Last updated: May 13, 2021
Reformulary Group Inc. (“Reformulary Group”, “we”, “us” or ”our“) is committed to protecting the privacy and confidentiality of any personal information, including personal health information, which you (“you” or “User”) may provide, or that we may obtain from you, through your use of the Reformulary DrugFinder® service, available through a website browser, a mobile device browser, a downloadable application, or other technology used to access any features, functionality, content or information (collectively referred to as the “Site”), and the services provided by or through the Site (“DrugFinder” or the “Services”).
- what personal information we collect and why we collect it;
- how we use your personal information;
- who we share your personal information with; and
- to provide contact information should you have questions or concerns about our practices.
OVERVIEW OF OUR PRIVACY PRACTICES
(a) collects personal information, including personal health information, when you access the Site and use our Services, contact us with inquiries, communicate with us or otherwise provide your personal information to us;
(d) except as set out in items (b) and (c) above, does not disclose your personal information to third parties without your consent unless authorized by you or required by law, as part of the sale of a business or as disclosed to you prior to or at the time the information is collected;
(e) retains your personal information in compliance with our legal obligations and only as long as necessary for the purposes for which it was collected;
(f) allows you to withdraw your consent to the collection, storage, use, disclosure and retention of your personal information at any time, subject to legal and contractual restrictions and reasonable notice;
(g) mitigates the risk and impact of potential harms involved in the disclosure of personal information through the adoption of reasonable physical, technical and organizational procedures appropriate to the sensitivity of the data in an effort to safeguard the personal information you provide to us;
(h) may collect, use, transfer and disclose non-identifiable information such as summary or aggregated de-identified personal information for research, marketing and analytics purpose; and
Even with the physical, technical and organizational measures adopted by Reformulary Group to safeguard your personal information, there is a residual risk of the loss of, unauthorized access to, or unauthorized disclosure of your information which could result in financial or other harm to you.
Further information with respect to our privacy practices is set out below.
1. WHAT INFORMATION DO WE COLLECT?
The types of information we collect include:
a) Personally identifiable information
Personally identifiable information (or personal information) is any information recorded in any form that identifies or can identify an individual.
When you visit the Site you are not required to provide personal information to browse its content, unless you voluntarily choose to identify yourself and provide us with your personal information.
As a plan member of our client (i.e. health benefit plan provider subscribed to our services), you have the option to create a personal User account by completing the registration process on the Site to access additional features and get specific information about your drug coverage. In order to register for a User account, you will be asked to provide your full name, e-mail address and create a personal password. Once you register for a personal User account, you may access and use certain Site features that have active information collection points.
For instance, through our ‘Medicine Cabinet’ feature you can provide information about the prescription drugs that you take and/or are prescribed, including drugs dispensed, their dosage, frequency and your pharmacy information in order to keep track of your medicine and prescription information. When you decide to use the ‘Save My Search’ feature, we collect information about the drugs that you decided to save for future visits to the Site.
b) Non-personally identifiable information
Non-personally identifiable information is information that cannot be used on its own to identify or trace an individual.
We use various technologies to passively collect information from you while you are visiting the Site. Such technologies allow the Site to collect a range of non-personally identifiable information, including your Internet Protocol (IP) address (a unique identifier automatically assigned to your computer when logging onto the Internet), the type of web browser and operating system you use, the date and time you visit the Site, the specific pages you visit on the Site, and the address of the website from which you linked directly to the Site.
One example of a technology used by websites are “cookies”. Cookies are small text files that store information about your interactions with a particular website, either temporarily (known as a "temporary" or "session" cookie and deleted once you close your browser window) or more permanently on the hard drive of your computer (known as a "permanent" or "persistent” cookie). Cookies can make it easier to use a website by allowing servers to access certain information quickly. "Session" cookies can be used to help a user's browser navigate a website more smoothly and may show up if the user comes from a website with which the subsequent website has some relationship (e.g. a website of an affiliated company) and can give helpful information. "Persistent" cookies can be used to customize a website for a user, such as by storing passwords, preferences, registration and account information so that users do not have to re-enter them each time they visit a website.
The Site uses both session/temporary cookies and persistent/permanent cookies to store information that allows us to offer you better service and navigate the Site with ease. To make the Site easier to use, we may combine information collected via cookies with personally identifiable information. You may choose to decline cookies if your web browser permits but doing so may affect your use of the Site and your ability to access certain features of the Site.
This website uses Google Tag Manager. Google Tag Manager (“GTM”) is a solution operated by Google LLC. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) that allows marketed website tags to be managed using an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not register personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager."
2. WHAT DO WE USE THE COLLECTED INFORMATION FOR?
Reformulary Group collects and uses information, including personal information, that you provide or that we collect in the course of your use of our Services through the Site, when you contact us with inquiries or communicate with us, for the following purposes:
- To provide the Services to you and other Users;
- To communicate with you in connection with providing the Services to you, including sending notifications to you about prescription drugs and other relevant medical information;
- To respond to any inquiries or correspondence you may send to us;
- To register you for a User account on the Site and to authenticate Users for security purposes;
- To administer and monitor the Site and User accounts, including managing e-mails and other communications that we send or receive;
- To understand your needs and our clients’ specific business needs in connection with the provision of our services;
- To provide customer service and support to you;
- To understand, research and improve the Services we offer, including compiling aggregated non-personally identifiable information for research, marketing and analytics purposes;
- To track your activity on the Site;
- To evaluate and improve the Site’s performance and functionality;
- To detect, prevent or mitigate security or technical issues relating to the Site and our Services;
- To protect you, our clients, our service providers and us against fraud;
- To respond to your requests to access and amend your personal information;
- To cross reference with the personal information you previously provided to us to ensure its accuracy;
- If you opted in to allow us to do so, to communicate with you about Reformulary Group, our services and products;
- As permitted by, and to comply with, applicable laws and regulations; and
- Other purposes permitted by law.
3. WHERE IS YOUR PERSONAL INFORMATION STORED?
4. DO WE DISCLOSE YOUR PERSONAL INFORMATION TO THIRD PARTIES?
Reformulary Group may disclose or share personal information with its authorized employees, agents, affiliates, partners, contractors, service providers and legal representatives (collectively, “Authorized Parties”
We take reasonable precautions to keep your personal information secure and require our Authorized Parties that handle or process your personal information for us to do the same. Access to your personal information is restricted to prevent unauthorized access, modification or misuse and is only permitted among our Authorized Parties on a need-to-know basis.
Reformulary Group may disclose your personal information to a government institution or agency that has asserted its lawful authority to obtain the information or where Reformulary Group has reasonable grounds to believe the information could be useful in the investigation of an unlawful activity, or to comply with a subpoena or warrant or an order made by a court, person or body with jurisdiction to compel the production of information, or to comply with court rules regarding the production of records and information, or to protect the Reformulary Group’s rights and property. Where it is justified or permitted to disclose your personal information to third parties, the use and disclosure of such information will be limited so that only that information which is required is used or disclosed.
5. HOW LONG DO WE RETAIN YOUR PERSONAL INFORMATION FOR?
We will keep and retain your personal information in compliance with our legal obligations, and only as long as necessary for the purposes for which it was collected. Personal information that is no longer required will be destroyed, erased or made anonymous according to our guidelines and procedures.
Where you have provided your consent to use your personal information to communicate with you about our services, products or other marketing communications, we will keep this information until you notify us or otherwise withdraw your consent.
6. HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
We have adopted reasonable physical, technical and organizational procedures appropriate to the sensitivity of the data to protect the personal information you provide to us from loss, theft, unauthorized disclosure, copying, unauthorized use or modification, and while the personal information is handled by our Authorized Parties. This includes, among other things, limiting access of our employees to, and the use of, your personal information on a need-to-know basis through the use of passwords and graduated levels of clearance. We take physical precautions to ensure that the computer servers on which your personal information is stored and archived are secure and in a controlled environment with limited access. We also educate our employees with respect to their obligations to protect your personal information.
Notwithstanding these measures, no collection, storage or transmission of information over the Internet on websites or otherwise can be guaranteed to be 100% secure, and therefore we cannot ensure, warrant or guarantee that there will be no unauthorized access, hacking, data loss or breaches of our security safeguards. Accordingly, you should not transmit personal information to us over the Internet if you consider that information to be sensitive.
If you suspect that the personal information you provided to us has been improperly accessed or used, please contact our Privacy Officer by e-mail at PrivacyOfficer@reformulary.com
7. THIRD-PARTY LINKS
The Site providing access to our Services, e-mails or other messages or information we may send or make available to you may contain hypertext links to the sites of third parties. We are not responsible for the privacy practices or the content of such third-party sites. Linked sites are maintained by third parties. Such links are provided for your convenience and reference only. Reformulary Group does not operate or control, in any respect, any information, software, products or services available on such third-party sites. The inclusion of a link to a third-party site does not imply any endorsement of the services or the site, its contents, or its sponsoring organization.
8. WITHDRAWING CONSENT TO THE USE OF YOUR PERSONAL INFORMATION
You may withdraw your consent to the collection, use, storage and disclosure of your personal information at any time, subject to legal and contractual restrictions and reasonable notice. To do this, please contact our Privacy Officer by e-mail at PrivacyOfficer@reformulary.com
. Please note that withdrawal of your consent to the collection, use, storage and disclosure of personal information may result in you being unable to continue using our Services, access the Site or certain features of it.
You also have the option to withdraw your consent to be contacted about our services, products or marketing communications in messages that we send to you. Please follow the unsubscribe link available in every message we send to you to be removed from our contact list.
9. HOW TO ACCESS AND AMEND YOUR PERSONAL INFORMATION?
Subject to certain exceptions prescribed by law, you will be given reasonable access to your personal information held by us and you may request that your personal information be corrected or updated. Under certain circumstances, it is possible that we may not be able to provide you with all of the information you have requested. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation privilege. Fees may be applied to any copy of the requested personal information. We will provide the reasons for denying access upon request.
To access or amend your personal information, please e-mail or otherwise contact our Privacy Officer as set out below and we will assist you. You may be required to put your request in writing to confirm your request and identity. If you believe we have not dealt with your request to your satisfaction, you can submit a complaint to us to resolve your privacy-related issue.
10. COMPLAINT RESOLUTION PROCEDURE
You may also mail or deliver to us any documentation containing your personal information at 55 York Street, Suite 1400, Toronto, ON M5J 1R7.
Please let us know your questions or concerns and we will do our best to help you.
13. CONTACT US
You may contact our Privacy Officer by email at PrivacyOfficer@reformulary.com
or by mail at 55 York Street, Suite 1400, Toronto, ON M5J 1R7.