As a mission driven social enterprise, we put the patient and caregivers at the center of everything we do, including privacy and how we use your data. While our privacy policy details everything, we recognize that most people won't read it. So in summary, we only use your data for things that we think will benefit you.
For example, to support better matching with peers, to allow push notification of relevant clinical trials, or to be used in de-identified, aggregate data analysis for clinical, policy and other research purposes.
We will never disclose your personally identifiable information without your consent (this would normally only be done if you use Zamplo as part of a research project). We will also not sell your data for marketing purposes.
All of the data on Zamplo is stored with Amazon Web Services in Montreal, Quebec, Canada.
As discussed above, as part of our mission we make data available for research to support new treatments, policy development, patient and caregiver education, etc.. To make our mission sustainable, we sell de-identified, aggregate health information. We also allow researchers to use our platform for research projects on a fee for service basis. For such research projects, where applicable, ethics approval must be obtained, and each user must provide their informed consent to be part of the project.
Privacy Policy
1. What is this Privacy Policy for?
We are Zamplo Inc. (“Zamplo”, “we”, “us”, “our”), a Canadian registered company. This privacy policy is for the personal information collected through the Zamplo website zamplo.org (“Website”), the Zamplo app (“App”) or other Zamplo accounts, and the services offered through them (“Services”) This privacy policy sets out how Zamplo uses the personal information of Users who choose to access and use the Website, App or other accounts and Services (“Users”). “Personal Information” or “personal data” includes any personal information that identifies or could identify, or is associated with information that identifies or could identify, an individual. It does not include data which cannot be related to an identifiable person (anonymous data).
2. Choice
It is always a User’s choice whether or not to provide Personal Information. However, if a User chooses not to provide requested Personal Information, that User will not be able to use certain features of the Services. We set out in detail below the information that we collect about Users and Users’ use of our Services. Zamplo does not collect on its own behalf things like protected health information, financial information, social security or other government-issued identification numbers, and other sensitive personal information.
3. The Information We Collect About Users
We may collect, use, store and transfer different kinds of personal data about Users which we have grouped together as follows:
- Identity Data includes first name, last name, or similar identifier.
- Contact Data includes email address and telephone numbers.
- Health Data includes information relating to the care, diagnosis, and treatment of your health.
- Profile Data includes Users’ profile data saved through the Services.
- Location data includes data about your geographic location while you use the App or Services.
- Technical Data includes internet protocol (IP) address, browser type and version, operating system and platform, device identifiers and pseudonymous unique identifiers.
- Usage Data includes data about how Users use our Services, such as browsing actions within the App and Services, the button and controls Users click on, pages of our Website that Users visit, the time spent on those pages, User’s search queries, the dates and times of User’s visits, and workplace usage.
We also collect, use and share Non-personalized data called “Service Data”, such as statistical or demographic data for any purpose. Service Data may be derived from User’s Personal Information but is not considered personal information in law as this information does not directly or indirectly reveal User’s identity. For example, we may aggregate User’s Usage Data to calculate the percentage of Users accessing a specific Website feature.
Other than health information (which may include ethnicity), we do not collect any Special Categories of Personal Data about Users (this includes details about User’s religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about User’s health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
4. How Is User’s Personal Information Collected
We use different methods to collect data from and about Users including through:
- Direct interactions. Users may give us User’s Identity, Contact, Health and Profile Data by registering for or using the Services and completing fields within the Services.
- Automated technologies or interactions. As Users interact with our Services, we may automatically collect Technical and Usage Data about User’s equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
- Third parties or publicly available sources. We may receive Personal Information about Users from various third parties and public sources as set out below.
- Technical Data from the third parties such as the following:
a) analytics providers such as Google Analytics;
b) search information providers such as Google.
5. Purposes for Which We Will Use User’s Personal Information
We have set out below, in a table format, a description of all the ways we plan to use Users’ Personal Information.
Purpose/Activity | Type of Data |
To deliver the Services to Users (including by recognizing Users across the devices they use, and providing, maintaining, tailoring and improving Website and Services) |
a) Identity b) Contact c) Health d) Profile e) Usage f) Technical g) Location |
To register Users accounts on the Services |
a) Identity b) Contact |
To manage our relationship with Users which will include notifying Users about changes to our Terms of Use or Privacy Policy |
a) Identity b) Contact |
To administer and protect our business and Services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
a) Identity b) Contact c) Technical d) Location |
To use data analytics to improve our Services, customer relationships and experiences and to personalize our Services |
a) Technical b) Usage |
To make suggestions and recommendations to Users about Services that may be of interest to Users and to provide Users with information, products or services they request |
a) Identity b) Contact c) Technical d) Usage e) Profile |
To improve our Services including: a) tracking email open rates and web page visits b) To inform Zamplo as to what content is effective c) To provide follower updates d) To personalize Zamplo Services |
a) Identity b) Contact c) Health d) Profile e) Usage f) Technical g) Location |
6. Disclosures
We may disclose Personal Information that we collect, or Users provide as described in this Privacy Policy:
- To third parties where you ask us to do so through the Services, or by allowing such third parties to access your account.
- To our subsidiaries and affiliates where they are providing Services.
- To contractors, service providers, and other third parties we use to support our business solely for the purpose of them providing services to us.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Zamplo assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Zamplo about our Website, App, and/or Users are among the assets transferred.
- To fulfill the purpose for which Users provide it.
- For any other purpose expressly disclosed by us when Users provide the information.
- With User’s express consent to other uses not indicated in this Privacy Policy.
We may also disclose User’s Personal Information:
- To comply with any court order, law or legal process, including to respond to any government or regulatory request.
- To enforce or apply our Terms of Service and other agreements, including for billing and collection purposes.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Zamplo, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
7. Access
Upon request, Zamplo will provide Users with information about whether we hold any of User’s Personal Information. Zamplo enables Users with the ability to access and correct Personal Information we have collected. If Users have any concerns or suspect unauthorized activities associated with User’s account, please contact us at privacy@zamplo.org . We will respond to User’s request within a reasonable timeframe, and in any event within 30 days of receipt of request.
Zamplo acknowledges that Users have the right to access, update, revoke permission to process, or request the deletion of User’s Personal Information. Any such query can be directed to Zamplo’s Chief Privacy Officer at privacy@zamplo.org or at the address set out below. If requested to remove data under either scenario, we will respond within a reasonable timeframe.
8. Security and Enforcement
The security of User’s Personal Information is important to us. We use security safeguards appropriate to the sensitivity of the information to ensure that User’s Personal Information is stored and maintained in a secure environment. Zamplo exercises managerial and technical safeguards designed to protect against the loss or unauthorized use or disclosure of Personal Information belonging to our Users. These safeguards include encryption, malware protection, logical and physical access controls, and detection of social engineering attacks.
Zamplo monitors and reviews security safeguards and takes corrective action whenever we discover deviations from our Privacy Policy.
Data type |
Retention period | Reason |
Identity, Health, Contact and Profile data | Subscription term | To provide the Services to you during the subscription term |
10. Managing the Online Collection of Additional Data
As Users navigate through and interact with our Website, App and Services, we may use automatic data collection technologies to collect certain information about User’s equipment, browsing actions and patterns, location, and workplace usage patterns, including:
- Details of User’s visits to our Website, App or Services, and other communication data and the resources that Users access and use on the Website, App or Services.
- Information about User’s computer and Internet connection, including User’s IP address, operating system, and browser type.
- We also may use these technologies to collect information about User’s online activities over time and across third-party websites or other online services (behavioral tracking).
- When Users access and use the Website, App or Services, we may automatically collect certain details of User’s access to and use of the Website, App or Services, including traffic data, location data, and other communication data and the resources that Users access and use on or through the Website, App or Services.
- We may collect information about User’s mobile device and Internet connection, including the device’s unique device identifier, IP address, operating system, browser type, mobile network information and the device’s telephone number.
- Our Website and App collects real-time information about the location of User’s device.
We and our third-party service providers may collect information about Users in a variety of ways. We and/or our third-party partners may employ various tracking technologies, such as cookies, web beacons and analytics software, that help us better manage content on our Services by informing us what content is effective.
11. Use of Cookies
The Website uses cookies to better the User’s experience while visiting the Website. Where applicable the Website uses a cookie control system allowing the User on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from Users before leaving behind or reading files such as cookies on a User's computer / device.
Cookies are small files saved to the User's computer’s hard drive that track, save and store information about the User's interactions and usage of the Website. This allows the Website, through its server, to provide the Users with a tailored experience within the Website.
Users are advised that if they wish to deny the use and saving of cookies from the Website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from the Website and its external serving vendors.
The Website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to Users computer’s hard drive in order to track and monitor engagement and usage of the Website, but will not store, save or collect Personal Information.
Other cookies may be stored to your computer’s hard drive by external vendors when the Website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No Personal Information is stored, saved or collected.
12. Payment Processing
When you use the Services, we may ask you to pay for the use of the Services. Your payment is processed by Stripe. You can find out more about how they secure your sensitive information here: https://stripe.com/ca/payments.
Zamplo does not store or have access to your financial information such as credit card numbers or bank numbers.
Zamplo may also use PayPal, Apple Pay or Android Pay if available. You can find out more about how they secure your sensitive information from these providers directly.
Links
The Zamplo App may contain third party links, including sponsored links and adverts.
We may link to third party websites from within the App such as Twitter, Facebook or Google Maps.
We take no responsibility for any external links or the websites or content to which they may direct Users. Users should click on external links at their own risk. We cannot be held liable for any damages or implications caused by visiting any external links mentioned.
13. Transfers and Disclosures of Data
Zamplo headquarters in Canada is our primary location for business operations but may process or transfer data in or to other jurisdictions in the course of providing the Services.
For example, regarding normal business operations, Zamplo may engage a third-party to support our data storage, data processing, billing, support services, information technology, or mailings on our behalf, which third party’s facilities may be located in another jurisdiction.
We may also disclose User’s Personal Information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect User’s safety, or the safety of others, investigate fraud, or respond to a government request.
14. Additional Privacy Protections for Minors
We join the industry in recognizing that children, including young teens, may not be able to make informed choices about Personal Information requested online. Zamplo does not solicit or knowingly collect Personal Information of those under the age of sixteen unless it has obtained the consent of their parents or legal guardians.
15. Changes to this Privacy Policy
Zamplo may make changes to this Privacy Policy from time to time for any reason. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make any material changes or changes in the way we use information, we will notify customers via e-mail or by posting an announcement on the Website and App prior to the change becoming effective. Website and App Users are bound by any changes to the Privacy Policy after such changes have been posted.
In the event that Zamplo is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any Personal Information and give affected Users notice before Personal Information is transferred or becomes subject to a different privacy policy. Users will be notified via email and/or a prominent notice on our Website or App of any change in ownership or uses of User’s information, as well as any choices Users may have regarding User’s information.