Privacy Statement
Last updated: December 2. 2024
Aeon Health and its affiliates (collectively, “Aeon”, “we”, “our” or “us”) recognize the importance of privacy. The purpose of this privacy policy is to inform you about our privacy practices, including how we collect, use and disclose personal information when you interact with our website https://www.aeon.health/ (the “Website”), and the products and services provided by Aeon (the “Services”). This privacy policy relates to all our activities, unless we have provided you with a separate privacy policy for a particular product, service or activity.
In this Policy, we use the word “Customer” to refer to anyone who has subscribed to or paid for use of our Services. We use the word “you” to refer to any other individual user of our Services, such as an employee or authorized user of a Customer, or an individual browsing or using our Website and web-based resources.
Please review this privacy policy carefully. By submitting your personal information to us, by using our Website, or by otherwise accessing or using the Services, you consent to our collecting, using and disclosing your personal information as set out in this privacy policy.
What This Privacy Statement Covers
This Privacy Statement covers the following topics:
· Notice to Patients
· Personal Information We Collect
· How We Use Your Personal Information
· How We Share Your Personal Information
· Your Consent to the Collection, Use and Disclosure of Your Personal Information
· Our Use of Cookies
· Opting Out of Marketing Communications
· Retention, Storage, and International Transfer of Personal Information
· Information Security
· Accessing and Updating Your Personal Information
· Third-Party Websites and Services
· Changes to this Privacy Statement
· How to Contact Us
Notice to Patients
Aeon provides Services to healthcare providers to manage their professional practices. This privacy policy does not apply to the collection, use, and disclosure of personal information by healthcare providers. Where Aeon is subject to health privacy laws, Aeon agrees to additional terms with our Customers. When providing the Services to healthcare providers, Aeon processes personal information on behalf of the healthcare provider, who remains the custodian of that personal information. Our treatment of the information processed on behalf of healthcare providers is governed by our agreements with our Customers, as applicable. If you are a patient of a healthcare provider who uses our Services, please consult your healthcare provider to understand their privacy policies and practices.
Personal Information We Collect
“Personal information” means information about an identifiable individual. This information may include, but is not limited to, your name, mailing address, e-mail address, telephone number and country of residence.
Personal information does not include any business contact information that is solely used to communicate with you in relation to your employment, business or profession, such as your name, position name or title, work address, work telephone number, work fax number or work e-mail address.
We may collect, use, and disclose different types of personal information, depending on our relationship with you.
How we collect Personal Information
We collect personal information in the following ways:
· From our Customers as they use our Services, whether directly uploaded and created by our Customer, or automatically collected by us as our Customers use the Services.
· Through your engagement with our Website, including information submitted by you within a website form or obtained from us through cookies or similar technologies.
· From other third-party sources, such as our partners and service providers, including through technical integrations, such as single sign-on and other linked services.
Types of personal information we collect
We collect the following types of information from you:
· Account and Profile Information: We collect contact information to facilitate the purchase of our Services and to manage our relationship with you. This includes information such as your name, e-mail address and other contact information.
· Usage and Technical Information: We collect usage information relating to how individuals interact with our Website. Such information may include Internet protocol address, device information, browser and operating system, how you are using our Services, and the date and time of your visit.
· Payment Information: We collect certain payment and billing information from Customers when they register for the Services.
· Website Forms: We collect information that you submit to us on our Website, including your name, e-mail address and other contact information.
· Employment Information: For individuals that apply to Aeon for employment, we will collect information about your current and prior employment, including information about your education.
Our Customers may use our Services to collect information about their patients. This information may include details regarding a patient’s medical treatment, diagnosis, recommendations and health status. This information is collected by our Customers using the Services and is in the control of our Customer. Aeon handles this information in accordance with our Customer’s instructions and pursuant to our contractual arrangements with the Customer.
Please note that through our Customers use of the Services, Aeon will collect aggregated and anonymized information that is separate from any patient information. We collect, use, and share aggregated and anonymized data in our sole discretion for any purpose, including to understand Customer engagement and adoption of our Services, and for product development. Aggregated and anonymized data is not considered personal information because it cannot be used to identify you.
How We Use Your Personal Information
We generally use your personal information for the following purposes:
· to provide you with our Services and to support your use of our Services;
· to respond to your inquiries, complaints or requests;
· to communicate with you through our newsletter or other member communications;
· to manage our business and our arrangements with our clients, including to detect and prevent errors and fraud;
· to improve the effectiveness and efficiency of our operations, products, services, and programs;
· to collect opinions and comments in regard to our Services;
· •to provide you with information that we think may interest you, including marketing communications;
· to investigate legal claims and protect our rights, operations or property;
· for such other purposes as you may consent to from time to time; and
· as otherwise required or permitted by law.
How We Share Your Personal Information
We generally identify to whom, and for what purposes, we will disclose your personal information (and we obtain your consent to such disclosure) at the time we collect your personal information. If you are a patient, we may disclose your personal information to other health care providers and Customers, such as pharmacists, physicians, nurses, naturopaths or lab technicians, to facilitate the provision of your healthcare. This helps to coordinate care and ensure that everyone involved in your healthcare has the right information to meet your healthcare needs. Your information is generally shared with your consent, unless otherwise required by law.
We may disclose your information when we believe such disclosure is required or permitted by law. In addition, we may disclose your personal information to a third party in the event of any significant business transaction, such as a merger or reorganization.
We rely on service providers to perform a variety of services on our behalf, such as payment card processors, technical support providers, and data storage and processing service providers. If we transfer your personal information to a service provider, we require that they maintain the confidentiality of your personal information and keep it secure. We also require that our service providers comply with applicable privacy laws and only use your personal information for the limited purposes for which it is provided. If you would like more information about our service providers, please contact us using the contact information below.
Your Consent to the Collection, Use and Disclosure of Your Personal Information
We collect, use, and disclose your personal information with your consent or as permitted or required by law. How we obtain your consent, including whether it is express or implied, will depend on the circumstances and the sensitivity of the personal information in question. Generally, we will seek your consent at the time we collect your personal information, either orally, electronically, or in writing.
If you provide personal information about another individual to us, it is your responsibility to obtain the consent of that individual to enable us to collect, use and disclose their information as described in this Privacy Statement.
If you wish to withdraw your consent to our collection, use or disclosure of your personal information, please contact us using the contact information in the “How to Contact Us” section below. We will accommodate your request to withdraw consent, subject to legal or contractual restrictions. Withdrawal of your consent may mean that we will no longer be able to provide you with certain products or services.
Our Use of Cookies
A “cookie” is a small text file that contains information and is stored on your computer. We use cookies and similar tracking technologies, such as web beacons and pixels, to automatically collect information about your use of our Website and your interaction with our emails. Information we collect may include your IP address (or proxy server), device and application identification numbers, location, browser type, internet service provider and/or mobile carrier, pages and files viewed, searches, operating system and system configuration information, and date/time stamps associated with your usage.
We use this information to facilitate the use of our Website, for our business or analytical purposes (including to assess website traffic and track search criteria), and to personalize web pages according to your choices and interests.
We do not use your personal information to engage in interest-based or behavioural advertising of our Services across third-party websites or service offerings.
If you do not wish to accept cookies, you can adjust your web browser settings so that you automatically deny the storage of cookies or are informed each time a website requests to store a cookie. Previously stored cookies can also be deleted through your web browser. Please refer to your web browser’s help pages for more information. Some areas or features of our Website rely on cookies and may not work if you delete or decline cookies. For more information about cookies generally please visit www.allaboutcookies.org.
Google Analytics
Our Website utilizes Google Analytics, a service from Google, Inc. (“Google”) that uses cookies. The information collected by the cookies (which includes your IP address) is transferred to Google who stores and processes the information in the United States. Google uses the information to provide us with an analysis of your use of our Website, overall use of and traffic on our Website. You can opt out of Google Analytics by downloading and utilizing the Google Analytics Opt-out Browser Add-on. By using our Website, you understand and acknowledge our use of Google Analytics.
Opting Out of Marketing Communications
If you no longer want to receive marketing-related e-mails from us, you may opt out of receiving marketing-related e-mails by clicking the “unsubscribe” link at the bottom of any e-mail you receive from us. You may also opt out by contacting us directly using the contact information in the “How to Contact Us” section below.
Please note that if you opt out from receiving marketing-related e-mails, we may still need to send you communications about your use of our products or services, or other matters.
Retention, Storage, and International Transfer of Personal Information
We will retain your personal information for as long as necessary to fulfill the purposes for which we collected it, and as permitted or required by law.
We may transfer your personal information outside of Canada to fulfil the purpose for which we collected it, including for processing and storage by service providers. While your personal information is outside of Canada, it is subject to the laws of the country in which it is located, which may have different data protection laws than Canada. Those laws may require disclosure of your personal information to authorities in that country. For more information about our policies and practices regarding service providers outside of Canada, contact us using the contact information in the “How to Contact Us” section below.
Information Security
We have implemented commercially reasonable physical, organizational, contractual and technological security measures with a view to protecting your personal information from accidental or unlawful destruction, loss or theft, unauthorized access, disclosure, copying, use or modification. We have taken steps to ensure that the only personnel who are granted access to your personal information are those with a business ‘need-to-know’ or whose duties reasonably require such information.
Despite the measures outlined above, no method of information transmission or information storage is 100% secure or error-free, so we unfortunately cannot guarantee absolute security. In the case of a breach of security safeguards, we will act promptly to mitigate the risks and to inform you where there is a real risk of significant harm, or as otherwise required by law.
You are responsible for maintaining the secrecy of your identification, passwords and/or any personal information in your possession for the use of our Website and/or the Services. Always be careful and responsible regarding your personal information. We are not responsible for, and cannot control, the use by others of any information which you provide to them and you should use caution in selecting the personal information you provide to others through our Website or the Services. Similarly, we cannot assume any responsibility for the content of any personal information or other information which you receive from other users through our Website or the Services. We cannot guarantee, or assume any responsibility for verifying, the accuracy of the personal information or other information provided by any third party.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any information that you provided to us has been compromised), please contact us immediately using the contact information below.
Accessing and Updating Your Personal Information
Individuals have a number of rights concerning their personal information. You may make a written request to access, correct or delete any personal information about you that we have collected, used or disclosed, and we will provide you with any such personal information to the extent required by law. We expect you to supply us with updates to your personal information, when required. We will not routinely update your personal information unless such a process is necessary.
You may also challenge the accuracy or completeness of your personal information in our records. If you demonstrate that your personal information in our records is inaccurate, incomplete or equivocal, we will amend or delete your personal information as required. Where appropriate, we will transmit the amended information to third parties to whom we have disclosed your personal information.
We may require that you provide sufficient identification to fulfill your request to access or correct your personal information. Any such identifying information will be used only for this purpose. We will not charge you any fees to access your personal information in our records without first providing you with an estimate of the approximate fees, if any.
If you object to how we handle your request, you may have the right to make a complaint to the Information and Privacy Commissioner of Ontario in relation to health privacy matters or, if the complaint relates to other privacy matters, to the Privacy Commissioner of Canada.
Third-Party Websites and Services
We may provide links to third-party websites for your convenience and information. We may also make opportunities available to you to purchase, subscribe to, or use other products or services from third parties with different privacy practices. Those other websites, products, or services are governed by the privacy statements and policies of the respective third party. This Privacy Statement does not extend to any websites, products, or services provided by third parties. We do not assume responsibility for the privacy practices of third parties and we encourage you to review all third-party privacy statements prior to using third-party websites, products, or services.
Changes to this Privacy Statement
The Privacy Statement was last revised as of the date that appears at the top of this page.
How to Contact Us
All comments, questions, concerns, or requests regarding your personal information or our privacy practices should be forwarded to our Privacy Officer as follows: Michael Chou, Privacy Officer, privacy@aeon.health