Clinique NIOS Inc. – Privacy Policy

Last Updated: April 29, 2025

Introduction

Clinique NIOS Inc. (“Clinique NIOS,” “we,” “our,” or “us”) is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website (https://cliniquenios.com/) or use our services. It also outlines your rights under applicable Canadian and Quebec privacy laws, including the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and Quebec’s Act to modernize legislative provisions as regards the protection of personal information (also known as “Loi 25”). We have appointed a Privacy Officer to oversee our privacy practices and ensure compliance with these laws.

By using our website or services, you agree to the collection and use of your information in accordance with this Privacy Policy. If you do not agree, please do not use our site or services.

Information We Collect

We collect several types of information from or about our users in order to provide our services and operate our website:

• Personal Identification Information: This includes your name, email address, phone number, mailing address, and other contact details you provide to us (for example, when you fill out forms on our website or Facebook lead forms).
• Technical Information: When you visit our site, we may collect information such as your IP address, browser type, operating system, device identifiers, and browsing behavior through cookies or similar tracking technologies. This helps us understand how you use our website and improve your experience.
• Cookies and Usage Data: We use cookies and similar technologies to collect data about your browsing activities on our site. This may include log-in information, pages viewed, links clicked, and other usage statistics. You can control or disable cookies through your browser settings, but note that some site features may not function properly if cookies are disabled. For more details, see Cookies and Tracking Technologies below.
• Information from Online Forms and Social Media: If you interact with Clinique NIOS through online forms (including third-party platforms like Facebook or other social media lead forms), we will receive any information you submit (such as your name, contact information, and any other details you provide in the form). We treat this information in accordance with this Privacy Policy.
• Personal Health Information (PHI): In the course of providing healthcare services, we may collect sensitive personal health information about you (e.g. medical history, health conditions, treatment information). Important: We collect and manage PHI through a secure, government-approved electronic medical records system, as required by Quebec regulations. This health information is handled with the highest level of confidentiality and used only for providing you with care or as otherwise permitted or required by law.
• Payment Information: If you purchase services or make payments through our clinic (for example, paying for a consultation or treatment), we (or our third-party payment processor) may collect payment details such as your credit card number, billing address, and other payment-related information. This information is used solely to process the transaction you have requested. We do not store full credit card numbers on our own servers; any payment processing is done via PCI-DSS compliant third-party processors for your security.

We only collect personal information that is necessary for the purposes identified in this policy or that you provide to us voluntarily. You have the choice not to provide certain personal information, but this may limit our ability to offer you some of our services (for example, we might not be able to schedule an appointment without contact information).

How We Use Your Information

Clinique NIOS uses the collected information for the following purposes:

• To Provide and Improve Services: We use personal information (like your name and contact info) to schedule appointments, provide medical or wellness services, and manage our client relationships. For example, we may use your information to create or access your medical record, to give you proper care, or to follow up on your treatments.
• Communication: Your contact information (email or phone number) is used to send you important notices and confirmations, such as appointment reminders, follow-up instructions, or updates about our services. Text Messaging (SMS/MMS): If you have explicitly opted-in to receive SMS communications, we will send you text message reminders or updates related to your care or inquiries. (See “Opt-In and Communications Consent” below for details on how we obtain consent for text messaging.) We will only text you for marketing or promotional purposes if we have your explicit consent. You can opt out of communications at any time (see Your Rights and Choices).
• Marketing and Newsletters: With your permission, we may use your email to send newsletters, promotional offers, or health tips. Such emails will only be sent if you have subscribed or consented, and you can unsubscribe at any time by clicking the “unsubscribe” link in the email or contacting us. We do not use your personal health information for marketing purposes without your explicit consent.
• Website Functionality and Analytics: Technical information and cookies are used to ensure our website functions properly, to remember your preferences, and to understand and analyze user traffic. This data helps us troubleshoot issues, secure our site against fraud, and improve our website design and services. We may use third-party analytics tools (like Google Analytics or Facebook Pixel) to help analyze how users interact with our site and advertisements. These third parties may use cookies or similar technologies to collect anonymized data about your usage patterns.
• Legal and Security: We may use personal information as necessary to comply with applicable laws and regulations (such as health regulations or tax laws), to respond to lawful requests by public authorities, or to establish, exercise, or defend our legal rights. If you enter into any contests, promotions, or surveys we offer, we will use the information you provide to administer those programs. Additionally, we use information to protect the security of Clinique NIOS, our staff, our patients, and others. For instance, we may use data to detect and prevent fraud, spam, or abuse of our services.
• Payment Processing: If you provide payment information, we use it to process your payments for our services. This includes billing you, confirming payment, and maintaining transaction records. Payment information may be shared with our payment processor solely for this purpose and is not used for any other reason.

We will not use your personal information for new purposes that are not disclosed in this Privacy Policy without obtaining your consent, unless otherwise permitted or required by law.

Cookies and Tracking Technologies

Our website uses “cookies” and similar tracking technologies (such as web beacons or pixels) to enhance user experience and gather information about visitors and visits. Cookies are small text files placed on your device that help us recognize you on future visits, understand which areas of the site are useful, and improve functionality.

• Types of Cookies: We may use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period or until you delete them). Session cookies enable core site functionality (like navigating between pages smoothly), while persistent cookies help us remember your preferences (such as language or region selection) and collect aggregated traffic data.
• Analytics and Advertising: Third-party analytics services may set their own cookies to help us analyze site traffic and usage. For example, we might use Google Analytics cookies to see how often certain pages are visited. We may also use Facebook Pixel or similar tools for advertising purposes, which allow us to deliver tailored ads on social media or other sites to people who have visited our site. These tracking pixels may use non-identifying information about your browser and interactions. We do not use these tools to collect personally identifying information without your consent.
• Cookie Choices: You can control or delete cookies by adjusting your browser settings. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. You may also clear cookies from your browser at any time. However, please note that disabling cookies might affect the functionality of our website – for example, some pages may not remember your preferences or certain features might not work properly.
• Do Not Track Signals: Our site currently does not respond to “Do Not Track” (DNT) signals. However, you may opt out of targeted advertising through various programs (for example, via the Digital Advertising Alliance opt-out page) if we engage in such advertising.

By using our site, you consent to our use of cookies and similar technologies as described in this section. For more details or any questions about our use of cookies, feel free to contact us.

Disclosure of Your Information to Third Parties

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. In particular, no mobile phone information (phone numbers, SMS opt-in data, or messaging consent data) will be shared with third parties or affiliates for marketing or promotional purposes. We value your privacy, especially when it comes to your contact information and health data.

However, we may share certain personal information in the following contexts, strictly for purposes aligned with this Policy:

• Service Providers and Partners: We share information with trusted third-party service providers who perform services on our behalf. This includes, for example:
  • Technology Providers: Companies that host our website or databases, provide email/SMS delivery services, or help us manage appointments and communications (such as CRM or scheduling software providers, including the platform that powers our online forms and messaging). These providers only receive the information necessary to perform their functions (e.g., your contact info for sending appointment reminders) and are contractually obligated to protect it and use it only for our purposes.
  • Payment Processors: If you make payments, your payment details will be transmitted to our payment processing company (e.g., credit card processor or bank) to complete the transaction. These processors adhere to high security standards.
  • Medical Service Partners: In certain cases, we might work with other healthcare professionals or labs for your care. We will share PHI with them only as necessary for your treatment and with appropriate confidentiality safeguards (and usually with your knowledge or at your request, such as sending a referral or lab test).
• Subcontractors in Support Roles: We may allow subcontractors or consultants to access personal information if they assist us with operations such as customer service, IT support, or data analysis. Any such access is granted on a need-to-know basis and those parties are bound by confidentiality agreements. They cannot use your information for any purpose other than to provide the agreed support services.
• Legal Compliance and Protection: We may disclose personal information if required to do so by law or in the good faith belief that such action is necessary to (a) comply with a legal obligation, regulatory requirement, or legal process (such as a court order or subpoena), (b) protect and defend the rights or property of Clinique NIOS, (c) prevent or investigate possible wrongdoing in connection with our services, (d) act in urgent circumstances to protect the personal safety of patients, website users, or the public, or (e) protect against legal liability.
• Business Transactions: If Clinique NIOS is involved in a merger, acquisition, financing, reorganization, or sale of some or all of our business or assets, personal information may be transferred to the parties involved in the transaction as part of due diligence or the finalized transfer. In such cases, we will ensure appropriate safeguards are in place and that no personal data is disclosed or transferred except in accordance with applicable privacy laws. If a transfer of your personal information results in a materially different use or disclosure than stated in this Privacy Policy, we will endeavor to notify you or obtain your consent as required by law.
• Text Messaging Providers: If you have opted in to receive SMS communications from us, we share your phone number and message content with our SMS service provider (for example, our telecommunications or software provider that sends out the texts on our behalf). This is necessary to deliver the messages to you. We do not permit our messaging provider to use your phone number for any purpose other than to send our communications, and we do not share your opt-in consent data with any third party beyond what is necessary to send our text messages.

In all cases where we share your information with third parties, we only share what is necessary for the specific purpose and we ensure that these parties are obliged to keep your information confidential and secure. They are not permitted to use your information for their own unrelated purposes.

If you have any questions about third parties having access to your personal information, please contact us (see Contact Us below) and we will be happy to provide you with more information.

Data Retention and Storage

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, and as required or permitted by law.

• Client Contact Information: We will keep basic contact information (name, email, phone, etc.) as long as you remain a client or interested in our services. If you unsubscribe from a mailing list or opt out of communications, we may keep your contact details on an internal do-not-contact list to ensure we respect your opt-out.
• Health Records: Personal Health Information that we collect in the context of providing healthcare services will be retained in accordance with medical record retention laws and guidelines in Quebec. This typically means we keep your medical records for a minimum period (often several years) as required by professional regulations or law, even if you stop being an active patient, to ensure continuity of care and for legal record-keeping. After the required retention period, we will securely destroy or anonymize health records that are no longer needed.
• Payment Records: Transaction records and invoices are kept for the period required by tax and accounting laws (for example, at least six years in Canada for financial records). We do not retain full credit card numbers; only necessary transaction references are stored.
• Web Analytics Data: Information collected via cookies and analytics tools may be stored in aggregate form (not linked to you personally) for an indefinite period to help us analyze long-term website performance. Data that is potentially identifiable (like IP addresses) is typically retained for a shorter period, unless it is used for security investigations.
• Application/Inquiry Data: If you submit information through a form (e.g., requesting information about services but do not become a patient), we will retain that inquiry information for a reasonable time to follow up with you and track our communications. If you ask us to delete that information, we will do so (except if needed for legal reasons).
• Deletion: When personal information is no longer required for the purposes identified or to meet legal requirements, we will take steps to erase, aggregate, or anonymize it in accordance with applicable laws. For example, if you withdraw consent for us to hold a certain optional piece of information about you, we will delete it unless retaining it is required by law or for legitimate business purposes (in which case we would inform you).

Please note that even if we delete your data from active databases, it may remain in backup archives (which are secured) for a period of time until those archives are refreshed. We continue to protect any retained information in accordance with this Privacy Policy.

Security of Your Information

We take the security of your personal information seriously. Clinique NIOS implements a variety of administrative, technical, and physical security measures to protect your personal data from unauthorized access, use, alteration, and disclosure. These measures include:

• Data Encryption: Sensitive personal data (such as health information and payment details) is stored and transmitted using encryption. For instance, our medical record software and any payment transactions use encryption protocols (like SSL/TLS) to protect data in transit.
• Access Controls: Personal information held in digital form is protected by access controls. Only authorized Clinique NIOS staff or contractors who need to see your information to perform their duties have access. They are required to adhere to strict confidentiality obligations. Each user of our internal systems has unique login credentials, and access is logged and monitored.
• Secure Facilities: Physical records (if any) are kept in locked files, and our offices and systems are secured. Our computers and devices are protected with passwords and antivirus/anti-malware tools. We also maintain up-to-date firewall and network security systems to prevent intrusions.
• Training and Policies: All members of our team are trained on privacy and security best practices, including the proper handling of personal and health information. We have internal policies in place to guide how data must be handled and protected.
• Third-Party Security: When we use third-party service providers (such as cloud hosting or messaging services), we choose reputable providers and require them to have robust security practices. We also utilize data processing agreements to ensure they protect your data to high standards.
• Regular Monitoring: We periodically review our security procedures to consider appropriate new technology and updated methods. We also may perform testing or audits of our systems to ensure ongoing protection.

Despite our best efforts, please be aware that no method of transmitting data over the Internet or storing data is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. You can also play a role in protecting your data by using strong passwords, keeping your login credentials confidential (if any are used on our site), and being cautious about sharing personal information in unsecured forums.

In the unlikely event of a data breach or security incident that compromises your personal information, we will act promptly to contain the issue and mitigate any harm. We will notify you as soon as possible of any breach that poses a risk of significant harm, as required by law, and report to the appropriate privacy authorities, such as the Office of the Privacy Commissioner of Canada or the Commission d’accès à l’information du Québec, in accordance with breach notification laws.

Your Rights and Choices

You have rights regarding your personal information, and Clinique NIOS is committed to respecting these rights. Under Canadian and Quebec privacy laws (including new provisions under Loi 25), your rights include:

• Right to Access: You have the right to request access to the personal information we hold about you. You may request a copy of certain personal information or details about how we have used or disclosed it. We will provide the information in a clear format, usually within 30 days as required by law (or inform you if we need an extension). For health records, access might be provided through your healthcare provider or via our clinic’s records system as appropriate.
• Right to Correction: If any of your personal information is inaccurate or incomplete, you have the right to request that we correct or update it. For example, if you change your phone number or notice an error in your record, you can ask us to amend our records. We will make the correction where feasible, or if we disagree (rare cases, such as a medical opinion in a health record), we will note your requested correction in the file.
• Right to Withdraw Consent: Where we rely on your consent to process information (such as for receiving marketing emails or SMS reminders), you have the right to withdraw that consent at any time. For instance, you can opt out of marketing communications by clicking “unsubscribe” in an email, or stop SMS messages by replying “STOP” to any message (for details, see Opt-In and Communications Consent below). Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Data Portability: As of the effective dates set by Loi 25, you have the right in certain circumstances to request that personal information you provided to us be given to you in a structured, commonly used technological format (data portability). This applies to information that was collected electronically. If you request such portable copy of your data (e.g., your basic account or registration information), we will provide it to you if required by law, or we will inform you if this right is not applicable to specific data.
• Right to De-indexation (Right to Be Forgotten): Quebec’s privacy law provides that in some cases, individuals may request that their personal information (especially information that is publicly available) be de-indexed or stopped from being disseminated. While our website does not typically publish your personal information publicly, if you believe some personal information about you is publicly available through our site (for example, a testimonial you gave that you wish to retract), you may request its removal or de-indexation. We will comply with such requests in accordance with the criteria set by law (such as if the information is outdated or not in the public interest and the request is lawful).
• Automated Decision-Making: Clinique NIOS does not normally use your personal information to make decisions about you solely through automated means (with no human involvement) that have a significant impact on you. In the event that we ever do implement automated decision-making (for example, an algorithmic tool to prioritize appointment scheduling or assess something about service usage), you would have the right to be informed about the automated decision and to request human intervention or review of the decision. We would also provide you access to information about the logic involved in the decision, as required by law.
• Right to Anonymity or Pseudonymity: Where feasible, you may have the option to interact with us anonymously or under a pseudonym (for example, general inquiries). However, for many of our services (especially medical services), it’s impractical or unlawful for us to serve you without knowing your identity (e.g., we cannot provide medical treatment without identifying the patient). We will accommodate anonymity requests where possible in light of the service being provided.
• Right to Lodge a Complaint: If you believe we have violated your privacy rights or have a concern about our privacy practices, you have the right to file a complaint with the relevant privacy regulator. For most cases, this would be the Office of the Privacy Commissioner of Canada (OPC) for federal matters or the Commission d’accès à l’information du Québec (CAI) for Quebec-specific matters. We encourage you to contact us first (see Contact Us below) so we can address your concerns directly. However, this is your right and you will not be penalized for exercising it.

Exercising Your Rights: You can exercise any of these rights by contacting our Privacy Officer (see contact details in Contact Us). Please be as specific as possible in your request so we can respond accurately. We may need to verify your identity before fulfilling certain requests to ensure we don’t disclose your information to someone else. For example, if you request access to your data, we might require some identification or verification questions.

We will respond to your request within a reasonable timeframe and in accordance with applicable laws. For most requests, there is no fee. However, if you request additional copies of records or a manifestly unfounded or excessive request, we may charge a reasonable fee or decline the request as allowed by law (but we will explain the reason to you).

Opt-In and Communications Consent

We abide by strict opt-in requirements for sending communications, especially text messages (SMS/MMS), to our customers. This means we will only send you certain communications if you have given your explicit consent. Here’s how we handle consents and opt-ins:

• Email Marketing Consent: Our website may offer you the option to sign up for email newsletters or special offer updates. We will only send you marketing emails if you have actively subscribed or checked a consent box indicating you want to receive them. If you opt-in and later change your mind, every marketing email from us will contain an unsubscribe link at the bottom. You can also contact us directly to be removed from our email marketing list.
• SMS/Text Message Consent: We will only send you text messages if you have expressly agreed to receive them. For example, our online appointment or inquiry forms include a checkbox (unchecked by default) where you can consent to receive text messages from us. The consent language clearly explains what types of messages you will receive (e.g., appointment reminders, updates related to your inquiry, occasional promotional offers) so you know what you’re signing up for. By checking the box and submitting the form with your phone number, you are providing your written consent to receive automated text messages from Clinique NIOS. We retain a record of this consent. If you do not check the opt-in box, we will not send you text messages.
• Double Opt-In (if applicable): In some cases, after you submit a form with consent for SMS, you might receive a confirmation text message asking you to reply “YES” to confirm your subscription. This additional step (double opt-in) is an extra measure to verify that the phone number owner indeed wants to receive texts. (This process may depend on our messaging platform and carrier requirements.)
• Content of Messages: When you opt in to our SMS service, you can expect to receive messages relevant to the program you joined. This may include appointment confirmations, reminders of upcoming appointments, follow-up check-ins after a visit, and occasional clinic updates or health tips. We will make clear on the opt-in form what kind of messages you are signing up for so there are no surprises.
• Frequency of Messages: Message frequency may vary. Typically, for appointment-related texts, you might get a confirmation and a reminder for each appointment. For any promotional or newsletter-type texts (if you consented to those), you might receive messages a few times a month at most. The opt-in form or welcome message will indicate the approximate frequency (e.g., “Msg freq varies”).
• Standard Rates: Message and data rates may apply to any texts we send or you send to us, as imposed by your mobile carrier. Clinique NIOS does not charge you additional fees for our text messages, but you are responsible for any charges from your carrier (for example, if you have a limited texting plan). If you have questions about your text or data plan, please contact your wireless provider.
• How to Opt-Out of SMS: You can cancel SMS communications at any time. To stop receiving text messages, simply reply “STOP” to any Clinique NIOS text message. For example, texting “STOP” will unsubscribe you from further SMS notifications. After you send “STOP,” we will send you a final confirmation message to acknowledge that you have been unsubscribed, and then you will no longer receive SMS from us. If you have multiple types of SMS subscriptions (for example, one for appointments and one for promotions), replying STOP will typically stop all, unless otherwise indicated. You can also opt-out of texts by contacting us directly and requesting removal of your phone number from text campaigns.
• How to Get Help for SMS: If you need assistance with our text messaging service, you can reply “HELP” to any of our messages. We will respond with information on how to manage your subscriptions and additional contact info for support. You can also reach out to us at our support email or phone number (see Contact Us below) for help regarding SMS.
• No Purchase Necessary: Opting in to SMS or email communications is not a condition of purchasing any goods or services. You can receive services from us without agreeing to marketing texts or emails. We will still contact you with essential information (like appointment confirmations or medical instructions) as needed to provide our services, but we will do so in accordance with applicable communication laws (for instance, certain healthcare communications may not require explicit consent under Canada’s anti-spam law if they are considered transactional or provide healthcare follow-up).
• Third-Party Communication Platforms: We may use third-party platforms (such as a customer relationship management system or telecommunications provider) to send out emails or texts. These platforms are only allowed to use your information to send the communications you’ve signed up for, and they are contractually obligated to keep your information secure. They will not independently contact you or share your contact info.
• Canada’s Anti-Spam Law (CASL): Clinique NIOS complies with CASL, which means we obtain consent for commercial electronic messages, identify ourselves in messages, and provide a clear way to unsubscribe. If you believe you have received an unsolicited commercial message from us in error, please inform us so we can investigate and correct our practices if needed.

Your consent choices will be respected. If you opt out of marketing communications, we won’t contact you for those purposes again. Please note that if you are an active patient, we may still contact you via phone, email, or SMS for non-marketing purposes such as appointment reminders, health notices, or billing issues, as permitted by law and applicable regulations (and we will do so in a manner consistent with privacy requirements). We will not send you promotional texts or emails unless you have consented.

International Data Transfers

Clinique NIOS is based in Quebec, Canada. However, some of the third-party service providers we use to operate our website and services may be located in or have servers in other countries, including the United States. This means that your personal information could be transferred to, stored, or processed in a country other than Canada.

For example, if we use an email newsletter service or cloud data storage that is based in the U.S., the information we store in those systems (such as your email address or form responses) may reside on U.S. servers. Similarly, if we use tools provided by companies like Google or Facebook, data might be processed on servers outside of Canada.

Protection for International Transfers: Whenever we transfer personal information outside of Canada, we take steps to ensure it is protected. Our contracts with third-party processors include clauses to safeguard your data, requiring them to provide security and privacy protection comparable to what is required under Canadian law. However, it’s important to note that foreign jurisdictions may have different data protection laws, and in certain cases, courts, law enforcement, or national security authorities in those countries may access your data under their laws.

By providing us with personal information or using our website, you consent to the transfer of your information to other countries as described in this Privacy Policy. We will always treat your personal information in accordance with this Policy, wherever it is processed.

If you would like more information about our policies regarding service providers outside Canada, or have questions about how your data might be handled internationally, please contact our Privacy Officer.

Changes to this Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will revise the “Last Updated” date at the top of this Policy. If the changes are significant, we may also provide a more prominent notice (such as a banner on our website or an email notification, if appropriate).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Clinique NIOS website or services after any changes to this Privacy Policy constitutes acceptance of those changes, to the extent permitted by law.

If we plan to use your personal information for a new purpose not previously identified (and not otherwise permitted by law), we will seek your consent for that new purpose.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our designated Privacy Officer:

Privacy Officer: Olivier Drouin
Address: 109A-275 Boul. du Curé-Labelle, Sainte-Thérèse, Québec J7E 0C2, Canada
Email: [email protected]
Phone: +1 (514) 533-6467

You may also contact us at the above address or email for general inquiries about our services or to request access to/correction of your personal information.

We will respond to your inquiry or request as promptly as possible. If you make a privacy-related complaint, our Privacy Officer will investigate the matter and respond to you with the results of the investigation and any steps we will take to address your concerns.