FIXX RX Inc. and FIXX RX LLC and its affiliates (“FixxRx”) are committed to maintaining the accuracy, security and privacy of Personal Information in accordance with the Personal Information Protection and Electronic Documents Act (the “Act”). This policy is a statement of principles and guidelines concerning the collection, storage, use, disclosure, protection and accuracy of Personal Information collected and controlled by FixxRx.
The Act defines “Personal Information” as any factual or subjective information, recorded or not, about an identifiable individual, including:
(a) age, name, ID numbers, income, ethnic origin, or blood type,
(b) opinions, evaluations, comments, social status, or disciplinary actions; and
(c) employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentional regarding purchases or change in job.
PRINCIPLES GOVERNING COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION
FixxRx is responsible for protecting all personal information held by it or transferred to a third party for processing. FixxRx has appointed a Privacy Officer who is responsible for FixxRx’s compliance with the Act. The Privacy Officer may be contacted by e-mail at email@example.com or by post at 210 Lesmill Road, North York, Ontario, M3B 2T5.
FixxRx has developed personal information policies and practices that:
(a) protect personal information,
(b) require any third party contracting with FixxRx to guarantee the same level of protection;
(c) train employees on privacy policies and procedures; and
FixxRx identifies the purposes for which it collects personal information before or at the time of collection. Before or when personal information is collected, FixxRx identifies, documents, and informs the individual why it is needed and how it will be used. FixxRx obtains the individual’s consent, either verbally or in writing, before using the personal information for any new purpose.
FixxRx collects personal information for the following purposes:
(a) opening an account;
(b) verifying creditworthiness;
(c) communicating information and offers to individuals;
(d) understanding and analyzing sales, needs and preferences;
(e) developing and providing services;
(f) marketing and advertising products and services;
(g) booking appointments;
(h) participating in promotions and programs;
(i) participating in research or focus groups;
(j) processing exchanges or returns;
(k) improving services and store appearances;
(l) responding to requests and/or complaints;
(m) processing product orders; and
(n) scheduling enrollment in education programs.
FixxRx makes every reasonable effort to obtain express consent for the collection, use or disclosure of personal information. However, consent may be implied by an individual giving FixxRx his or her personal information either in person or over the telephone. FixxRx makes every effort to explain how it will use the personal information, that consent may be withdrawn, and any consequences arising from the withdrawal. FixxRx does not accept consent from a party lacking the capacity to give it.
4. LIMITING COLLECTION
FixxRx does not collect personal information indiscriminately and does not deceive or mislead individuals about the reasons for collecting it. FixxRx limits the amount and type of information gathered to what is necessary for the identified purpose. FixxRx obtains personal information in the following manner:
(a) Verbally: over the telephone or in person through interaction with our Territory Managers, Client Services Representatives, Advisors, Managers and Team Leaders.
(b) In Writing: through registration forms, application forms, authorizations, surveys, questionnaires, and resumes communicated by e-mail, regular mail, fax, and the internet or through exchange and refund transactions.
5. LIMIT USE DISCLOSURE AND RETENTION
FixxRx uses or discloses personal information only for the purpose that it was collected, unless the individual consents or the use or disclosure is authorized by the Act. FixxRx only keeps personal information as long as necessary to satisfy the purpose. FixxRx does not give or sell client/guest lists to any organization or individual other than companies contracted to implement direct mailings/marketing or to analyze data. FixxRx has guidelines and procedures in place for retaining and destroying personal information. Any personal information that has not been used for its identified purpose within a consecutive 48 month period or 4 years is destroyed or deleted, unless otherwise dictated by legislation.
FixxRx keeps personal information as accurate, complete and up-to-date as necessary, taking into account its use and the interests of the individual. FixxRx updates personal information from time to time as provided by the individual.
FixxRx protects personal information against loss or theft and safeguards it from unauthorized access, disclosure, copying, use or modification regardless of the format in which it is held.
FixxRx has implemented security safeguards including, but not limited to,:
(a) physical measures (locked filing cabinets, restricting access to offices, alarm systems);
(b) technological tools (passwords, encryption, firewalls, security policy); and
(c) organizational controls (limiting access on a “need-to-know” basis and to secure areas).
FixxRx makes policies and practices for the management of personal information available and easily understandable. Individuals are encouraged to contact the Privacy Officer to discuss FixxRx’s privacy policies, how to obtain access to his or her personal information, and to make privacy related complaints, comments, or recommendations.
Upon request, FixxRx will provide individuals access to their personal information. All requests should be forwarded to the Privacy Officer. FixxRx may ask the individual to supply enough information to enable it to account for the existence, use and disclosure of the personal information, including a recent form of identification. FixxRx will attempt to respond to requests within thirty (30) business days. This time frame may be extended pursuant to the Act. FixxRx will correct or amend any personal information if its accuracy and completeness is challenged and found to be deficient. All amended information will be sent to third parties having access to it, where appropriate. In the event that access is denied, FixxRx will provide written reasons. FixxRx will also delete any personal information upon request.
An individual may make a complaint in writing to the Privacy Officer. FixxRx has a procedure in place and will investigate all complaints. FixxRx will notify individuals of the outcome of investigations within sixty (60) business days of receipt of a complaint. If justified, FixxRx will correct any inaccurate Personal Information or modify policies and procedures based on the outcome of the investigation and ensure that all relevant staff is aware of any change.