This Privacy Notice (“Notice”) pertains to the collection, use, and disclosure of Personal Information (as defined below) by Intellijoint Surgical Inc. (“Intellijoint”, “we”, “our”, and “us”) regarding the use of our website (https://www.intellijointsurgical.com/) (the “Website”), our products and services (collectively, the “Services”).
This Notice applies to visitors to our Website, and healthcare professionals and hospitals who use or have purchased, or plan to use or purchase the Services (“Customers”) (collectively, “Users”).
Intellijoint reserves the right to review the contents of this Notice and to make changes. Every time that a change is made to this Notice, the revised version will be posted on our Website and Users will notified on the Website. By utilizing our Website or otherwise providing Personal Information to us, you agree to be bound by Intellijoint’s information privacy practices, as outlined in this Notice.
PLEASE NOTE: WE ACT AS A SERVICE PROVIDER TO CUSTOMERS WHO MAY SHARE THE PERSONAL HEALTH INFORMATION OF INDIVIDUAL PATIENTS WITH US. WE DO NOT DIRECTLY COLLECT ANY PERSONAL HEALTH INFORMATION FROM INDIVIDUAL PATIENTS. WE WILL ONLY ACCESS, USE AND DISCLOSE THIS PERSONAL HEALTH INFORMATION FOR THE PURPOSES OF DELIVERING OUR SERVICES TO OUR CUSTOMERS AND AS SPECIFICALLY INSTRUCTED BY OUR CUSTOMERS. WE MAY AGGREGATE AND ANONYMIZE PERSONAL HEALTH INFORMATION AND USE IT FOR THE LIMITED PURPOSES DESCRIBED BELOW.
IF YOU ARE A PATIENT OF ONE OF OUR CUSTOMERS AND WISH TO KNOW MORE ABOUT OUR PRIVACY PRACTICES, PLEASE CONTACT US AS DESCRIBED BELOW. IF YOU WISH TO EXERCISE YOUR PRIVACY RIGHTS (I.E., ACCESSING AND CORRECTING YOUR PERSONAL HEALTH INFORMATION, PLEASE DIRECTLY CONTACT YOUR CARE PROVIDER.
2. Collection and Use of Personal Information
In many cases, Intellijoint Surgical Inc. collects personal information and patient health information as a service provider to health care professionals (“users”)
“Personal Information” means information about an identifiable individual and includes, where applicable, personal health information as such term is defined in the Personal Health Information Protection Act (Ontario) and all related provincial health privacy statutes.
Intellijoint collects Personal Information such as names, e-mail addresses, physical addresses, and telephone numbers.
Personal Information may be collected in several ways, including in person, over the phone, by mail, over the Internet, and from third parties who are authorized to disclose this information to us.
We will only use the Personal Information that we collect for the purposes for which it was collected, and disclose Personal Information for purposes consistent with such Personal Information’s collection. We collect your Personal Information for the following purposes and in accordance with applicable Canadian laws:
- To manage your account;
- To provide you with our Services as requested by you;
- To establish and maintain commercial relations with you;
- To respond to your questions that you send by email or through our Website;
- To notify you about other Services provided by us;
- To track behavioural information on the Website and Services;
- To support our business functions such as internal business processes, marketing and advertising; and
- To meet any legal or regulatory requirements.
Intellijoint collects usage information from Users of our Services, as applicable. The purpose of this collection is to understand how Users access and use the Services in order to enhance and optimize our Services. Usage information and data could include but is not limited to the User’s device type, device identifier, IP address, browser type, operating system, duration of use, number of messages sent or received, and times at which the application was accessed and used. In addition, Intellijoint will collect aggregate data about a group or category of Services, Customers or Users. This information, as well as the anonymized Personal Information collected, enables Intellijoint to analyze trends, administer our Services, troubleshoot, enhance, and improve our Services.
Intellijoint fully anonymizes any Personal Information if it were to conduct market or product research.
Intellijoint will never rent or sell the Personal Information it collects.
Your Personal Information will not be used without your consent for purposes other than those for which it was collected or in accordance with applicable Canadian laws. From time to time, we may wish to use Personal Information for new or additional purposes, in which case we will amend the Notice to include these new or additional purposes and will obtain your consent through your continued use of our Website and Services.
3. Disclosure of Personal Information
Access to private, sensitive and confidential information, including Personal Information, is restricted to authorized Intellijoint employees with legitimate business reasons. We require all of our employees to abide by our privacy standards and requirements. Our employees understand the importance of keeping your Personal Information private. For this reason, our employees are required to agree to a confidentiality agreement that prohibits the disclosure of any User information to unauthorized parties. Employees are also strictly prohibited from accessing or disclosing Personal Information without authorization. All Intellijoint employees are expected to maintain the confidentiality of Personal Information and failure to do so will result in appropriate disciplinary measures, up to and including dismissal.
Intellijoint will never disclose Personal Information to third parties, except as required by law or upon demonstrated lawful authority, or as set out in this Notice.
We may be required to disclose Personal Information relating to criminal investigations or government tax reporting requirements. In some instances, such as a legal proceeding or court order, we may also be required to disclose your Personal Information to authorities. Only the information specifically requested will be disclosed and we take precautions to satisfy ourselves that the authorities that are making the disclosure request have legitimate grounds to do so. If required to do so, we will make every effort to notify the relevant parties about the proceedings.
Your Personal Information may be disclosed in situations where we are legally permitted to do so, such as while employing reasonable and legal methods to enforce your rights or to investigate suspicion of unlawful activities. Intellijoint uses third party service providers to facilitate the delivery of our Website and Services. These third party service providers may have access to Personal Information as an incidental result of the services provided by such third parties to Intellijoint, but the access of such third parties to such information is strictly controlled in accordance with the safeguards detailed below.
Intellijoint may also disclose Personal Information to other physician(s) and other health care provider(s), individuals and companies managing those physicians and health care professionals, and Intellijoint administrative and technology staff provided prior consent is obtained from the relevant parties for the sharing of information and appropriate agreements are in place with such parties.
4. Electronic Communications
As part of accessing our Website or signing up to receive the Services, you may have also opted in to receive email communications from us. If you opted-in to receive such communications, we may use the information to: communicate with you regarding the products on our Website, Services and promotions; provide you with other information that you request; and/or improve our product and service offerings.
You will always have the opportunity to “unsubscribe” from receiving any of our e-mail or other communications at any time and we will ensure that our e-mails include instructions on how to unsubscribe if you no longer wish to receive future e-mails from us. We provide an on-going opportunity to unsubscribe or opt-out of contact by us by accessing our Site or by: emailing [email protected] or telephone 1 (519) 342-3178.
5. Data Retention
Intellijoint has protocols in place for the retention of Personal Information. We retain Personal Information for as long as necessary to fulfill the purposes for which that Personal Information was collected and as permitted or required by law. We employ measures to securely destroy your Personal Information in accordance with legal requirements.
6. Control of Data and Security
Intellijoint Surgical Inc. uses professionally managed services (MongoDB Atlas) for secure data storage. Data storage facilities are located in Montreal, Quebec,
Intellijoint takes reasonable steps to protect the Personal Information it collects to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction.
Intellijoint has appointed a Privacy Officer who is responsible for information system monitoring and information security policy and procedure management. The Privacy Officer is responsible for compliance with Intellijoint’s privacy program including,
- Fostering a culture of privacy awareness and data stewardship;
- Ensuring that privacy impact assessments and threat and risk assessments are completed on a regular basis; and
- Adopting policies and procedures based on changes to business needs and products, and to address and mitigate identified risks.
Intellijoint uses physical, technological and organizational security measures to safeguard Personal Information. This includes but is not limited to use of a username and a password for authentication, and role-based access controls. Credentials must be kept safe to make sure that any person who has access to view private information is permitted to do so. If you believe that your password has been misused or compromised, please contact Intellijoint immediately.
7. Data Processors in Other Countries
As discussed above, we may engage third party service providers to perform certain services on our behalf and to facilitate the provision of our Services. If Personal Information is processed and/or stored outside of Canada, it will be subject to the laws of the jurisdiction where it is processed and/or stored (as the case may be), which might be different from Canadian laws. As a result, Personal Information may be subject to access by governments, courts, law enforcement and regulatory agencies in those jurisdictions according to the laws in those jurisdictions. For example, Personal Information may be disclosed in response to valid demands or requests from government authorities, courts and law enforcement officials in those countries. Subject to such applicable laws in such other jurisdictions, we will use reasonable efforts to ensure that reasonable protections are in place to require the service providers in that country to maintain protections on the Personal Information that are equivalent to those that otherwise apply.
If you have questions regarding our policies and practices with respect to our use of third party service providers outside of Canada, including with respect to the collection, use, disclosure or storage of Personal Information by service providers outside of Canada for us or on our behalf, please contact us as set out below.
8. Access, Correction, Withdrawal of Consent and Challenging Compliance
Intellijoint relies on you to ensure that all Personal Information provided by you is as accurate, complete, and as up-to-date as necessary for the purposes that it is to be used and to minimize the possibility that inaccurate information is used to make a decision about you. We make every reasonable effort to keep Personal Information secure, accurate, complete and up-to-date. If desired, you may verify the accuracy and completeness of your Personal Information in our records. If you believe that our records of your Personal Information that are in our custody and control are inaccurate or incomplete, you may request in writing that we correct the record by submitting your request to our Privacy Officer at the contact details set out below.
To access your Personal Information, please send a written request to our Privacy Officer at the contact details set out below We may decline to process an access request that is unreasonably repetitive, frivolous, vexatious or impracticable, or if we reasonably believe that the requested access would infringe or jeopardize the privacy of other persons, or violate any law or legal requirement, or for other reasons permitted by law.
Your written request must contain sufficient detail to enable us to identify you and your Personal information and the correction sought (in applicable). We will verify your identity before granting you access to or correcting your Personal Information. We will contact you if your request is deficient or we need to clarify the information you are requesting.
You may withdraw consent upon reasonable notice to us in writing. If you withdraw consent, that may affect our ability to provide Services to you.
You can challenge our compliance with this Notice by sending a written complaint or inquiry to our Privacy Officer at the contact details set out below. We have in place procedures to receive and respond to your complaints or inquiries. We investigate written complaints made to us. If a complaint is found to be justified, we will take appropriate measures to address such complaint.
Our Website use third party analytics services such as Google Analytics, a web analytics service of Google, Inc. (“Google“) and Hubspot. Inc. (“Hubspot” and collectively with Google, “Analytics Providers”). These services use “cookies” to analyze how you use our Website. The information generated by the cookie about your use of our Website (including your IP address) is sent to a server in the United States of America and stored there. The Analytics Provider will use this information to evaluate your use of our Website, compile reports on our Websites’ activity for our Websites’ operators and to provide other site activity related internet services. Additionally, the Analytics Provider may transfer this information to a third party when required by law or in the case of a third party processing information on the analytics provider’s behalf. In no case will the Analytics Provider use your IP address in connection with any other information held by the Analytics Provider. You can set your internet browser to prohibit the installation of cookies, although we must point out that some features and functions of our Website will then be unusable. By using our Website, you consent to the processing of data about you collected by the analytics providers in the manner described and for the above mentioned purpose. The consent for collection and storage of data can be withdrawn at any time in the future by clicking on the following link: https://tools.google.com/dlpage/gaoptout?hl=en for Google and by turning off cookies in your browser for Hubspot. Given the debate concerning the use of analytical tools using full IP addresses, we wish to point out that our Website uses the “Anonymize IP” function of Google Analytics which works with a shortened form of IP addresses to avoid direct personal identification.
Furthermore, we use the cookies to carry out frequency assessments, page usage assessments and marketing assessments. For the aforementioned assessments, we utilize this cookie information without a link to your Personal Information, so it is completely anonymous.
11. Links to Other Sites
12. Contacting Intellijoint Surgical Inc.
If you wish to enquire about our privacy practices, challenge our compliance with this Notice, or request the access, update, or correction of your Personal Information, please contact our Privacy Officer by email at [email protected], or by mail at the following address:
Intellijoint Surgical Inc.
809 Wellington Street N., Unit 2
Kitchener, ON, N2H 5L6