M127 - Hero Default

HALEO Privacy Policy

Last Updated : 2023-09-22
00 - Typography

HALEO Preventive Health Solutions Inc. (“HALEO” or “we” or “us” or “our”) provides this Privacy Policy (“Privacy Policy”) to inform you, whether a user of our Services (“User”) or otherwise one of our customers, one of our employees, our service providers or a job applicant (collectively, “you”), of our policies and procedures relating to the collection, use, communication, holding and protection of Personal Information (as defined below) we receive from individuals who use the HALEO services (the “Services”), work for or provide services to HALEO, or apply to work at HALEO, whether such information is provided by you, our employees, representatives, mandataries, service providers or by clinicians, or made available to us via the websites haleoclinic.com, haleo.ca, haleo.clinic and all related subdomains (the “Websites”) or via the mobile applications which we may own or operate currently or in the future (the “Apps”). We will only use your Personal Information in accordance with this Privacy Policy unless otherwise required by applicable law. We take steps to ensure that the Personal Information that we collect about you is adequate, relevant, not excessive, and used for limited purposes.

Unless otherwise stated, the terms used in this Privacy Policy have the same meaning as in our Terms and Conditions of Use. Be sure to return regularly to this page for the latest version of the Privacy Policy. We reserve the right at any time, in our sole discretion and without any liability, to update or modify the Privacy Policy, and your continued access to or use of the Services means that you agree to the Privacy Policy as last updated. If we change the Privacy Policy, we will update the “Last Updated” date at the top of the page. By continuing to access or use our Services, you indicate that you agree to be bound by the Privacy Policy. If the Privacy Policy does not seem acceptable to you, please do not use our Services.


We collect and use several types of information from and about you, including:

Non-Personal Information: information that does not directly or indirectly reveal your identity or directly relate to an identifiable individual, such as demographic information, or statistical or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from Personal Information. For example, we may aggregate Personal Information to calculate the percentage of users accessing any specific feature from any of our Websites or Apps. This type of information will not allow us to personally identify you.

Personal Information: personal information refers to any information concerning a natural person that enables that person to be identified, directly or indirectly (“Personal Information”). To use our Services, you must first provide such Personal Information about you that will allow you to be identified. This type of information will not be collected without your consent. For certain parts of the Services, such as creating an account, we collect Personal Information that you voluntarily provide to us using the Services, and could include information such as your name, email address, telephone number, mailing address, date of birth and personal information in relation to your health, (if applicable to the Services provided).

Personal Information provided to us by third parties: We may obtain Personal Information about you through other third parties, such as when you register with such party (e.g. your employer) to start benefiting from any of our Services they make available to you via their employee benefits, health services portal, or any website or mobile application.  We may also automatically import some of the Personal Information that you provide to such third parties into your account to use our Services.

Technical Information: such information includes your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, or information about your internet connection, the equipment you use to access our Websites and/or Apps, and usage details.

Non-personal details about your Website or App interactions: such information includes the full Uniform Resource Locators (URLs), clickstream to, through and from any of our Websites and Apps (including date and time), products and services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, or any phone number used to call our customer service number.

Information We Collect Through Cookies and Other Automatic Data Collection Technologies: As you navigate through and interact with our Websites and/or install, download or use the Apps, we may use cookies or other automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to, and use of, our Websites and Apps, including traffic data, location data, and other communication data and the resources that you access and use via the Websites or Apps.
  • Information about your mobile device and/or computer and internet connection, including your IP address, operating system, and browser type.
  • metadata and other information associated with other files stored on your device (when using our Apps). This may include, for example, photographs, audio and video clips, personal contacts, and address book information.

Automatically collected information: The information we collect automatically is statistical information and may include Personal Information, and we may maintain it or associate it with Personal Information that you provide to us, or receive from third parties. It helps us to improve our Websites and Apps and to deliver better and more personalized Services, including by enabling us to estimate our audience size and usage patterns, store information about your preferences, allowing us to customize our Websites and Apps according to your individual interests, and recognize you when you return to our Websites or Apps.

The technologies we use for this automatic data collection may include, but are not limited to:

Cookies (or browser cookies): A cookie is a small file placed on the device that you are using. Whether it is a desktop computer or a mobile device, you may refuse to accept browser cookies by activating the appropriate setting on your device. However, if you select this setting you may be unable to access certain parts of our Apps or Websites. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Websites or Apps; and

Web Beacons: pages of our Websites, our Apps, and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count Users who have visited those pages, used the Apps or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).


In the course of its activities as an employer and recruiter, HALEO collects, uses and communicates Personal Information. For our employees, this collection falls within the essential management of labor relations. As for job applicants, their information is collected and used to assess their suitability for available positions, which may involve information obtained from third parties for background checks or professional references. If an applicant is not selected, their information is retained for a reasonable period of time for future opportunities, unless a request for deletion is made. In addition, we maintain certain Personal Information on our former employees, including their names and contact details, for possible professional or regulatory requirements.


We use different methods to collect your information, including through:

  • Direct interactions with you: when you provide us information, for example, by filling in forms, creating an account, applying for a job opening, or corresponding with us by phone, email, or otherwise;
  • User contributions: you may also provide information for us to publish or display on public Website areas or transmit to other Website or App users or third parties;
  • Automated technologies or interactions: as you navigate through our Websites or use our Apps. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies; and
  • Third parties or publicly available sources: for example, our business partners, or your employer and/or their employee benefits provider.


The purpose of our collection and use of Personal Information is to:

  • Provide, maintain, execute and improve the Services;
  • Run and improve advertising campaigns (read further below on our “Advertising Purposes”)
  • Create your account so you may access and benefit from the Services;
  • Invoice for our Services;
  • Perform internal operations, including, for example, preventing fraud and abuse of our Services to resolve software problems and operational problems, to perform data analysis, testing and research and to monitor and analyze trends in use and activity;
  • In the case of job applicants, to contact the applicant and assess whether we will hire them; 
  • Managing our employment relationships;
  • Send you our newsletter or any other communication that may be of interest to you, including information about products, services, promotions, and news, and for marketing campaigns destined to our users that promote our products and services, or to offer you the products and services of our trusted partners, provided that you have given your explicit consent to receive such communications, and that you can withdraw your consent at any time by following the unsubscribe link provided in such communications or by contacting us;

We may also use and disclose your Personal Information for the following purposes: (i) to enforce the terms of any agreement between you and us; (ii) to protect the rights, property, or security of any individual or entity; or (iii) when mandated by applicable laws or in response to a lawful request from government authorities. Additionally, we may anonymize and aggregate certain Personal Information for research or development purposes related to the Services.

Advertising Purposes

In furtherance of our commitment to offer tailored experiences and promotions to our customers, we may share specific Personal Information, namely email addresses and phone numbers, with trusted third-party advertising platforms, notably Google Ads and Google Analytics.

This collaboration allows us to gauge the impact and success of our advertising endeavours, ensuring our customers receive pertinent and beneficial offers. Such data-sharing is exclusively purposed for this objective and is governed under our rigorous data protection protocols.

Our use of Google Ads and Google Analytics might involve tools facilitating targeted advertising based on Personal Information we submit to such tools. We remain dedicated to ensuring that any shared data is utilized in alignment with our privacy principles and in compliance with prevailing laws and statutes.

Customers reserve the right to opt-out of this specific Personal Information sharing. To exercise this privilege or to glean further insight into our data management practices, please contact data.officer@haleoclinic.com.


We expressly acknowledge that we will not use your Personal Information for any other purpose without your consent. We will only collect Personal Information to the extent necessary for the purposes described above.


You have the right to review the Personal Information we collect. If you would like to review this information, please send a written request to data.officer@haleoclinic.com. We reserve the right to charge you a reasonable administrative fee to access your information in accordance with applicable laws. In some cases, we may not be able to give you access to all of your Personal Information (eg, if the information also relates to another person’s Personal Information).


You may choose not to receive promotional messages from us by following the instructions in these messages. If you unsubscribe, we may still send you non-promotional communications, such as those about your account, the Services you requested, or our current business relationship with you.


We do not sell, lease nor rent to anyone the Personal Information we collect and store. We do however communicate the Personal Information we have collected with certain third parties as follows:

  • Affiliated Service Providers: We have agreements with various third-party affiliated service providers to facilitate the delivery of our Services and to support our business, where we may share the Personal Information we have collected, but we make sure before doing so that they comply with all applicable laws pertaining to Personal Information and that Personal Information is only shared as consented to for lawful purposes. We engage administrative service providers who we have determined maintain robust privacy protections and adhere to applicable laws. As such, we have confidence that your Personal Information will be managed with a level of attention consistent with our own standards set out in this Privacy Policy..
  • Statistical Analysis: We may share Non-Personal Information and Personal Information that has been anonymized and aggregated with third parties, including but not limited to statistical, machine learning, advertising, or marketing purposes.  No Personal Information will be shared in this way.
  • Commercial Transactions: In the event of a merger, asset sale, financing arrangement, or other similar corporate transaction, your Personal Information may be disclosed or transferred as a business asset. Prior to any such communication, we will always establish an agreement with the other party, ensuring that your Personal Information will be used solely for the purpose of completing the specific commercial transaction, safeguarded for confidentiality, and not disclosed without your explicit consent for any other purpose. The agreement entered into with any other party to such a transaction will obligate them to destroy your Personal Information should the transaction not proceed to completion; if the transaction is successfully concluded however, the other party will be bound to handle your Personal Information in compliance with all applicable laws and this Privacy Policy, and will provide you with appropriate notification.


We may communicate Personal Information that we collect or that you provide as described in this Privacy Policy to contractors, service providers, and other third parties we use to support our business and who are contractually obligated to keep Personal Information confidential, use it only for the purposes for which we disclose it to them, comply with all applicable laws, and to process the Personal Information with the same standards set out in this Privacy Policy.

In addition, our Services may integrate with online platforms of third parties that provide marketing and management tools to companies to help us deliver the Services to you, which means in such cases that your Personal Information may be shared with such third parties to provide the Services.

By submitting your Personal Information or engaging with any of our Websites or Apps, you consent to such communication of your Personal Information.


When data is located outside of Canada, it may be accessible by foreign governments, courts and law enforcement authorities, if required by law or court order. We only communicate or otherwise transfer Personal Information outside of Canada in compliance with applicable Canadian laws and for lawful purposes.

When we do communicate Personal Information outside of Quebec, and sometimes outside of Canada, we do so only to perform the Services, or to support our business in order to be able to perform our Services reasonably efficiently and to offer them at commercially reasonable costs.

Before communicating Personal Information outside of Quebec, we conduct a privacy impact assessment in compliance with applicable Quebec law. This assessment evaluates: (i) the sensitivity of the information; (ii) the purpose of its use; (iii) the safeguards in place, including contractual safeguards; and (iv) the legal regime applicable in the jurisdiction to which the information would be communicated, particularly the principles of protection of Personal Information applicable there. Personal Information is communicated only if the assessment demonstrates that the information would benefit from adequate protection, particularly in accordance with generally recognized privacy principles. We encourage you to review the privacy policies and terms of service of each third-party service provider you interact with.


Below is a list of the third-party online service providers that we use for the provision of our Services and to whom we may transfer some of your Personal Information to enable us to perform the Services:

  • Salesforce (salesforce.com) – for customer relationship management (CRM) and sales automation.
  • Hubspot (hubspot.com) – for marketing automation, customer relationship management (CRM), and sales automation.
  • Microsoft 365 (microsoft.com/microsoft-365/) – for email, document collaboration, and other business productivity tools.
  • Calendly (calendly.com) – for scheduling and managing appointments.
  • Active Campaign (activecampaign.com) – for marketing automation, email marketing, and customer relationship management (CRM).
  • Clickup (clickup.com) – for project management and collaboration.
  • Medstack (medstack.co) – for cloud hosting and data privacy compliance.
  • Azure (azure.microsoft.com) – for cloud hosting and data privacy compliance.
  • Stripe (stripe.com) – for payment processing.
  • Webflow (webflow.com) – for website design and development.
  • Amazon Web Services (aws.amazon.com) – for cloud hosting and data privacy compliance.
  • Quickbooks (quickbooks.intuit.com) – for accounting and financial management.
  • Docusign (docusign.com) – for electronic signature and document management.
  • Google Analytics (analytics.google.com) – for website traffic analysis and reporting.
  • Google Ads (ads.google.com) – for online advertising and pay-per-click (PPC) campaigns.
  • Google Tag Manager (tagmanager.google.com) – for tag management and deployment of marketing and analytics tags.
  • Amplitude (amplitude.com) – for product analytics and user behavior analysis.
  • Meta Pixel (facebook.com/business/tools/meta-pixel) – for tracking conversions and creating custom audiences for Facebook advertising.
  • LinkedIn Insights (business.linkedin.com/talent-solutions/talent-insights) – for analyzing job market trends and talent acquisition insights on LinkedIn.

Please be advised that we do not control the practices of the above third-party service providers, but we have entered into written agreements with each of the above third-party service providers. Under the terms of these agreements, each third-party provider undertakes to comply with all applicable laws, including those related to the protection of Personal Information. Some of these third-party service providers may not be located in Quebec; therefore, Personal Information may be communicated outside of Quebec to these third parties to enable them to support our business operations, but such Personal Information will only be communicated to them if necessary for the purposes you have given us authorization for..


Our Commitment to Your Privacy. We take the security and responsible management of your Personal Information extremely seriously. Our governance policies, specifically tailored for Personal Information and information security, have been formally approved by our Privacy Officer. These protocols are designed to match the scope and complexity of our various business activities. The following subsections provide comprehensive details in clear and simple terms to inform you about our governance policies and practices concerning Personal Information.

Data Lifecycle Management. Our protocols cover the full life cycle of your Personal Information. We retain your Personal Information only as long as necessary to fulfill the purposes for which it was initially collected. After the Personal Information has served its purpose, we ensure its secure and responsible destruction or anonymization, following strict guidelines, unless applicable law requires us to keep them longer.

Employee and Service Provider Responsibilities. Employee and Service Provider Responsibilities. Within our organizational framework, roles and responsibilities concerning the handling and management of Personal Information are clearly delineated for our employees. All employees undergo regular training and are held accountable for adhering to our Personal Information protection standards. With respect to service providers, we enter into contractual relationships exclusively with entities and persons that demonstrate a commitment to industry-standard security measures and legal compliance. These contracts have been meticulously reviewed to ensure alignment with applicable laws and consistency with the principles outlined in this Privacy Policy.

Handling Complaints. In line with our commitment to the protection of Personal Information, we have established a formal process for receiving, investigating, and resolving any complaints about the safeguarding of your Personal Information.

Security Measures. To protect your Personal Information, we employ a multi-layered security approach that includes physical, electronic, and administrative measures to prevent unauthorized access, usage, alteration, and disclosure of your Personal Information.

While these security measures align with industry best practices, it is important to acknowledge that the absolute security of your Personal Information during online transmission or when using Internet services cannot be unconditionally guaranteed. Such transmissions are, therefore, at your own risk.

We strive to present this policy in a straightforward and easily understandable manner, ensuring you are fully aware of how we handle your Personal Information.


Except as otherwise permitted or required by applicable law or regulation, we will only retain your Personal Information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize your Personal Information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.


HALEO employs other companies and / or individuals to perform functions on its behalf. For example, we may appoint third parties to develop software applications and / or database functions or to send communications on our behalf. Your Personal Information may be communicated to such persons during the course of HALEO’s business operations. All HALEO employees and all agents, affiliates and contractors working for HALEO who have access to your Personal Information are required to protect such information in a manner that is consistent with this Privacy Policy.


Our Websites, their subdomains and our Apps may also include links to third-party websites, plug-ins, services, social networks, or applications. Clicking on those links or enabling or accepting those connections may allow such third parties to collect or share data about you, including Personal Information. If you follow a link to a third-party website or engage a third-party plugin or service, please note that these third parties have their own privacy policies and practices, which may differ from ours and over which we have no control, and we do not accept any responsibility or liability for their practices and policies. Since we do not control these third-party websites or services, we strongly encourage you to read the privacy policy of each one before visiting, enabling or accepting any of their services, including any visiting any of their websites or downloading any of their content or application. We are not responsible for the privacy practices or content of such third-party websites or services, and we recommend that you exercise caution and review their privacy policies and terms of service before engaging with them.


Certain contents available via our Websites and Apps, which may include advertisements, are served by third parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Websites or Apps. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based advertising or other targeted content. We do not control these third parties' tracking technologies or how they are used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. We are not responsible for the privacy practices of other websites or online services that you may click when you use our Services, we therefore recommend that you do not click on such content nor engage with it if you have not read, understood and agreed to the privacy policies of such third parties.


If you have any questions, comments, or concerns about this Privacy Policy, send us an email at data.officer@haleoclinic.com.


If you want to review, verify, correct, or withdraw consent to the use of your Personal Information you may send us an email at the email address of the privacy officer to request access to, correct, or delete any Personal Information that you have provided to us.

Privacy officer

Quentin Gay



Whenever you provide your consent to the collection, use, communication and retention of your Personal Information, you have the legal right to withdraw such consent. To withdraw consent, if applicable, contact the Privacy Officer. Please note that if you withdraw such consent, we may not be able to provide you with our Services.  Please note that we will send you a confirmation email upon receipt of your request.


The Services are not intended for persons under 15 years of age. If HALEO realizes that Personal Information about people under the age of 15 has been inadvertently collected, it will delete it without delay.


This Privacy Policy is incorporated into and forms an integral part of our Terms and Conditions of Use, which set out the terms and conditions you agree to abide by using the Services and which are located at the bottom of most pages of our Websites.

HALEO’s Policy and General Practices are designed to ensure compliance with the Personal Information Protection and Electronic Documents Act (“PIPEDA”, SC 2000, c.5) of Canada and the Act respecting the protection of personal information in the private sector (CQLR c P-39.1) of the Province of Quebec. If you have any questions regarding compliance with these laws, please contact us at the above address.