Last modified: April 23, 2020
OUR COMMITMENT TO PRIVACY
SCOPE OF POLICY
This Policy applies to our collection, use and disclosure of your personal information, including your name, birthdate, gender, contact information, prescription information, health/medical information, insurance coverage information, payment information, preferences, and other information. This Policy does not impose any limits on the collection, use or disclosure of the following information:
- business contact information;
- certain publicly available information; and
- de-identified or aggregated information which cannot be used to identify a particular individual.
We have designated a Privacy Officer who is responsible for our compliance with this Policy. The Privacy Officer may be contacted as described below.
When collecting personal information, we will state the purpose of collection and will provide, on request, contact information for the Privacy Officer who can answer questions about the collection
We collect, use and disclose your personal information for the following purposes:
- to provide and administer products and services you request, to fill and deliver your orders, to take payment for your orders, and to disclose information for any purpose related to those purposes;
- to assist our third party suppliers of products and services to provide any of our products and services to you (for example, we provide your personal information to our ordering, fulfilment, payment, prescription management and database service providers);
- to seek reimbursement from your insurance company;
- to communicate with you regarding our products and services;
- to monitor your compliance with any of your agreements with us;
- to manage or transfer our assets or liabilities, for example in the case of an acquisition or merger, the provision of security for a credit facility or the change of a supplier of products;
- to protect us, yourself and others from fraud and error and to safeguard our business interests;
- to collect debts owed to us;
- to comply with legal and regulatory requirements; and
- to distribute to third parties including payment processors, landlords, lawyers, financial institutions and government licensing bodies for any of the above purposes.
The above collections, uses and disclosures are a reasonably necessary part of your relationship with us.
We may also collect, use and disclose your personal information as follows:
- we may use your personal information to offer additional or alternate products and services to you and may add your personal information to customer lists for this purpose; and
- we may share your personal information with suppliers and third parties so that they may offer their products or services to you.
You may instruct us to refrain from using or sharing your personal information in any or all of the two ways described immediately above at any time by providing written notification to our Privacy Officer. We acknowledge that the sharing of your personal information in any or all of the two ways described immediately above is at your option and we will not refuse you access to any product or service merely because you have advised us to stop using or sharing your personal information in any or all of the two ways described immediately above.
When your personal information is to be used for a purpose not previously identified, the new purpose will be disclosed to you prior to such use, and your consent will be sought unless the use is authorized or required by law.
We will make a reasonable effort to ensure that personal information we are using or disclosing is accurate and complete.
If you demonstrate the inaccuracy or incompleteness of personal information, we will amend the information as required. If appropriate, we will send the amended information to third parties to whom the information has been disclosed.
When a challenge regarding the accuracy of personal information is not resolved to your satisfaction, we will annotate the personal information under our control with a note that the correction was requested but not made.
SAFEGUARDING PERSONAL INFORMATION
We protect the personal information in our custody or control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.
We will take reasonable steps, through contractual or other reasonable means, to ensure that a comparable level of personal information protection is implemented by the suppliers and agents who assist in providing services to us. Some specific safeguards include:
- physical measures such as locked filing cabinets;
- organizational measures such as restricting employee access to files and databases as appropriate;
- electronic measures such as passwords and firewalls; and
- investigative measures where we have reasonable grounds to believe that personal information is being inappropriately collected, used or disclosed.
Note that confidentiality and security are not assured when information is transmitted through e-mail or other wireless communication. Please notify our Privacy Officer in writing if you do not want us to communicate with you through these means.
You have a right to access your personal information held by us.
Upon written request to our Privacy Officer, and authentication of identity, we will provide you your personal information under our control. We will also give you information about the ways in which that information is being used and a description of the individuals and organizations to whom that information has been disclosed. We may charge you a reasonable fee for doing so.
We will make the information available within 30 days of receiving a written request or provide written notice where additional time is required to fulfil the request.
In some situations, we may not be able to provide access to certain personal information (e.g., if disclosure would reveal personal information about another individual, the personal information is protected by solicitor/client privilege, the information was collected for the purposes of an investigation or where disclosure of the information would reveal confidential commercial information that could harm the competitive position of GravitateIT Corp). We may also be prevented by law from providing access to certain personal information.
Where an access request is refused, we will notify you in writing, document the reasons for refusal and outline further steps which are available to you.
We will, on request, provide information regarding our complaint procedure.
Any inquiries, complaints or questions regarding this Policy should be submitted electronically here.