PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as “Order Information.”
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
Communicate with you; Screen our orders for potential risk or fraud; and
When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
INCLUDE OPT-OUT LINKS FROM WHICHEVER SERVICES BEING USED.
COMMON LINKS INCLUDE:
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at email@example.com or by mail using the details provided below:
500-224 Esplanade W, North Vancouver, BC, V7M1A4, Canada
In this policy, we use the word "patient/client" to refer to anyone who has or is looking to book an appointment with TBC. We use the word “you” to refer to any individual user of our Services, such as a practitioner or staff member, an individual browsing or using our websites and web-based resources.
Why TBC Collects Personal Information
Information TBC from You
Contact Information. We collect only your contact information that you choose to provide, such as your name, email address, phone number and personal health number, date of birth, etc, when you fill out our online forms or set up your user account for our Services. We use your contact information to activate your user account, give you access to the Services, and to send you notices about your user account. We may also use your contact information for marketing purposes, such as promotional emails, direct mail and sales contacts. You can opt-out of our marketing communications at any time by unsubscribing or contacting us at firstname.lastname@example.org
Billing Information. When you book your first appointment, we also collect credit card information to process payment. Credit card information is provided directly to our payment processor (Payfirma) and is processed in a PCI-compliant manner. We do not keep your credit card information. Note that when credit card information is referred to as being “stored”, this means we have a “token”. The token replaces sensitive information and acts as a non-sensitive placeholder that can be used by the payment processor to reference your credit card information when payments need to be processed. What this really means, is that we cannot go online shopping with your credit card. The information is triple encrypted like online-banking and TBC can only see the last 4 digits of the card number.
Insurance Information. We collect only the necessary insurance information required to complete insurance claims on your behalf. However, your consent must be obtained prior to us completing any insurance claims on your behalf. When you complete our online intake form you are given the option to accept or decline this option. You can choose to submit all insurance claims on your own. We just provide direct billing to insurance companies in an effort to streamline this process for you.
Social Media. If you login to our Services using a third-party sign-in service, such as Google, Facebook Connect or Twitter, we will receive personal information from those services, such as your name, email address and profile photo, in order to pre-populate our online forms. We also include social media “Like” and “Share” buttons on our websites. These features may collect your IP address and the page you are visiting on our website. They may also set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policies of the third parties who provide them and not by us.
TBC uses clinic and administrative management platforms to collect and store personal information from their patients and create patient records. These records may include a patient’s name, address, health insurance and billing information, medical charts, appointment history and other patient data (“Patient Data”). This information is referred to as “personal health information” and there are very specific privacy laws applicable to them. If you are a patient, Patient Data is collected from you when you set up an account with TBC through our online booking website or an account is setup for you when you call or email to book an appointment.
We retain the sole control over Patient Data and may be referred to as a “health information custodian”, a “covered entity” or a “controller” depending on the privacy laws. TBC is responsible for complying with laws and regulations governing the use of Patient Data, and for determining the legal basis for such use. In British Columbia, we are governed by the Personal Information and Privacy Protection Act (PIPA) as we are a private organization. For more information about PIPA please click here: https://www.bclaws.gov.bc.ca/civix/document/id/complete/statreg/00_03063_01
TBC uses Jane App to complete the clinical and administrative processes for the clinic. These are service providers to TBC and may be referred to as an “agent” or “processor” of TBC. Jane App stores Patient Data in its secure data centers and makes it available to their users through our clinic management platform. Jane otherwise has no control over Patient Data. Jane app will only access Patient Data on the instructions of TBC or its associated healthcare practitioners or staff or, in rare cases, where needed in order to prevent or address technical problems or if required by law or court order.
Patients have certain rights with respect to their Patient Data, which may include knowing what information TBC has about you, correcting any inaccurate Patient Data, obtaining a record of your Patient Data and, in certain circumstances, deleting or removing your Patient Data. Please note that TBC has strict legal and regulatory obligations around Patient Data and may not always be permitted to delete or remove Patient Data.
If you have any questions about your Patient Data or wish to exercise any or your patient rights, please contact us at email@example.com
We retain personal information only for as long as necessary to achieve our stated purposes, or as required by applicable law. For example, Contact and Billing information is kept for as long as your account is active and for a reasonable period after it has been deactivated in the event you wish to re-activate the account. User account information is retained as long as necessary to comply with Patient Data storage and access laws. All Patient Data must be kept for 16 years in British Columbia from the date of last entry or, in the case of minors, 16 years in British Columbia from the time the patient would have reached the age of majority (either age 18 or 19 years). Credit card information is never kept or stored on any TBC computer, server or document. All credit card information inputted into Jane App is instantly transferred into our payment processing partner through encrypted transfer. Our PCI-compliant payment processing partner stores that information for Jane. The default behaviour of these partners is to store the credit card information so that refunds can be processed. The partner sends Jane back an encrypted key (a token) which represents the credit card so that Jane can continue to bill against that card if the customer wishes, but note that this token can’t be used outside of Jane. The only information that Jane stores about the credit card are the last 4 digits and the expiration date so that the customer will know which card they gave you.
Individuals have certain rights with respect to their personal information. These rights are set out below. If you are a patient of one of TBC, please contact your clinic or practitioner to exercise any of these rights with respect to your Patient Data.
Correction and Deletion. We will make reasonable efforts to ensure that the personal information we collect from you is accurate and complete. You may update, correct or delete your account information at any time by logging into your user account and modifying your personal information, including your preferences to receive messages from us. You may also update, correct or delete your personal information by contacting us as noted below.
Withdrawing Consent. Where we have relied on your consent to use your personal information, you have the right to withdraw that consent at any time by contacting us as noted below. In addition, all our marketing email messages contain the ability to automatically “opt-out” or unsubscribe from our mailing lists and marketing messages.
Access and Portability. You have the right to request a record of the personal information that we have collected about you and to ask that the information be provided in a structured, used electronic format (where applicable and technically feasible). There may be some cases where we cannot provide you with certain information about you if it would mean disclosure of personal information of another person or other confidential information, or if it would compromise our security systems. If you require access to your personal information, please Contact Us. We will respond to you within thirty (30) days of receiving your request. We may charge a fee where permitted by applicable law.
Complaints. You have the right to lodge a complaint with a supervisory authority. You may also contact the Information and Privacy Commissioner of British Columbia (for British Columbia matters) ( http://www.oipc.bc.ca/ ) or the Privacy Commissioner of Canada (for international matters and inter-provincial matters) ( http://www.priv.gc.ca/ ).
For more information about our clinic management software platform Jane App, please click here: https://jane.app/legal/privacy-policy
For all privacy inquiries please email firstname.lastname@example.org