NAVA MedQ Privacy Policy

 

1. Definitions:

“NAVA” “we”, “our”or “us” refers to NAVA Technologies Inc., employees, subcontractors and any affiliate or agent of NAVA Technologies Inc.

“You”or “Your”:Refers to any person who uses the Application, whether as a Sender or as a Receiver.

Application refers to the websites https://www.navatech.ca, https://www.navamedq.ca, https://clinic.navamedq.ca, https://web.navamedq.ca, and the native application (NAVA MedQ) specifically designed for android and iOS smartphone devices.

Collection refers to the act of gathering, acquiring, recording, or obtaining Personal Information from any source, by any means.

Consent refers to the voluntary agreement to the collection, use, and disclosure of Personal Information for defined purposes. Consent can be express or implied and can be provided directly by the individual or by an authorized representative. Express consent can be given orally, electronically, or in writing, but is always unequivocal and does not require any inference on the part of NAVA Technologies Inc. Implied consent can be reasonably inferred from an individual’s action or inaction.

Content refers to text, data, speech, or other sounds, visual images (animated or otherwise) in any form or in any combination of forms, including the availability of booking times.

Device refers to a computer, tablet, smartphone, including an iPhone, Android phone, or any other on which the application may be accessed by the end user.

Disclosure refers to the act of making Personal Information available to others outside NAVA Technologies Inc.

End User refers to either the Patient who books an appointment with a Health Care Provider using the Application, or the Health Care Provider who operates the Application on a computer with the intention of using it in accordance with NAVA’s Intended Purpose.

Health Care Provider refers to a medical practice or organization in its entirety, or any physician, nurse, or health care administrator who owns or works for a medical practice or organisation.

Intended Purpose refers to the purpose of making or accepting bookings for medical appointments via smart Devices, which access appointment times of health care professionals.

Partner(s) refers to a party or parties with whom we have entered an agreement to exchange information related patient’s appointment data including Personal Information such as name, email, contact phone number, healthcare card number and expiry date and name of the physician for the purpose of providing the information to healthcare provider to receive the patient care.

Patient refers to a person seeking to utilise the Application or Website for the purpose of booking an appointment, or the individual representing the Patient, such as a parent, guardian or carer.

Personal Information refers to information about an identifiable individual that is recorded in any form, including the individual’s name, business title, business address, or business phone number. Personal Information does not include aggregate information that cannot be associated with a specific individual.

Privacy Officer refers to the person within NAVA Technologies Inc., who is responsible for ensuring compliance with privacy obligations, including this policy, with respect to the collection, use, disclosure, and handling of Personal Information by NAVA Technologies Inc., its employees, contractors, officers and authorized agents.

Retention refers to the act of keeping Personal Information as long as is necessary to fulfill the stated purposes, or as long as otherwise specified by law.

Sensitive Information refers to the health information about an individual.

Third Party refers to any individual or organization aside from NAVA Technologies Inc. and its customers.

Use refers to the treatment, handling and management of Personal Information by NAVA Technologies Inc.

Website refers to the Application, operated under licence from NAVA, located at https://www.navamedq.ca, for which the End User obtains a right to use.

2. Your consent to use our services:

Protecting your security and privacy is very important to us. If you have any questions, concerns, or have any issues related privacy and security, please contact us at security@navatech.ca

NAVA Technologies Inc., is the owner and operator of the Application and provides access to End User on the terms and conditions contained in this document and should be understood in conjunction with our end user terms and conditions agreement.

At NAVA, we take privacy seriously. We take great care to protect our customers’ privacy by following, in letter and spirit, the guidance provided by the Personal Information Protection and Electronic Document Act (PIPEDA) overseen by The Office of the Privacy Commissioner of Canada.

We collect a variety of demographic Personal Information from our End Users at various points through our Application. This privacy statement outlines how we treat Personal Information specifically related to the use of the Application.

We share the concerns of visitors considering using our Application, regarding the protection of Personal Information online. This privacy policy describes our practices regarding the privacy of information that we collect through this site, which is hosted and operated from Canada.

We encourage you to read this policy before using our services through our Application. By using the Application, you agree to the terms and conditions of this policy. If you do not agree to the terms and conditions of this policy, please do not use our service.

3. Purpose of collecting and limiting the use of Personal Information:

We limit the collection of Personal Information to that which is necessary for purposes identified by us. Below, we will specify both the amount and type of information to be collected, in accordance with our policies and procedures.

The use of our service is completely voluntary. In order to use our Application to book an appointment with a Health Care Provider, a Patient must first complete the registration form. Using the details you provide us during this registration process, we can verify your identity and as well as match you with your information on your Health Care Provider’s database. The information we may ask you to provide includes your name, e-mail address, mobile number, emergency contact name and telephone number and your healthcare card number and its expiry date.

The information collected at the time of registration will also be used to contact you about the services offered by our Application in which you have expressed interest. Should you proceed to become a registered user, we will ask your payment details, such as your credit card number, so that we can proceed with the business transaction and provision of services and support. At times, we will send you news about our products and services in order to advise you of changes or tips for better use. You can unsubscribe or opt out of the receipt of these updates at any time.

All information you provide us, through support calls or e-mails, will only be available to the NAVA team responsible for providing the services requested. Once the issue has been addressed, the support ticket will be closed and information archived.

We use your information for the following purposes:

  • To provide you with the services, products, or information that you have requested from our Application,
  • To create your account, following your registration with us,
  • Administration and support,
  • To inform you of updates to the Application,
  • To gather feedback from you, for the purposes of improving our services,
  • To contact you when required,
  • To compile anonymous statistical demographic information on the use of our system.

While we do not send unsolicited e-mail or SMS messages, we do get in touch with you about information related to the services we provide related to the appointments you have made using our Application. In addition to e-mail and SMS messages, users will also receive in phone notification on their Android and iOS smartphone using our Application.

You may unsubscribe at any time from e-mail, SMS or in-phone notifications. To unsubscribe from email, you may simply click on the unsubscribe link in the e-mail message. To unsubscribe from SMS notifications, reply with the text “STOP” to the message. You may turn off in-phone notifications by simply accessing your profile settings.

You can delete the Application at any time from your mobile device. However, this action will not remove your user profile and associated data from our server. To delete this information, you should first close your account from the settings menu and then delete the application.

4. Information Collected through the Application

We gather three basic types of information through the Application:

Personal Information (Patients): You are not ordinarily required to register or provide Personal Information in order to access our Application, although certain functionalities, such as a membership program through which booking appointments are made, may require registration. We collect Personal Information from you only when you voluntarily provide it to us – for example, when you contact us, through the Application, to book appointments with a medical practitioner or walk-in medical clinics and to track your appointments. Personal Information may include your contact information, such as your name and the name of your dependent, mobile number, e-mail address, healthcare card number and expiration date and as well as your payment information, such as credit card number and expiration date, which we collect if you wish to use our service for making and managing your appointments made available through the Application.

From time to time, your Health Care Provider may ask you for sensitive health information, when you make an appointment, in order to understand and evaluate your health condition and determine its urgency. On some occasions, you may be providing Sensitive Information voluntarily at the time of booking or requesting an appointment. Providing such information is not mandatory and is optional through our application, as we focus on limiting the collection of information related to only booking and managing appointments with a healthcare provider.

Personal Information (Health Care Providers): We collect the following information about physicians: (1) Name (2) Email (3) Phone number (3) Picture for profile page (4) Specialization (3) Practice information (4) Languages Spoken (5) Gender (6) Hospital affiliations (7) Educational Background (8) Services provided (9) Working hours. We also collect the name, e-mail, phone number, and profile picture of the clinic’s administrative staff. In addition, we collect information about the medical facility, such as facility name, address, and hours of operation. Information about the practitioners and medical facility is shared with the patients to check the services offered and to book appointments with physicians.

From time to time, we may also collect Personal Information from our Partners and other sources with whom we integrate our services to synchronize patient appointments and profiles, with the consent of the individual and facility.

Aggregate Information: When you visit and interact with the Application, the website of NAVA Technologies Inc., and third parties with whom NAVA Technologies Inc. is contracted to provide services, we may collect anonymous information from three sources: server log files, cookies, and pixel tags

  • Server Log Files: Your Internet Protocol (IP) address is an identifying number that is automatically assigned to your computer by your Internet Service Provider (ISP). This number is identified and logged automatically in our server log files whenever you use the Application, or visit the website, along with the time(s) of your visit(s) and the page(s) that you visited. We use the IP addresses of all visitors to calculate website usage levels, to help diagnose problems with the website’s servers, and to administer the website. We may also use IP addresses to communicate or to block access by visitors who fail to comply with our Terms of Service. Collecting IP addresses is standard practice on the Internet and is carried out automatically by many web sites.
  • Cookies: Cookies are data that a web server transfers to an individual’s computer for record keeping purposes. Cookies are an industry standard used by most websites, and help facilitate users’ ongoing access to, and use of a particular website. Cookies do not cause damage to your computer systems or files, and only the website that transferred a particular cookie to you can read, modify, or delete such cookies. If you do not want information collected through the use of cookies, there are simple procedures in most browsers that allow you to delete existing cookies, to automatically decline cookies, or to be given the choice of declining or accepting the transfer of particular cookies to your computer. You should note, however, that declining cookies may make it difficult or impossible for you to use portions of the website.
  • Pixel Tags: The Application may use so-called pixel tags, web beacons, clear GIFs, or similar means (collectively referred to as pixel tags) to compile aggregate statistics about website usage and response rates. Pixel tags allow us to count users who have visited certain pages of the website, to deliver branded services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted e-mail messages, Pixel Tags can tell the sender whether and when the e-mail has been opened.

5. Use of Information Gathered through the Application

We may use your Personal Information for the following purposes.

  • Provision of Service and Communications : Through the information, you provide us, we will be able to (1) provide the service, products, or information that you have requested from our application. (2) create an account for you if you registered with us (3) provide optimal administrative and support services (4) inform you of updates to the software (5) evaluate and improve our services (6) contact you when required (7) encourage users and visitors to contact us with questions and comments (8) respond to your questions and comments.
  • Business Purposes: We may also use your Personal Information for internal business purposes such as the analysis and management of our operations. The Personal Information you provide through the Application may be combined with other information that you provide to NAVA Technologies Inc. via online or offline means, with demographic information and other information that is publicly available, or with other information about you that we may otherwise obtain online or offline.
  • Transactions: We use third party payment processing service providers to complete payment transactions. Your credit card information is not stored on our server. All payments will be securely processed, using a third party payment gateway. This service provider uses industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. Other security features include, but are not restricted to, data encryption and firewalls.

6. Disclosure:

We will make reasonable efforts to ensure that we only collects and receive information that is necessary for the purposes identified, and that the data is used only for the purpose for which it was obtained.

We do not use or disclose personal information for purposes other than those for which it is collected, except with the consent of the individual or as required by law. We retain personal information only as long as necessary for the fulfillment of these purposes, or as required by law.

We may disclose personal information to:

  • an agent or third party retained by us in order to assist us in our business obligations, provided that the third party commits to protecting personal information in accordance with this policy
  • a person who, in our reasonable judgment, based on identification provided, is seeking the information as an agent of the customer
  • a third party or parties, where the customer consents to such disclosure
  • comply with any legal obligation that requires or permits the disclosure of personal information (for example, in the context of an investigation of the contravention of a law)

Only our employees with a business-related need to know, or whose duties reasonably so require, are granted access to Personal Information about customers.

We do not and will not sell any Personal Information to third parties for marketing or any other commercial purposes.

7. Retention and Destruction:

We retain Personal Information only as long as it is deemed necessary to fulfil the identified purposes for which the information was collected.

Personal Information no longer necessary or relevant for the identified purposes, or no longer required to be retained by law, shall be securely destroyed, erased, or made anonymous.

We shall maintain reasonable and systematic controls, schedules, and practices for such information, its retention and destruction.

8. Security Safeguards

We protect Personal Information with security safeguards appropriate to the sensitivity of the information.

With the use of appropriate physical, administrative, and technical security measures, we protect Personal Information against a variety of risks, such as, loss, theft, unauthorized access, disclosure, copying, use, modification, or destruction of such information.

We use commercially reasonable efforts to ensure the protection of Personal Information that we disclose to third parties. For example, contracts with third parties stipulate responsibilities to protect Personal Information and only use it for specific purposes.

The measures that we take towards ensuring the protection of Personal Information include the encryption of our database. All communication from our Application to our servers use SSL encryption. In addition, your user session expires periodically requiring you to re-login. We don’t store user passwords in clear-text on our servers.

All our employees with access to Personal Information shall be required, as a condition of employment, to respect the privacy of Personal Information accessible to them. All employees are required to sign an agreement for the safeguarding of Personal Information upon hire, and annually thereafter.

As described above, we have security measures and tools in place to help protect against the loss, misuse, and alteration of the information under our control. However, no method of transmitting or storing data is completely secure. As a result, although we strive to protect your Personal Information, we cannot guarantee the security of any information you transmit to us through or in connection with the Application. If you have reason to believe that your interaction with us is no longer secure, or that the security of your account with us has been compromised, you must immediately notify us of the problem by contacting us at security@navatech.ca.

9. Other Important Notes regarding our Privacy Policies and Practices

  • Children: We advise that all Personal Information on users below the age of eighteen (18) be provided by a parent or legal guardian.
  • Other Third Party Websites or Applications: The Application may contain links to third party websites. These links, including those linking to the websites of affiliated entities, are not under our control and we are not responsible for the privacy practices or contents of any such linked site, including links that these sites may contain. We provide such links only as a convenience, and the inclusion of a link on a website does not imply and endorsement of that site by us. We are not responsible for any payment information or Personal Information that you might provide to third party websites, including those belonging to our affiliates. We advise that you familiarize yourselves with the privacy policies of these websites before providing them with information.
    In addition, some of our partners who help us provide the necessary services, including the Google Play Store and iOS App Store, Google Analytics, Firebase, and Fabric, may collect your usage information.
  • Assignment: We reserve the right to transfer any and all information that we collect from users of the Application to third parties in the event of a merger, sale, joint venture, assignment, and transfer or other disposition of all or any portion of our assets or stock (including, without limitation, in connection with bankruptcy or similar proceedings).
  • Choice: We do not disclose your Personal Information to third parties, including to our affiliates, for the third party’s direct marketing purposes. However, from time to time, we will occasionally send you e-mails or other information that match your requests and offer you promotions of our services. If, at any time, you wish to stop receiving these e-mail communications from us, you may select the unsubscribe feature in the e-mails you received.

10. Openness Concerning Policies and Practices

We make readily available, specific information about our Personal Information management policies and practices to its customers and the public upon request.

This information includes:

  • the name and contact email of the Privacy Officer to whom inquiries or complaints can be forwarded;
  • the means of gaining access to Personal Information that we hold;
  • a description of the type of Personal Information that we hold, including a general account of its use and disclosure;
  • a copy of any brochures or other information that explains our policies or information handling practices.

We make information available to help customers exercise choices regarding the use and disclosure of their Personal Information.

11. Access to Personal Information

We make reasonable efforts to keep Personal Information as accurate, complete, and up-to-date as is necessary to fulfil the purposes for which the information is to be used.

We rely upon you to ensure the accuracy of the Personal Information that you provide us. You may review the information you have provided, and update Personal Information by accessing the profile page from the setting menu of the Application.

End Users can contact us at contact@navatech.ca for service-related queries. End Users may be required to provide sufficient identification information in order for us to authorize access to the individual’s file.

12. Challenging Compliance

A customer shall address a challenge concerning our compliance with the principles set out in this privacy policy to the Privacy Officer.

We maintain procedures for addressing and responding to all inquiries and complaints by customers with regard to our handling of Personal Information.

For more information, please contact: Privacy Officer, NAVA Technologies Inc. at sebastien@navatech.ca

13. Changes of this Policy

We reserve the right to change this policy, and any of our policies or procedures concerning the treatment of information collected through the Application without prior notice. You can determine when this policy was last updated by referring to the “Last Updated” legend at the top of this page. Any changes to our policy will become effective upon the posting of the revised policy on the website. Use of the website following such changes constitutes your acceptance of the revised policy. We encourage you to bookmark this page and periodically review it to ensure familiarity with the most current version of our policy.

This policy represents the sole, authorized statement of our practices with respect to the collection of Personal Information through the Application, and our use of such information. Any summaries of this policy generated by third party software or otherwise shall have no legal effect, do not bind us, shall not be relied upon to substitute this policy, and will neither supersede not modify this policy.

Last change: March 1st, 2017