Privacy Policy

Introduction

Paediatric Physiotherapy Associates (“PPA”, “we”, “us” or “our”) is committed to respecting and protecting your privacy. This statement describes our privacy policy and procedures on the collection, use and disclosure of your personal information when you or your child use our service and tells you about your privacy rights and how the law protects you. We use your personal data to provide and improve our service. By accessing or using our website www.paediatricphysiotherpy.com or by using our service, you agree to the collection and use of information in accordance with this Privacy Policy. 

Collecting and Using Your Personal Data

The team at Paediatric Physiotherapy Associates consists of physiotherapists, occupational therapists, physiotherapy assistants, students, and an intake coordinator.  Together, we act as Health Information Custodians (HIC) or agents of our clients personal Information and personal health information and are responsible for the care of your personal information.  We comply with applicable privacy laws in Canada, and specifically the Personal Information Protection and Electronic Documents Act and the Personal Health Information Protection Act, 2004. We also abide by the rules and regulations imposed by the College of Physiotherapists of Ontario and College of Occupational Therapists of Ontario with respect to the collection, use, and disclosure of your personal health information. 

We collect your personal health information only directly from you, except: a) when you have provided consent to obtain such information from others (e.g., reports of previous assessments or of other services); and b) where the law requires or allows us to collect information without your consent (e.g., in an urgent situation, when information is needed to prevent potential harm). 

We collect only information from you that we believe is needed: a) to provide you with the services you have requested and/or for which you have been referred; b) to maintain contact with you for service-related or future consent purposes; c) to prevent or offset harm (e.g., asking for an emergency contact). 

Type of Personal Data Collection

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Information required to initially connect with the service provider that best fits your needs such as first last name, e-mail address, phone number, address and any other health information relevant to your requested service 
  • Payment information, including your credit card number and billing address 

Please note that we also collect personal information about your child when you request that we provide our services for the benefit of your child. We do not collect a child’s personal information without the consent of a child’s parent or legal guardian. You agree that by providing us with any personal information about another individual (including your child), you represent that you have received their permission to provide the individual’s personal information to us. In the case of a minor, if you are not the parent or legal guardian of the minor, you represent that you have received the minor’s parent or legal guardian’s permission to share the minor’s information with us. 

We work with Jane Software Inc. (“Jane”), a service provider who supplies data storage and clinic management services through its proprietary platform. Jane collects, uses, and stores your personal information on our behalf in connection the operation of our business. When we make an appointment, your booking will be facilitated by Jane and the information that you provide will be stored on Jane’s servers on our behalf. We have taken reasonable steps to ensure that Jane will only collect, use, and disclose your personal information based on our instructions in connection with operation of our business and in accordance with applicable laws. 

In addition, with your consent, we may receive you or your child’s personal information, including personal health information, from physicians or other healthcare practitioners that we or you deal with in connection with you and your child’s use of our services. 

Other Information that we Receive from Third Parties and Tracking Technologies

We also automatically collect certain device and statistical information to make our website work better for you. Our website uses cookies and other technologies that are similar to cookies. A cookie is a small file of letters and numbers that we may set on your device to store and sometimes track information about you. Cookies and similar technologies we use are designed for “analytics”. This allows us to distinguish you from other users of the website. This helps us to provide you with a good experience when you use the website and allows us to improve our website and our services. 

Use of Your Personal Data

PPA may use personal data for the following purposes:

  • To provide and maintain our service, including to monitor the usage of our service.
  • To manage your account as a user of our service. 
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for services you have purchased or of any other contract with us through the service.
  • To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication regarding updates or informative communications related to the functionalities or contracted services. 
  • To attend and manage your requests to us.
  • We may use Your information for other purposes, such as data analysis, identifying usage trends, and to evaluate and improve our services, marketing and your experience.

Retention of Your Personal Data

All personal information will be retained electronically for 10 years following a child’s 18th birthday, or 10 years following the last date of contact, whichever is later. This practice is in accordance with regulatory guidelines and legislation. All paper documents containing personal information are destroyed by shredding.
We will also retain usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time.

Disclosure of Your Personal Data

Business Transactions- If PPA is involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.

Law enforcement-Under certain circumstances, PPA may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements- PPA may disclose your personal data in the good faith belief that such action is necessary to:

  • Prevent or investigate possible wrongdoing in connection with the service such as: when there is a clear and imminent risk of serious bodily harm to someone, including the possibility of self-harm; for mandatory reporting of a child who might be in need of protection; or for mandatory reporting of a regulated health professional who has sexually abused a client.
  • To comply with professional regulations established by professional Colleges (e.g., the College of Occupational Therapists of Ontario; the College of Physiotherapist of Ontario), who may inspect records and interview staff as a part of their regulatory process.
  • Comply with a legal obligation or protect against legal liability
  • To insurance companies, or other third-party payers as needed, who often have your consent or legislative authority to direct us to collect and disclose to them certain information in order to demonstrate your entitlement to this funding and to answer questions about our services you have received.

Security of Your Personal Data

The security of your personal data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

We will not store your payment card details. That information is provided directly to our third-party payment processors within Jane whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

We will notify you in the event of any theft, loss, or unauthorized use or disclosure of your Personal Health Information, report privacy breaches to the Information and Privacy Commissioner of Ontario, and report the same to our regulatory colleges, as required under PHIPA.  You are also entitled to make a compliant to the Information and Privacy Commissioner of Ontario regarding any such privacy breaches.

Access to Your Personal Data

PPA undertakes to respect the confidentiality of your personal data and to guarantee you can exercise your rights. You have the right under this Privacy Policy, and by law to:

  • Request access to your personal data to update or request deletion of information. We can make it possible for you to access, update or request deletion of your personal data directly within your Jane account settings. If you are unable to perform these actions yourself, you can contact us to assist you. This also enables you to receive a copy of the personal data we hold about you.
  • Request correction of the personal data that we hold about you. You have the right to have any incomplete or inaccurate information we hold about you corrected.
  • Object to processing of your personal data
  • Request erasure of your personal data. You have the right to ask us to delete or remove personal data when there is no good reason for us to continue processing it.
  • Request the transfer of your personal data. We will provide to you, or to a third-party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw Your consent. You have the right to withdraw your consent on using your personal data. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the service.

You may exercise your rights of access, rectification, cancellation and opposition of your personal data by contacting the information officers listed below. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.

Withdrawing Consent 

Through the access and use of our website and services, you have consented to the collection, use, and disclosure of your personal information as explained in this Privacy Policy. You can withdraw your consent at any time, but we may not be able to provide you with the services or communications you request from us. 

Changes to our Privacy Policy

We will post an updated version of our Privacy Policy on our website when we make changes and may also notify you of the changes we have made if we are required to do so by applicable law. We encourage you to check this Privacy Policy for updates on a regular basis.

You agree that by continuing to use our services, or website after an update to our Privacy Policy, you agree to accept and consent to the collection, use, disclosure of your personal information as described in the updated version of the Privacy Policy. This Privacy Policy was last updated on April 5, 2023.

Concerns and Further Information

Please do not hesitate to contact us if you would like more detailed information about PPA’s privacy policies and procedures. Please contact Catherine Patterson or Stephanie So, our information officers at info@paediatricphysiotherapy.com with questions about our policy.

For more general inquiries, the Information and Privacy Commissioner of Ontario oversees the administration of the privacy legislation. The Commissioner also acts as a kind of ombudsman for privacy disputes. The Information and Privacy Commissioner can be reached at: 

Information and Privacy Commissioner of Ontario
2 Bloor Street East, Suite 1400
Toronto, Ontario M4W 1A8
T 416 326 3333 / 800 387 0073
F 416 325 9195
TTY 416 325 7539
ipc.on.ca