ensure the information you provide us is held securely we cannot, however, guarantee the safety of information while in transit to us (unless it is via a secure channel we provide to you).

We may record the content of emails or telephone conversations for training, instruction, verification, and administration purposes.


We rely on third party data storage providers for the majority of the information we store. We do this only where we believe the third party data storage provider can keep your information safe and secure. Our My Records vault provides state of the art security. Any information held directly by us, either electronic or physical will be held securely.

We Protect You Online

We have taken steps to make sure that you and your computer are safe when visiting our website.

You Can Trust Our Website

Our website has an SSL security certificate (issued by Thawte) which proves to you that our site is genuine, encrypted, and secure, giving you peace of mind that your personal and financial confidential information is protected.  

You can check that our site (and any other website you visit) has been authenticated with a security certificate easily in any internet browser you are using. Proof of the authentication appears in a variety of ways — the address bar or part of the URL may be green (or any other colour depending on your browser) or there will be a padlock symbol next to the address and/or in some other part of the address bar.

Your Password

Have a strong password that is unique to each website; you should make sure you have strong passwords for all your different Internet accounts, not just your Heartbeat account. We provide for a 8 character minimum password. Your Heartbeat Health Summary Record utilises your personal pass-phrase encryption key (minimum of 10 Characters) in conjunction with multiple layers of database encryption.

Anti-virus Software

You can protect your computer’s hardware and software from internet threats like malware, which includes computer viruses, spyware, trojans, and rootkits, by installing and maintaining reliable and reputable anti-virus (AV) software.

These Internet threats often infect computers through compromised websites, email attachments, and affected files from attached devices such as a USB sticks and then corrupt and delete data on your computer and/or use your email account to infect other computers by sending illegal spam emails. To help keep your computer virus-free, make sure that your AV software is configured to automatically update everyday

Third Party Privacy

For some of our promotions we measure and target offers using third party services. These services may use cookies, images or web beacons and similar technology to collect and receive information from our website and/or others. You may opt out of this by using a consumer choice service such as the DAA Choice Page.

Access to Your Information

Under the Privacy Act 1993 you are entitled to request access to the personal information we hold about you. There are some circumstances under the Act where we may choose not to provide you with some or all of the personal information we hold about you. If that occurs we will write to you and tell you why we have reached that decision.

Amendments to This Policy

Over time, as we grow and develop, so may our products, services, and how we do business with you. Please take the time to review this Policy regularly as we may review it and make changes to reflect changes in legislation, codes of practice, our business, and the products we provide to you.

Marketing Opt-out

Should you wish to opt-out of any future travel alerts and marketing information, please contact us (by phone, email, or post). You can contact us, equally, if you wish to opt-in at any time.


Postal address: 19 Seaview Road, Remuera, Auckland 1050
Email: support@heartbeat.nz
Freephone: 0800 86 56 63

Heartbeat Privacy Officer

Name: Murray Lilley
Email: murray.lilley@heartbeat.nz
Phone: +64 27 522 0228