Personal Information includes such information as is defined in the Personal Information Protection Electronic Documents Act of Canada, and the Personal Information Protection Act of British Columbia provided that for purposes of this policy, Personal Information shall not include information about Bio Conscious employees in such employees’ capacity as employees of Bio Conscious.
It is our policy to keep any information gathered through the use of our systems and services secure. As such, user information will not be disclosed or shared with unauthorized third parties except as allowed by Canadian law and described herein.
Bio Conscious collects information that may personally identify the user. Personally identifiable information which we may collect include your name, age, phone number, email address, birth date, gender, location data, physical activity data, daily step count, active heart rate, sleep analysis data, weight, food or calorie intake, and personal health information including type of insulin injection and blood glucose readings, and other information which the user provides to us.
Personal health information is considered written and oral information which relates to an individual’s physical or mental health; family health history; information which relates to the provision of healthcare, including the identification of persons providing care; plans of service for individuals requiring long-term care; and information which identifies an individual’s appointed decision-makers such as medication, medical conditions, BMI, and medication regimen. Policy laid out by this document for personal information pertains to personal information and personal health information.
At the time of collection, we will clearly identify the information being collected. It is always your choice whether or not to provide personal information but if you choose not to provide certain requested personal information you may not be able to register or use the website, our other services, or certain features therein. We may collect personal information in respect of the website through registration processes, communications with you, information downloads, service purchases, user support, and surveys. We may collect personal information in respect of our other services, such as our apps.
If you are a minor under the age of thirteen (13) years old and you reside in the United States, you require parental consent to use our services. Your parent or legal guardian must provide evidence of such consent. Bio Conscious will deem consent received when a parent or legal guardian purchases and downloads the app to their child’s mobile device.
Your personal information will not be used for any other purposes which are not defined in this policy. You may withdraw your consent to our storage, use, or processing of your personal information at any time. Withdrawing consent may result in your inability to continue using our website or services.
We make every reasonable effort to keep your personal information accurate, complete, and up-to-date. You may verify the accuracy and completeness of your personal information in our records either by logging into your account and viewing your “bio page”, or by reaching out to us directly via the contact information contained within this policy.
We will only share your information with your expressed consent, and you may revoke sharing to these sources at any time. Some of your personal information may be disclosed to other users of our website or services such as your follower(s), or your healthcare provider(s). We may also share your information with Bio Conscious administrative or technology staff if you require assistance, or in the event you request for your information to be updated.
We use and disclose personal information for purposes consistent with the collection of such information. For example, Bio Conscious shall be allowed to collect, use and disclose personal information in a manner consistent with providing services for this website or our other applications or services. These services include providing notifications to users when blood sugar levels are low, and to provide predictive analytics to prevent future low blood sugar events, and the improvement and development of our predictive algorithms. Any and all data provided by the user may be used in the course of the development or testing of our algorithms. Our services do not constitute regulated medical services.
Access to private, sensitive and confidential information, including the user’s personal information, is restricted to authorized employees with legitimate business reasons. We require all of our employees to abide by our written privacy standards. Our employees understand the importance of keeping your information private. Our employees are required to agree to a confidentiality agreement that prohibits the disclosure of any user information to unauthorized parties.
Employees are strictly prohibited from accessing or disclosing personal information without authorization. All employees are expected to maintain the confidentiality of personal information at all times and failure to do so will result in appropriate disciplinary measures including dismissal, as per written policy.
We will never rent or sell the personal information we collect. We will never disclose personal information to third parties except as described in this policy or as otherwise permitted by law. Further, we will never disclose personal information to third parties, except as required by law or upon demonstrated lawful authority, or as set out in this policy.
Bio Conscious uses third-party service providers to host servers in Canada and the United States. These third-party service providers may have access to personal information as an incidental result of the services provided, but the access of such third parties to such information is strictly controlled in accordance with the safeguards detailed within this policy.
Information we are legally required to disclose may relate to criminal investigations or government tax reporting requirements. In some instances, such as a legal proceeding or court order, we may also be required to disclose your personal information to authorities. In these circumstances, only the information specifically requested will be disclosed and we will take precautions to satisfy ourselves that the authorities that are making the disclosure request have legitimate grounds to do so.
Your personal information may be disclosed in situations where we are legally permitted to do so, such as in the course of employing reasonable and legal methods to enforce your rights or to investigate suspicion of unlawful activities. We may release certain personal information when we believe that such release is reasonably necessary to protect the rights, property and safety of ourselves and others.
Should Bio Conscious conduct market or product research, it will never use personal information. Rather, it will fully anonymize information, meaning that it would render it unlikely to be traced back to an individual. Where applicable, we use 256-bit encryption to ensure your personal information and personal health information is secure.
Non-personal information may be collected or derived by us in the course of operating this website. For example, our web servers may automatically collect non-personal information that is provided through your browser or stored in a cookie when you choose to visit the website. This policy does not extend to such non-personal information, and rather only applies to information defined as personal information.
Bio Conscious collects usage information from users on our website and services. The purpose of this collection is to understand how users access and use the services in order to enhance and optimize our services. Usage information and data could include but is not limited to the user’s device type, device identifier, IP address, browser type, operating system, duration of use, number of messages sent or received, and the times at which the application was accessed and used. In addition, we will collect aggregate data about a group or category of services or users. This information, as well as the personal information collected, enables us to analyze trends, troubleshoot, enhance, and improve our services.
Bio Conscious maintains the right to inform our users about any change that may affect information collected or stored. We may be required to comply with a court order or governmental regulatory requirement or disclose information in connection to legal proceedings. If required to do so, we will make every effort to notify the relevant parties about the proceedings.
Bio Conscious reserves the right to use the contact information of users for the purposes of communications regarding any aspect of a user’s account or corresponding services and products. Users will have the option to participate or opt out of optional communications (e.g. marketing, press, events) while mandatory communications (e.g. security updates, product announcements/revisions) will go out to all active users.
We are not anticipating any changes in corporate status, however as we grow and develop that may change. You understand and agree that we may use your personal information and disclose your personal information to third parties in connection with the proposed or actual financing, insuring, sale, securitization, assignment or other disposal of all or part of our business or assets (including accounts) for the purposes of evaluating and/or performing the proposed transaction. These purposes may include, as examples, permitting such parties to determine whether to proceed or continue with the transaction, fulfilling any reporting or audit requirements to such parties, and/or disclosing personal information as part of concluding a sale or transfer of assets. Our successors and assigns may collect, use and disclose your personal information for substantially the same purposes as those set out in this policy. In the event the transaction does not go through, we will require, by contract, the other party or parties to the transaction not to use or disclose your personal information in any manner whatsoever for any purpose, and to return or destroy such personal information. Personal information that is collected online remains subject to applicable legislation and corporate policy.
Bio Conscious reserves the right to reject, suspend, alter, remove or delete data if it breaches our terms and conditions or it is necessary to protect us or others where we have reasonable grounds for believing that a criminal act has been committed, or if required to do so by law.
Bio Conscious processes and stores the user’s messages, logs, contact data, and other related information in order to provide our services to the user. These data used in the provision of services will be stored indefinitely in a secure and private manner or deleted as per direction from the user as allowable by operational needs and relevant law. Trend data collected or generated by our services or apps will be stored indefinitely to ensure accuracy of models in which that data is used. Personal information which we collect in the course of providing services in our apps, but which is not permanent or trend data, will be retained for two (2) years, and then deleted. De-identified information will be retained in perpetuity and is not considered personal information. Bio Conscious maintains security/privacy policies and procedures to ensure every step is taken to maintain the integrity of the data in our care.
Unless the user chooses to close their account, or otherwise requests for Bio Conscious to delete their data, the Bio Conscious service which they use may continue to collect data in order to continue providing services. If the user has not closed their account or requested their data deleted, the user must disconnect their devices from the Bio Conscious service in order to halt all data collection. Uninstalling the service from the user’s device may not disconnect the service from the user’s device, depending on which device, and Bio Conscious may not always be able to see whether or not a user has uninstalled a service. As such, uninstalling a service does not necessarily stop the collection of data.
Any user of a Bio Conscious service may request to download any data which Bio Conscious has relating to that user’s account. Bio Conscious provides methods to download data within its services, and users may also directly request their data by contacting Bio Conscious.
Bio Conscious takes reasonable steps to protect information collected from users to prevent loss, misuse and unauthorized access, disclosure, alteration and/or destruction.
Bio Conscious has appointed a designated privacy contact who acts as Chief Privacy Officer (CPO) responsible for information system monitoring and information security policy and procedure management. The CPO is responsible for compliance with Bio Conscious’ privacy program including:
Undertaking privacy impact assessments and threat and risk assessments on a regular basis;
Adopting policies and procedures on the basis of privacy impact assessments and threat and risk assessments to mitigate all identified risks, updated as necessary.
Safeguard measures to ensure authorized access include the use of a username and a password for authentication. Every user must keep their password and username safe and make sure that any person who has access to view such private information is permitted to do so. Users must contact Bio Conscious immediately if they believe their account has been misused or compromised.
Personal Health Information’s collection and use is regulated by law. All personal health information collected by Bio Conscious is stored in the region required by the local laws of the jurisdiction in which the user resides. In Canada or the United States, user data is stored in U.S. Health Insurance Portability and Accountability Act (“HIPAA”) compliant cloud-based AWS servers. In Europe, data is stored in compliant European compliant cloud-based AWS servers.
Your account is secured by your user credentials, and while Bio Conscious takes reasonable steps to protect your information, it is your responsibility to protect your user credentials. Never share your password with anyone, even staff members from Bio Conscious. Your email address is also an important safeguard required to protect your credentials. Accounts without passwords are secured by their email address, or their third party accounts. If you are not confident in your ability to keep secure the access to your email or other third party account, do not use this account when securing your Bio Conscious services.
Some users of services provided by Bio Conscious may have access to other user’s data through follow features. This data access is provided by the user who owns the data, and it is the responsibility of both the user who either shares their data, and the user who has data shared with them, to take all possible steps to ensure their account is secure at all times.
Subscribers may contact our CPO to make inquiries on our privacy practices or to the accuracy of their personally identifiable information, and to request the updating, correction or deletion of such information or their account should they wish to do so. Any queries, comments or concerns can be sent to us by email or mail at the following address:
Bio Conscious Technologies Inc.
Attn Privacy Office
555 W Hasting St
Vancouver, BC, Canada