Privacy policy – Compliance with Bill 25
This privacy policy (hereinafter referred to as “the Policy”) describes Clinique Berio’s practices regarding the collection, use, disclosure, retention and destruction of your personal information. To simplify reading, we will sometimes refer to “we” or “the clinic” in this Policy.
In some cases, we may provide you with additional information regarding the processing of your personal data at the time it is collected. In addition, we may also seek your expressed consent to collect, use, disclose or retain your personal information in specific situations.
This Policy applies to all personal information collected by us, regardless of the method, whether in person, by telephone or via our website or our partners’ platforms.
By accepting this Policy or providing us with your personal information after you have had an opportunity to review it, and any additional notices, you consent to the processing of your personal information in accordance with this Policy and such notices.
If you have any questions about the confidentiality of your personal information
If you have any questions, comments, or would like to know more about our personal data management, you can contact our Privacy Officer by email (info@cllinqueberio.ca). We will be happy to address your concerns or help you exercise your data protection rights.
In our clinic, we have put in place a clear structure with well-defined responsibilities to ensure the confidentiality of personal information:
- Privacy Officer:
- Develop and implement policies and procedures to ensure confidentiality of information.
- Train staff on their data protection obligations.
- Keep a confidentiality incident log.
- Assess the impact of security incidents involving personal information.
- Inform the appropriate authorities in the event of a serious incident.
- Identify and report any risks to data confidentiality.
- Operations Director:
- Ensure that all employees sign a confidentiality agreement, and that this is kept securely.
- Ensure the security of personnel files.
- Manage data access according to roles.
- Ensure that suppliers and subcontractors adhere to strict confidentiality practices.
- Detect and report potential risks of confidentiality incidents.
- Administrative staff:
- Collect personal information from patients and obtain their consent to the use of this data.
- Scan and record this consent in electronic files.
- Respect confidentiality rules by signing appropriate agreements.
- Report any potential confidentiality incidents.
- Clinical staff
- Strict compliance with confidentiality policies and ethical standards.
- Be alert to the risk of breaches of confidentiality and inform those responsible in the event of an incident.=
We also provide ongoing training for our staff and raise awareness of data confidentiality through a number of initiatives:
- Annual signature of confidentiality contract by all employees.
- Periodic reminders of best practices, notably via posters or at internal meetings.
- Encouragement to report any security incidents relating to the confidentiality of personal information.
Safety and potential risks
We apply recognized security standards in our field to protect the personal data we collect. Appropriate physical, technical, IT and administrative safeguards are in place to prevent any confidentiality incidents involving your personal information. However, although we make every effort to protect this data, the use of computer systems involves inherent risks, and it is impossible for us to fully guarantee their security or confidentiality. The transmission of your information is therefore at your own risk. If you believe that your personal information has been compromised, please contact us at the above address.
Disclosure of personal information for reasons of public safety or legal proceedings
In the event of imminent risk of serious injury or death
If we have reasonable grounds to believe that a person or group is in serious danger of death or serious injury, whether due to disappearance, violence or attempted suicide, we may need to disclose certain personal information. This could include sharing this information with the person concerned, his or her next of kin or any other person in a position to intervene. Only the information strictly necessary to respond to the emergency will be shared.
Working with law enforcement agencies
We may also be required to provide information to judicial authorities or organizations responsible for the prevention and suppression of crime. This could include communicating information to the Director of Criminal and Penal Prosecutions or to a crime prevention organization, if such data is essential to the prosecution of an offence under the laws applicable in Quebec. In addition, we may transmit certain information to the police if this is necessary to plan or carry out an appropriate intervention, in the following cases: 1) at our request, to obtain assistance in the context of the services we offer to an individual; 2) as part of a collaboration between our organization and police services for interventions combining psychosocial aspects and police measures.
Can your personal information be transferred outside Quebec?
Your personal information may be transferred outside Quebec in certain cases.
What rights do you have regarding your personal information?
The law gives you several rights regarding your personal information. Here are some of your main rights:
- Access: You have the right to know whether we hold personal information about you and, if so, to have access to it.
- Rectification: You can request that any incomplete or incorrect data be corrected.
- Withdrawal of consent: You may withdraw your consent to the use or disclosure of your personal information.
- Restricting access: You can request that specific information be made available only to certain parties, or deny access to a particular party.
- Complaints: If you feel that your privacy rights have been violated, you may file a complaint with our Data Protection Officer, or with the Commission d’accès à l’information du Québec via their online form: https://www.cai.gouv.qc.ca/formulaires-et-lettres-types/pour-les-citoyens/.
- Data portability: You have the right to receive a copy of your personal data or to transfer it to another organization, in a structured, machine-readable format.
To exercise these rights, please contact our data protection officer by following the instructions above.
How do we use cookies?
We collect cookies on our site for targeted advertising purposes. For example, we use Google Tag Manager to integrate Google Universal Analytics, Google Analytics 4 and a Google Ads remarketing tag.
External sites
Our policy does not apply to third-party sites or applications accessible via our services. We encourage you to consult the privacy policies of these services before sharing your personal information.
Fully automated decisions
We do not use technology to make automated decisions based on personal information.
Identification, profiling or location technologies
We do not use technologies to analyze the behavior of our users based on their personal data.
Privacy Policy Updates
We reserve the right to modify this policy from time to time to reflect changes in our business practices or legal requirements.