Our privacy commitment is based on the ten principles contained in the Personal Information Protection and Electronic Documents Act (Canada) (“PIPEDA”).
Registered dietitians of the Company adhere to the privacy and confidentiality regulations set out by the Nova Scotia Dietetic Association.
Personal Information under PIPEDA is any information about an identifiable individual, but does not include the name, title, business address or telephone number of an employee of an organization.
Why do we collect Personal Information?
We collect Personal Information in order to provide Nutrition and Yoga Services to you. In addition, we distribute publications and offer educational opportunities concerning the health and wellness Industry, which we provide as a service to you and others in our community.
The Company collects your information in order to record and support your participation in the activities you select. If you register to download a PDF or resources, sign up for our newsletter, and/or purchase a product from us, we collect your information. We use this information to track your preferences and to keep you informed about the products and services you have selected to receive and any related products and/or services.
How do we collect personal information?
We collect personal information only by lawful and fair means, and only collect personal information that is reasonably necessary for the legitimate purposes identified and for which consent has been obtained.
Information You Provide To Us. The Website provides various places for users to provide information. We collect information that users provide by filling out forms on the Website, communicating with us via contact forms or email, responding to surveys, providing comments or other feedback, and providing information when ordering a product or service via the Website.
We use information you provide to us to deliver the requested service, to improve our overall performance, and to provide you with offers, promotions, and information.
Information We Collect Through Automatic Tracking Technology
As you navigate through our Website, we may use automatic data collection technologies including Google Analytics to collect certain information about your equipment, browsing actions, and patterns. This will generally include information about your location, your traffic pattern through our Website, and any communications between your computer and our Website. Among other things, we will collect data about the type of computer you use, your Internet connection, your IP address, your operating system, and your browser type.
The information we collect automatically is used for statistical data and will not include personal information. We use this data to improve our Website and our service offerings. To the extent that you voluntarily provide personal information to us, our systems will associate the automatically collected information with your personal information.
We are committed to keeping your e-mail address confidential. We do not sell, rent, or lease our subscription lists to third parties, and will not disclose your email address to any third parties except as required by law.
All e-mails sent by us will be in compliance with the Canadian Anti-Spam Legislation (“CASL”), including clearly stating who the e-mail is from and provide clear information on how to contact the sender. In addition, all e-mail messages will also contain concise information on how to remove yourself from our mailing list so that you receive no further e-mail communication from us. Users who no longer wish to receive our newsletter or promotional materials may opt-out of receiving these communications by clicking on the unsubscribe link in the e-mail.
How do we use your information?
We use personal information for purposes of presenting our Website and its contents to you, providing you with information, providing you with offers for products and services, providing you with information about your subscriptions and products, carrying out any contract between you and the Company, administering our business activities, providing customer service, and making available other items and services to our customers and prospective customers.
For Treatment. We may use protected health information about you to provide you with, coordinate, or manage your medical treatment or services. We may disclose protected health information about you to doctors, nurses, technicians, students, or other of our personnel, including persons outside of our office who are involved in your medical care by way of signed release.
For Health Care Operations. We use the HIPAA compliant web-based practice management and electronic medical record (EMR) Practice Better for appointment scheduling, electronic record keeping and filing, electronic paperwork and coordination of care. Your protected health information is recorded, stored and transmitted in Practice Better in an encrypted state. We may also combine protected health information about many of our clients to decide what additional services we should offer, what services are not needed, and whether certain treatments are effective. We review our treatment and services or to evaluate the performance of the practitioner who is providing your services. We may also disclose information to doctors, nurses, technicians, students, and other personnel for review and learning purposes. Subject to applicable provincial law, the law allows or requires us to use or disclose your health information without your authorization in some limited situations for purposes beyond treatment, payment, and operations.
Business Associates. We may disclose information to business associates who perform services on our behalf including our EMR and practice management solution Practice Better. However, we require that these associates appropriately safeguard your information. Our business associates are obligated to protect the privacy of your information and are not allowed to use or disclose any information other than as specified in our contract.
Appointment Reminders. We may use and disclose protected health information in order to contact you (by email, telephone, voice message and/or text (SMS) message), as a reminder (including automated reminders sent via Practice Better or Square) that you have an upcoming appointment for treatment.
Electronic Medical Record. To promote quality care, we use an electronic medical record (EMR) Practice Better. Our providers and some providers unaffiliated with us may have access to the EMR. Your record may be comprised of information in the EMR as well as in a paper record. We are legally obligated to notify any individual whose protected health information is affected by a security breach.
Disclosure of Information
As a general rule, we do not sell, rent, lease or otherwise transfer any information collected either automatically or through your voluntary action.
We may disclose your personal information to our subsidiaries, affiliates, and service providers for the purpose of providing our services to you.
We may disclose your personal information to a third party, including a lawyer or collection agency, when necessary to enforce our terms of service or any other agreement between you and the Company.
We may provide your information to any successor or assign in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company’s asserts and/or business.
We may disclose information when legally compelled to do so when we, in good faith, believe that the law requires it, or for the protection of our legal rights, or when compelled by a court or other governmental entity to do so.
We use appropriate security measures to protect against loss, theft, unauthorized access, disclosure, use or modification of personal information. Such measures will vary depending on the sensitivity, amount, format, nature and storage of the personal information and will involve, as applicable, physical, organizational and electronic security measures, including premises security, restricted file access, technological safeguards including security software and firewalls to prevent unauthorized computer access, and password and security policies. In communicating with us, you should be aware that e-mail is not a fully secure medium.
Updating Information and Correcting Errors
Since we use your personal information to provide goods or services to you, it is important that the information be accurate and up-to-date. If any of your information changes, is inaccurate or incomplete, please inform us so that we can make any necessary changes.
Access to Personal Information
We will respond promptly to any request for access to your personal information and will advise you of the cost, if any, prior to the retrieval of such records or information. We will not respond to requests for access to personal information that are frivolous, vexatious or repetitious. In certain circumstances, we may be unable to provide access to some or all of the personal information that we hold about you.
Visitor GDPR Rights
If you are visiting this Website from within the European Union (“EU”), you are entitled to certain information and have certain rights under the General Data Protection Regulation of the EU which include the following:
We will retain the any information you choose to provide to us until the earlier of: (a) you asking us to delete the information, (b) our decision to cease using our existing data providers, or (c) We decide that the value in retaining the data is outweighed by the costs of retaining it.
You have the right to request access to your data that we store and the rights to either rectify or erase your personal data.
You have the right to seek restrictions on the processing of your data.
You have the right to object to the processing of your data and the right to the portability of your data.
To the extent that you provided consent to the our processing of your personal data, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing based upon consent that occurred prior to your withdrawal of consent.
You have the right to lodge a complaint with a supervisory authority that has jurisdiction over issues related to the General Data Protection Regulation.
We require only the information that is reasonably required to enter into a contract with you. We will not require you to provide consent for any unnecessary processing as a condition of entering into a contract with us.
For more information about your rights as a website visitor from the EU and the GDPR, please see the European Commission website here - https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en.
Questions, concerns or requests for access
Effective October 2018