PETALMD privacy notice for the website - PIPEDA, GDPR and ePrivacy compliant version
At PETALMD we are committed to the protection of your privacy. In this notice we will explain why and how we in the capacity as a data processor for our customers, collect, use, disclose, retain and protect your personal data. We understand your rights and will explain how you can exercise those rights.
When we refer to PETALMD, ‘we’, ‘us’ or ‘our’, we mean PETALMD a company registered in Quebec City under the number 1166685017. Our registered office is located at Address: 350 boul. Charest Est, office 300 Quebec, Quebec G1K 3H5.
When we refer to ‘you’ we mean end users utilizing the standalone messaging service or a physician as part of a physician group.
If you have any questions about how we process your personal data, or have questions about your data subject rights, please email us at security@PetalMD.com.
What personal data do we collect and for what purposes?
We collect three types of information about you:
Account registration (direct collection, core service)
Building a profile (direct collection, voluntary)
Purchase of Services (direct collection, core service)
Interaction with our staff and postings (direct collection, voluntary)
Contests and surveys (direct collection, voluntary)
Newsletter registration (direct collection, voluntary)
Website or mobile application usage – demographic, geographic and technical information (indirect collection, optional)
How and when do we process your personal data?
We collect and process your personal data when:
What is the legal basis for the personal data collection?
For your and our legitimate interest: we use your personal contact information and workplace specifics to enable you to utilize our services. We use your payment information to process a transaction when you buy additional services. We assume that you understand that we need your contact, workplace and payment information to provide this service. We therefore will not ask for explicit consent at the time when you place an order and/or when you open an account.
To comply with legal obligation: in certain circumstances we will have to disclose your personal data in response to an inquiry from a regulatory authority, the police or other government bodies.
We do not have a legal basis other than consent to collect demographic, geographic and technical information for analytics and marketing purposes. We will therefore ask for your expressed consent before we start the collection.
Who do we share personal data with?
We may share your personal information with:
Transborder Data Flows (data collected in Canada transferred to locations outside of Canada) and Restricted Transfers (personal data transfers outside of the EEA)
How long do we keep your personal data?
We keep your personal data for as long as you have an account with us and 3 years after the last activity or when you tell us to delete information we have about you. In case of inactivity, we will contact you before we delete your account.
Right to access:
You can access your account any time through the website or the mobile application
Right to rectify:
You can make changes to your account information at any time
Right to be forgotten:
Standalone messenger - You can delete your account, which will automatically delete all personal data (core service information, voluntary information and optional information proportionate to the sensitivity of the information held) associated with the account. We will instruct all third parties we have shared your data with to delete your data.
Part of a physician group – In this case the controller (e.g. a hospital) is responsible for your data. It is up to the controller to instruct us to delete what they see as appropriate.
Right to restrict processing:
You can change your preferences at any time through your account settings or your browser settings.
Right to data portability:
You can request a copy of the data we have about you and we will provide the information through email. Please contact our support team.
Right to object:
You have full control over your account. Deleting your account will delete all associated data and consequently we will stop processing your personal data with us and all third parties we have shared your data with. While you have an account with us you can, at any time, change your preferences which will stop collection and processing of optional information.
The essential and functional cookies will be used without your explicit consent as they are necessary to make our services work. Analytics, advertising, marketing and social media cookies on the other hand are optional. They are provided and managed by our service provider HubSpot. They will ask for your express consent at the time of your first visit or login. Should you opt-in for those cookies, they will live for 13 months on your computer, unless you clean the browsing data. Each time you use a different device, or you visit or login in incognito, the cookie banner will again ask for your consent. Should you at any time within the 13 months live span of the cookies decide to opt-out, you can do so by deleting your browsing data, either selectively or entirely and then opt-out when the banner appears again at your next visit.
We may update this privacy notice from time to time. The most up-to-data version can be found on PetalMD.com.
Xacte is a solution offered by PetalMD. Be the first to get our experts’ latest healthcare technology insights, plus hear about new Xacte features and PetalMD news.