- WHAT PERSONAL INFORMATION IS COLLECTED?
We may collect or may have collected the following categories of information about you. In some cases, the information we collect may fall within more than one category:
- Contact information and personal identifiers, such as your name, address, email address, telephone number, and username and social media handle.
- Device Identifiers, such as information about your device like your MAC address, IP address, or other online identifiers.
- Demographic information, such as your age, sex, and gender (some of which may be protected by applicable law).
- Commercial information, such as the products or services you have purchased, returned or considered, and your product preferences.
- Payment information, such as your method of payment and payment card information (including payment card number, expiration date, delivery address and billing address).
- Identity verification information, such as authentication information (like passwords).
- Online or network activity information, such as information regarding your interaction with our website, mobile applications, digital properties, and advertisements. Information about your browsing and search history on our website or mobile applications, and log file information which includes, but may not be limited to, your browser type, webpages you visit, and other electronic network activity.
- Geolocation information, such as information that can help identify your physical location (like your GPS coordinates or the approximate location of your mobile device).
- Audio and visual information, such as recordings of your voice when you call our customer service.
- User Content, such as communications with us and any other content you provide (including photographs and images, videos, reviews, articles, survey responses, and comments).
- HOW IS YOUR PERSONAL INFORMATION COLLECTED?
We may collect or may have collected personal information about you from various sources. The categories of source from which we collect personal information are:
- Directly from you, such as when you make a purchase on our website, contact us with a question or complaint, use one of our mobile applications, create an account on our Website, respond to a survey, participate in a contest or other promotion, make an appointment, sign-up to attend an event or to be part of a program, or sign-up to receive marketing communications.
- From other sources, occasionally Avicanna may receive personal information from other sources. In these cases, Avicanna receives your personal information from these sources with your consent or if the law requires or permits us to do so (e.g. to meet anti-laundry compliance obligations).
- From Technologies Used at our Company, we may collect personal information through various types or technologies. These can include video surveillance in our facilities or other similar types of technologies that the Company may use from time to time.
- Through offline technologies, such as call recording technology when you speak with customer service.
- From our business partners and service providers, such as insurance companies, demographic companies, analytics providers, and other third parties that we choose to collaborate or work with.
- Through Company Website and Mobile Applications, we may collect certain types of information electronically when you interact with our website, email, mobile applications, social media accounts, online advertising or through the use of Avicanna´s third party´s technologies, which include cookies, web beacons, single pixel gifs, and other technologies. This information helps Company to understand what interactions you take on our website and mobile applications and allow our website and mobile applications to work correctly.
The technologies that we use include:
- dm_mymedi_age_gate_is_over_age: Age gate will remember if the user confirmed the age gate from that computer in the past 30 days
- dm_mymedi_browser_id Browser ID, is a cookie stored to identify the users’ computer after they first signed into the account. That Browser ID is set so next time they log in the account, the security question is not asked again if they put the correct user + password (the MFA still appears). stored for 30 days.
The cookies that we use only in the session, if the browser is opened, are the following:
- pll_language – Language preferences
- dm_mymedi_initial_permalink – Initial link they try to access so we can redirect them correctly after they pass the age gate verification.
- PHPSESSID – a unique generated number that we used to identify the user session for different parts of the application after they log in. This gets destroyed once they close the browser and a new one is created once they open it again and access the site.
- Web beacons and single pixel gifs which are small image files that have your information, such as IP address, that can be downloaded when you visit a website or open an e-mail. This allows us to understand your online behavior, monitor your email delivery, and provide interest-based advertising. These tools also allow our third-parties to gather information such as IP address and provide this back to us in an anonymized, aggregated form. Aggregate information refers to personal information compiled and expressed in summary from where no personal identifiers are included.
- Other technologies, such as DMP services and analytics engines, which pull usage data from multiple sources and help manage and collect this data to use for personalization, interest-base advertising, customizing content and other methods to gain insights regarding your needs and preferences.
You may delete or disable certain or these technologies at any time via their browser by clicking here: Settings. However, if you do so you may not be able to use some of the features on our websites or mobile applications.
- HOW IS YOUR PERSONAL INFORMATION USED?
We may use or may have used the information we have about you to:
- Verify your identity.
- Identify your preferences.
- Provide you with quotations for programs, products, or services.
- Understand your needs of goods and services.
- Open and manage an account.
- Provide you with programs, products, and services.
- Deliver to you requested products and services.
- Provide medical or counselling services.
- Register you in our patients support Program.
- Perform administration activities.
- Perform contractual obligations with third parties.
- Manage our business operations.
- Communicate offers and information that be of your interest.
- Processing your transactions and returns of products.
- Deploying and managing our information technology, applications, and systems, including but not limited to our websites.
- Monitoring and investigating incidents and managing claims.
- Maintaining programs, products and services that we offer.
- Providing you with information and updates on our programs, products, services, promotions, contests and events and responding to your queries.
- Maintaining the security of any physical facility.
- Conduct data analysis for business purposes.
- Meeting regulatory and legal obligations.
We may also use or may have used the information in other ways for which we provide specific notice at the time of collection.
- HOW DO WE MANAGE CONSENT?
By subscribing to our programs, products and services and/or submitting information to us in connection with using our programs, products and services, you are providing your consent to the collection, use and disclosure of personal information as set out in this policy. In some cases, your consent may be “implied” i.e. your permission is assumed based on your action or inaction at the point of collection, use or sharing of your personal information.
We will obtain consent when we want to collect or use personal information for a new purpose or other purposes than those stated at the time of collection or in terms and conditions for a specific program, product, or service, promotion or event that you sign up for, participated or purchased.
- HOW IS YOUR PERSONAL INFORMATION SHARED?
We will not use or share your personal information for any additional purpose unless we obtain your consent to do so. We may share your personal information within our group of companies or with service providers and other third parties for the purposes described in this policy and in accordance with applicable law:
- Service Providers
In the course providing the programs, products, services, promotions, contests, and events that we offer, we may share your Personal Information with our service providers. These service providers help us to operate our business, technology systems and applications, internal procedures, infrastructure and advertising and marketing. They provide services to us such as data hosting, email deployment, call center, and processing or analysis of Personal Information. We require these service providers to limit their access to and/or use of your personal information to what is required to provide their services and to comply with our privacy requirements.
- Third Parties
In the course providing the programs, products, services, promotions, contests, and events that we offer, we may do so through arrangements with third parties. As a result, your personal information may be collected, used and shared by us and applicable third party. These third parties may have their own privacy policies and terms and conditions, which will govern their use of your personal information. You will be informed upon signing up for the relevant program, product or service of the third-party so they can review the relevant privacy policies that apply. In addition, we may disclose personal information about you (i) if we are required to do so by law or legal process; (ii) to law enforcement authorities or other government officials; (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation or suspected or actual fraudulent or illegal activity (iv) when disclosure of your personal information is otherwise required or permitted by law or (v) with your consent.
- Sale or transfer of business or other Transaction
We may decide to sell or transfer all or part of our business to a related company or to a third party, to merge with another entity, to insure or securitize our assets, or to engage in another form of corporate or financing transaction, corporate reorganization, share sale, or other change in corporate control. If your personal information is required in connection with any such transactions, we will comply with all legal requirement for the disclosure of your personal information.
- HOW IS YOUR PERSONAL INFORMATION PROTECTED?
We implement reasonable security measures to protect your personal information against unauthorized access, use, or disclosure which includes physical, administrative, and electronic safeguards. The following security measures (but not limited to those) will be followed to ensure your personal information is appropriately protected:
- Multi-Factor Authentication, which is a method of confirming your identity by using more than one way to authenticate them, such as asking for your password and a code that is sent to your email address or phone number.
- Masking, which is the process of obscuring your information so that the structure remains the same, but the content is no longer identifiable.
- Anonymization, which is the process of altering your data so that it can no longer be used to identify you personally.
- Encryption, which is the process of obscuring your information in order to make it unreadable without to use of a code or a key;
- Logging and Monitoring, which is the process of tracking, recording, and monitoring activity related to the access and/or use of your accounts or Personal Information.
- Tokenization, which is the process of replacing original value with random generated alphanumeric value known as token.
We use all reasonable safeguards, including contractual requirements with its service providers, to protect your personal information wherever it is used or stored. In general, we store, access and use Personal Information in Canada.
We will continually review and update our security policies and controls as technology changes to ensure ongoing your personal information security, however please understand that no method of data transmission or storage is 100% secure and it is not possible to guarantee that a network or system will never be compromised. Consequently, while we utilize reasonable security measures to protect personal information, we cannot guarantee or warrant the security of any personal information that you transmit to us, and you understand that any personal information that you transfer to us is done at your own risk. If we learn of a security-systems breach, we may attempt to notify you so that you can take appropriate protective steps. In the event that we are required by law to inform you of any unauthorized access to your potentially personally identifying and personally identifying information, we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
- WHAT ARE YOUR RIGHTS AND CHOICES?
Accessing, Updating, and Modifying Personal Information
Subject to applicable law, you have the right to request access to and receive details about the personal information we have about you, update and correct inaccuracies in your personal information, and have the personal information deleted, as appropriate. We may take reasonable steps to verify your identity before granting access or making corrections.
A request to access to your personal information must be made in writing and provide sufficient detail to identify the personal information being sought. The request shall be sent to firstname.lastname@example.org. We will make the requested information available within thirty (30) business days or provide written notice of an extension where additional time is required to fulfill the request. If a request is refused in full or in part, we will notify you in writing, providing the reasons for refusal and the recourse available to you.
Some of the personal information that we hold about you is accessible to through our online account(s). You can access and update your personal information by logging into your account(s) and making updates to your profile information and your preferences.
To access Personal Health Information, you shall contact your healthcare provider directly. Similarly, to access your personal information collected by a third party, you shall contact that third party directly.
You can opt-out of receiving marketing or clienteling communications by email by following the instructions within the emails you receive for us of by contacting us through email@example.com. Please note that your opt-out request is specific to the particular type of email communication you receive from us. For example, you opt-out form a clienteling email you will no longer receive clienteling email communications, but you may still receive email marketing communications from us. Further, if you opt-out from both clienteling email communications and marketing email communications, we may still sed your transactional or operational emails. This includes purchase or shipping confirmations, passwords resets, profile updates or other account related messages, if applicable.
Push Notifications Opt-Out
When you download one of our mobile applications or when you visit our Website, we may provide you with the option to receive push notifications. You may opt-out of receiving push notifications by adjusting the settings on your mobile device or browser.
- TECHNOLOGIES, TARGETED ADVERTISMENT & ANALYTICS
We may use technologies such as cookies, web beacons and sigle pixel gifs, and other technologies (“Technologies”) as explained in section 2 for the purposes mentioned therein. Some of these Technologies are necessary for the Website to function properly and other improve your browsing experience by remembering your preferences. You may choose to refuse certain cookies or Technologies, however, please note that refusing them may impact your ability to access or use the full functionality and/ or feature of the Website. For detail on these types of Technologies and information on how to opt-out, please go to Setting.
Please note that your opt-out only applies to the browser you use to submit opt-out, so if you use multiple browsers or devices, you must opt-out on each browser, on each device. Your opt-out is enable using cookies so once you opt-out, if you delete your browser´s saved cookies on a device, you will need to opt-out again on that browser on that device.
We may use analytics services, on our Website, our social media pages, or our mobile applications to help us evaluate and analyze how visitors use these platforms.
- CHILDREN´S PRIVACY
This Website is not intended for or directed to children under the age of eighteen and we do not knowingly collect personal information from children under that age on the Website. If we become aware that a child under the age of eighteen has provided us with personal information, we will delete the information from our records.
- LINKS TO OTHER WEBSITES
Our Website or mobile applications may provide links to other websites for your convinience and information. These websites may operate independently from us. Linked websites may have their own privacy notices or policies, which we strongly suggest you review if you visit any linked websites. To the extent any linked websites you visit are not owned or controlled by us, we are not responsible for the website´s content, any use of the websites, or the privacy practices of the websites.
- HOW TO CONTACT US