About Your Privacy and This Privacy Policy
We take the protection and safeguarding of any information you provide through the Platform or Services very seriously as your privacy is extremely important to us. We are constantly putting a great deal of thought, effort, and procedures in place in order to protect and safeguard your privacy.
This Privacy Policy (the “Privacy Policy”) contains details on issues related to your privacy when using our Services. It is intended to inform you of our policies, procedures and practices regarding the collection, use and disclosure of any information that you or your therapist submit through the Platform.
This Privacy Policy is an integral part of our Terms and Conditions, which govern your use of our online Platform. Through the Platform, we offer various Services. For more information, please refer to our full Terms and Conditions, available at https://robertvalela.org/terms-and-conditions/ (the “Terms”).
By accessing or using the Platform or Services, including submitting any information through the Platform, you confirm that you have read, understood, accept and agree to be bound by this Privacy Policy, as well as the Terms, and that you will comply with them at all times. Please read this Privacy Policy and the Terms carefully before using the Platform or any of the Services.
If you do not agree to any of the terms outlined in this Privacy Policy, as well as the Terms, you must not access or use the Platform or Services.
DEFINITIONS
The terms in the Privacy Policy (such as, but not limited to, “we”, “our”, “us”, “Platform”, “Services”, “Therapist”, “Therapy”, “User”, “Client”, “Personal Data”, “Third Parties”, “Third Party”, “Processing, processes, or process”, etc.) have the same meaning as in our Terms and Conditions. For more information, please refer to our full Terms, available at https://robertvalela.org/terms-and-conditions/.
PRIVACY AND SECURITY DISCLAIMER
Using online technologies such as email, cloud storage, websites, mobile apps, and video conferencing involves certain risks that cannot be completely eliminated:
- Technology Disruptions: Internet issues, equipment failures, or software glitches may impact communication quality and session effectiveness.
- Communication Limitations: The absence of face-to-face interaction in some Services can lead to misunderstandings, as visual cues may be limited. Clarifying any uncertainties is important.
- Security of Information: While we use secure platforms to protect your data, online transmissions may still be vulnerable to interception or unauthorized access by external parties, such as hackers. Insecure devices or weak privacy settings may also expose your communications.
- Confidentiality Risks: Despite precautions, complete confidentiality cannot be guaranteed with internet-based technologies. Emails, in particular, are not inherently secure and may expose your data to unintended access.
By accessing or using the Platform or Services, including submitting any information and/or Personal Data through the Platform, you acknowledge and accept these risks. If you do not accept these risks, you must not access or use our Platform or Services.
SECURITY
1. Inherent Risks of Internet-Based Services. While using any Internet-based service carries inherent security risks that cannot be entirely eliminated, our systems, infrastructure, encryption technologies, and operational processes are designed with your privacy and security as priorities. We make every effort to follow recognized industry standards and best practices to protect against unauthorized access, use, and disclosure of your data.
2. Reasonable Security Measures. We implement reasonable precautions to safeguard your Personal Data. However, security can only be ensured to the extent that is reasonably practical, and no system can offer a 100% guarantee of data security.
3. Internet Insecurity. Despite our efforts to protect your data, the internet is inherently insecure. We acknowledge that there are risks involved in using online services, and while we take all reasonable measures, absolute security of your Personal Data cannot be guaranteed.
4. PIPEDA and HIPAA Compliance. We use a PIPEDA-compliant video teleconferencing and practice management platform with end-to-end encryption, as well as HIPAA-compliant email services, to protect your information and Personal Data.
5. User Responsibilities. The full protection of your Personal Data also depends on your adherence to security best practices. This includes keeping your software up to date, using a secure network connection, and securing your devices. You are also responsible for maintaining the privacy of the physical space where you receive our Services.
6. Recommendations for Security Best Practices. To enhance the security of your information, we recommend that our Users:
- a. secure their devices;
- b. use strong passwords;
- c. enable two-factor authentication where possible;
- d. log out of the Platform whenever they are away from their device(s);
- e. maintain a private environment while using our Services; and
- f. periodically review our Privacy Policy to ensure that they are notified of any updates.
7. Phishing. Online identity theft and account hacking, including the practice currently known as “phishing”, are of great concern. You should always be diligent when you are being asked for your Personal Data, account information or payment information and you must always make sure you submit such information and data in our secure system. We will never request your login information or your credit card/payment information in any non-secure or unsolicited communication (email, phone or otherwise).
PERSONAL DATA STORAGE
8. International Transfer of Personal Data. Your Personal Data may be transferred to and stored on servers located outside of your state, province, country, or other governmental jurisdiction, including, but not limited to, Canada, the United States of America, Switzerland, and Germany. This transfer is essential to ensure the continuity of care and to support the functionality of our Platform and Services. Please be aware that certain features of our platform rely on third-party services, whose servers may also be located internationally, including in the United States. Regardless of where your data is stored, it will be handled securely and in compliance with this Privacy Policy.
- a. By agreeing to our Terms and Privacy Policy and submitting your Personal Data, you consent to the transfer and storage of your Personal Data in jurisdictions that may have different data protection laws than your own.
9. Personal Data Retention. Personal Data will be retained only for as long as necessary to fulfill the purposes for which it was collected. If you are using our Therapy Services, legal and professional standards require us to retain treatment records for a minimum of 10 years. You will be notified if your data needs to be retained for longer than the required periods.
COLLECTION, USE, AND DISCLOSURE OF PERSONAL DATA
10. Limitations on Disclosure of Personal Data. Other than in the specific ways outlined in this Privacy Policy, the Terms, or as stated on the relevant pages of our Platform we will not disclose any Personal Data unless you explicitly request or authorize us to do so. For greater clarity, we will never sell or rent your Personal Data.
- a. By choosing to provide your Personal Data, you agree to the methods of collection, use, and disclosure as described in this Privacy Policy and the Terms.
11. Collection of Personal Data. Personal Data collected on our Platform and through our Services will only be used for the purposes outlined in this Privacy Policy, the Terms, or as stated on the relevant pages of our Platform. To ensure the efficient operation of our Platform and to provide you with access to our Services, we may collect the following Personal Data both automatically and manually:
- a. contact information, such as your name, phone number, email address, and physical address;
- b. demographic information, such as your personal health number and residency details;
- c. location information, such as data regarding your geographic location;
- d. telecommunications information, such as information related to your communication devices and methods;
- e. billing and payment information, such as data related to billing, payment methods, and transactions;
- f. health service eligibility information, such as your insurance details or other details about your eligibility for health services or our Services;
- g. diagnostic, treatment, and care information, such as information regarding your health, diagnosis, treatment, and care;
- h. log data, such as information such as your device’s IP address, pages visited, time spent on pages, actions taken, and other related statistics; and
- i. service-related information, such as data exchanged between you and your Therapist or relevant to your need for Services.
12. Health Information and Data Sharing. In certain instances, the Personal Data you provide may be classified as health information. While you have the option to choose what Personal Data to share with us, some features of the Platform or Services may be unavailable if required data is not provided or removed.
13. Use And Disclosure of Personal Data. Access to your Personal Data will be limited to members of our organization or Third Parties working with us who require the information to fulfill the purposes specified in this Privacy Policy and our Terms. Personal Data may be collected, used, or shared with authorized personnel or Third Parties for the following purposes:
- a. to create your account, allow you to log in, and manage your use of the Platform;
- b. to manage your account and provide customer support, ensuring high-quality service;
- c. to contact you with relevant information, alerts, or suggestions related to our Services;
- d. for billing, payment processing, and transactions, this may include sharing your Personal Data as necessary to pursue a claim on a delinquent account through a collection agency;
- e. to protect your safety or the safety of others, we or a Therapist may act if there is a belief that you or someone else is at risk of harm or involved in criminal activity. Therapists may also be required to disclose information to law enforcement or other authorities to meet their professional and legal obligations. Specifically, and without limitation, you should be aware that the law requires individuals to disclose information and/or take action in the following cases:
- i. if you are at imminent risk of self-harm or suicide, we may need to notify authorities and emergency services or involve others to protect you;
- ii. if you express intent to harm another person, we are obligated to inform authorities and, if necessary, the potential victim to protect you and others;
- iii. any reasonable suspicion or knowledge of abuse or neglect involving a child or vulnerable adult must be reported to the appropriate government agency;
- iv. if you are involved in a serious crime or if required by a court order, we may need to share relevant information with law enforcement; and
- v. if there is a credible threat of violence toward someone, we must take steps to protect the potential victim, including notifying authorities,
- if we, or your Therapist, have concerns that any of these conditions may apply to you, we or your Therapist will make every effort to discuss these concerns with you before taking any action;
- f. to match you with an appropriate Therapist;
- g. to enable and facilitate the delivery of Services, including therapy, products, courses, and other offerings;
- h. to supervise, administer, and monitor the quality of Services provided;
- i. to evaluate and improve the effectiveness and delivery of our Services, and market the Platform and Services to you;
- j. to respond to law enforcement requests and comply with applicable laws, court orders, or government regulations. Including to prove or protect our legal rights;
- k. to comply with state, provincial, and federal laws related to public and Client health and safety;
- l. to personalize and develop the Platform and Services to enhance your User experience;
- m. to maintain brief records of Services provided, including session details and general topics discussed; and
- n. to tailor your experience on the Platform by delivering relevant content, personalized offers, and ads via the Platform, third-party websites, or email or text message (with your consent where required by law).
14. Cooperation With Law Enforcement and Legal Compliance. We work with government and law enforcement officials to comply with the law. In certain cases, we may need to share information to protect the safety of the public or individuals, respond to legal requests (such as subpoenas), or prevent illegal or dangerous activities. If we receive a court order to share your Personal Data with the police or court, we are legally required to provide the requested records and cooperate. However, unless there is a court order or an immediate danger to you or someone else, we will not share any details about you or your treatment with law enforcement or legal counsel without first obtaining your written consent.
15. Children’s Privacy. We do not knowingly collect, solicit, or use any Personal Data from anyone under the age of 16 or knowingly allow such persons to become our Users or Clients. The Platform is not directed and not intended to be used by children under the age of 16. If we learn that we have collected Personal Data from a child under 16 years of age, the Personal Data will be deleted. If a child under 16 years of age has provided us with Personal Data their parent or guardian can let us know by contacting us and we will delete that information.
SERVICE RECORDS
16. Accessing, Modifying, or Deleting Your Personal Data. If you would like to know if we have collected your Personal Data, how we have used your Personal Data, if we have disclosed your Personal Data and to who we disclosed your Personal Data, if you would like your Personal Data to be deleted or modified in any way, or if you would like to exercise any of your other rights under the GDPR, please contact us. Please note that it may take some time for us to respond to your inquiries. Additionally, certain laws may prevent us from deleting or modifying portions of your Personal Data. RV Services Group is the controller with respect to your Personal Data. You can contact us with questions, concerns or objections about this policy, or about your Personal Data by emailing [email protected].
17. Record Keeping of Therapy Services. We maintain concise and appropriate records of the therapy services provided. Although our sessions may cover sensitive and private matters, the records are brief, noting your attendance, the services or actions performed, and a general overview of the topics discussed. Rest assured, these records are securely stored to ensure your privacy and confidentiality. In general, the law protects the privacy of all communication between a client and a mental health professional, such as a Therapist (e.g., psychologist or registered provisional psychologist). We can only share information about you and your treatment with others if you provide written consent. However, there are specific legal exceptions to this rule; for more information, please refer to subprovision E under provision 13. Use and Disclosure of Personal Data.
18. Access to Therapy Services Records. You have the right to request a copy of your therapy session records (i.e., session notes) at any time. Upon your request, you will receive a copy of your records within 30 calendar days, unless we determine that access to them could cause emotional harm to you or a third party. In such cases, we can send the records to a mental health professional of your choice, or provide you with a summary of the information instead. Please note that these records are professional documents and may be difficult to interpret or distressing for those without relevant training. We recommend reviewing them with your therapist, who can help clarify and discuss the contents. Additionally, an appropriate fee may be charged for the time spent preparing the records or fulfilling the information request.
THIRD PARTY SERVICES AND TOOLS USAGE
19. Opting Out of Email Marketing. You can opt-out of receiving email marketing by unsubscribing using the unsubscribe link provided in all of our marketing email. You can opt-out of receiving email marketing by unsubscribing using the unsubscribe link provided in all of our marketing email communications.
20. Cookies and Web Beacons. Like many websites, we use “cookies” and “web beacons” to collect information. A “cookie” is a small data file that is transferred to your computer’s hard disk for record-keeping purposes. A “web beacon” is a tiny image, placed on a Web page or email that can report your visit or use. We use cookies and web beacons to enable the technical operation of the Platform, to administer your log-in to your account and to collect the log data. You can change your browser’s settings so it will stop accepting cookies or to prompt you before accepting a cookie. However, if you do not accept cookies you may not be able to use the Platform or your quality of your User experience may decrease. The Platform may also include the use of cookies and web beacons of services owned or provided by Third Parties that are not covered by our Privacy Policy and we do not have access or control over these cookies and web beacons. We may also use Third Party cookies for the purposes of web analytics, attribution and error management.
21. Social and General Information Tools. We use several publicly available tools and information exchange resources, including, but not limited to, a blog, a Facebook page, a YouTube page, an Instagram account, an X (formerly Twitter) account, and others (collectively “Social and General Information Tools”). Any information you provide or share while using Social and General Information Tools may be read, accessed, collected by that site and Users of that site according to their Privacy Policy.
22. Links. The Platform including, but not limited to, our website may contain links to other websites, services or offers which are owned, operated or maintained by Third Parties. If you click on a Third Party link, you will be directed to that third website or service. The fact that we link to a website or service is not an endorsement, authorization or representation of our affiliation with that Third Party, nor is it an endorsement of their privacy or information security policies or practices. Please note that we are not responsible for, nor do we have control over, Third Party websites and services, including their practices, privacy policies, or terms of use.
23. Service Providers. We may employ Third Party companies and individuals to facilitate our Platform and/or Services, to perform certain tasks which are related to the Platform and/or Services, or to provide audit, legal, operational or other services for us. These tasks include, but not limited to, customer service, technical maintenance, monitoring, email management and communication, meeting management and communication, database management, billing and payment processing, reporting and analytics. We will share with them only the minimum necessary information to perform their task for us and only after entering into appropriate privacy agreements.
GENERAL DATA PROTECTION REGULATION (GDPR) NOTICE
24. Data Processing and Utilization. This section provides additional information about our Privacy Policy relevant to Users from the European Union. It is necessary for us, or that of a Third Party, to automatically and/or manually use and Process your Personal Data:
- a. to fulfil our contractual commitments with you, such as providing Services that you have requested;
- b. to operate the Platform effectively and to provide Services to you;
- b. in ways that help us improve the experience of our Users and Clients; and
- c. to comply with legal obligations imposed on us by applicable laws and regulations.
25. Your GDPR Rights. Under the GDPR, you have the following rights:
- a. right to be informed;
- b. right of access;
- c. right to rectification;
- d. right to erasure;
- e. right to restrict processing;
- f. right to data portability; and
- g. right to object,
You can exercise any of these rights by emailing [email protected]. In some cases, we may be required to retain Personal Data, which may include not editing Personal Data, to comply with applicable record retention laws.
26. GDPR Data Controller. RV Services Group is the controller with respect to your Personal Data. You can contact us with questions, concerns or objections about this policy, or about your Personal Data by emailing [email protected].
MISCELLANEOUS
27. Headings for Convenience. The headings in this Privacy Policy, including but not limited to section, provision and/or clause headings, are provided for convenience only and shall not be used to interpret or influence the meaning or scope of any provision within this Privacy Policy.
28. Modifications. We may amend this Privacy Policy from time to time, at our sole discretion, to remain compliant with applicable laws and reflect any changes in our data collection practices. The date of the most recent revision can be found at the end of this page. We encourage you to review this page periodically to stay informed of any updates on our Privacy Policy and practices. Any changes made to our Privacy Policy will not affect the use of your Personal Data under the current policy without first notifying you and offering the opportunity to opt-out. If necessary, we will provide notices or communications regarding this Privacy Policy via email, regular mail, or by posting them online.
29. Complaints. If you have any complaints about how we process your personal data, please contact us through the contact methods listed in the Contact Details section so that we can, where possible, resolve the issue. If you feel we have not addressed your concern in a satisfactory manner you may contact a supervisory authority. You also have the right to directly make a complaint to a supervisory authority. You can lodge a complaint with a supervisory authority by contacting the
CONTACT DETAILS
30. Contacting Us. If you have any questions or concerns about this Privacy Policy or our privacy-related practices, please contact us by emailing Robert Valela via [email protected] or send us a letter at Suite 1303, 5328 Calgary Trail NW, Edmonton, Alberta, T6H 4J8 addressed to Robert Valela. You can also contact us through contact methods available on our Site.
Effective Date: 25 day of September, 2024.
Last Updated: 25 day of September, 2024.
IF YOU ARE EXPERIENCING AN EMERGENCY, IN A CRISIS OR ANY OTHER PERSON MAY BE IN DANGER – DON’T USE THIS SITE. PLEASE CALL 911 (IN CANADA OR THE US), YOUR LOCAL EMERGENCY NUMBER, OR GO TO THE NEAREST EMERGENCY DEPARTMENT.