Privacy Policy

Last updated: April 26, 2024

1. CUSTOMER PRIVACY STATEMENT

Noterro Inc. (“Noterro”) knows that you care about how Personal Information (as defined in section 3(2)) is used and shared. This notice describes how we treat that information. We are committed to the important goal of protecting privacy and personally identifiable information. This privacy notice is applicable to any and all services provided on noterro.com including our Noterro software as a service (the “SaaS”) and any other domain name that may be operated and/or owned by Noterro (the “Websites”). By visiting and using the SaaS, you agree to the terms of this Privacy Statement.

2. OUR COMMITMENT TO PRIVACY

Noterro is committed to controlling the storage, use and disclosure of the Personal Information (as defined in section 3(2)) provided by its customers.

3. WHAT IS PERSONAL INFORMATION AND PERSONAL HEALTH INFORMATION?

3.1 “Personal Information” is personally identifiable information such as a name, residential address, phone number, financial records, health records, e-mail address, credit card particulars, mailing and billing information, and includes information about product and service inquiries, usage of the SaaS, Personal Health Information (as defined in the next sentence), and other information provided to us.  “Personal Health Information” generally means the health information about an individual and the definition is set out in detail in Schedule “A” to this Privacy Policy. 

3.2 Personal Information is stored by Noterro only when you specifically and knowingly choose to provide it to us such as when you input or upload information through the SaaS. When users of our SaaS provide Personal Information through our SaaS they are confirming that they have the consent of the person to whom the Personal Information belongs and rights to use it with the SaaS.

3.3 Any information that is publicly available or displayed, which may include a public directory listing of a name, address, telephone number and electronic address, is not considered Personal Information.

4. STORAGE AND USE OF PERSONAL INFORMATION

4.1 Information you give to us

Noterro stores and uses Personal Information only when you provide such information to us and when you submit information directly to us by filling in forms on our Websites or by corresponding with us by phone, email, or other means.  Noterro stores and uses Personal Information solely for the purpose of permitting you to use our SaaS in accordance with our SaaS agreement.  By requesting that we store, or by providing to us, Personal Information via the SaaS, you are consenting to our storage and use of such Personal Information in accordance with the SaaS agreement.  Personal Information will not be used for any other purpose without your consent. 

4.2 If you choose not to provide Personal Information, we may not be able to provide the SaaS Services to you or respond to your other requests.

4.3 Information we receive from other sources.

We may receive Personal Information about you from individuals or corporate entities which are subscribers to our SaaS Services, where you may be designated as a user or Registered Patient of the SaaS Services.  We also automatically collect Personal Information about you indirectly about how you access and use the SaaS Services and information about the device you use to access the SaaS Services.

4.4 We may also receive non-personally identifiable information (e.g. functions and features of the SaaS that have been used, etc.) from your interaction with our SaaS.

4.5 Our SaaS does not limit the amount and type of information you may submit to it. 

4.6 Noterro will not sell, lease or trade Personal Information to other third parties.

4.7 Anonymous or information that is not Personal Information gathered by Noterro through our SaaS may be used for technical, research and analytical purposes.  We may anonymize and aggregate any of the Personal Information we collect so that it does not identify you.  We may use anonymized information for purposes that include testing out IT systems, research, data analysis, improving the SaaS Services ana developing new products and features.  We may also share such anonymized information with others.  

4.8 Noterro will only ask for information about you that we need and will only ask for it when we need it. When we ask you for the information, we will explain to you why we need it and what we are going to do with it.  The persons in Noterro who can access your information are limited to [ntd: insert who can access information and when]

4.9 Noterro reserves the right to store and process your Personal Information in Canada and in any other country where Noterro or its affiliates, subsidiaries, or service providers operate facilities in accordance with and as permitted by applicable laws and regulations.  Some of these countries may have data protection laws that are different from the laws of your country and in some cases may not be as protective.  When we transfer, store, or process Personal Information outside of your jurisdiction, we take appropriate safeguard to require that your Personal Information remains protected in accordance with this Privacy Policy and applicable law.  At your request we will share the names and details of the organizations who are storing or transmitting information at the request of Noterro. 

5. DISCLOSURE

Noterro shall not disclose Personal Information except: (i) as may be required to provide the SaaS; (ii) as you may direct; (iii) via the SaaS as a result of your actions; and (iv) as the law may require.

6. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL INFORMATION

6.1 You have the following rights to your Personal Information that we hold in accordance with the law:

1.1.1 Right to be Informed. You have the right to know what Personal Information is collected about you, for how long, how you can file a complaint, and what if any data sharing is taking place.

1.1.2 Right of Access. You have a right to know whether we process your Personal Information.

1.1.3 Right of Rectification. You have right to ask us to update any inaccurate or incomplete data we have on you.

1.1.4 Right to be Forgotten. You have the right to the deletion of your personal information in certain circumstances in a reasonable period of time, for example, where you withdraw your consent to the storing of your personal information.

1.1.5 Right to Object. You have the right to object to the processing of your Personal Information in certain situations and to object to the processing of your Personal Information for direct marketing purposes in certain circumstances.

1.1.6 Right to Data Portability. You have the right to obtain your Personal Information you have previously provided in a structured, commonly used, and machine-readable format. 

1.1.7 Right to Restrict Processing. You have the right to limit how your Personal Information is used.

6.2 If you wish to exercise any of these rights, you may do so by emailing privacy@noterro.com. Upon request, we will provide you with information about whether we hold any of your Personal Information. We shall request that you verify your identity prior to transferring Personal Information. You may also access, correct or request deletion of your personal information by logging into your Noterro account. We intend to respond to your request within 30 days.

7. USE OF COOKIES

7.1 Noterro uses a browser feature called a cookie to collect information anonymously and track user patterns on our Websites. A cookie is a small text file that is placed on your hard disk by a website. “Cookies” contain a unique identification number that identifies your browser, but not you, to our computers each time you visit our Website. Cookies tell us which pages of our Website are visited and by how many people.

7.2 The use of cookies is an industry standard and many major browsers are initially set up to accept them. You can reset your browser to either refuse to accept all cookies or to notify you when you have received a cookie. However, if you refuse to accept cookies, you may not be able to use some of the features available on our Website.

8. ACCURACY

Noterro will try to ensure that any information is accurate, complete and up-to-date. However, please inform Noterro of any change in the information. In the event you have questions about the accuracy of factual information we store, you will have access to that information in order to verify and update it. If we have disclosed inaccurate information about you to a third party, we will be pleased to contact the third party in order to correct the information.

9. SECURITY

Noterro is committed to protecting privacy. Security measures, such as locked filing cabinets, restricted access or the use of passwords and encryption have been adopted to protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Our employees have been trained to respect privacy at all times and those employees with access to the Personal Information shall use the Personal Information strictly in accordance with this Privacy Policy.

10. QUESTIONS OR CONCERNS

10.1 If you have any questions or concerns about the Personal Information about you held by Noterro or about the compliance by Noterro with our Privacy Policy, please contact our Privacy Officer at: privacy@noterro.com.10.2 Noterro has procedures in place to receive and respond to complaints or inquiries about its handling of Personal Information. They will describe the complaint procedures to anyone who makes inquiries or lodges complaints.

10.3 If you are not satisfied with the response from us after making a complaint, you may have recourse to additional remedies under applicable privacy legislation. For further information, please contact the federal Privacy Commissioner or your provincial Privacy Commissioner, as applicable.

11. WHEN IS THIS PRIVACY POLICY IN FORCE? WILL THE PRIVACY POLICY EVER CHANGE?

11.1 The foregoing policies are effective as of the “Last Update” date stated above. Changes to this policy are effective when they are posted on this page.  Noterro reserves the right to change this policy at any time with reasonable notice to users posted on the Website of the existence of a new Privacy Statement. This statement and the policies outlined here are not intended to and do not create any contractual or other legal rights in or on behalf of any party.

END

SCHEDULE “A”

DEFINITION OF “PERSONAL HEALTH INFORMATION”

“Personal health information” has the meaning ascribed to it under the Personal Health Information Protection Act, 2004, S.O. 2004, ch. 3 (“PHIPA”), as such statute may be amended from time to time.

For ease of reference the following is section 4 of PHIPA.

4 (1) In this Act,

“personal health information”, subject to subsections (3) and (4), means identifying information about an individual in oral or recorded form, if the information,

(a) relates to the physical or mental health of the individual, including information that consists of the health history of the individual’s family,

(b) relates to the providing of health care to the individual, including the identification of a person as a provider of health care to the individual,

(c) is a plan of service within the meaning of the Home Care and Community Services Act, 1994 for the individual,

(d) relates to payments or eligibility for health care, or eligibility for coverage for health care, in respect of the individual,

(e) relates to the donation by the individual of any body part or bodily substance of the individual or is derived from the testing or examination of any such body part or bodily substance,

(f) is the individual’s health number, or

(g) identifies an individual’s substitute decision-maker.  

Identifying information

(2) In this section,

“Identifying information” means information that identifies an individual or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual.  2004, c. 3, Sched. A, s. 4 (2).

Mixed Records

(3) Personal health information includes identifying information that is not personal health information described in subsection (1) but that is contained in a record that contains personal health information described in that subsection.  2009, c. 33, Sched. 18, s. 25 (3).

Exception

(4) Personal health information does not include identifying information contained in a record that is in the custody or under the control of a health information custodian if,

(a) the identifying information contained in the record relates primarily to one or more employees or other agents of the custodian; and

(b) the record is maintained primarily for a purpose other than the provision of health care or assistance in providing health care to the employees or other agents.  

Privacy Policy

At Noterro, we know you care about how your personal information is used and shared. This notice describes how we treat that information. We are committed to the important goal of protecting privacy and personally identifiable information. This privacy notice is applicable to any and all services provided on noterro.com including our Noterro software as a service (the "SaaS") and any other domain name that may be operated and/or owned by Noterro ("Noterro"). By visiting and using the SaaS, you agree to the terms of this Privacy Statement.

1. CUSTOMER PRIVACY STATEMENT

Noterro Inc. (“Noterro”) knows that you care about how Personal Information (as defined in section 3(2)) is used and shared. This notice describes how we treat that information. We are committed to the important goal of protecting privacy and personally identifiable information. This privacy notice is applicable to any and all services provided on noterro.com including our Noterro software as a service (the “SaaS”) and any other domain name that may be operated and/or owned by Noterro. By visiting and using the SaaS, you agree to the terms of this Privacy Statement.

2. OUR COMMITMENT TO PRIVACY

(1) Noterro is committed to controlling the storage, use and disclosure of the Personal Information (as defined in section 3(2)) provided by its customers.

3. WHAT IS PERSONAL INFORMATION AND PERSONAL HEALTH INFORMATION?

(1) “Personal Information” is personally identifiable information such as a name, residential address, e-mail address, credit card particulars, mailing and billing information, and includes information about product and service inquiries, usage of the SaaS, Personal Health Information, and other information provided to us. “Personal Health Information” generally means the health information about an individual and the definition is set out in detail in Schedule “A” to this Privacy Policy.

(2) Personal Information is stored by Noterro only when you specifically and knowingly choose to provide it to us such as when you input or upload information through the SaaS. When users of our SaaS provide Personal Information through our SaaS they are confirming that they have the consent of the person to whom the Personal Information belongs and refers to use it with the SaaS.

(3) Publicly available information, such as a public directory listing of a name, address, telephone number and electronic address, is not considered Personal Information.

4. STORAGE AND USE OF PERSONAL INFORMATION

(1) Noterro stores and uses Personal Information only when you provide such information to us and when you transmit such information into and by way of the SaaS. Noterro stores and uses Personal Information solely for the purpose of permitting you to use our SaaS in accordance with our SaaS agreement. By requesting that we store, or by providing to us, Personal Information via the SaaS, you are consenting to our storage and use of such Personal Information in accordance with the SaaS agreement. Personal Information will not be used for any other purpose without your consent.

(2) We may also receive non-personally identifiable information (e.g. functions and features of the SaaS that have been used, etc.) from your interaction with our SaaS.

(3) Our SaaS does not limit the amount and type of information you may submit to it.

(4) Noterro will not sell, lease or trade Personal Information to other third parties.

(5) Anonymous or information that is not Personal Information gathered by Noterro through our SaaS may be used for technical, research and analytical purposes.

(6) Noterro will only ask for information about you that we need and will only ask for it when we need it. When we ask you for the information, we will explain to you why we need it and what we are going to do with it.

(7) Personal Information is stored on servers and computers located inside of Canada, which are managed by companies that meet the security requirements for Noterro and its customers.

5. DISCLOSURE

Noterro shall not disclose Personal Information except: (i) as may be required to provide the SaaS; (ii) as you may direct; (iii) via the SaaS as a result of your actions; and (iv) as the law may require.

6. USE OF COOKIES

(1) Noterro uses a browser feature called a cookie to collect information anonymously and track user patterns on our Websites. A cookie is a small text file that is placed on your hard disk by a website. “Cookies” contain a unique identification number that identifies your browser, but not you, to our computers each time you visit our Website. Cookies tell us which pages of our Website are visited and by how many people.

(2) The use of cookies is an industry standard and many major browsers are initially set up to accept them. You can reset your browser to either refuse to accept all cookies or to notify you when you have received a cookie. However, if you refuse to accept cookies, you may not be able to use some of the features available on our Website.

7. ACCURACY

Noterro will try to ensure that any information is accurate, complete and up-to-date. However, please inform Noterro of any change in the information. In the event you have questions about the accuracy of factual information we store, you will have access to that information in order to verify and update it. If we have disclosed inaccurate information about you to a third party, we will be pleased to contact the third party in order to correct the information.

8. SECURITY

Noterro is committed to protecting privacy. Security measures, such as locked filing cabinets, restricted access or the use of passwords and encryption have been adopted to protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Our employees have been trained to respect privacy at all times and those employees with access to the Personal Information shall use the Personal Information strictly in accordance with this Privacy Policy.

9. ACCESS

(1) Noterro may permit you to access the Personal Information in those circumstances permitted or required by applicable privacy legislation. If Noterro refuses access to you, it will provide you with the reasons for its refusal upon request. Exceptions may include information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege. Noterro will respond to your requests for access in accordance with applicable privacy legislation.

10. QUESTIONS OR CONCERNS

(1) If you have any questions or concerns about the Personal Information about you held by Noterro or about the compliance by Noterro with our Privacy Policy, please contact us at the address listed in the SaaS agreement.

(2) Noterro has procedures in place to receive and respond to complaints or inquiries about its handling of Personal Information. They will describe the complaint procedures to anyone who makes inquiries or lodges complaints.

(3) If you are not satisfied with the response from us after making a complaint, you may have recourse to additional remedies under applicable privacy legislation. For further information, please contact the federal Privacy Commissioner or your provincial Privacy Commissioner, as applicable.

11. WHEN IS THIS PRIVACY POLICY IN FORCE? WILL THE PRIVACY POLICY EVER CHANGE?

(1) The foregoing policies are effective as of the “Last Update” date stated above. Noterro reserves the right to change this policy at any time with reasonable notice to users posted on the Website of the existence of a new Privacy Statement. This statement and the policies outlined here are not intended to and do not create any contractual or other legal rights in or on behalf of any party.


SCHEDULE “A”
DEFINITION OF “PERSONAL HEALTH INFORMATION”

“Personal health information” has the meaning ascribed to it under the Personal Health Information Protection Act, 2004, S.O. 2004, ch. 3 (“PHIPA”), as such statute may be amended from time to time.

For ease of reference the following is section 4 of PHIPA.

4 (1) In this Act,“personal health information”, subject to subsections (3) and (4), means identifying information about an individual in oral or recorded form, if the information,

(a) relates to the physical or mental health of the individual, including information that consists of the health history of the individual’s family,

(b) relates to the providing of health care to the individual, including the identification of a person as a provider of health care to the individual,

(c) is a plan of service within the meaning of the Home Care and Community Services Act, 1994 for the individual,

(d) relates to payments or eligibility for health care, or eligibility for coverage for health care, in respect of the individual,

(e) relates to the donation by the individual of any body part or bodily substance of the individual or is derived from the testing or examination of any such body part or bodily substance,

(f) is the individual’s health number, or

(g) identifies an individual’s substitute decision-maker.

Identifying information

(2) In this section,

“identifying information” means information that identifies an individual or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual. 2004, c. 3, Sched. A, s. 4 (2).

Mixed records

(3) Personal health information includes identifying information that is not personal health information described in subsection (1) but that is contained in a record that contains personal health information described in that subsection. 2009, c. 33, Sched. 18, s. 25 (3).

Exception

(4) Personal health information does not include identifying information contained in a record that is in the custody or under the control of a health information custodian if,

(a) the identifying information contained in the record relates primarily to one or more employees or other agents of the custodian; and

(b) the record is maintained primarily for a purpose other than the provision of health care or assistance in providing healthcare to the employees or other agents.

calendar date picker

Get started with
Noterro today!

Try Noterro and discover that running your practice doesn’t need to feel overwhelming
Invoice

Get started with
Noterro today!

Try Noterro and discover that running your practice doesn’t need to feel overwhelming
calendar date picker
invoice