Privacy Policy

Introduction

Medylex ("Company" or "We") respect your privacy and are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website www.medylex.ca (our "Website") and our practices for collecting, using, maintaining, protecting and disclosing that information. This policy applies to information we collect:

  • on this Website;
  • in e-mail, text and other electronic messages between you and this Website; and
  • through the web portal or other applications on this Website.

It does not apply to information collected by:

  • us offline or through any other means, including on any other website operated by Company or any third party; or
  • any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time. Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children under the Age of 18

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Website or on or through any of its features/register on the Website, transact any business through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Website, including information:

  • by which you may be personally identified, such as name, postal address, e-mail address or telephone number ("personal information");
  • that is about you but individually does not identify you; and/or
  • about your internet connection, the equipment you use to access our Website and usage details.

We collect this information:

  • Directly from you when you provide it to us.
  • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses and information collected through cookies.

Information You Provide to Us

The information we collect on or through our Website may include:

  • Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to any web portal or other service, posting material or requesting further services. We may also ask you for information when you report a problem with our Website.
  • Records and copies of your correspondence (including e-mail addresses), if you contact us.
  • Your responses to surveys that we might ask you to complete for research purposes.
  • Details of transactions you carry out through our Website and of the fulfillment of your requests.
  • Referral requests and/or business inquiries made through our Website, including through use of referral forms, email and/or web portals. Notwithstanding anything to the contrary, you agree that any such requests are also governed by the terms of our Terms of Service located at www.medylex.ca (the “Terms of Service”).

If the Website permits, you also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, "User Contributions"). Your User Contributions are posted on and transmitted to others at your own risk. Although we may limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Usage Details, IP Addresses and Cookies

As you navigate through and interact with our Website, we may automatically collect certain information about your equipment, browsing actions and patterns, including:

  • Details of your visits to our Website, including traffic data, location data, logs and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system and browser type.

The information we collect automatically is statistical data. It helps us to improve our Website and to deliver a better and more personalized service by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our Website according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our Website.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

We do not collect personal Information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

  • To present our Website and its contents to you.
  • To provide you with information, products or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your accounts/subscriptions.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • To notify you about changes to our Website or any products or services we offer or provide through it.
  • To allow you to participate in interactive features on our Website.
  • In any other way we may describe when you provide the information.
  • And for any other purpose with your consent.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.
  • To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.
  • To fulfill the purpose for which you provide it. For example, if you give us information to make a referral through the Website, we will transmit the contents of that form for the purpose of scheduling a referral.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal information:

  • To comply with any court order, law or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our Terms of Use, Terms of Service and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the company, our clients or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and risk reduction.

Choices about How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any information provided through a referral form or through a web portal will be encrypted using SSL technology. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information and the other information you may submit through our Website, we cannot guarantee the security of your personal information and other information transmitted to our Website. Any transmission of personal and other information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' personal information, we will notify you by the e-mail address specified in your account or through a notice on the Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Notification of Breach

Medylex understands that the “breach of security safeguards” is defined in PIPEDA as: the loss of, unauthorized access to or unauthorized disclosure of personal information resulting from a breach of an organization’s security safeguards that are referred to in PIPEDA, or from a failure to establish those safeguards. Medylex ensures it meets PIPEDA requirements to report and notify of breaches of real risk of significant harm, and keeps records of all breaches. Medylex reports any breach involving personal information under its control if it is reasonable in the circumstances to believe that the breach creates a “real risk of significant harm”. Significant harm includes bodily harm, humiliation, damage to reputation or relationships, loss of employment, business or professional opportunities, financial loss, identity theft, negative effects on the credit record and damage to or loss of property. Factors that are relevant to determining whether a breach of security safeguards creates a real risk of significant harm include the sensitivity of the personal information involved in the breach of security safeguards and the probability the personal information has been/is/will be misused.

The real risk of significant harm is determined by Medylex based on an assessment of the sensitivity of the personal information involved in the breach and the probability the personal information has been/is/will be misused. Medylex pursuant to PIPEDA keeps records of all breaches of personal information under its control – whether there is a real risk of significant harm or not. Medylex’s records contain any information that enables the OPC to verify compliance, for every breach and with breach reporting and notification requirements in PIPEDA. This includes:

  • date or estimated date of the breach;
  • general description of the circumstances of the breach;
  • nature of information involved in the breach;
  • whether or not the breach was reported to the Privacy Commissioner of Canada/individuals were notified; and
  • if the breach was not reported to the Privacy Commissioner/individuals, a brief explanation of why the breach was determined not to pose a “real risk of significant harm.”

If Medylex, unless otherwise prohibited by law, determines that a breach poses a real risk of significant harm to an individual, it will through Medylex’s privacy officer notify the individual(s) concerned. The notification will be conspicuous and be given directly to the individual, except in certain circumstances described in the regulations where indirect notification is permitted. The notification will contain enough information to allow the individual(s) to understand the significance of the breach of security safeguards to them, and Medylex will take any steps, if any are possible, to reduce the risk of harm that could result from the breach or mitigate the bar. The notification will not be overly legalistic, and will be easily understandable.

The notification by Medylex will contain the following information specified in PIPEDA:

  • a description of the circumstances of the breach;
  • the day on which, or period during which, the breach occurred or, if neither is known, the approximate period;
  • a description of the personal information that is the subject of the breach to the extent that the information is known;
  • a description of the steps that the organization has taken to reduce the risk of harm that could result from the breach;
  • a description of the steps that affected individuals could take to reduce the risk of harm that could result from the breach or to mitigate that harm; and
  • contact information that the affected individual can use to obtain further information about the breach.

Medylex has developed a framework for assessing the real risk of significant harm, and ensures that all breaches are addressed consistently. Notification of individuals by Medylex will be given as soon as feasible after it has determined a breach involving a real risk of significant harm has occurred.

Consent

You have the right to withdraw consent at any time to the use or dissemination of your private information, subject to legal or contractual restrictions and reasonable notice. If you wish to withdraw consent at any time you must contact our privacy officer, being the individual accountable for the organization’s compliance with this policy, at 416-545-1000.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at: 416-545-1000  or  info@medylex.com

Update: 2021