Privacy Policy
Privacy Policy
Last updated: December 2023
This Privacy Policy applies to both members and guests of the Website.
This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.
We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
Interpretation and Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
● Account means a unique account created for You to access our Service or parts of our Service.
● Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Vente Pain Relief Clinic/OA vprc.ca /OA Alfie Vente, 100 King Street West, Suite 5600, Toronto, Ontario, M5X 1C9.
● Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
● Country refers to: Ontario, Canada
● Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
● Personal Data is any information that relates to an identified or identifiable individual.
-
Personal Health Information is any information that relates to your health and well-being.
● Service refers to the Website.
● Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
● Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
● Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
● Website refers to vente pain relief clinic, accessible from https://vprc.ca/ ● You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
● Email address
● First name and last name
● Phone number
● Usage Data
Personal Health Information Data
While applying to become a member and for Usage of the website services, We ask You to provide Us with certain personal health information data, that can be used to contact, identify You and to assess if the service is suitable for you and to identify that you have a physical presence in Canada. Personally identifiable information may include, but is not limited to:
● Email address
● First name and last name
-
Address
● Phone number
-
General Health Information
-
Signed Health Declaration
-
Signed Activity Waiver
● Usage Data
Privacy of Personal Health information is an important principle to vprc.ca. We are committed to collecting, using and disclosing personal health information responsibly and only to the extent necessary for the [goods and] services we provide. We try to be open and transparent about how we handle personal health information. This document describes our privacy policies.
What is Personal Health Information?
Personal health information is information about an identifiable individual. Personal health information includes information that relates to:
• the physical or mental health of the individual (including family health history);
• the provision of health care to the individual (including identifying the individual’s health care provider);
• community and home care services;
• payments or eligibility for health care or coverage for health care;
• the donation or testing of an individual’s body part or bodily substance;
• the individual’s health number; or
• the identification of the individual’s substitute decision-maker.
Who We Are Our organization,
vprc.ca/oa Alfie Vente/oa Vente Pain Relief Clinic, includes at the time of writing Alfie Vente and support staff. We use a number of consultants and agencies that may, in the course of their duties, have limited access to personal health information we hold. These include computer consultants, office security and maintenance, bookkeepers and accountants, lawyers, temporary workers to cover holidays, credit card companies, website managers and cleaners. We restrict their access to any personal information we hold as much as is reasonably possible. We also have their assurance that they follow appropriate privacy principles.
Why We Collect Personal Health Information
We collect, use and disclose personal information in order to serve our clients. For our clients, the primary purpose for collecting personal health information is to safely provide pain management, self-care techniques.
For example, we collect information about a client’s General Health Information, Health Declaration and Activity Waiver to help us assess if the services are suitable for an individual and to verify if You have a physical presence in Canada.
We also collect, use and disclose personal health information for purposes related to or secondary to our primary purposes. The most common examples of our related and secondary purposes are as follows:
Related Purpose #1: To obtain payment for services or goods provided. Payment may be obtained from the individual.
Related Purpose #2: To conduct quality improvement and risk management activities. We review client files to ensure that we provide high quality services, including assessing the performance of our staff. External consultants (e.g. auditors, lawyers, practice consultants, voluntary accreditation programs) may conduct audits and quality improvement reviews on our behalf.
Related Purpose #3: To promote our website, new services, special events and opportunities (e.g. a seminar or conference) that we have available. We will always obtain express consent from the client prior to collecting or handling personal health information for this purpose.
Related Purpose #4: To comply with external regulators. Our professionals are regulated by the College of Massage Therapists of Ontario(CMTO) who may inspect our records and interview our staff as a part of its regulatory activities in the public interest. The CMTO has its own strict confidentiality and privacy obligations. In addition, as professionals, we will report serious misconduct, incompetence or incapacity of other practitioners, whether they belong to other organizations or our own. Also, our organization believes that it should report information suggesting illegal behaviour to the authorities. In addition, we may be required by law to disclose personal health information to various government agencies (e.g. Ministry of Health, children’s aid societies, Canada Customs and Revenue Agency, Information and Privacy Commissioner, etc.).
Related Purpose #5: To educate our staff. We value the education and development of future and current professionals. We will review client records in order to educate our staff about the provision of services.
Related Purpose #6: To fundraise for the operations of our organization, with the express or implied consent of our clients. If we rely on implied consent, we will only use the client’s name and address, we will provide clients with an easy opt-out option, and we will not reveal anything about our client’s health in the request.
Related Purpose #7: To facilitate the sale of our organization. If the organization or its assets were to be sold, the potential purchaser would want to conduct a “due diligence” review of the organization’s records to ensure that it is a viable business that has been honestly portrayed. The potential purchaser must first enter into an agreement with the organization to keep the information confidential and secure and not to retain any of the information longer than necessary to conduct the due diligence. Once a sale has been finalized, the organization may transfer records to the purchaser, but it will make reasonable efforts to provide notice to the individual before doing so.
Protecting Personal Health Information
We understand the importance of protecting personal information. For that reason, we have taken the following steps:
• Paper information is either under supervision or secured in a locked or restricted area.
• Electronic hardware is either under supervision or secured in a locked or restricted area at all times. In addition, strong passwords are used on all computers and mobile devices.
• Personal health information is only stored on mobile devices if necessary. All personal health information stored on mobile devices is protected by strong encryption.
• We try to avoid taking personal health information home to work on there. However, when we do so, we transport, use and store the personal health information securely.
• Paper information is transferred through sealed, addressed envelopes or boxes by reputable companies with strong privacy policies.
• Electronic information is either anonymized or encrypted before being transmitted.
• Our staff members are trained to collect, use and disclose personal information only as necessary to fulfill their duties and in accordance with our privacy policy.
• We do not post any personal information about our clients on social media sites and our staff members are trained on the appropriate use of social media sites.
• External consultants and agencies with access to personal information must enter into privacy agreements with us.
Retention and Destruction of Personal Information
We need to retain Personal Health Information for some time to ensure that we can answer any questions you might have about the services provided and for our own accountability to external regulatory bodies. However, in order to protect your privacy, we do not want to keep Personal Health Information for too long. 32 We keep our client files for at least ten years from the date of the last client interaction or from the date the client turns 18. We destroy paper files containing personal health information by cross-cut shredding. We destroy electronic information by deleting it in a manner that it cannot be restored. When hardware is discarded, we ensure that the hardware is physically destroyed or the data is erased or overwritten in a manner that the information cannot be recovered.
You Can Look at Your Records
With only a few exceptions, you have the right to see what Personal Health Information we hold about you, by contacting Alfie Vente. We can help you identify what records we might have about you. We will also try to help you understand any information you do not understand (e.g., short forms, technical language, etc.). We will need to confirm your identity, if we do not know you, before providing you with this access. We reserve the right to charge $30.00 for the first twenty pages of records and 25 cents for each additional page.
We may ask you to put your request in writing. We will respond to your request as soon as possible and generally within 30 days, if at all possible. If we cannot give you access, we will tell you the reason, as best we can, as to why.
If you believe there is a mistake in the information, you have the right to ask for it to be corrected. This applies to factual information and not to any professional opinions we may have formed. We may ask you to provide documentation that our files are wrong. Where we agree that we made a mistake we will make the correction.
At your request and where it is reasonably possible, we will notify anyone to whom we sent this information (but we may deny your request if it would not reasonably have an effect on the ongoing provision of services). If we do not agree that we have made a mistake, we will still agree to include in our file a brief statement from you on the point. If there is a Privacy Breach While we will take precautions to avoid any breach of your privacy, if there is a loss, theft or unauthorized access of your personal health information we will notify you. Upon learning of a possible or known breach, we will take the following steps:
• We will contain the breach to the best of our ability, including by taking the following steps if applicable o Retrieving hard copies of Personal Health Information that have been disclosed o Ensuring no copies have been made 33 o Taking steps to prevent unauthorized access to electronic information (e.g., change passwords, restrict access, temporarily shut down system)
• We will notify affected individuals o We will provide our contact information in case the individual has further questions o We will provide the Commissioner’s contact information and advise the affected individual of their right to complain to the Commissioner
• We will investigate and remediate the problem, by: o Conducting an internal investigation o Determining what steps should be taken to prevent future breaches (e.g. changes to policies, additional safeguards) o Ensuring staff is appropriately trained and conduct further training if required Depending on the circumstances of the breach, we may notify and work with the Information and Privacy Commissioner of Ontario. If we take disciplinary action against one of our staff or revoke or restrict the privileges or affiliation of one of our staff for a privacy breach, We may also report the breach to the relevant regulatory College or Regulator if we believe that it was the result of professional misconduct, incompetence or incapacity.
Do You Have Questions or Concerns?
Alfie Vente, can be reached at: alfiev@vprc.ca He will attempt to answer any questions or concerns you might have. If you wish to make a formal complaint about our privacy practices, you may make it in writing to Him. He will acknowledge receipt of your complaint, and ensure that it is investigated promptly and that you are provided with a formal decision and reasons in writing. You also have the right to complain to the Information and Privacy Commissioner of Ontario if you have concerns about our privacy practices or how your personal health information has been handled, by contacting: Information and Privacy Commissioner/Ontario 2 Bloor Street East, Suite 1400 Toronto, Ontario M4W 1A8 Telephone: Toronto Area (416/local 905): (416) 326-3333 Long Distance: 1 (800) 387-0073 (within Ontario) 34 TDD/TTY: (416) 325-7539 FAX: (416) 325-9195
www.ipc.on.ca This policy is made under the Personal Health Information Protection Act, 2004, S.O. 2004, c. 3. It is a complex statute and provides some additional exceptions to the privacy principles that are too detailed to set out here.
Usage Data
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:
● Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our
Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
● Flash Cookies. Certain features of our Service may use local stored objects (or Flash Cookies) to collect and store information about Your preferences or Your activity on our Service. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies. For more information on how You can delete Flash Cookies, please read “Where can I change the settings for disabling, or deleting local shared objects?” available at
https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html#main_ Where_can_I_change_the_settings_for_disabling__or_deleting_local_shared_objects_ ● Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies: All About Cookies.
We use both Session and Persistent Cookies for the purposes set out below:
● Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
● Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
● Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website. ● Tracking and Performance Cookies
Type: Persistent Cookies
Administered by: Third-Parties
Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you
use to access the Website. We may also use these Cookies to test new pages, features or new functionality of the Website to see how our users react to them.
For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.
Use of Your Personal Data
The Company may use Personal Data for the following purposes:
● To provide and maintain our Service, including to monitor the usage of our Service. ● To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
● For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
● To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
● To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
● To manage Your requests: To attend and manage Your requests to Us. ● For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
● For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.
We may share Your personal information in the following situations:
● With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.
● For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
● With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent
company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
● With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
● With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your name, profile, pictures and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your profile.
● With Your consent: We may disclose Your personal information for any other purpose with Your consent.
Transfer of Your Personal Data
If you become a member, purchase any products or services from us or submit information to us for any reason,your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
The Company will take all steps reasonably necessary to ensure that Your data is treatedYour consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer. securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.
Disclosure of Your Personal Data
Business Transactions
If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law enforcement
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
● Comply with a legal obligation
● Protect and defend the rights or property of the Company
● Prevent or investigate possible wrongdoing in connection with the Service ● Protect the personal safety of Users of the Service or the public
● Protect against legal liability
Security of Your Personal Data
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
Detailed Information on the Processing of Your Personal Data
Service Providers have access to Your Personal Data only to perform their tasks on Our behalf and are obligated not to disclose or use it for any other purpose.
Analytics
We may use third-party Service providers to monitor and analyze the use of our Service.
● Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy
Links to Other Websites
Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Contact Us
If you have any questions about this Privacy Policy, You can contact us:
● By email: alfiev@vprc.ca