Privacy Policy

1. Introduction

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [www.brainsense.ca] (the "Site") and use our services ("Assessment Consultants"). Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please discontinue using the Site.

2. Information We Collect

2.1 Personal Information and Consent

Personal information is data about an identifiable individual that pertains to their personal characteristics (e.g., gender, age, ethnic background, family status, home address or phone number), health (e.g., health history, health conditions, health services being received), or activities and views (e.g., religion, opinions expressed by an individual). You have the right to determine how your personal health information is used and disclosed. It is uncommon that we obtain such information without expressed consent from our clients except in rare instances when we believe the client would consent if asked and it is impractical to obtain consent (e.g., a family member passing a message on from our client).

2.2 What Specific Information is Collected and What Is It Used For

The primary purpose of collection, use, and disclosure your health information:

• Assess psychological needs and advise effective treatment options
• Provide psychological/health care
• Identify resources and accommodation recommendations to clients and/or third parties

The secondary purposes are:

• To invoice for goods or services, to process credit card payments, or or to collect unpaid accounts
• To send copies of all reports and relevant documents
• Review client information and other files for the purpose of in-house quality assurance including assessing the performance of our staff and consultant professionals
• Review of client information by external regulators and government agencies for auditing purpose
• Third-party payers of services provided by the organization to clients. These third-party payers often have your consent or legislative authority to direct us to collect and disclose to them certain information to demonstrate entitlement to this funding.
• Review of records for the purpose of "due diligence" by a reputable purchaser of BrainSense or its assets. Before being provided access to the files, the purchaser must provide a written agreement to keep all personal information confidential.

3. Protection and Use Of Your Personal Information

3.1 Personal Information Protection

We use administrative, technical, and physical security measures to help protect your Personal Information. We understand the importance of protecting personal information. For that reason, we have taken the following steps:

• Paper information and electronic hardware are either under supervision or secured in restricted area at all times. In addition, passwords are used on computers are in secure places.
• Staff and Assessment Consultants are trained in the need for privacy and confidentiality to collect, use, and disclose personal information only as necessary to fulfill their duties and in accordance with our privacy policy
• Assessment Consultants and agencies with access to personal information must enter into privacy agreements with us

3.2 Personal Information Access

With a few exceptions, you have the right to see what personal information we hold about you. Often all you have to do is ask. We can help you identify what records we might have about you. We will also try to help you understand any information you do not understand (e.g., short forms, technical language, etc.). We will need to confirm your identity before providing you with this access. Other exceptions include access to copyrighted psychological test information (test items, protocols, manuals).

We reserve the right to charge a nominal fee for such requests. If there is a problem, we may ask you to put your request in writing. If we cannot give you access, we will tell you within 30 days if at all possible and advise you of the reason, as best we can, as to why we cannot give you access.

If you believe there is a mistake in the information, you have the right to ask for it to be corrected. This applies to factual information and not to any professional opinions we may have formed. We may ask you to provide documentation that our files are wrong. Where we agree that we made a mistake, we will make the correction and notify anyone to whom we sent this information. If we do not agree that we have made a mistake, we will still agree to include in our file a brief statement from you on the point and we will forward that statement to anyone else who received the earlier information.

3.3 Withdrawal of Consent

You have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

4. Retention and Destruction Of Your Personal Information

We are required to retain personal information for some time to ensure that we can answer any questions you might have about the services provided and for our own accountability to external regulatory bodies.

By law, we are required to retain personal information for at least 10 years after the last date of service for adults, and in the case of children, 10 years after the child turns 21. After these retention periods, we will securely delete your personal information from our records

5. Children's Privacy

Our services are not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from our servers.

6. Disclosure of Your Personal Information

Your personal information will not be disclosed without your consent except under certain circumstances required by law, as follows:

• If there is a risk of harm to the client or others (i.e., the client expresses suicidal or homicidal intent during the session).
• If there are reasonable grounds to suspect that a child is, or may be, in need of protection (i.e., risk that a child is likely to be harmed due to physical, sexual, or emotional abuse and/or pattern of neglect). In such cases, we are obligated by law to report protection concerns to the appropriate local authority under the Child and Family Services Amendment Act - Child Welfare Reform - 1999 - Section 72.
• If a youth discloses sexual abuse by another regulated health professional, we are obligated by law to report this knowledge to the practitioner's college under the Regulated Health Professions Act - 1991.
• If there are reasonable grounds to suspect that an elder or vulnerable person, living in a Long-Term Care or Retirement Home, is, or may be, in need of protection.

7. Data Security

7.1 Use of Cookies and Web Beacons

We use cookies, web beacons, and similar technologies to track activity on our Site to customize content and advertisements based on your preferences to enhance your personalized experience on our platform as well as reach individuals seeking assessment services. Cookies are small files with data which may include an anonymous unique identifier. Web beacons (also known as pixel tags or clear GIFs) are tiny graphics files that contain a unique identifier that enable us to recognize when someone has visited our Site or opened an email that we have sent them.

We use cookies and web beacons for various purposes, including:

• Personalizing your experience on our platform
• Customizing content and advertisements based on your preferences
• Remembering your settings and preferences
• Delivering targeted advertising to those seeking assessment services
• Web analytics to understand how our Site is used and improve its functionality
• Page tagging to track visits to third-party websites and measure the effectiveness of our advertising campaigns

7.2 External Links

Our Platform may contain links to external websites or services. We do not control external websites and do not have control over their privacy policies and terms of use. The fact that we link to a website is not an endorsement, authorization, or representation of our affiliation with that external party or of their privacy and security policies or practices.

8. Data Collection and Processing

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Changes to this Privacy Policy are effective when they are posted on this page. You are advised to review this Privacy Policy periodically for any changes to remain informed about our latest privacy policies.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

1705-8 Eglinton Ave E
Toronto, ON, M4P 0C1
www.brainsense.ca

This policy is made under the Personal Information Protection and Electronic Documents Act and the Personal Health Information Act. These are complex pieces of legislation that provide additional exceptions to the privacy principles that are too detailed to set out here. There are some rare exceptions to the commitments set out above.

For more general inquiries, the Information and Privacy Commissioner of Ontario oversees the administration of the privacy legislation for personal health information. The Commissioner also acts as a kind of ombudsman for privacy disputes. The Information and Privacy Commissioner can be reached at:

2 Bloor Street East
Suite 1400
Toronto, Ontario, M4W1A8
Phone: (416) 326-3333 | (800) 387-0073 | TTY (416) 325-7539

www.ipc.on.ca