Privacy Policy

Last Updated: July 2016

The purpose of this Privacy Statement is to inform you about the types of Personal Information that the MedicAlert Foundation Canada (“we” or “us”) collect, use and disclose. It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may request access to or correction of that information.

We are proud to demonstrate our commitment to your privacy, by keeping up-to-date with the laws and regulations under applicable privacy laws in Canada.

From time-to-time, we may make changes to this Privacy Statement. The Privacy Statement is current as of the “last revised” date which appears at end of this document. Our Chief Privacy Officer is accountable for our compliance with this Privacy Statement and our Privacy Policy. This Privacy Statement applies to any information we collect or receive about you, from any source.

  1. What type of Personal Information do we hold?
  2. How do we collect your Personal Information?
  3. How do we use your Personal Information?
  4. To whom do we provide your Personal Information?
  5. When and how do we obtain your consent?
  6. How do we ensure the privacy of your Personal Information when dealing with our affiliates and with third parties?
  7. How long will we use, disclose or retain your Personal Information?
  8. How can you review your Personal Information that we have collected, used or disclosed?
  9. How do you know that the Personal Information we have about you is accurate?
  10. What if the Personal Information we have on you is inaccurate?
  11. How fast will we respond to your written requests?
  12. Are there any costs to you for requesting information about your Personal Information or on our Privacy Policy or Practices?
  13. How do we know that it is really you requesting your Personal Information?
  14. What safeguards have we implemented to protect your Personal Information?
  15. How do you contact us regarding access to your Personal Information or our Privacy Policy and Practices?
  1. What type of Personal Information do we hold?

    Personal Information is any information that is identifiable with you. Examples of Personal Information we hold include, but are not limited to, your mailing address, phone numbers, email address, languages spoken, birth date, identification numbers, credit card numbers, donation information and health information. Personal Information, however, does not include your name, business title or business address and business telephone number in your capacity as an employee of an organization, nor does it generally include information in a public directory or registry.

  2. How do we collect your Personal Information?

    We will always collect your Personal Information by fair and lawful means (for example, when you complete an application form, in person or online, or by telephone). Most often we will collect your Personal Information directly from you, where we have obtained your consent to do so. Occasionally, we may collect Personal Information from a third party, based on your consent, or as otherwise permitted by law.

  3. How do we use your Personal Information?

    We identify the purposes for which we use your Personal Information at or before the time we collect such information from you and obtain your consent, and in any case, prior to such use. We generally use your Personal Information only for purposes to which you have consented, which may include providing and delivering products or services to you, and ensuring a satisfactory relationship with you and for internal purposes such as administering or improving our websites. We may also use your Personal Information as otherwise permitted by law.

  4. To whom do we provide your Personal Information?

    We limit the disclosure of your Personal Information to circumstances where disclosure is required to carry out a purpose you have consented to or as otherwise permitted or required by law. For example, we may disclose your Personal Information:

    1. to third party service providers with whom we have a contractual agreement, which includes appropriate privacy standards, for the purpose of performing functions such as jewellery engraving, or providing the Hotline service, database services or information technology support;
    2. to emergency responders and other health care providers as necessary in the circumstances;
    3. to third parties in the context of a transaction involving all or part of MedicAlert Foundation Canada, such as a merger. In such circumstances, we will take reasonable steps to ensure the security of the information prior to disclosure;
    4. such other disclosures of Personal Information to such persons for which you provide your consent; and
    5. as otherwise permitted by law.
  5. When and how do we obtain your consent?

    We generally obtain your consent prior to collecting, and in any case, prior to using or disclosing your Personal Information. We obtain your consent either orally or in writing (either on paper or online). Prior to collecting your information from you, we generally tell you the purposes for which we will use or disclose the information. Sometimes the purposes are obvious, in which case your consent may be implied. Where appropriate, we may collect, use or disclose your Personal Information based on a consent given on your behalf by an authorized third party, or as otherwise permitted by law.

  6. We ensure that all our affiliates and other third parties which are engaged to perform services on our behalf and are provided with Personal Information, are required by contract to observe the intent of this Privacy Statement and our Privacy Policy and Practices.

     

  7. How long will we use, disclose or retain your Personal Information?

    We may keep a record of your Personal Information, correspondence or comments, in a file specific to you at our offices at Morneau Shepell Centre II, 895 Don Mills Road, Suite 600, Toronto, ON M3C 1W3. We will use, disclose or retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected and as permitted or required by law. We will establish minimum and maximum retention periods and procedures for maintaining and destroying your Personal Information.

  8. How can you review your Personal Information that we have collected, used or disclosed?

    We will make available to you any specific Personal Information about you, that we have collected, used or disclosed, upon your written request, to the extent permitted by law. We will make such information available to you in a form that is generally understandable, including explaining any abbreviations or codes.

  9. How do you know that the Personal Information we have about you is accurate?

    We will ensure that your Personal Information is kept as accurate, complete and up-to-date as necessary. We generally do not routinely update your Personal Information. We rely on you to supply us with updates to your Personal Information, when required. Subscribers may update their information through MyMedicAlert.

  10. What if the Personal Information we have about you is inaccurate?

    You can, at any time, challenge the accuracy or completeness of the Personal Information we have about you. If you successfully demonstrate that the Personal Information we have about you is inaccurate or incomplete, we will amend the Personal Information as required. Where appropriate, we will provide the amended information to third parties having access to your Personal Information.

  11. How fast will we respond to your written requests?

    We will attempt to respond to each of your written requests to access or correct your Personal Information, or to withdraw your consent, not later than thirty (30) days (or 45 days, if you live in Alberta) after receipt of such requests. We will advise you in writing if we cannot meet your request within this time limit and of the grounds for any extension of time. You have the right to make a complaint to the Privacy Commissioner of Canada or your provincial Privacy Commissioner in respect of this time limit.

  12. Are there any costs to you for requesting information about your Personal Information or about our privacy policies and practices?

    There is no charge for obtaining a copy of our Privacy Statement. In limited circumstances, we may charge a reasonable fee to cover the cost of transcription, reproduction or transmission of your Personal Information. We will not assess any such fee without first providing you with an estimate. You must then tell us within thirty (30) days if you accept the fee and wish to proceed with your request. If you do not notify us within that time, we will send you a further notice indicating that you will be deemed to have withdrawn your request for access unless you advise us otherwise within thirty days. If after the expiry of this thirty-day period, you have not told us whether you wish to proceed or withdraw your request, we will deem your request to have been withdrawn and provide you with written notice to that effect.

  13. How do we know that it is really you requesting your Personal Information?

    We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such information shall be used only for this purpose unless we have your consent to use or disclose it for other purposes.

  14. What safeguards have we implemented to protect your Personal Information?

    We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. The only employees and contractors who are granted access to your Personal Information, are those with a business ‘need-to-know’ or who reasonably require such information to carry out their duties.

  15. How do you contact us regarding access to your Personal Information or our Privacy Policy and Practices?

    All comments, questions, concerns or complaints regarding your Personal Information or our privacy policy and practices, should be forwarded to our Chief Privacy Officer as follows.

    In writing:

    Attn: Dorothy Griesbach
    Chief Privacy Officer
    MedicAlert Foundation Canada
    Morneau Shepell Centre II
    895 Don Mills Road, Suite 600
    Toronto, ON M3C 1W3

    dgriesbach@medicalert.ca
    or call 1.800.668.6381 x 1243

    We will inform you of the relevant procedures when you make an inquiry, lodge a challenge or complaint.