Privacy Policy

Effective Date: January 17, 2018

MEDNOW Inc., together with our affiliates and partners (“us”, “we”) respect your privacy and collect, use or disclose your personal information (“PI”) and personal health information (“PHI”) only in accordance with our Privacy Policy and applicable federal and provincial privacy legislation (“Privacy Laws”).

This Privacy Policy describes how we collect PI and PHI through our websites (the “Websites”), our mobile applications (the “Apps“), our software platforms, and all other services provided by us, as described on the Websites, Apps and our software platforms (collectively, the “Platforms”), as well as how we use PI and PHI and the manner in which PI or PHI may be disclosed or shared by us.  The term “you” refers to the person or entity visiting the Platforms, browsing or otherwise using the Platforms, or receiving any services through the Platforms.

The Platforms operate to: (i) allow you to browse information displayed by the Platforms, and (ii) connect you with a pharmacy that is a pharmacy in our network, and we chose based upon it being located close to your location (as you provide such location to us). We will collect, process, store and otherwise use PI and PHI and other data for the purposes of the Platforms in accordance with this Privacy Policy.

If you do not consent to the collection, use and disclosure of your PI in accordance with this Privacy Policy, do not provide us with any PI and if you are an active user you can close your account, unless the account cannot be closed in accordance with other agreements between you and us.

This Privacy Policy does not apply to the collection, use and disclosure of PHI by pharmacists or other health care professionals (“HCPs”) or assistants thereof, being personal health assistants (“PHAs”) in the course of facilitating your connection to pharmacy services (“Pharmacy Services”) or assisting with the provision of services (“Support Services”) respectfully.  HCPs are subject to their own respective privacy laws and professional requirements that govern how they collect, use and disclose PHI.

The Platforms enable HCPs to receive your PI and PHI through the Platforms and to provide Pharmacy Services to you.  Your use of the Platforms neither establishes nor governs your relationship with the HCP. The Pharmacy Services provided to you by HCP form bilateral contractual relationship between you and HCP and this Privacy Policy does not extend to such contractual relationship.

  1. Personal Information

For the purposes of this Privacy Policy, the term “PI” means any information that is defined to be PI under applicable privacy laws.  Usually, this refers to any information about an identifiable individual or any information that can be used to identify an individual.

Personal information may include, for example, your name and home address, your date of birth and gender, health information, payment information, your occupation, medical conditions or other health information, your personal financial records or credit information, or any personal identification numbers.

In most circumstances, PI does not include the business contact information of a representative of an organization, such as the representative’s name, position or title, business address, business telephone number or business fax number. Publicly available information, such as information in a public directory, is not PI under this Privacy Policy.

  1. Consent for the collection, use and disclosure of PI

When you sign up for or use the Platforms we ask you to confirm that you have read and agree to our Privacy Policy.  By submitting your PI or PHI through the Platforms, you consent to the collection, use, and disclosure of such information as set out in this Privacy Policy.

Privacy legislation requires us to obtain the consent of an individual to the collection, use or disclosure of PI in many circumstances.

By providing your PI and/or PHI to us, you agree that we may collect, use and disclose your PI and PHI in accordance with this Privacy Policy and as otherwise permitted or required by law, and that we may access, process and store your PI and PHI in Canada or another jurisdiction.

When we receive PI or PHI from you for the purposes of providing you with our Platforms, products or services, and Pharmacy Services and Support Services, or for other uses identified herein, you are providing us with consent as follows:

  1. to allow us to deal with that PI and PHI in a reasonable manner;
  2. to allow us to provide your PI and PHI to third parties we engage to provide or support the Platforms;
  3. to allow us to use and store your PI and PHI for the purpose of providing you with the products and services you purchase from us and to utilize the Platform, Pharmacy Services and Support Services; and
  4. to allow us to transfer your PI outside of Canada (whereby your PI will be treated in accordance with applicable foreign laws) for the purpose of storage and use of your PI by us.

If you need to provide us with PI or PHI about other individuals, you represent and warrant to us that, where required by law and prior to your disclosure to us, you will obtain the consent of each individual to the collection, use and disclosure by us for the specific purpose(s) that the disclosure is made by you.

Providing us with your PI and PHI is always your choice. When you request products and/or services from us, or utilize us to access Pharmacy Services or Support Services, we ask that you provide information that enables us to respond to your request and/or provide you with our services. In doing so, you consent to our collection, use and disclosure to appropriate third parties of such PI and PHI for these purposes.

If we sell our organization or merge with another party, your consent will be implied to transfer your information to our successor for the same purposes as set out in this Privacy Policy.

  1. Consent Exceptions

There are legal exceptions where we will not need to obtain consent or explain the purposes for the collection, use or disclosure of PI. Some examples of situations where consent is not required include an emergency that threatens the life, health or security of an individual, or if we must comply with a court order or governmental order.

We may use PI without your knowledge or consent in limited circumstances whereby we are required to provide PI to third parties for legal or regulatory purposes. For example, under certain exceptional circumstance we may have a legal duty or right to disclose PI without your knowledge or consent. Various government agencies such as the Canada Revenue Agency, Human Rights Commission, Canadian Radio-television and Telecommunications Commission, and law enforcement, may have the authority to review our files and interview our staff when deemed necessary. These agencies have their own strict privacy obligations.

  1. What PI and PHI do we collect and use?

Generally, you may browse our Websites or the Apps without providing any PI.  You are under no obligation to provide us with PI, with the caveat that your refusal to do so may prevent you from using certain portions of the Websites or the Apps.

As set out above, HCPs and PCAs are responsible for the collection, use and disclosure of PI and PHI as it relates to the provision of Pharmacy Services and Support Services and for ensuring that adequate safeguards are in place to protect that information.  The following overview provides general information about how PHI or PI is collected and used through the Platforms.

User Accounts

In order to use the Platforms and to receive Pharmacy Services and Support Services you may be required to create a user account (the “User Account”) through the Platforms and be issued a username and password login credentials (“User ID”).  We collect information such as your name, email address, phone number, gender, date of birth and province or territory to create your User Account.  If you are issued a User ID, you will be required to keep your User ID secure.

The Pharmacy Services and Support Services are also available for use by children at the discretion of the HCP or PHA.  For all patients under the age of 18, the holder of the User Account and User ID, must be the patient’s parent or legal guardian.  You may be asked to provide PI or PHI about your child in order to register them to use your User Account (“Registered Child”).

Provision of Pharmacy Services and Support Services

We collect PI or PHI on behalf of the HCP or PHA when you request Pharmacy Services or Support Services to facilitate the provision of those services and to assist you in connecting with the HCP of your choice.

We collect your provincial health card number in order to bill provincial health plans for those services that are eligible for coverage by provincial health plans on behalf of the HCP and/or your financial information to facilitate payments in respect of your use of the Platforms or the receipt of any services through the Platforms.

We may further collect your health insurance information in order to bill such health insurance plan for those services or pharmaceutical products that are eligible for coverage by such plans on behalf of the HCP.

HCPs and PHAs collect and use PI and PHI about you or a Registered Child in order to provide you or your child with Pharmacy Services and/or Support Services.  HCPs and PHAs may collect PHI about you verbally or by text, including the reason for your consultation request; relevant health history and present condition or symptoms.  The HCP may access PHI that you have entered or uploaded to your profile and medical records or information created during earlier interactions through the Platforms with other HCPs or PHAs.

HCPs and PHAs must comply with professional regulatory requirements, including as it relates to confidentiality and privacy and record keeping, as well as privacy laws.  HCPs may create information such as prescriptions, sick notes and other notes about your interaction with them via the Platforms.

Platform Services

There are a number of optional services that may be provided through the Platforms, where authorized.  We may collect and use your PHI or PHI to provide you with services that you request us to perform on your behalf, e.g., securely faxing your prescription to your chosen pharmacy, a summary report about your Healthcare Services to a physician of your choice; open an account for you with a prescription delivery service; and, where available, securely transmit your information to the prescription delivery service (collectively, “Platform Services“).

  1. How do we use your PI and PHI?

We use your PI and PHI for the purposes for which it was collected, as well as other purposes for which you have given consent.  In addition to those purposes set out above, this includes, but is not limited to, the following purposes:

  • Administration of your User Account
  • Marketing: In accordance with anti-spam laws, we obtain your consent in order to send you commercial electronic messages. We do not share email addresses or other contact information with third parties without your permission.
  • Notifications: We will ask you if you wish to receive notifications about services that you request.  If you agree, we will send you email or text messages to we notify you about the status of your consultations and other requests, such as prescription orders.
  • Payments: You may be given the option to pay for Pharmacy Services, Support Services and any products you purchase through such services via an electronic payment service. Such electronic payment service is facilitated by a third party service provider on your behalf. Any payment information you provide will therefore be provided to such third party service provider, and you here by provide consent for our disclosure of your payment information for that purpose.
  • Uses set out in the Consent section herein.

We also may use your PI or PHI to comply with our legal obligations, resolve disputes, and enforce our agreements and as required and/or permitted by applicable privacy laws.

  1. Disclosing PI or PHI to third parties

We will not disclose, share, sell or rent your PI or PHI with or to any third party, except with your written consent or as required or permitted by privacy laws.  We may disclose your PI or PHI as we deem necessary, in our sole discretion, to comply with any applicable law, regulation, legal process or governmental request.

In some instances we may retain other companies and individuals to perform functions on our behalf, including, but not limited to website developers, service and technology providers, and payment service providers.  Third parties may be provided with access to your PI or PHI to perform the functions for which they have been retained.  Our agreements with third parties will not permit them to use your PI or PHI for any other purposes and commit them to comply with applicable data privacy standards.

Except as otherwise set out herein, only HCPs and PSAs have access to your PI and PHI.  HCPs and PHAs may disclose PHI about you, including to your emergency contact, if they believe that you are dealing with a medical emergency during a consultation and disclosure is necessary in order to eliminate or reduce the risk of serious harm.

  1. Security Safeguards

All PI and PHI collected on the Platforms is securely and digitally stored on servers physically located in Canada.  The Platforms are secured through encryption technologies and only you and your HCPs and PHAs have access to your PI and PHI.    PHI created in connection with the provision of Pharmacy Services is managed by the HCP in accordance with applicable privacy legislation.  The Platforms are licensed by us to your HCP and are used by your HCP to communicate with you.

We use physical, organizational and technical industry-standard security safeguards commensurate to the sensitivity of data collected, used or disclosed such as encryption in transit and at rest.  We use a variety of technologies and procedures to help protect the security of your PI and PHI from unauthorized access, use, or disclosure.

We have implemented and maintain reasonable and appropriate security measures, procedures and practices to protect against the loss and unauthorized access, use, modification, destruction or disclosure of your PI and PHI while it is our custody or under our control.

Although we use advanced encryption technology and other security protocols to protect your PI and PHI and the privacy of the Pharmacy Services and Support Services with HCPs and PHAs, in using the Platforms there are inherent risks to any technology however remote that could cause security protocols to fail or to be breached and which could result in the unauthorized collection, use or disclosure of your PI and/or PHI.

  1. Retention of PI and PHI

We will retain your PI and PHI on the Platforms until such time as you or we terminate your User Account.  On termination, you will have an opportunity to print or make copies of any PI or PHI held in the Platforms, provided that we have the appropriate authorization from the applicable HCP and/or PHA relating to the Pharmacy Services or Support Services.

  1. How can I access or correct my PI or PHI?

You can add, edit, or delete optional information appearing in your User Account at any time in your account settings. You can edit, but not remove, certain information (like an email address and your medication record).

In connection with the provision of Pharmacy Services, you have additional rights under applicable privacy laws.  You may request access or correction to your health records, withdraw your consent or request limits on the collection, use or disclosure of your PHI for health care purposes by contacting your HCP.

  1. Children

We are committed to protecting the privacy of children.  The Platforms are not intended or designed for children.  We do not collect PI from any person we actually know is a child.  Where applicable, a Registered Child may use the Platforms through their parent or legal guardian.

  1. Privacy and Our Platforms

Each time the Platforms are utilized by a user, our web server or other tools may collect and log certain information in access logs. Such access logs may be kept for a reasonable period of time. Such access logs may include, but not be limited to, information such as the following: your machine’s TCP/IP address, files accessed, the date and time of such access, and other information pertaining to your activities on the Platforms. These logs are used solely for performance, site administration and security reviews. They are not sold or shared in any way to third party organizations. We may use this non-personal information to optimize the Services, and our products.

We may collect anonymous information as you navigate and/or interact with the Platforms. We may use anonymous information to operate and improve the Platforms. We may also use anonymous information to track what visitors to the Platforms are looking at most frequently so we can recognize and deliver more of the desired features, products, and Platforms.

We may collect information pertaining to you from third party sources, including but not limited to, for the purpose of generating your account for our Platforms. It is your responsibility to review such information in your account to ensure its accuracy.

By accessing and browsing the Platforms, or our products and/or service(s), you agree that the we, or any third party we engage or that assists us, may collect, use and disclose any information collected about you through the Platforms, or our products and/or services or that you provide to us through the Platforms, or our products and/or services as described in this Privacy Policy.

  1. Cookies & Web Beacons

We may, from time to time, use “cookies” solely for security and authentication purposes.

Most websites use cookies in order to make them work, or to work more efficiently, as well as to provide information to the owners of the website. They help us to understand how users access our website so we can develop and improve the design, layout, content and function of the Platforms.

Cookies are small text files that a website saves on your computer or mobile device when you visit the site. They save and retrieve pieces of information about your visit to the website – for example, how you entered the site, how you navigated through the site and what information and documentation was of interest to you. This means that when you go back to a website, it can often give you tailored options based on the information it has stored about you on your last visit.  It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.

On our Platforms, cookies can be set by us (first party cookies) or by our partners (third party cookies).

We set cookies for the purposes set out below:

  • analytics;
  • collecting page views;
  • viewing history; and
  • session cookies – for keeping users logged in while browsing (during of up to one hour).

The following major third-party analytics services (among others) may set cookies and have access to your IP address based upon your use of our website:

  • Google Analytics
  • Hotjar
  • Facebook
  • LinkedIn
  • Intercom

We cannot provide the names and purposes of the third party cookies as we do not have access to that information, however they are necessary for us to provide our Platforms. These third parties face serious consequences if they are in breach of applicable privacy laws.

If you are uncomfortable with the use of cookies, you can disable cookies on your computer by changing the settings in the preferences or options menu in your browser. You can set your  browser to reject or block cookies or to tell you when a website tries to put a cookie on your computer. You can also delete any cookies that are already stored on your computer’s hard drive. However, please be aware that if you do delete and block all cookies parts of our Services will not then work. This is because some of the cookies we use are essential for parts of our Services to operate. Likewise, you may not be able to use some products and services on other websites without cookies.

To find out more about cookies, including to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org

If you do not wish to accept cookies from our Platforms, please leave the Platform immediately and then delete and block all cookies from the Platform.

We may use web beacons alone or in conjunction with cookies to compile information about you and your usage of the Platforms, as well as your interaction with emails from us. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon. For example, we may use web beacons to operate and improve the Platforms and email communications. We may use information from web beacons in combination with personal information about you to provide you with information about us and our Platforms, products and services.

  1. Analytics and Interest-Based Advertising

Our third party vendors or service providers may also use cookies and web beacons to measure the effectiveness of our ads and to determine the content and advertising to offer you based on your interests. To support these activities, we, our service providers, and business partners may use information about your visits to our Platforms. You may opt out of other third-party vendor’s use of cookies by disabling cookies on your browser. Please note that even if you choose to disable cookies you will still see advertisements while browsing online. However, the advertisements may be less relevant to you and your interests.

We may also use third-party service providers to monitor and analyze the use of our Platforms. Google Analytics is a web analytics service offered by Google Inc. (“Google”) that tracks, monitors and reports traffic on our Platform. Google tracks information like (i) your IP address; (ii) the type of web browser and operating system being used; (iii) the pages of the Platform that you visit; and (iv) other websites you may have visited before visiting our Platform.

Google may also transfer this information to other third parties where they are required to do so by law, or where such third parties process the information on their behalf. You can opt-out of having your activity on the Platforms made available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about a visitor’s activity. For more information on Google’s privacy practices, please visit: https://policies.google.com/technologies/partner-sites.

  1. Anti-spam

Where applicable, we will seek your express consent to contact you, including by way of commercial electronic messages. This consent is sought by Mednow Inc. and you can contact us at 1-855-633-6691 or at 4484 Main Street, Vancouver, British Columbia, V5V 3R3. You can unsubscribe at any time from receiving commercial electronic messages by following the instructions in the message.

Even if you have opted out of receiving marketing communications from us, please be aware that we may still contact you for other purposes. For example, we may contact you to provide communications you have consented to receive, regarding the services we provide to you, or if you contact us with an inquiry.

  1. Third- Party Sites

The Platforms may contain links to other third-party sites. When you click on one of these links you are visiting a website operated by someone other than us and the operator of that website may have different privacy policies.  We are not responsible for the individual privacy practices of those sites. We encourage you to investigate the privacy policies of these third-party operators.

  1. Information Accuracy

While we collect the PI and PHI that you supply, we do so with the understanding that any such information is as accurate. It is important to us that your PI and PHI held by us is accurate and complete. Having accurate information about you enables us to provide you with better products and services, and between Pharmacy Services and Support Services. You can help us keep PI and PHI up-to-date by keeping us informed of any changes, such as a change of address, telephone number or any other circumstances. We will not be able to provide you with any notices if we do not have accurate contact information for you and we will bear no responsibility for any action or omission as a result of our lack of accurate contact information for you.

  1. Retention and Destruction of Personal Information

The amount of time we will retain PI and PHI varies, depending on the products and services we have provided and the nature of the PI and PHI that we hold.  We retain PI and PHI for such period of time as is necessary for us to maintain sufficient information so we may respond to any issues that arise at a later date or as is required by law.

When PI and PHI is no longer required by us or by law, we will either convert it into an aggregated non-identifying form or we will appropriately destroy or erase the PI and PHI in a manner that is in accordance with our current policies and procedures.

  1. Transfers of Personal Information

We are responsible for your PI and PHI, which we process and store in Canada, in accordance with the terms of this Privacy Policy. If you are not resident in Canada and/or are located of Canada, you bear all responsibility for ensuring that your use of our Platforms and any Pharmacy Services or Support Services is compliant with all applicable laws.

  1. Access and Correction

We recognize that you may have the right to access your PI or PHI. Any access request must be made in writing to:

We may charge a reasonable fee for providing information in response to an access request, and, upon request, we will provide an estimate of any such fee upon receiving a request to access information. We may require a deposit for all or part of the fee.

Where applicable or permitted, we will make the information available within 30 days or provide written notice when we require additional time to respond to a request for access to information.

In some situations, we may not be able to provide access to certain PI or PHI as the right to access PI and PHI is not absolute.  If we do not provide you with the requested information, we will notify you in writing and explain our reason(s) for not fulfilling your request.

  1. Withdrawal of Consent: You may, at any time, withdraw your consent to our collection, use and disclosure of your PI or PHI, subject to reasonable notice and any legal and/or contractual restrictions.

Should you choose to withdraw your consent, we may be unable to provide, or continue to provide, the Platforms, our products or services, or any Pharmacy Services or Support Services that can only be provided if we receive appropriate and required PI and/or PHI.

  1. Sensitive Data

We request that you do not send us any sensitive data, including but not limited to social security or national identification numbers, information related to racial or ethnic origin, political opinions, religious beliefs, heath information, biometrics or genetic data, criminal background or trade union membership information, unless we explicitly request such information. In accordance with applicable privacy laws, the sensitivity of data may be determined based upon context, or by other measures. If you do send us sensitive data then you are consenting to its processing in accordance with this Policy.

  1. Governing Law

All matters relating to your access or use of the Platforms shall be governed by the laws of the Province of Ontario and the laws of Canada applicable therein, without regard to principles of conflicts of law.  You agree and hereby submit to the exclusive jurisdiction of the courts of the Province of Ontario with respect to all matters relating to your access and use of the Platforms, as well as any dispute that may arise therefrom.

  1. Contacting us

Should you have any questions or concerns about this Privacy Policy or our practices, you may contact us at support@mednow.ca.

You may also contact the Office of the Privacy Commissioner of Canada or provincial Information and Privacy Commissioner (as applicable) with any questions or concerns.

  1. Changes to this Privacy Policy

This Privacy Policy is effective as of the date indicated herein.  We reserve the right to change this Privacy Policy, and any of our policies and procedures concerning our practices for handling PI or PHI, at any time and without any prior notice.  Any changes that are made to this Privacy Policy will apply to both any PI and PHI that we hold prior to the effective date of the amended Privacy Policy and any PI and PHI that we collect on or after such effective date.

You should review this Privacy Policy and all policies regularly to make sure that you are aware of any changes. Your access to use of the Platforms, our products and services, and Pharmacy Services and Support Services on and after the date on which we post the revised terms constitutes your acceptance of the Privacy Policy as revised as well as of any revised policies.

  1. Successors and Assigns

Our successors and assigns may collect, use and disclose your personal information for substantially similar purposes as described in this Privacy Policy.

© Mednow Inc., 2020.