Version 1.4, May 31, 2017
We, at ManagingLife, Inc. are dedicated to maintaining both a high standard of privacy and a high standard of data protection in all of our activities. This policy, based on the standard required by the Personal Information Protection and Electronic Documents Act (PIPEDA), is Our interpretation of these responsibilities.
We welcome your comments and suggestions. 1. What is Personal Information?
Personal information is information about an identifiable individual. This, however, does not include information which is anonymous, i.e., where the identifying data fields are removed. 2. Accountability
You may contact our privacy officer at firstname.lastname@example.org
All contractors and other third parties with whom we have a contractual arrangement and with whom we share personal data are contractually obligated to ensure that their practices meet our standards and are fully compliant with PIPEDA and other applicable privacy legislation. 3. Purpose
Our primary business is to help you keep track of your pain episodes and to enable you to share that information with your health care providers or any other third party with whom you decide to share your information through our Manage My Pain mobile app and web app (the "Software"). All personal information that you may provide to us is voluntary and you are, at no time, required or obliged to provide any information.
However, please note that for security purposes and to improve our software as well as to determine user insight in to the use of the Software, we may collect some information from your device which includes error reporting; general usage statistics; device information; app version; and time stamps.
Further, Personal information may be gathered from you and be used in the following situations:
- If you visit our website, the web server logs IP addresses and associated information relating to the requests made;
- If you make an inquiry or complaint, apply for a job, or visit the premises;
Please note that if you sign up for an Online Account via the Software, and use the online synchronization feature, we will also collect, if you voluntarily choose to do so by synchronizing with our servers, information such as pain records and daily reflections; profile information (e.g. medications, pain conditions, name, birth date, height, weight, gender, place of residence); account information (e.g. user name, password, email address); application preferences; changelogs; cookies or other passive tracking mechanisms and tools to collect information in order to facilitate your use of the Software; and any other information that you may voluntarily supply to us either by synchronizing your information through the Software.
Finally, regardless as to how and from whom we collected information, we will not sell nor share your personal information to any organization for any purpose unless you explicitly direct and authorize us to do so. All the personal information that you provide to us will, at all times, be your information and you will be, at all times, remain and be the custodian and controller of your personal information. 4. Consent
We, pursuant to the Purpose, do not require any of your personal information other than as set out above for security reasons. Therefore, any personal information you share with us is completely voluntary.
Even after you have shared personal information with us, you may withdraw consent for the further use of the personal information at any time, by contacting our Privacy Officer at email@example.com 5. Collection and Use
Your personal information may be collected, used, processed, transferred, and retained in multiple countries including Canada, the United States, and the European Economic Area which may be outside the region in which you are situated and may have different privacy or data protection legislation, and may therefore be subject to the laws of these countries. If you are a resident of the European Economic Area or a country which restricts data transfers outside of that jurisdiction or region without your consent, by using our Software, you consent to your personal information being transferred outside of the European Economic Area or your country for processing or storage by or on behalf of us.
This section lists the data elements that are most commonly collected and used in connection with the use of our Software:
- error reporting;
- general usage statistics;
- device information;
- app version; and
- time stamps
- pain records and daily reflections (e.g., location, associated symptoms, characteristics, aggravating/alleviating factors, timing, environment, severity, meaningful activities and notes);
- profile information (e.g., medications, pain conditions, name, birth date, height, weight, gender, place of residence);
- account information (e.g, user name, password, email address);
- application preferences;
- cookies or other passive tracking mechanisms and tools to collect information in order to facilitate your use of the Software; and
- any other information that you may voluntarily supply to us either by synchronizing your information through the Software
- While we do not actually look at the identity of individuals visiting our site, we may use session cookies to ensure a smooth and convenient site visit;
- The previous page visited prior to accessing our web page is automatically logged by the servers to collect aggregate statistical data from where traffic originates
6. Disclosure of Personal Information
Our business is to help you keep track of your pain episodes and to enable you to share that information with your health care providers or any other third party with whom you decide to share your information. We do not use personal information for marketing purposes, and do not share or disclose personal information to other parties unless specifically stated in this policy.
We may collect and disclose aggregated non-personal information from all users of the Software relating to, for example, pain records, age, geographic location, and gender. All such information will be stripped of all personal information so that it cannot be recompiled and individual users identified. We collect and aggregate this kind of information in order to determine how the Software is being used, how it and other products and services can be improved, and to share the aggregated information to third parties so that they can use the information for improvements of their own products and services such as healthcare providers, insurance companies, pharmaceutical companies, and pain researchers.
We may share non-personally identifiable aggregate data with vendors who assist Us in providing Our Software; with third party business partners with whom We provide joint promotions; with Our affiliated companies, including any parent or subsidiaries of Us; and We may share aggregate data if We believes it is necessary to comply with legal process (such as a court order, subpoena, search warrant, etc.), or other legal requirements of any governmental authority; if We believes it would potentially mitigate Our liability in an actual or potential lawsuit; if We believe it is permitted by law or if doing so will not violate the law; or if We believe it is otherwise necessary to protect Our rights or property; or is necessary to protect the interests of other users of the Software. In the unlikely event that all or part of Our business is sold or acquired by a third party, We will transfer such information to the new business owner. 7. Accuracy and Retention
If you think we have information about you that is not accurate, you are encouraged to contact us at the address provided in section 10 of this policy and indicate the necessary changes. We may require that you follow certain procedures that are utilized by us for the authentication and verification of your identity.
We retain information according to retention schedules, which depend on the purpose of the information and any legal or contractual requirements with which we might need to comply. 8. Safeguards
It is important that the information maintained by us on behalf of you is accurate, protected from interference by other parties, and treated in confidence by as few personnel as necessary. We maintain technical and administrative safeguards to manage our systems and data. If you detect any anomalies that might lead you to believe there has been a security infraction or hacking of our system, we will be pleased to investigate. 9. Access to Information
Should you wish to access your own personal information, please write to our privacy office at firstname.lastname@example.org
. At the time of your request, we may need further information from you to verify your identity, before we can provide you with the personal information we hold.
There may be instances when we will not be able to provide you with the personal information that you request. For example, if the personal information:
a) Contains references to other persons;
b) Has already been destroyed due to legal requirements or because we no longer needed it for our purposes;
c) Is subject to solicitor-client or litigation privilege; and/or
d) Cannot be disclosed for other legal reasons. 10. Feedback and Complaints
We take privacy seriously and consider that our treatment of personal information is part of the service that we offer. We appreciate hearing any comments that you may have about our policy, practices, and customer service. Please contact us at email@example.com
If you are interested in more information about the Personal Information Protection and Electronic Documents Act, the Office of the Privacy Commissioner of Canada has detailed information on their website at http://www.privcom.gc.ca