ECAH’s “ECAH Services” mean (i) ECAH’s mobile applications that ECAH makes available for use of the ECAH Services (“Apps”), (ii) ECAH’s website currently located at http://myecah.com/ (and the webpages within that website) (“Website”), and (iii) any software, platforms, digital services, features, tools, and functionalities, as well as any content of ECAH or its licensors, made available via or accessible through any of the Apps or Website.
ECAH has developed policies and procedures consistent with the Personal Information Protection and Electronic Documents Act (“PIPEDA”), and other relevant privacy laws.
“Provider” means a third party independent contractor home care service provider, who may fulfill one or more Recipient requests (i.e. made via the ECAH Services) for Home Care Services. [Providers may be independent regulated non-physician health professionals (e.g. physiotherapists or nurses).] “Recipient” means a user of any ECAH Services who requests to receive, or actually receives, any Home Care Services. “Home Care Services” means the care services offered by and provided by Providers to Recipients.
Information ECAH Collects
a. Personal Information
Personal Information that ECAH collect, or may have access to, includes, but is not limited to:
- Registration information, such as name, date of birth, age, e-mail address, physical address, postal code, and phone numbers;
- Billing and payment information, including credit card information, billing address, and bank account details;
- IP address;
- [health information, such as, medical history, health card number, physician(s), diagnoses, prescription, and treatment plans, whether provided by You directly via the Services or indirectly via the Services through a Provider (who may collect such information during the provision of Home Care Services);]
- Personal Information contained within content uploaded to the ECAH Services by a user;
- Any other Personal Information that You may provide when You use the ECAH Services, or when you contact ECAH with questions and/or inquiries;
- Technical support records;
- Service requests and inquiries; and
- Any information that ECAH collects from You that is intended to improve and personalize ECAH Services.
b. Non-Personal Information
Please note that Personal Information does not include information that is aggregated or anonymized in such a manner that it cannot be connected to You or any of other users. Such information by itself or together cannot be tracked to a specific individual’s Personal Information.
How does ECAH use Personal Information?
ECAH collects Personal Information to:
- provide ECAH Services to You and other users of the ECAH Services;
- facilitate transactions between or among You, other ECAH Services users, and ECAH (e.g. Providers use Recipient Personal Information to provide Home Care Services);
- establish and maintain responsible commercial relations with You;
- communicate with You as part of the ECAH Services, including to provide You with ECAH Services or administrative messages or to respond to any correspondence You may direct to ECAH;
- permit ECAH’s payment provider, currently Stripe, to provide payment services;
- understand the ECAH Services’ users’ needs and preferences;
- enforce ECAH’s General Terms of Service available at http://myecah.com/general-terms-of-service/ and ECAH’s Provider Terms of Service available at http://myecah.com/general-terms-of-service/;
- meet legal and regulatory requirements;
- prevent, detect and mitigate illegal or fraudulent activities;
- to improve the ECAH Services; and
- for any other reasonable purposes for which You may have provided Your express consent or in which Your consent can be reasonably implied.
ECAH uses NPI in an ongoing effort to better understand and serve the users of ECAH Services, including to provide the ECAH Services and to improve the content and functionality of the ECAH Services.
For instance, ECAH uses NPI to monitor traffic and to collect statistical data.
The NPI collected is used to monitor traffic, provide the ECAH Services, and conduct internal research on ECAH’s users’ to better understand and serve them, including users’ size, usage patterns, demographics, interests and behaviors.
The Apps also may access metadata and other information associated with other files stored on Your device. This may include, for example, photographs to take pictures or existing stored photographs to contribute to a listing of an item for sale.
The ECAH Services may automatically receive and store certain types of information about users’ and their use of the ECAH Services and their devices, including IP address, geo location, browser type, web pages viewed, and date and time, as well as how users interact with ECAH.
ECAH uses different types of technology to collect information about users, such as log files, embedded scripts, cookies, web beacons, and pixel tags.
You may opt-out of Google Analytics by clicking here: https://tools.google.com/dlpage/gaoptout?hl=en
ECAH respects Your privacy and, unless otherwise required by law, ECAH will not collect, use or disclose Your Personal Information without Your prior consent. Your consent may be expressed or implied. You may expressly give Your consent in writing, verbally or through any electronic means. In certain circumstances, Your consent may be implied by Your actions. For example, providing ECAH Personal Information to register for ECAH Services is implied consent to use such information to provide You the associated ECAH Services.
Where appropriate, ECAH will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when ECAH wants to use information for a purpose other than those identified above). In obtaining consent, ECAH will use reasonable efforts to ensure that a customer is advised of the identified purposes for which Personal Information collected will be used or disclosed.
The form of consent sought by ECAH may vary, depending upon the circumstances and type of information disclosed. In determining the appropriate form of consent, ECAH shall take into account the sensitivity of the Personal Information and the reasonable expectations of ECAH’s users. ECAH will seek express consent when the information is likely to be considered sensitive. Implied consent will generally be appropriate where the information is less sensitive.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. In order to withdraw consent, You must provide notice to ECAH in writing.
Limiting Use, Disclosure and Retention
When You receive or provide Home Care Services, the Recipient or Provider may receive Your Personal Information, including personal health information.
In the event Your Personal Information is disclosed to a third party pursuant to a business transaction, ECAH will ensure that it has entered into an agreement under which the collection, use and disclosure of the information is related to those purposes that relate to the transaction.
Subject to the foregoing, only ECAH’s and ECAH’s Affiliates’ employees with a business need to know, or whose duties reasonably so require, are granted access to Personal Information about ECAH’s users. All such employees will be required as a condition of employment to contractually respect the confidentiality of ECAH’s users’ Personal Information.
ECAH will retain Personal Information for only as long as required to fulfill the identified purposes or as required by law. Personal Information that is no longer required to fulfill the identified purposes will be destroyed, erased or made anonymous according to the guidelines and procedures established by ECAH.
ECAH will disclose Personal Information without Your knowledge or consent if ECAH receives an order, subpoena, warrant or other legal requirement issued by a court, tribunal, regulator or other person with jurisdiction to compel disclosure of Your Personal Information. If ECAH receives a written request from a police officer or other law enforcement agency with authority to request access to Your Personal Information in the course of an actual or potential investigation into a breach of a law, ECAH’s policy is to provide the requested information.
Links to Other Online Services and Social Networks
You may be able to access third-party websites and services through links available on ECAH Services.
You may create links between the ECAH Services and social media online services. If You do so, ECAH may be able to publish updates about ECAH Services to Your social media service accounts through the links that You establish. You may terminate those links at any time by modifying Your social network account.
Storage Outside of Canada
Your Personal Information will [not] be used or stored by ECAH or ECAH’s service providers outside of Canada. ECAH requires that ECAH’s service providers safeguard Your Personal Information.
Children and Minors
ECAH Services are not directed to children under the age of majority. ECAH will not knowingly collect Personal Information about a child under the age of majority. Please do not submit information about minors.
How can I Access my Personal Information?
Upon request, ECAH will provide You information regarding the existence, use and disclosure of Your Personal Information and You will be given access to that information. ECAH will respond to an application for individual access to Personal Information within a reasonable time and at minimal or no cost to the individual. You may challenge the accuracy and completeness of the information and have it amended as appropriate.
NOTE: In certain circumstances, ECAH may not be able to provide access to all of Your Personal Information that it holds. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation privilege. ECAH will provide the reasons for denying access upon request.
ECAH protects Your Personal Information by security safeguards appropriate to the sensitivity of the information. ECAH will protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
ECAH’s methods of protection include:
- Physical measures, such as filing cabinets which are kept locked when not in use and restricted access, both to ECAH’s place of business in general and to internal offices as well;
- Organization measures, such as security clearances and limited access on a need to know basis; and
- Technological measures, such as the use of passwords, firewalls and encryption.
Inquiries; Challenging Compliance
The Privacy Officer will respond to all such inquiries or complaints within 14 business days of receipt. The Privacy Officer will make reasonable efforts to resolve all such complaints within 30 days of receipt of the initial complaint. If ECAH finds a complaint to be justified, it will take appropriate measures, including, if necessary, amending its policies and procedures.
For more information, please contact ECAH’s Privacy Office as follows:
Easy at Care at Home (ECAH) Incorporation
100 King Street W,
Toronto, ON M5X1C7,