Privacy Policy – MedLegal inc.

Thank you for visiting the MedLegal Inc. website (hereinafter referred to as “MedLegal”) and reviewing its privacy policy (hereinafter referred to as “the Policy”).

By browsing our website or using our systems or services, you acknowledge that you have read and understood the Policy and consent to your personal data and information being processed in accordance with it, where applicable. 

The Policy consists of the following elements:

  1. Purpose of the Policy
  2. Methods of obtaining consent
  3. Purpose of data collection
  4.  Personal information collected
  5. Use of collected data
  6. Data processing methods used
  7. Access and control of personal information
  8. Sharing and reasons for sharing personal information with third parties
  9. Use of cookies and similar technologies
  10.  Storage of personal information

1. Purpose of the Policy

Respect for privacy and the protection of personal information are essential to us, which is why, through this Policy, we intend to protect them in accordance with applicable laws.

To ensure this protection, MedLegal undertakes to collect, process, and share information that identifies an individual only when the individual has consented to it, unless it is permitted or required by law, in which case your consent will not be required.

The purpose of this Policy is to inform users of the reasons why and how MedLegal, or anyone acting on its behalf, will collect and use their personal information. It is written in clear language to ensure that users give their informed consent. 

For the purposes of the Policy, “personal information” means any information that relates to an individual and allows that individual to be identified, directly or indirectly. This policy applies to personal information held by MedLegal and to any person who processes such personal information.

2. Methods of obtaining consent

We are committed to obtaining consent before collecting an individual’s personal information. Consent may be explicit or implied and may be provided directly by the individual or by their authorized representative.

We prefer to obtain explicit consent, whether verbally, electronically, or in writing. However, implied consent may be reasonably inferred from a person’s actions or inaction. For example, providing a name and email address or a name and phone number to obtain information about our services is considered implied consent to the collection of information containing personal information. To determine the appropriate type of consent, we consider the sensitivity of the personal information involved, the purposes for which it is collected, and the reasonable expectations of a person in a similar situation.

If we wish to use personal information for a new purpose, we will describe the intended use and ask for consent again.

It is not always possible, particularly in the context of a request from the government or the Barreau du Québec, to obtain the individual’s consent to collect, use, or disclose their personal information. We undertake never to disclose this type of information, other than in accordance with this Policy, unless we are required or permitted to do so by law.

3. Purpose of data collection

The information is collected in accordance with the purposes and objectives set out in this Policy.

Here are some reasons why we collect your personal information:

  • To provide services: We will collect and store the data and information necessary to build our client files, fulfill our mandates and contracts, and provide our professional services. We also collect personal information about our team members to comply with legislation and professional standards and for the purposes of our internal management systems.  The same applies to data collected about individuals who apply for jobs at MedLégal.
  • To ensure and improve our services: Data collected during your interactions with our services may be used to analyze and improve our services.
  • To develop new services and for AI: The data collected may be used in a research and development context to offer new services to our users, in particular through advertising and marketing messages. In addition, the data collected and aggregated may be processed by algorithms using artificial intelligence.
  • To offer personzlized services: Collecting and analyzing data generated by your interactions with our services allows us to develop and create services that are relevant and always best meet the needs of our customers.
  • To comply with legal obligations: Data is collected to comply with obligations arising from laws or regulations.

4. Personal information collected

MedLegal may collect personal information in various forms, but will only do so by lawful means and only for the necessary purposes disclosed to you, as described in this Policy, or when permitted or required by law. 

The personal information collected, as well as its sensitivity, may vary depending on the context of the interactions between you and MedLegal.

We protect all personal information collected.

Among the personal information that may be collected and used, we pay particular attention to the following information:

Identification information: Last name, first name, email address, postal address, telephone number, email address, and other similar data used to communicate with you.

Demographic information: Data about you such as your age, date of birth, marital status, gender, nationality, place of residence, and language of communication.

Professional information: Data relating to your academic background, occupation, and employment history.

Financial information: Data necessary for processing your payments, such as your bank account number and income.

Health information: Data relating to your health that is necessary for the performance of our mandate and our professional services, such as your health history, medications, lifestyle habits, changes in your health status, healthcare professionals consulted, and healthcare providers who have provided you with care, etc.

Other examples of data we collect include:

  • Information about your hobbies and interests: Data about your hobbies, interests, and activities.
  • Data about sites visited and usage: For example, pages viewed on our website.
  • Text, keystroke and handwriting data: Text, keystroke, and handwriting data, as well as any related information.
  • Location data: Data, which may be precise or imprecise, about the location of your device. For example, location data may be collected from a device’s IP address or from your account profile data that indicates your location less precisely, such as a city name or zip code.
  • Other data: Other data provided when you use our website, including data from Google Analytics.

5. Use of collected data

Providing our services. We use the data we collect to carry out the mandates entrusted to MedLegal and provide our professional services. For example, we use the data we collect to assert your rights.

Relevant offers. MedLegal uses data to provide you with relevant information about the services we offer. We analyze data from various sources to predict what information will be most interesting and relevant to you and communicate it to you in various ways. For example, we may offer you services that may be of interest to you.

Advertising. MedLegal uses data collected through its interactions with you, some of our services, and third-party websites to advertise our services, including on third-party websites. We may sometimes use automated processes to make advertisements more relevant.

Commercial transactions. We use data to process your transactions with us. For example, we process payment information and use contact details for record-keeping, identification, and accounting purposes.

Reporting and business operations. We use data to analyze our operations and improve our processes. This allows us to make informed decisions and report on the performance of our activities.

Professional and ethical obligations. We use the data to meet our various professional and ethical obligations. For example, we use the data to respond to requests from the Quebec Bar Association and tax authorities, in accordance with our professional and ethical obligations.

Legal compliance. We process data to comply with the law. For example, we use our clients’ ages to ensure that they meet the age requirement to take legal action. We also process contact information and identifiers to help clients exercise their data protection rights.

6. Data processing methods used

MedLegal attaches the utmost importance to the security of your personal information and undertakes to process it in accordance with industry norms and standards, solely for the purposes for which it is collected as described in this Policy or in a specific notice to that effect.

7. Access and control of personal information

MedLegal ensures that all personal information in its possession is as accurate, up-to-date, and complete as necessary for the purposes for which it is used.

You have the right to request access to your personal information for verification purposes and to request correction if it is inaccurate. If you believe that your personal information is inaccurate or if you wish to access your personal information, you may make a request using the contact information provided at the end of this Policy.

To the extent possible, we will provide you with timely access to your personal information.

8. Sharing and reasons for sharing personal information with third parties

We do not share your personal information with companies, organizations, or individuals outside of MedLegal, except for our authorized suppliers and partners who need access to the information for the purposes listed in this policy and within the limits of this policy, as well as in the following cases:

  • With your consent;
  • For storage in cloud servers, in which case personal information may be transferred through third-party jurisdictions. Please note that we only use reputable companies with privacy policies in place. 
  • For external processing purposes: We transmit personal information to other trusted companies or individuals who process it on our behalf, according to our instructions, in accordance with this privacy policy, with a level of data security at least equivalent to ours and in compliance with any other appropriate security and confidentiality measures. In particular, we use the services of third-party providers for our accounting and document management.
  • For legal reasons: We share personal information outside our company if access to it is necessary to comply with applicable laws and regulations.

9. Use of cookies and similar technologies

MedLegal may use cookies, web beacons, invisible pixels, log files, or other technologies to collect certain personal information about visitors to our websites and recipients of our other communications. Cookies are pieces of information transmitted by the server to the browser during a visit to the website that uniquely identify the current connection. This data may include information such as your Internet Protocol (IP) address, browser type, browser version, the pages of our site you visit, the time and date of your visit, the time spent viewing the site, and other statistics.

Cookies are used in particular to retrieve the search history linked to the session, in order to facilitate the user’s online browsing experience. It is important to note that, depending on the configuration chosen, enabling the cookie option may allow other servers to install cookies on your system. You can set your browser settings to notify you of the presence of cookies, giving you the option to accept or reject them.

Please note that our website may contain links or references to third-party websites. This policy ceases to apply when you leave our website, and MedLegal is not responsible for the storage or processing of personal information by these third parties or via these external sources.  

10. Storage of personal information

MedLegal retains data collected for varying periods of time, depending on its nature and usefulness for the purposes of our services. During the retention period, MedLegal takes physical and technical measures to ensure the security of data containing personal information.

The main locations where personal information is stored are Montreal, where MedLégal’s offices are located, and in cities where Microsoft and Jurisoncept have servers containing data collected by MedLégal. 

Once the retention period required by law has expired, personal information is destroyed. Only statistics or reports containing depersonalized and anonymized data may be retained for extended periods of time. 

Other information

Changes to this Policy:

We may add to, change, update, or modify this Policy from time to time. We will post any changes to this Policy on this page. The updated Policy will be effective immediately upon posting. 

Compliance offiicer:

If you have any questions, comments about the Policy, or complaints about the Policy or the protection of personal information, you may contact the person responsible for compliance:

Me Julie Bélisle
MedLégal inc.
225 rue Roy Est, bureau 106, Montréal QC H2W 1M5
Phone: 514.503.5644
Fax: 514.504.5645
Email: [email protected]