FH At Home Inc. (“Company” or“we”) respects your privacy and is committed to protecting it.This policy describes our approach to privacy and how we treat your personal information.
This policy describes:
●. The types of information we may collect or that users (“you”) may provide when you download, register with, access, or use the FH At Home website (“Website”); and
● Our practices for collecting, using, maintaining, protecting, and disclosing that information.
We will only use your personal information in accordance with this policy and applicable federaland provincial privacy laws. We take steps to ensure that the personal information that we collect about you is relevant, not excessive, and used for limited purposes.
Please read this policy carefully to understand our policies and practices for collecting, processing, and storing your information. If you do not agree with our policies and practices, do not download, register with, or use the Website.
INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
We collect personal information about you through:
● Direct interactions with youwhen you provide it to us, for example, responding to questions, or corresponding with us, including through live chat and email.
● Digital system or test/screening results portal, for example, if you upload yourtest/screening results through the digital system or the Website.
● Automated technologies or interactions, when you use the Website, for example, usagedetails, IP addresses, and information collected about your location.We may collect and use the following information about you:
● Your name, birth year, photo(s) that you provide to us, email address and postal code (collectively, “personal information”). Personal information includes personal health information.
● When you register for our COVID-19 screening services, your name, contact information, and COVID-19 test/screening results (“personal health information”).
●Non-personal information that does not directly or indirectly reveal your identity or directly relate to an identifiable individual, such as demographic information, or statistical or aggregated information. We may derive non-personal statistical or aggregated data from personal information. For example, we may aggregate personal information to calculate the demographics of users accessing a specific feature of the Website.
●Technical information, including your login information, device type, time zone setting,and usage details.
Information You Provide to Us
When you register with, or use this Website, we ask you to provide:
●Information by filling in forms on the Website. For example, when you use this Website you will be asked to register.
●Information about your connected organizations. A connected organization is typically a company, institution, or other business that you (i) have a pre-existing relationship with and (ii) has enrolled in a COVID-19 workplace screening program. Forexample, this could be your employer/place of work.
●Information when you report a problem with the Website. We use this information to troubleshoot and help correct performance issues.
●Information about your screening results. We use this information to track presumed positive results and to contact Public Health with your details.
●Information about your health status and testing/screening results. We may also ask you to provide information about your health so that we can provide you, your connected organizations and their administrator(s), and other third parties with updates relating to your health status and testing/screening. We will always ask for your consent before we collect, use, or disclose your personal health information.
●Information about your experience using the website. We use the survey questions on the site to understand people’s experience of using the website.
Automatic Information Collection and Tracking Technologies
When you download, access, and use the Website, we may automatically collect:
●Usage details. When you access and use the Website, we may automatically collect certain details of your access to and use of the Website, including location data, logs, and other communication data.
●Device information. We may collect information about your mobile device and internet connection, including the device's unique device identifier, operating system, browser type, and mobile network information.
The information we collect automatically is statistical information and may include personal information. We may maintain it or associate it with personal information that you provide to us. This usage information helps us to improve our Website and to deliver a more useful service, including by helping us to:
●Estimate our audience size and usage patterns.
●Store information about your preferences and customize our Website according to your individual activity or behavior.
●Speed up our services.
●Recognize you when you use the Website.
Third-Party Information Collection
When you use the Website or its contents, certain third parties may collect information about youor your device. These third parties include:
●Your mobile device manufacturer.
●Your mobile and internet service provider.
●Our push notification service provider.
●Our cloud storage service provider.
●Our analytics and performance diagnostics providers.We do not control these third parties' tracking technologies or how they use them.
HOW WE USE YOUR INFORMATION
We use information that we collect about you or that you provide to us, including personal information:
●To provide you with the Website and its contents.
●To improve our Website, products or services, or customer relationships and experiences.
●To provide presumed positive screening/testing results to your local public health unit.
●For any other purpose with your consent.
We will not use the personal information we have collected from you to display advertisements to you.
In addition to the above, we use personal health information that you provide to us to provide screening services to you either directly or through our third party service provider(s) and physician(s), to provide you and with your consent, your connected organization(s) and their administrator(s) with testing/screening results, and to comply with legal and professional regulatory reporting obligations.
DISCLOSURE OF YOUR INFORMATION
●To your connected organizations on the Website and their administrator(s).
●To comply with any court order, law, or legal process, including to satisfy the disclosure requirements of any governmental health agency, respond to any government or regulatory request, in each case according to applicable law.
●To enforce our rights arising from any contracts between you and us, including the Website’s Terms and Conditions.
TRANSFERRING YOUR PERSONAL INFORMATION
We may process, store, and transfer your personal information in and to other countries with different privacy laws that may or may not be as comprehensive as Canadian law. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your personal information. Whenever we engage a service provider, we will take commercially reasonable steps to ensure that its privacy and security standards comply with this policy and applicable Canadian laws.
CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
CANADA’S ANTI-SPAM LEGISLATION AND ELECTRONIC COMMUNICATIONS
Where applicable, we will seek your express consent to contact you, including by way of commercial electronic messages. You can unsubscribe at any time from receiving commercial electronic messages by following the instructions in the message.
Even if you have opted out of receiving marketing communications from us, please be aware thatwe may still contact you electronically for other purposes. For example, we may contact you to provide communications you have consented to receive, regarding the services we provide to you, or if you contact us with an inquiry.
With your consent, we may communicate limited personal health information via email or text inthe interest of promoting timely communication. The use of technology may increase the risk of your personal health information being unintentionally disclosed or intercepted by third parties. Technical failures and technological issues may result in a loss of personal health information and/or delay or interruption. We assume no responsibility or liability for any technical failures or technological issues associated with communicating through electronic communications.
The security of your personal information is very important to us. We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us either directly on your device or with our third-party cloud storage service provider(s). Information stored on your device (iOS or Android) is stored using a minimum AES-256bit encryption and in a secure hardware enclave located on your device. Information that is stored in the cloud is encrypted at rest and in transit and is stored using a minimum AES-256bit encryption on the server.
We only use cloud storage service providers that maintain high industry standards, including globally recognized security and data use & protection certifications.
Except as otherwise permitted or required by applicable law, we will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize or aggregate your personal information so that it can no longerbe associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.
CHILDREN UNDER THE AGE OF 13
Our Website is not intended for children under 13 years of age. No one under age 13 may directly provide any personal information to or on the Website. If you are under 13, do not use this Website.
If you are the parent or legal guardian of a child under 13 years of age, and you have been asked to use this Website by your connected organization (e.g. a daycare, school, or club), then you may use this Website and provide personal information about your child through your own account.
If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at email@example.com.
ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes. You have the right to request access to and to correct the personal information that we hold about you.
If you want to review, verify, correct, or withdraw consent to the use of your personal information you may also contact us at firstname.lastname@example.org to request access to, correction, or deletion of any personal information that you have provided to us. We may not accommodate a request to change or delete information if we believe the change would violate any law or legal requirement, cause the information to be incorrect, or put the health or safety of others at risk.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
WITHDRAWING YOUR CONSENT
Where you have provided your consent to the collection, use, and disclosure of your personal information, you have the right to withdraw your consent, however, it does not have retroactive effect. To withdraw your consent contact us at email@example.com. Please note that if you withdraw your consent we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you make your decision.
CONTACT INFORMATION AND CHALLENGING COMPLIANCE
Attn: Privacy Officer
FH At Home
If you are not satisfied with our privacy practices, you may bring a complaint to the Office of thePrivacy Commissioner or provincial information and privacy commissioner, as applicable.