Privacy Policy

Privacy Policy

Updated April 10, 2019

Our Commitment to You

CannTrust Ltd. (“CannTrust”) takes your privacy seriously. This privacy policy (“Privacy Policy”) explains how your personal information is collected, used and disclosed by CannTrust.

We are proud of our commitment to the protection of your personal information and to transparency. If you have any questions about our Privacy Policy or any privacy related concerns, please do not hesitate to contact our privacy officer at privacy@CannTrust.ca.

Our Privacy Policy is based on the Canada’s Federal Personal Information Protection and Electronic Documents Act as well as the relevant Provincial Acts concerning the collection, use and disclosure of personal health information, such as Ontario’s Personal Health Information Protection Act.

In order to provide you with products and services, as well as to remain compliant with applicable laws and regulations, CannTrust needs to know some of your personal information. In this Privacy Policy, personal information includes your identifiable personal information (e.g., name, address, e-mail address, credit card information, birth date and gender) and personal health information (e.g., physical or mental health status, identification of your health care providers, health insurance information).

You have a right to know how we collect, use and disclose your personal information and to access or correct that information if it is inaccurate. You can rest assured that we will, to the best of our ability, ensure that your personal information held by us remains accurate, confidential and secure.

How We Collect and Use Your Personal Information

CannTrust only collects and uses personal information for purposes that would be considered reasonable in the circumstances and only such personal information as is required for the purposes of providing our products or services. Personal information is collected directly from the person concerned, their authorized representatives or from other third parties that may have your personal information, such as health care providers, licensing, regulatory or credential verification organizations.

Our use of personal information is limited to the purposes described in this Privacy Policy or otherwise identified to you at the time of collection. We do not otherwise sell, trade, barter, exchange or disclose for consideration any personal information we obtain.

CannTrust Uses Your Personal information for the Following Purposes:

  • to process your registration application with us and determine your eligibility for our products and services;
  • to verify your medical declaration, your identity and other documentation you provide to us;
  • to communicate with you to offer and provide you products and services and to better understand your need for our products and services, including to contact you to conduct surveys on the quality of our products or services;
  • to process payment for our products and services;
  • to meet our legal and regulatory obligations; and
  • other purposes consistent with these purposes.

 

Because we value your trust, we will only ask for personal information that we need and, when we ask you for additional personal information, we will let you know why we need it.

Disclosure of Personal Information

We may use your personal information to communicate information to you, including to contact you to conduct surveys on the quality of our products and services, and we may disclose your personal information to third parties, but only:

 

  • to certain persons in response to a court order, subpoena, search warrant, law or regulation;
  • to third party contractors we use to support our services, in which case we will require such third parties to agree to treat personal information in accordance with this Privacy Policy and applicable laws and regulations;
  • to third parties assisting CannTrust with the collection of monies owing to CannTrust for the purchase of its products or services.

 

A record is kept each time personal information is disclosed, noting the scope and nature of the disclosure, the date and the identity of the party to whom the disclosure was made.

 

In the event CannTrust is acquired, merges with another entity, becomes insolvent and/or declares bankruptcy, your information may be transferred or sold to another entity. However, this would only be done in accordance with applicable laws to ensure your personal information privacy rights are protected.

 

We may also use and disclose personal information, as permitted by privacy laws and regulations, to corporate affiliates, parents and other entities owning or controlling, owned or controlled by or under common ownership or control by CannTrust; however, we will only disclose information that has been “de-identified” and therefore does not provide any information that is identifiable to you.  This de-identified information is used by these parties for research purposes to identify improvements in the products or services we provide.

 

In addition, CannTrust is always seeking better ways to serve you. In this regard, we may perform statistical analyses of the traffic patterns, site usage and behaviors associated with our websites, products, services, analyses of utilization information in the aggregate to study outcomes, costs, and service enhancements. We may use these analyses of aggregate data to generate new information which we may sell or disclose to other companies or organizations. In these circumstances, we will only disclose information that has been “de-identified” and therefore does not provide any information that is identifiable to you.

 

Consent

By providing personal information to CannTrust and using our services or products, you agree and consent that we may collect, use and disclose your personal information in accordance with this Privacy Policy and any documents that you have executed and/or delivered to CannTrust.

 

You can refuse to consent to the collection, use or disclosure of your personal information, or withdraw your consent to the collection, use or disclosure of personal information at any time by giving us reasonable notice.  Your refusal or withdrawal of consent may result in the limitation or termination of our ability to provide you products or services, at CannTrust’s sole discretion.

 

If you do not want CannTrust to contact you by e-mail, mail or by phone or to share your personal information with other CannTrust partners, you may make the necessary arrangements through the offices of CannTrust subject to any rights we may have to disclose your personal information under applicable law, this Privacy Policy or any documents that you have executed and/or delivered to CannTrust in connection with this Privacy Policy.

Privacy Policy Changes

From time to time CannTrust may make changes to this Privacy Policy to better reflect relevant privacy legislation or best practices, in the normal course of business or to serve you better. You understand and agree that it is your responsibility to periodically check this Privacy Policy for any changes. In the event CannTrust makes a significant change to this Privacy Policy, we will use reasonable efforts to draw the changes to your attention.

How to Correct or Update Your Personal Information

While CannTrust tries to ensure that personal information is accurate, complete and up-to-date, CannTrust does not routinely update your personal information, unless required. Therefore, it is your responsibility to inform CannTrust promptly of any changes in your personal information. CannTrust will, from time to time, verify the personal information that you provide as part of its routine process of client verification or customer service. This may include verifying other elements of your personal information with associated stakeholders.

If you believe that personal information in your records may be inaccurate or incomplete, we make it easy for you to access, verify and update it. If incorrect personal information has been provided to third parties, we will convey the corrected information to them, if necessary.

If we do not agree to change your personal information, you may challenge our decision. We will make a record of this challenge, and if necessary, disclose the challenge to third parties who also possess the personal information.

You can help us by advising us of any changes to your personal information.  You can correct or update your personal information at any time using the following options:

 

Call CannTrust toll-free at:

1 (855) 794-2266

 

Write to CannTrust at:

CannTrust

P.O. Box 92068, 9200 Weston Road

Vaughan, Ontario, L4H 3J3

 

Retention of Personal Information

We keep your personal information only as long as it is required for the reasons it was collected. The length of time CannTrust retains your personal information varies, depending on the purpose for which it was collected and the nature of the information. This period may extend beyond the end of your relationship with CannTrust but it will be only for so long as it is necessary. When your personal information is no longer required for our purposes, procedures are in place to destroy, delete, erase or convert the information in accordance with applicable laws.

Currently, the principal place in which CannTrust holds your personal information is Ontario, Canada. We use accredited, secure, off-site digital storage facilities in Canada that do not transmit or store data outside of Canada.

Access to Personal Information

CannTrust allows you to access and review your personal information in accordance with applicable laws. We will respond to a request for access within a reasonable time and generally no later than 30 days following receipt of the request. If CannTrust denies your request for access to personal information, you will be told why, unless we are prohibited by law from doing so. You may challenge our decision.

You can view your information through your online account. To review other personal information that CannTrust has about you, simply make a written request to our Privacy Officer. There may be a charge for retrieving a complete list of personal information, in which case you will be notified in advance and you may, at that time, withdraw your request.

If you have a sensory disability, on request, we will give you access to your personal information in an alternative format if available. If it is necessary and if we can reasonably do so, we will convert the personal information into an alternative format.

Once you have the personal information, all you have to do is check it for accuracy and let us know if there are any corrections required. If appropriate supporting documentation is provided or required, we will correct our records or make note of any differences. If personal information has been provided to third parties, we will convey the corrected information or note any differences to them, if necessary.

Security of Personal Information

CannTrust, its staff and our partners are committed to protecting the security of the personal information you choose to share with us.

CannTrust has appointed a Privacy Officer, who is also a member of senior management. Our Privacy Officer has the responsibility for coordinating overall privacy protection and compliance with this Privacy Policy. You can contact CannTrust’s Privacy Officer at privacy@CannTrust.com.

Every CannTrust employee, as a condition of employment, takes responsibility for protecting the privacy, confidentiality and security of personal information. This obligation remains in effect even after an employee leaves CannTrust. Suppliers of services to CannTrust, such as e-commerce and credential verification firms, are required to sign contracts requiring them to protect the privacy and confidentiality of personal information in accordance with applicable laws.

CannTrust also has extensive controls to maintain the security of its operations and information systems, including:

  1. physical access to those areas where personal information is gathered, processed or stored is restricted to authorized employees.
  2. appropriate controls are in place for computer systems and data processing procedures and these controls are reviewed on an ongoing basis to ensure compliance with our security and privacy policies.
  • CannTrust destroys or erases any personal information when it is no longer needed, in accordance with applicable standards and laws.

 

Non-Personal Information

Non-personal information is information that cannot identify you personally, such as, browser information and program data that records the website page choices you make.

Our website may use ‘cookies’ to collect non-personal information about you, to help us better deliver our products and services to you. A ‘cookie’ is a small text file sent to your browser’s files for our reference. They allow our server computer to recognize you when you return to our website and retain any preferences you have provided. If you do not wish to receive cookies, consult your browser’s help menu in order to disable the use of cookies.

 

 

How to Contact Us

If you have any questions about this Privacy Policy, you can contact our Privacy Officer at:

 

CannTrust

Phone: 1 (855) 794-2266, or

Email: privacy@CannTrust.ca

Address: CannTrust

P.O. Box 92068, 9200 Weston Road

Vaughan, Ontario, L4H 3J3

 

 

 

Changes to this Privacy Policy

Changes to this Privacy Policy will be posted at www.canntrust.ca along with a reference to the updated effective date.

 

© 2019 CannTrust Ltd. · Privacy

Medical Patient Updates

To our valued patients - we hope this FAQ helps answer some of your questions about the recent news and how it affects you.