PRIVACY POLICY

Please go to this link for a kids' summary of this policy.
Please go to this link for a plain language summary of this policy

Dr. Tyler R Black, Medical Psychiatry Services, Inc. and our corporate affiliates (the “Company”, “we”, “us”, “our”) respect and uphold individual rights to privacy and the protection of personal information while balancing such rights with our need to process your personal information to manage our business and deliver our services to you. Based on applicable privacy and data protection principles common to Canada and other jurisdictions to which we are subject to, we have developed this privacy policy (the “Policy”) to explain our practices for processing your personal information. This Policy does not apply to our employees’ personal information or any anonymized information.

This Policy describes our practices with respect to how we may collect, use, disclose, retain, dispose and otherwise process (collectively, “process”) and how you may correct, update and access your personal information that you provide as a user of (a) the website operated at tylerblack.com or tylerblack.ca, and other locations from time to time‎ (the “Website”), (b) any front-end software we provide you that interacts or interfaces with the Website (the “Software”), excluding third party software that may interact with the Website or the Service as defined below, and (c) the services we provide through the Website and/or the Software (collectively, the “Service”). This Policy references the general Terms of Use for the Company delivered to you through email prior to your use of our Website, Software or Service, and forms an integral part of it. All capitalized terms not otherwise defined herein have the meaning provided in our Terms of Use.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. By using our Website, Software, or Service, or otherwise by choosing to provide us with your personal information, you acknowledge and consent to the processing of your personal information in Canada in accordance with this Policy and as may be further identified when the personal information is collected. If you are located or residing outside of Canada, please be aware that our Website, Software and Service are intended for and directed to users in Canada, and the privacy laws and principles in Canada may differ and not offer the same level of protection as those in your location or residing country/region. Through your continued use of our Website, Software or Service, you are transferring your personal information to Canada and you expressly consent to that transfer. We will use this consent as the legal basis for such data transfer, unless otherwise stated in this Policy.

If you do not consent to the processing of your personal information in accordance with this Policy, please do not access or continue to use any of the Website, Software or Service or otherwise provide any personal information to us.

Personal Information

For the purposes of this Policy, “personal information” means any identifiable information about an individual, including but not limited to an individual’s name, home address, telephone number, email address, except any other information otherwise exempted by the applicable laws of Canada and other jurisdictions. For example, in Canada, personal information does not include any business contact information that is processed solely to communicate with that person about his or her employment or profession.

When you use our Website, Software or Service, we may collect the following personal information from you:

• Contact information such as name, email address, mailing address, and phone number;
• Unique identifiers such as your provincial or jurisdictional health identification, drivers license, insurance information;
• Medical data such as charts, letters, laboratory results, radiology results, and other examinations.

Your personal information may be collected when:

• You register for an account with us;
• You upload information to upload.tylerblack.ca;
• You connect with us through email;
• We collect data from third parties.

We only collect personal information that we need. We encourage you to not provide us with any personal information beyond what is necessary and as requested by us.

Collection from Third Parties

We do not knowingly collect your personal information from a third party unless you consent or we are otherwise exempted, required or permitted by applicable laws to do so.

If we collect your personal information from a third party, we will only process that information for the specific purpose for which it was provided to us in accordance with this Policy and the policy under which that information was collected.

Links to Other Sites

To the extent that our Website contains links to other sites, the owners of those sites are responsible for the privacy practices or content of those other sites. We do not endorse and will not be responsible for the privacy practices on third party applications.

Purpose for Which Personal Information is Processed

We may process your personal information for the following purposes (the “Purposes”):

• To verify and authenticate your identity;
• To ensure that the Website, Software or Service is optimized for your use and benefit;
• To analyze user experience and improve the Website;
• To operate, maintain and provide to you the Service, features and functionality of the Website or Software;
• To communicate with you to provide you services, contacts, materials and/or recommendations for your needs as identified by you through phone, email, or the Website;
• To carry out our obligations arising from any contracts entered into between you and us;
• To comply with internal policies and procedures and other legal, accounting, or security requirements;
• To share your personal information with our employees, contractors, consultants and other third party service providers such as application hosting providers, advertising agencies, payment processors or customer service agencies (“Third Party Processors”) who require this information to assist us with establishing, maintaining and managing our relationship with you and optimizing and providing the Website, Software or Service for your use and benefit. Please note that we may change or add Third Party Processors at any time, in our sole discretion, either in Canada or elsewhere. We encourage you to reference this Policy from time-to-time, to obtain updated information. Given the nature of cloud services, there is a possibility personal information may be stored outside Canada, anywhere in the world, and may be accessible to foreign courts, law enforcement and national security authorities in the jurisdiction(s) where it is transferred or stored.

We will only process your personal information for the Purposes for which we intend to process such information. Otherwise, we will not process your personal information without your consent.

Disclosure of Your Personal Information

We may disclose your personal information for the Purposes as described in this Policy in the following ways:

• To our employees and contractors;
• To our business partners;
• To our payment processors;
• To law enforcement, government or regulatory bodies, or other lawful authorities.

Your personal information that we collect may be processed outside of Canada but only in relation to the Purposes. As a result, your personal information may be accessible to law enforcement and regulatory authorities in accordance with other jurisdictions’ applicable laws.

Legal Basis for Processing Your Personal Information

Consent

We will process your personal information only with your knowledge and consent, except where exempted, required or permitted by applicable laws. The form of consent may vary depending on the circumstances and the type of information being requested. Your consent may be express with clear options to say “yes” or “no”, such as by being asked to check a box to indicate your consent, or implied, such as when you provide us with your address through a form or email seeking information and we use those means to respond to your request. Your consent can also be provided by your authorized representative. Taking into account the sensitivity of your personal information, purposes of collection, and your reasonable expectations, we will obtain the form of consent that is appropriate to the personal information being processed. By using our Website, Software, or Service, or otherwise by choosing to provide us with your personal information, you acknowledge and consent to the processing of your personal information in accordance with this Policy and as may be further identified when the personal information is collected. When we process your personal information for a new purpose, we will document that new purpose and ask for your consent again.

If you do not consent to the processing of your personal information in accordance with this Policy, please do not access or continue to use any of the Website, Software or Service or otherwise provide any personal information to us.

You may refuse to provide consent or may notify us at any time that you wish to withdraw or change your consent to the processing of your personal information without penalty, subject to legal or contractual restrictions and reasonable notice by (i) changing your privacy preferences through the Website or Software, (ii) deleting your account with the Website or Software and stopping use of the Website or Software, (iii) opting out of the use of your personal information by contacting our Privacy Officer (see Section 10 below). However, if you withdraw or change your consent, we may not be able to provide you with the Service through the Website or Software.

Other Legal Bases

Aside from consent, we may also process your personal information under other legal bases, as permitted by the applicable laws.

Security of Personal Information

The security of your personal information is important to us. We protect personal information using physical, technological and organizational safeguards. We regularly review our practices to ensure they align with reasonable industry practices appropriate to the level of sensitivity to safeguard personal information against loss or theft, unauthorized access, alteration or disclosure.

All medical information and highly sensitive information is secured via Google Cloud operating exclusively on the “northamerica-northeast1” server located in Montréal, Quebec. This includes any use of speech-to-text, generative AI, or file storage.

However, no method of transmission over the Internet, or method of electronic storage, is completely secure; as such, despite our safeguards and protocols, we cannot fully guarantee the security of your personal information and you should always exercise caution when disclosing personal information over the Internet.

Requests for Access to and Correction of Personal Information

Applicable privacy laws allow, to varying degrees, individuals the right to access and/or request the correction of errors or omissions in his or her personal information that is in our custody or under our control. You may request access to and review of your personal information in our possession. However, access may be declined where permitted or required by applicable law.

You may request that we change or delete your personal information in our possession. We reserve the right not to change any personal information if we do not agree that it is inaccurate or outdated, but will append any alternative text the individual concerned believes appropriate.

If access cannot be provided, we will notify the individual making the request within 30 days, in writing, of the reasons for the refusal.

CASL Policy

We are committed to compliance with Canada’s Anti-Spam Legislation (“CASL”). Any electronic communication we send to outside parties is protected by a range of business procedures, processes and policies to ensure that such communication is done in compliance with CASL. In our electronic communications with outside parties, we comply with the rules established by CASL and enforced by various Canadian authorities including the Canadian Radio-television and Telecommunications Commission. CASL regulates, and our policies generally apply to, each commercial electronic message (a “CEM”) that we send. A CEM is an electronic message sent to an electronic address that, among its purposes, encourages participation in a commercial activity.

In addition to adopting and updating this Policy, we undertake various transparency initiatives to ensure we comply with CASL, which include:

• Consent— we do not send you CEMs without your consent. This consent typically must be “express” (expressly acknowledged by you), but in certain circumstances can be “implied” or specifically exempt from consent requirements. We modified or adopted our sign-up, registration and consent forms in order to ensure that your consent is meaningful (i.e. informed and freely given) as per CASL. When we collect your electronic contact information, you will know the exact purposes behind the collection.
• Content— we adopted processes to ensure that our CEMs contain the following requirements prescribed under CASL, which will usually be in the footer of the CEM. We will:
  • Identify ourselves as the party sending the CEM, and whether we are sending the message on our own behalf or on behalf of someone else;
  • Provide you with our contact information; and
  • Set out a clear, working unsubscribe mechanism or preference centre that is easy to use, automatic, and at no cost to you (other than your own cost of connecting to the Internet).
• Clarity— we ensured that each aspect of a CEM, including its header, content, or any links or URLs in the CEM) conveys the appropriate information, whether viewed individually or taken as a whole, so that you always know what you are clicking on.

If you receive a CEM from us but believe that you should not have or no longer wish to receive CEMs, we will aim to respect your preferences in a timely manner once you update them through our unsubscribe mechanism. CASL requires us to process unsubscribe requests within 10 business days. If you have any questions or concerns about our unsubscribe options, you may contact us at the address indicated in Section 10 below.

Retention of Your Personal Information

We generally keep personal information for only as long as it is needed to accomplish the purposes for which it was collected, or as needed for authorized or legitimate purposes. More specifically, we retain personal information as long as necessary for the fulfillment of the identified purposes for its collection or as otherwise necessary to comply with applicable laws or protect our interests. When personal information is no longer necessary or relevant for the identified purposes, or is required to be retained by applicable laws, we will take steps to have it deleted, destroyed, erased, aggregated or made anonymous. We use reasonable industry practices to ensure we have adequate controls, schedules and practices for information and records retention and destruction