top of page

Privacy Policy and Protection of personal information

At Rythme-Santé Osteopathic Clinic, we prioritize the protection of our clients’, employees’, and representatives’ personal information. In compliance with the Private Sector Privacy Act, we are committed to maintaining the confidentiality of personal information collected during our activities. This privacy policy aims to inform you about our practices regarding the collection, use, disclosure, retention, and protection of your personal information. By providing us with your personal information, you accept the terms of this policy and authorize us to process your information accordingly.

1. Consent

1.1 Commitment to Privacy
We are dedicated to protecting our users’ privacy. We collect and use personal information only with explicit consent and in compliance with applicable laws.

1.2 Acceptance of Our Policy Terms
By accessing our website, rythmesante.com, or providing us with your personal information, you agree to the terms of this privacy policy. This includes your consent to collect and use your personal information as outlined in this document.

1.3 Right to Withdraw Consent
You have the right to withdraw your consent at any time, subject to certain legal or contractual restrictions. We will inform you of any potential consequences of withdrawing your consent, such as the inability to provide certain services or process specific requests. Your withdrawal decision will be recorded in our files.

1.4 Exceptions to Consent Requirement
In certain exceptional circumstances, we may collect, use, or disclose personal information without prior consent, such as:

  • Legal, medical, or security obligations that make obtaining consent impossible or impractical.

  • Fraud prevention or detection.

  • Law enforcement requirements.

2. Collection of personal information

 

We collect personal and confidential information to provide effective and personalized treatments. All disclosed personal and confidential information is subject to confidentiality obligations and compliance with applicable laws.

2.1 Use of Personal Information
Personal information collected may be used for:

  • Delivering requested services.

  • Verifying identity and responding to inquiries.

  • Providing complementary services related to the requested treatment.

  • Complying with legal and regulatory requirements.

2.2 Means of Collection
We collect personal information through:

  • Emails and customer service communications (including appointment scheduling).

  • Health questionnaires, follow-up forms, etc.

  • Online booking platforms.

  • Cookies and similar technologies on our website.

  • Video surveillance.

  • Connected devices.

2.3 Information Collected from Third Parties
We may also obtain personal information through third parties, such as:

  • Technology providers like appointment booking platforms or newsletter services.

  • Social networks like LinkedIn, Facebook, or Instagram for recruitment or marketing purposes.

  • Customer service staff or external agencies handling complaints or inquiries.

  • Cloud service providers hosting customer data.

  • Marketing agencies analyzing website user behavior.

  • IT security providers monitoring and protecting data.

  • CRM (Customer Relationship Management) systems for organizing and analyzing client interactions.

2.4 Advanced Technology Use
We may use advanced technologies to collect personal information, such as profiling or geolocation.

  • Responsible Use: Technologies are used solely to enhance services and better understand client needs.

  • Transparency: We commit to being transparent about technology usage and respecting client privacy preferences.

3. Types of personal information collected

 

Personal information identifies an individual either directly or indirectly.

3.1 Categories of Information Collected
We may collect:

  • Personal Identifiers: Name, address, email, phone number, date of birth.

  • Technical or Digital Data: IP addresses, online activity.

  • Health Data: Weight, gender, medical history, lifestyle habits, medications, diagnoses, medical investigations, treatments, and health reviews.

Personal information shared with the Clinic and therapists during treatment is kept confidential but does not constitute a legally privileged relationship (e.g., like that with doctors or lawyers).

3.2 Exceptions to Confidentiality
Confidential information does not include data that:

  • Was already in possession of the Clinic before being provided by the client.

  • Is publicly available.

  • Is obtained from a third party without violating confidentiality.

  • Is independently developed by the Clinic.

  • Must be disclosed by law.

​Personal information that you post on our website, social media or submit for publication may be available, via the internet, worldwide. We cannot prevent the use, good or bad, of this information by third parties.

4. Use of personal information

We use personal information for various essential activities:

  • Responding to inquiries.

  • File management, such as health forms and imaging.

  • Transaction processing, including payments and issuing receipts.

  • Improving user experience on our website.

  • Marketing communications with opt-out options.

  • Account management for accessing website features.

.These uses are intended to enrich your experience with our services and to facilitate effective interaction with our organization.

​​

5. Sharing and disclosure of personal information

 

Generally, we do not disclose your personal information to third parties. Subject to exceptions and requirements of applicable laws, we will not communicate or disclose your personal information to any other third parties without your consent.

5.1. We do not sell personal information to third parties. Disclosures are limited to:

  • Customer service teams handling inquiries.

  • IT departments ensuring support and maintenance.

  • Marketing teams for promotional campaigns.

  • Delivery partners requiring addresses for orders.

  • Payment processors handling financial transactions.

  • Data security officers safeguarding information.

  • Cloud service providers securely storing data.

  • Research and Development Partners: Access certain data to collaborate on new product/service innovations or improvements.

  • Collection Agencies: In cases of non-payment, certain information may be shared with external collection agencies.

5.2. We ensure that this information is used exclusively for the stated purposes and in compliance with confidentiality. Data transfers outside Quebec are carried out within the framework of international collaborations, while ensuring adequate protection of the information in accordance with the laws in force.

6. Links to third-party websites

 

Our website may contain links to external sites. Information shared on third-party sites is no longer subject to our privacy policy.

 

 

7. Security measures

7.1 Security Protocols

To ensure the security and confidentiality of personal information, Clinique adopts rigorous security measures, including both physical and technological aspects. Here are some concrete examples:

  • Physical security: Use of electronic locking systems and security locks for access to offices, cabinets and filing cabinets, installation of surveillance cameras, and restriction of access to areas where personal data is stored.

  • Access controls: Limiting access to personal data to authorized employees only.

  • Staff training: Regularly raising staff awareness of data security best practices.

  • Intrusion monitoring and detection: Implementation of systems to monitor any suspicious activity and detect potential intrusions.

  • Disaster recovery plans: Development of plans to quickly restore data in the event of an incident such as a breakdown or cyberattack.

These measures are designed to protect personal information from unauthorized access, use or disclosure, and to maximize its integrity and confidentiality. Although we do our best to protect your personal data, it is important to remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. We cannot guarantee its absolute security.

 

7.2 Staff Commitment
All employees, board members, volunteers, and contractors commit to confidentiality regarding the Clinic’s data and operations.

7.2 Engagement du personnel et du conseil d'administration

Each employee, director, volunteer, independent contractor or advisor serving on our board committees agrees to respect the personal information we collect. In addition, these individuals agree to maintain the confidentiality of information specific to our business and not to disclose or use it for personal or other benefit. This commitment exists from the time the employee, director, volunteer, independent contractor or advisor takes office and continues indefinitely.

8. Data retention and destruction

 

We will only retain your personal data for as long as is necessary for the purposes set out in this privacy policy. We will retain and use it to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal policies.

We will also retain usage data for internal analysis purposes. This data is generally retained for a shorter period of time, unless it is used to strengthen the security or improve the functionality of our website, or we are legally obligated to retain it for longer periods.

 

9. Your rights

 

9.1. Recognition and Respect for Your Rights

As part of our Privacy Policy, we recognize and respect the fundamental rights of individuals whose personal information we hold. These rights include:

●       Right of access: Individuals have the right to review the personal information we hold about them. For example, a customer may request to see the data collected when they register for our service.

●       Right of rectification: If information is inaccurate or incomplete, individuals may request that it be updated. For example, an employee may request that their incorrect postal address be corrected in our records.

●       Right to de-indexation: Individuals may request that their personal information be removed from distribution or that any hyperlink associated with their name be de-indexed, in the event that such distribution causes them harm or is in violation of the law or a court order. This right to erasure or to be forgotten allows individuals to control the availability of their personal information on the internet.

●       Right to lodge a complaint: If individuals have concerns about the processing of their data, they can lodge a complaint in accordance with our established process.

9.2. Subject to applicable laws, upon receipt of a written request from an individual and upon verification of their identity, we will inform the individual whether we hold personal information about them and provide them with that information.

We may refuse an individual access to their information in accordance with applicable laws, in which case we will provide reasons for our refusal.

9.3. To facilitate these rights, the contact details of our Privacy Officer are clearly indicated for any questions or concerns. These measures ensure that individuals can exercise their rights with confidence and transparency.

 

10. Policy updates

This policy may be updated to reflect changes in our practices or legal requirements. Changes will be posted on our website. We encourage you to review this privacy policy periodically to stay informed of any changes.

 

11. Contact

 

Any request or question regarding this Privacy Policy may be sent to the person responsible for the protection of personal information at the following address:   

  • Email: info@rythmesante.com

  • Postal Address: 247E, rue Sainte-Catherine, Saint-Constant, QC J5A 2J6

  • Phone: 438-794-1160

 

 

Effective Date: September 20, 2024
Last Updated: October 8, 2024

bottom of page