Atlas Medic agrees to protect, secure and maintain the confidentiality of all personal information gathered as part of our relationship with you. Atlas Medic’s privacy policy, set out below, describes the types of personal information we gather from clients, how we use it and the steps we take to ensure it is properly managed.

We have developed our policies and practices with the goal of ensuring they are in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws governing the protection of personal information in the private sector.

Respect for privacy is a fundamental right and it is one of Atlas Medic's core values. It is a guideline that is not always easy to follow, but we have innovation at this price. Atlas Médic ensures the confidentiality of personal information.

Atlas Medic keeps all personal information confidential. Information is deemed personal when it relates to an identifiable person. This includes your name, address, age, income, date of birth and sex, information on your financial status and credit history, as well as your opinions, preferences and purchasing habits.

The information is said to be anonymous when it does not relate to an identifiable person.

We are responsible for all personal information in our possession, including any particulars that we pass on to third parties for processing, storage or other purposes. We have developed and implemented this privacy policy in order to properly discharge this responsibility.

We always provide our reason for collecting personal data, either before or during the information gathering process. We gather, use and share your personal information in order to:

• better understand your product and service needs, provide you with relevant information and offer you products and services

• assess your interest in specific products and offer them as applicable

• deliver products and services

• track and analyze your transactions, including your purchases, shopping habits, activity on your account and your payment history, for market research purposes and to communicate promotional offers that may be of interest to you

• 
  

• conduct surveys and studies for research, statistical, product development and market release  purposes

• verify your identity and prevent errors and fraud

• assess your creditworthiness and keep your credit record updated at all times

• handle, manage, analyze and monitor your relationship with us, including for the purpose of recovering any monies you owe us

• carry out promotions and administer contests

• perform trials when changing or implementing computer systems

• be in compliance with legal and regulatory requirements, and occasionally perform tasks for other purposes authorized by legislation
  

We obtain your consent for gathering, using and sharing your personal information, except when authorized by law to proceed otherwise. The method used to obtain your consent varies, depending on circumstances and the nature of the information. Your consent can be express or implied, given verbally or in writing. We ask for your express consent (verbal, in writing or in electronic form) before gathering, using or sharing your sensitive personal information. Moreover, your consent is implied when you have an existing business relationship with us, you have already provided your express consent in this regard or we intend to use your personal information for purposes that are reasonably apparent.

We make sure your personal information is up-to-date, accurate and suitable for the purposes for which it was gathered. Please advise us of any changes in your address, telephone number and any other relevant information, so we can provide you with the best possible service.

We attach the greatest importance to the security of your personal information, which we protect by implementing the appropriate security measures. Our service providers are required, per the contracts they have signed with us, to maintain the confidentiality of your personal information and cannot, under any circumstances, use it for unauthorized purposes. When required by law to communicate personal information, we take reasonable measures to check the legitimacy of the request to gather said information, and we provide only the information mandated by law. We regularly review our methods and security measures, and check that they are being applied per standards, to ensure they are effective for, and relevant to, the sensitivity level in question.

Our data servers meet the highest industry standards. They comply with ISO 27001 standards. Our websites are subject to certificates for encryption and data encryption. Credit card transactions comply with the Payment Card Industry Data Security Standard (PCI DSS). Our data transfers are protected by layers of cryptographic protocols and modern countermeasure approaches such as: Transport Layer Security (TLS) and Encrypted Client Hello (ECH). These cryptographic protocols are intended to protect Internet communications.

Data governance is in place at Atlas Medic. This is a system, comprising responsibilities and decision-making authority for data-related processes, set up according to defined models. These models determine who can perform what action, with which information, when, under what circumstances and using what methods.