Privacy

Online Privacy Policy 

This Privacy Policy was last updated on February 28, 2022. 

General Information 

Securing your personal information is very important to us. We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. 

Such measures include: 

Secure Storage: Avvy Health stores all personal information and PHI in an Amazon Web Services (“AWS”) data center located in Canada. AWS is ISO 27001 certified and adheres to global privacy and data protection best practices.

Network Security: We have implemented network security controls to protect against unauthorized access, including segregating its internal systems from its publicly-accessible systems. 

End-to-End Encryption: We encrypt all written exchanges with you. Data transmissions and communications on the Platform are end-to-end encrypted using TLS version 1.2.

  • Privacy Policies and Training: Avvy Health has implemented written policies and procedures that specifically address the privacy and security of your PHI. We deliver privacy training to our employees and contractors on how to safeguard personal information and mitigate operational risks. All Avvy Health employees and contractors are contractually obligated to keep personal information confidential, use it only for the purposes for which we disclose it to them, and to process the personal information with the same standards set out in this Policy.
  • SOC 2 Type II Compliance: Avvy Health’s Information Security Policy and its related policies and processes are compliant with the trust services criteria relevant to security (“applicable trust services criteria”) set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria), in accordance with CSAE 3000 and AICPA Guide to Reporting on an examination of Controls at a Service Organization Relevant to Security, Availability, Processing, Integrity, Confidentiality and Privacy (SOC 2).

Specifically regarding out website, we respect the privacy of everyone who accesses our website. We recognize the need for appropriate protections and management of Personal Information (as defined below). This Privacy Policy explains what information we collect, how we use that information, and how it is disclosed. 

The website https://avvyapp.com is owned by Avvy Health Inc. (“Avvy”). The content on this website includes general information about home medical visits and our services. It is not meant to be taken as personal advice from a healthcare professional. 

You must be at least 18 (18) years old to use the Site (as defined below) or any Avvy service. By using the Site, you represent and warrant to Avvy that you are at least eighteen (18) years old. Parental consent may be required in some provinces if you are under the age of eighteen (18). 

Application 

This Privacy Policy applies to the Personal Information (as hereinafter defined) that is collected, used, and disclosed by Avvy Health when you use the Avvy website at https://avvyapp.com and any and all sub-domains of such website (the “Site”), when you use our services through the Site or when contacting us. 

By providing us with your Personal Information, you agree to be bound by the terms and conditions of this Privacy Policy. You may browse the Site without registering for an account or submitting any information to us.

What Personal Information does Avvy collect? 

For purposes of this Privacy Policy and the Site, the term “Personal Information” means information about an identifiable individual such as name, contact information or e-mail address. We may collect Personal Information about you for the following purposes: 

  • to respond to your inquiries;
  • to provide you with general (non personal) health information and industry information;
  • to provide you with updates about the Avvy services; and
  • to meet legal and regulatory requirements.

How is this Personal Information Used? 

We will use your Personal Information only for the purposes for which it was collected, as outlined above, and as required or permitted by applicable law. Health information disclosed for the purpose of the appointment is kept until your appointment to help healthcare workers providing your service to understand your needs and concerns. We do not store your health information beyond the appointment. We do keep records of services you have purchased from Avvy, along with associated appointment dates and times. 

Please note you may unsubscribe from Avvy communications using the link provided in the communication, or by contacting us at the contact information set out below. 

We may also use aggregate data that does not identify an individual for the purposes of research, including academic and non-academic research, prospecting new business, artificial intelligence, promotion and advertisement in accordance with applicable law. 

Other Information That We Log and Cookies 

We may collect and use information about how users interact with the Site, including Internet Protocol addresses, Internet domain names, the web browser and operating system used to access the Site, the time spent on each page, and the time and date of each visit. This information is used for, among other things, auditing and tracking purposes, to improve the content of the Site, and to create a better experience for users of the Site. 

We may use cookies on some pages of the Site. Cookies are identifiers that can be sent from a web site via your browser to be placed on your computer’s hard drive. Thereafter, when you visit a web site, a message is sent back to the web server by the browser accessing the web site. You may elect not to accept cookies by changing the designated settings on your web browser or by browsing anonymously. However, not utilizing cookies may prevent you from using certain functions and features of the Site. The information collected from the use of cookies is used and analyzed to improve the functioning of the Site, our services, and to deploy targeted advertising via platforms such as Google, LinkedIn, Instagram or Facebook. We use the information we collect through the use of cookies for our research and business purposes, including operation of the Site and marketing. 

Sharing of Personal Information

The Personal Information you provide to us through the Site will not be disclosed to any third party without your consent except as set forth under this Privacy Policy or as required or permitted under applicable law.   

The safety and security of your information also depends on you. Where you have chosen a password for access to certain parts of our Website and App, you are responsible for selecting a unique password that you do not use with other platforms, and for keeping this password confidential. We ask you not to share your password with anyone. 

Please also ensure that while using the Platform and particularly during Consultations, you are in a safe and private environment where the confidentiality of your personal information and your privacy are adequately protected.

Third-Party Service Providers 

We have relationships with agents and third-party service providers that help us provide services to you including, but not limited to, designing, maintaining and improving the Site and our systems and computer security. 

We also use third parties to analyze certain aggregate data collected on the Site for research purposes. We will not disclose your Personal Information to anyone other than to our employees and those of our affiliates and our respective agents and those third parties that require such information in order to help us provide services to our clients and administer our business. To the extent that we allow a third-party service provider to access your Personal Information for the purposes outlined herein, they will only be permitted to collect it or use it for purposes consistent with this Privacy Policy and applicable law. 

Data Transfers 

Personal Information may be stored and processed in any country where we have operations or where we engage service providers.  We may transfer Personal Information that we maintain about you to recipients in countries other than the country in which the Personal Information was originally collected, including to the United States. Those countries may have data protection rules that are different from those in the country where the data was collected. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your Personal Information remains protected to the standards described in this Privacy Policy. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information. 

Sale of Business 

We may transfer any information we have about you as an asset in connection with a proposed or completed merger, acquisition or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of Avvy Health or as part of a corporate reorganization or other change in corporate control. 

Retention 

We have record retention processes designed to retain personal information for no longer than necessary for the purposes set out herein or as otherwise required to meet legal or business requirements. 

Links and Referrals to Third Parties

We may provide links to third party websites or refer you to external resources for your convenience and information. If you access those links or contact those external resources, you will leave the Site, and you will be dealing with an external third party, not with Avvy Health. Avvy Health does not control those sites, external resources or their privacy practices, which may differ from this Privacy Policy. Please review the privacy policies of each web site that you visit and of each external organization that we may refer you to. Avvy Health is not responsible for any information provided or advice given on any third-party website or by any external resource, even if Avvy Health provided a link to such website or referred you to such external resource. 

Our Security Measures 

We are committed to protecting the security of your Personal Information. We have put in place commercially reasonable physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access to your Personal Information. We apply security safeguards appropriate to the sensitivity of the Personal Information, such as retaining information in secure facilities and making Personal Information accessible only to authorized individuals on a need-to-know basis. We have clearly defined internal policies and practices. 

Although we will make commercially reasonable efforts to protect Personal Information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk that an unauthorized third party could find a way to thwart our security systems. This risk is heightened if you are using unsecured/public Wi-Fi. 

Verification 

We will engage in periodic assessments to verify that our privacy practices continue to comply with this Privacy Policy. 

Access 

Except in the limited circumstances established by law, you may obtain access to your Personal Information. You may also request that we correct your Personal Information if you believe it to be out of date or otherwise inaccurate.  Requests for access or correction of Personal Information or to adjust your subscription preferences should be made by contacting our Privacy Officer at the contact information set out below. 

Updates to this Privacy Policy 

In order to ensure that this Privacy Policy is kept up to date, we may change this Privacy Policy from time to time. Notice of changes to this Privacy Policy will be posted on the Site and will be effective thirty (30) days following notice of the changes on the Site. If you access or choose to continue to use the Site after the effective date of the change, you are deemed to have automatically accepted the change. 

In order to ensure that this Privacy Policy is kept up to date, we may change this Privacy Policy from time to time. Notice of changes to this Privacy Policy will be posted on the Site and will be effective thirty (30) days following notice of the changes on the Site. If you access or choose to continue to use the Site after the effective date of the change, you are deemed to have automatically accepted the change. 

Questions about this Privacy Policy 

BY SUBMITTING PERSONAL INFORMATION THROUGH THIS SITE, YOU SIGNIFY YOUR ACCEPTANCE OF THE TERMS OF THIS PRIVACY POLICY. 

If you have any questions about this Privacy Policy or the handling of your Personal Information, please contact the Avvy Health Privacy Officer.

privacyofficer@avvyapp.com 

Attn: Privacy Officer
Avvy Health
5667 Royalmount Ave.
Montreal, QB H4P 2P9