Last Updated: July 7, 2023
Thank you for choosing sanoLiving (“we,” “us,” or “our”) and our virtual health platform, sanoMidLife. Using a secure platform, sanoMidLife allows our clients (“Clients”) to access virtual health expert care using clinicians, coaches and artificial intelligence-guided health and well-being resources and services for midlife individuals between the ages of 18-85, who were born with a female reproductive system (collectively, the “Services”). We respect your privacy and are committed to protecting your personal information (“PI”) and personal health information (“PHI”). This privacy policy (“Pledge”) explains how we collect, use, safeguard, and disclose PI and PHI in connection with our Services.
For the purposes of this Pledge:
(i) “Personal Information” or “PI” means information about an identifiable individual, which includes information, used alone or with other information, that can directly or indirectly be used to identify, contact, or locate a person.
(ii) “Personal Health Information” or “PHI” means information about an identifiable individual, that can directly or indirectly be used to identify that individual and that relates directly to the individual’s physical or mental health, including the name of the patient, date of birth, medical history, medical treatment, medical test results, medication list, and any other health information. PHI may be found in medical records, treatment and examination notes, and communications between clients and our healthcare professionals via the Platform.
(iii) “Anonymized Information” means information that is about you and for which it is, at all times, reasonable to predict, in the circumstances, that it will no longer be possible to identify you directly or indirectly.
(iv) “De-Identified Information” means information that no longer directly identifies you.
(v) “Virtual Consultation Services” means healthcare services provided at a distance using information and communications technologies, such as interactive messaging, audio and video technology. The Platform allows you to access quality medical and healthcare services.
We may collect various types of information from you when you access and use our Platform, including:
This information is collected when you submit forms related to our Services.
We use the information we collect, including PI, for various purposes, including but not limited to:
We may use your PI to communicate with you, including:
We may use your PI for research, analysis, and statistical purposes to improve our Website, products, services, marketing, and customer experiences. When required by law, we use De-Identified or Anonymized Information for these purposes.
If you make payments through sanoMidLife for services beyond the coverage of provincial health insurance or private workplace insurance benefits, we will collect and process your payment information securely through a PCI-compliant third-party provider.
PI provided by you or collected by us may be de-identified and used for product development, website quality verification, and marketing material improvement.
We may use your PI to carry out our obligations and enforce our rights arising from contracts with you, including billing, collection, legal compliance, and implementation of data security measures. For example informing your Benefit Sponsor, if you have one, about your registration and other information.
Various individuals and entities may have access to your PI and PHI:
Health professionals and coaches providing Virtual Consultation Services on sanoMidLife may have access to your personal information, including PHI when necessary to deliver their services and comply with legal and regulatory obligations. All professionals engaged by sanoMidLife are contractually obligated to maintain confidentiality.
We may share your personal information, including PHI, with service providers who assist us in delivering our Services. This can include requisitions for blood work, referrals to physician specialists, etc. We ensure that transferred information is properly protected when using independent service providers.
In limited cases, we may provide certain personal information to your Benefit Sponsor, including your name, email address, your registration date, and the date on which you last used our Platform. Generally, we restrict this sharing to not include specific details of your Platform activity or any details about your use of Services. This restriction may not apply where sharing some of your activity is necessary for processing the payment of your services received.
We may share Anonymized, De-Identified, or aggregated information with our clients for reporting purposes. This helps us and our clients understand the effectiveness of our Services and develop relevant products and offerings.
In certain circumstances, we may disclose your personal information to others as permitted or required by law. This includes complying with court orders, laws, judicial proceedings, governmental or regulatory requests, and enforcing our agreements.
We employ robust security measures to protect your data:
Two-Step Authentication is mandatory for all client accounts to prevent unauthorized access.
Personal information is stored in a secure environment in compliance with global privacy and data protection standards.
We segregate internal and publicly-accessible systems to enhance security.
Our team receives privacy training and is bound by confidentiality obligations.
We comply with trust services criteria relevant to security.
We use advanced encryption for data in transit and at rest.
Access is restricted to authorized personnel on a need-to-know basis.
We conduct security audits and assessments to address vulnerabilities.
We retain PI and PHI only as long as necessary for the original purposes or as required by law. De-Identified Information may be used for legitimate business purposes. Some of your personal information and PHI cannot be deleted due to statutory retention requirements (for example, the minimum retention period of patient records varies by jurisdiction ranging from 10 to 34 years). For any deletion request, please follow the deletion request procedure in the Platform or contact us at privacy@sanoliving.ai, and we will let you know if we can accommodate your request.
As part of our Services, sanoLiving employs a natural language generative AI bot, Sano designed to enhance your experience. This AI bot is used for various purposes, including but not limited to:
We want to assure you that your interactions with Sano are handled with the same commitment to privacy and security as all other aspects of our platform. Any data collected and processed by the Sano is subject to the same safeguards and protections outlined in this Pledge.
At sanoLiving, we take your privacy seriously and are dedicated to providing a secure and valuable experience as you engage with Sano and other platform features. If you have any concerns or questions about the Sano’s functionality or data handling, please do not hesitate to contact us at privacy@sanoliving.ai.
We value the accuracy and currency of your personal information. If your personal details change, please let us know. You have the legal right to access and correct the personal information we hold about you, including your patient record and any PHI.
If you’ve given consent for collecting, using, and transferring your personal information, you can withdraw it under certain circumstances. Contact us at privacy@sanoliving.ai to withdraw consent. Keep in mind that withdrawing consent may affect the availability of certain products, services, or access to sanoMidLife.
We’ll update any Pledge changes on this page and provide a notice on the sanoMidLife platform when we make material changes to how we handle your personal information. We’ll also send an email notification to your primary email address. Please ensure your email address is up-to-date and visit our Pledge periodically to stay informed about any updates.
For questions or concerns regarding this Pledge, please contact us at privacy@sanoliving.ai.
