CheapoMeds.com (“Cheapo Consulting”) safeguarding your confidentiality and protecting your personal information is a primary concern. We are committed to meeting or exceeding the privacy standards established by Canada’s Personal Information Protection and Electronic Documents Act (the “Act”). As part of this commitment, Cheapo has followed the Ten Privacy Principles described in the Act to govern our actions as they relate to the use of personal information. The Ten Privacy Principles are as follows:
Principle 1 – Accountability. Cheapo is responsible for maintaining and protecting any personal information under our control. In fulfilling this mandate, Cheapo has designated an individual who is accountable for our compliance with the Ten Privacy Principles.
Principle 2 – Identifying Purposes. The purposes for which personal information is collected shall be identified before or at the time the information is collected.
Principle 3 – Consent. The knowledge and consent of the Customer are required for the collection, use or disclosure of personal information except where required or permitted by law.
Principle 4 – Limiting Collection. The personal information collected must be limited to those details necessary for the purposes identified by Cheapo. Information must be collected by fair and lawful means.
Principle 5 – Limiting Use, Disclosure and Retention. Personal information may only be used or disclosed for the purpose for which it was collected unless the Customer has otherwise consented, or when it is required or permitted by law. Personal information may only be retained for the period of time required to fulfill the purpose for which it was collected.
Principle 6 – Accuracy. Personal information must be maintained in as accurate, complete and up-to-date form as is necessary to fulfill the purposes for which it is to be used.
Principle 7 – Safeguarding Personal information. Personal information must be protected by security safeguards that are appropriate to the sensitivity level of the information.
Principle 8 – Openness. Cheapo is required to make information available to Customers concerning the policies and practices that apply to the management of their personal information.
Principle 9 – Customer Access. Upon request, a Customer shall be informed of the existence, use and disclosure of their information, and shall be given access to it. Customers may verify the accuracy and completeness of their information, and may request that it be amended, if appropriate.
Principle 10 – Handling Customer Complaints and Suggestions. Customers may direct any questions or enquires with respect to the privacy principles outlined above or about our practices by contacting Cheapo’s Privacy Officer.
The guidelines below set forth the principles we use in gathering, using, maintaining and protection personal information you provide us.
The Types of Personal Information We Collect
Cheapo gathers and uses only such information that is necessary for providing our services and fulfilling your orders. It typically includes the following personal information: name, mailing address, e-mail address, telephone numbers, occupation, employment status, referral source, the name of your primary physician and his or her contact information, age, height, weight, sex, date of birth, the existence and types of drug allergies, medications requested, family medical history information, your personal medical history information, details of your existing medications, credit card information (including card type and number, expiry date and name of card holder), banking information (including transit and account numbers) and prescription information; The choice to provide us with personal information is always yours. However, your decision to withhold particular details may limit the products and services we are able to provide and make it more difficult for us to advise you or suggest appropriate alternatives. If we are unable to accommodate your request based on the information that has been provided, we may ask for additional details in order to identify other ways to be of assistance. We may also maintain a file containing contact history that is used for customer inquiry purposes.
We may collect anonymous/non-personal information. Anonymous/non-personal information is information that cannot be associated with or traced back to a specific individual or business entity.
The Purposes for which we use Personal Information
We use your personal information to communicate with you, enhance your visit to our website, allow processing of your prescription orders and effectively provide the products and services you have requested. We may provide your personal information to an affiliated company, a licensed pharmacy or to a prescribing physician in order to fulfill your prescription.
We may use your personal information to offer additional products and services sold by Cheapo. In the event of a sale of all or substantially all of the assets of Cheapo, records containing personal information may be transferred to the purchaser. We will not furnish your personal information to an outside organization for its use in marketing or solicitation without your prior consent.
We only use your personal information for the purposes that we have disclosed to you. If for any reason your information is required to fulfill a different purpose, we will notify you and ask you for your consent before we proceed.
In some instances, such as a legal proceeding or court order, we may also be required to disclose certain information to authorities. Only the information specifically requested is disclosed and we will take precautions to satisfy ourselves that the authorities who are making the request have legitimate grounds to do so.
There are some situations where we are legally permitted to disclose personal information such as employing reasonable and legal methods to collect a delinquent account, a medical emergency or suspicion of illegal activities.
We sometimes contract outside organizations to perform specialized services. Our trusted service suppliers may at times be responsible for processing and handling some of the personal information we have received from you.
When you visit our website, information is not collected that could identify you personally unless you choose to provide it voluntarily. You are welcome to browse our website at any time anonymously and privately without revealing any personal information about yourself.
We use current technologies and maintain security standards to ensure that your personal information is protected against unauthorized access, disclosure, inappropriate alteration or misuse. All safety and security measures are also appropriate to the sensitivity level of your information. Electronic client files are kept in a secured environment with restricted access. Paper-based files are stored in restricted access areas.
Cheapo is hosted using best practices to ensure continued customer security. Patient Data is stored separately on a non-internet facing server for added-protection. All communication is encrypted using HTTPS/TLS and been hardened using multiple techniques including running iThemes Security Pro behind a WatchGuard firewall.
In the course of daily operations, we attempt to restrict access to personal information to authorized employees who have a legitimate business purpose and reason for accessing it. As a condition of their employment, all employees of Cheapo are required to sign a confidentiality agreement, abide by the privacy standards we have established and to follow all applicable laws and regulations. Unauthorized access to and/or disclosure of client information by an employee of Cheapo is strictly prohibited. All employees are expected to maintain the confidentiality of personal information at all times and failing to do so will result in appropriate disciplinary measures, which may include dismissal.
Accessing and Amending Your Information
Decisions are often made based on the information we have. Therefore, it is important that your personal information is accurate and complete. As a customer, you have the right to access, verify and amend the information held in your personal and financial files.
To help us keep your personal information up-to-date, we encourage you to amend inaccuracies and make corrections as often as necessary. Despite our efforts, errors sometimes do occur. Should you identify any incorrect or out-of-date information in your file(s), we will make the proper changes and provide you with a copy of the corrected information. Where appropriate, we will communicate these changes to other parties who may have unintentionally received incorrect information from us.
Customers may direct any questions or enquires with respect to our practices or your personal information by contacting our Privacy Officer, as follows:
326 – 1500-14th Street SW
Canada T3C 1C9
Attention: Jeff de Denus
Telephone No. (844) 424-3276
Facsimile No. (844) 423-5583
Updating this Policy
last updated: July 1st, 2019