Last Update: 14 February, 2022
At MendMe, we are committed to protecting your privacy and safeguarding your personal information. We do not ask for information we do not need, and we protect the information we have. At MendMe, we think of privacy ahead of time, before building any new feature. End to end security with full transparency is what drives information secure at MendMe.
The purpose of this Privacy Statement is to inform you about the types of Personal Information MendMe (as follows, “we” or “us”) collects, uses and discloses. It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may correct that information. This Privacy Statement covers the online site www.mendme.ca, as well as all other related websites (the “Site”) that are operated and administered by, or on behalf of MendMe, and the MendMe platform (the “MendMe Platform”).
We are proud to demonstrate our commitment to your privacy, by complying with the laws and regulations under applicable privacy laws in Canada. As we are a national organization, this Privacy Statement is designed to meet the standards prescribed by the Personal Information Protection and Electronic Documents Act and the regulations thereunder as well as applicable provincial privacy legislation and regulations, including, and the Personal Information Protection Act (Alberta), the Personal Information Protection Act (British Columbia), and the Personal Health Information Protection Act, 2004 (Ontario).
From time to time, we may make changes to this Privacy Statement. The Privacy Statement is current as of the “last revised” date which appears at the top of this page. We will treat Personal Information in a manner consistent with the Privacy Statement under which it was collected, unless we have your consent to treat it differently. This Privacy Statement applies to any information we collect or receive about you, from any source.
“Personal Information” is any information that is identifiable with you, as an individual and may include personal health information. This information may include but is not limited to your name, gender, contact information, and MendMe usernames and passwords. Personal Information, however, does not include your name, business title or business address and business telephone number in your capacity as an employee of an organization. This information may also include “personal health information” (as defined in the Personal Health Information Protection Act, 2004 and its regulations, as they may be amended from time to time, and any successor legislation thereto (“PHIPA”)) you provide us, such as information or records relating to your sessions on the MendMe Platform (“Sessions”), treatment goals, medical or health history, self-assessments, assessment scores, analysis and other information about you prepared by those health care provider(s) you interact with in participating in a Session (such as treatment and examination notes, and other records). The health care professional who is providing you a Session may also collect further Personal Information for their own records as required by their professional and regulatory obligations.
We will always collect your Personal Information by fair and lawful means. We may collect Personal Information from you directly through your access to our Site or the MendMe Platform and/or from third parties, where we have obtained your consent to do so or as otherwise required or permitted by law. For the purposes of this Privacy Statement, Personal Information includes personal health information.
We will keep the Personal Information that we collect either at the MendMe offices or at the offices of a service provider in Canada.
We identify the purposes for which we use your Personal Information at the time we collect such information from you and obtain your consent, in any case, prior to such use. We generally use your Personal Information for the following purposes (the “Purposes”):
- to provide or perform any of MendMe’s services requested by you;
- to facilitate the delivery of MendMe’s services (including matching you with providers in your province, setting appointments and providing reminders of appointments);
- to verify your identity and your age;
- to respond to your inquiries, complaints or requests;
- to advise you about new programs and services that may be of interest to you;
- to collect opinions and comments in regard to MendMe’s operations;
- to administer our website;
- in aggregate and anonymized form, to develop consumer profiles, perform customer analysis and identify marketing opportunities and strategies;
- to investigate legal claims;
- such purposes for which MendMe may obtain consent from time to time; and
- such other uses as may be permitted or required by applicable law.
We identify to whom, and for what purposes, we disclose your Personal Information, at the time we collect such information from you and obtain your consent to such disclosure.
For example, we may disclose your Personal Information to the health care provider you select to provide you services through the MendMe Platform. We may also transfer your Personal Information to third party service providers with whom we have a contractual agreement that includes appropriate privacy standards, where such third parties are assisting us with the Purposes – such as service providers that provide telephone, video or voice communication services support or data storage or processing.
If you are referred to MendMe by your family doctor or another health professional, you agree that MendMe may access and share the number of Sessions you have participated in and/or the results of your standard assessments with the health professional who referred you to us. Such referees must obtain your consent for us sharing your information at the time they are making the referral, and you will have the right to withdraw that consent at any time through your account settings tab on the MendMe Platform. You agree that MendMe shall not be liable if your referee failed to acquire proper consents.
Generally, we will only make disclosures of Personal Information to such persons for which you provide your consent. Notwithstanding the foregoing, we may also make disclosures of Personal Information to an acquiror in connection with a transaction involving the sale of some or all of the business of MendMe (in which case the use of your personal information by the new entity would continue to be limited by applicable law), or as otherwise permitted or required by law.
In addition, we may send Personal Information outside of the country for the purposes set out above, including for process and storage by service providers in connection with such purposes. However, you should note that to the extent that any Personal Information is out of the country, it is subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country.
We generally obtain your consent prior to collecting, and in any case, prior to using or disclosing your Personal Information for any purpose. You may provide your consent to us either orally, electronically or in writing. The form of consent that we seek, including whether it is express or implied, will largely depend on the sensitivity of the personal information and the reasonable expectations you might have in the circumstances.
We ensure that all affiliates and other third parties that are engaged to perform services on our behalf and are provided with Personal Information are contractually required to observe the intent of this Privacy Statement and our privacy practices. We use encryption with our service providers, and all data is encrypted at rest.
We may keep a record of your Personal Information, correspondence or comments, in a file specific to you. We will utilize, disclose or retain your Personal Information for as long as necessary to fulfill the purposes for which that Personal Information was collected and as permitted or required by law.
If you make a written request to review any Personal Information about you that we have collected, utilized or disclosed, we will provide you with any such Personal Information to the extent required by law. We will make such Personal Information available to you in a form that is generally understandable, and will explain any abbreviations or codes.
We will ensure that your Personal Information is kept as accurate, complete and up-to-date as possible. We will not routinely update your Personal Information, unless such a process is necessary. We expect you, from time to time, to supply us with written updates to your Personal Information, when required.
At any time, you can challenge the accuracy or completeness of your Personal Information in our records. If you successfully demonstrate that your Personal Information in our records is inaccurate or incomplete, we will amend the Personal Information as required. Where appropriate, we will transmit the amended information to third parties having access to your Personal Information.
We will attempt to respond to each of your written requests not later than thirty (30) days after receipt of such requests. We will advise you in writing if we cannot meet your requests within this time limit. You have the right to make a complaint to the federal Privacy Commissioner in respect of this time limit.
We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such identifying information shall be used only for this purpose.
We will not charge any costs for you to access your Personal Information in our records or to access our privacy practices without first providing you with an estimate of the approximate costs, if any.
All comments, questions, concerns or complaints regarding your Personal Information, this Privacy Statement or our privacy practices, should be forwarded to our Privacy Officer as follows.
E-mail: info@MendMe.ca with the subject line “Privacy Inquiry”
- encryption of Personal Information;
- that the only employees who are granted access to your Personal Information are those with a business ‘need-to-know’ or whose duties reasonably require such information;
- premises security;
- deployment of technological safeguards such as security software and fire walls to prevent hacking or unauthorized computer access; and
- internal password and security policies.