Last Updated: 2025-05-08

At Impact Medical (“We”, “Us”, “Our”, “Website” or “Platform”) we are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, store, and disclose your personal data when you use our website and services. By using our platform, purchasing products, or interacting with our services, you agree to the terms of this Privacy Policy.

1. Effective Date

1.1 This Privacy Policy is enacted and comes into full force starting from 2025-05-08. From the said date onwards, the principles and practices outlined within this policy will dictate the manner in which we manage, protect, and utilize your personal information.

2. Age Restriction Policy

2.1. Age Requirement: Our services are designed for and directed towards adults, specifically those who are 18 (Eighteen) years of age or older. We do not knowingly collect, use, or solicit personal information from anyone under the age of 18 (Eighteen) years.

2.2. Proactive Measures: In our registration process and at various points of interaction with our services, we take proactive steps to verify the age of our users, ensuring compliance with our  18 (Eighteen) years of age policy.

2.3. Parental Control: If any Parent or guardian discovers that personal information has been collected from an individual who is a minor without verifiable parental consent, please contact us at 18 (Eighteen) years we will take immediate steps to delete such information from our records and terminate the said account.

3. What Information Do We Collect?

3.1 We collect various types of information when you interact with our platform, register an account, or make a purchase. The types of information we collect include:

3.2 Personal Identification Information:

We collect personal details that can identify you, such as:

• 3.2.1. Full name
• 3.2.2. Email address
• 3.2.3. Mailing address
• 3.2.4. Phone number
• 3.2.5. Date of birth

3.3 Medical Information: In some cases, we collect sensitive medical data as part of the products we offer, which may include:

• 3.3.1. Medical diagnoses
• 3.3.2. Prescriptions
• 3.3.3. Test results
• 3.3.4. Treatment information

This data is only collected when necessary and with your explicit consent.

3.4. Account and Transaction Information:

When you make a purchase or use our services, we collect:

• 3.4.1. Account login details: Usernames, passwords, and security questions.
• 3.4.2. Payment information: Credit/debit card details, billing address, and other necessary financial information for processing payments.
• 3.4.3. Order history: Information about past purchases, including product details, quantities, and prices.
• 3.4.4. Shipping and delivery information: Address and contact information required for order fulfillment.

3.5. Platform Usage Information: 

We automatically collect information about how you interact with our platform, such as:

• 3.5.1. IP address
• 3.5.2. Browser type and version
• 3.5.3. Time zone settings
• 3.5.4. Pages you visit
• 3.5.5. Links you click
• 3.5.6. Device information (mobile, desktop, etc.)
• 3.5.7. Cookies and similar tracking technologies

4. Why Do We Collect the Information?

4.1. We collect your personal, medical, and transactional information for several key reasons, which help us provide, improve, and personalize our services. The information you share with us is essential for the following purposes:

4.2. To Process and Fulfill Your Orders

• 4.2.1. Order Processing: We collect personal and payment information to process your orders accurately and efficiently.
• 4.2.2. Shipping and Delivery: Your contact and shipping information allows us to deliver the products you purchase to the correct address and ensure timely fulfillment.
• 4.2.3. Payment Processing: We use your payment information to securely process your transactions and ensure that the correct charges are applied.

4.3. To Provide Personalized Services and Recommendations

• 4.3.1. Personalization: We use your account, medical, and transaction data to customize your shopping experience, including product recommendations based on your past purchases and preferences.
• 4.3.2. Product Recommendations: By understanding your needs, we can offer personalized product suggestions that are more relevant to your health conditions or medical requirements.

4.4. To Enhance Customer Support and Communication

• 4.4.1. Customer Support: We collect your information to offer support, resolve any issues, and answer any questions related to your orders, products, or accounts.
• 4.4.2. Communication: Your contact details allow us to send order updates, confirmations, and notifications regarding new products, services, and promotions (if you have opted-in for marketing communications).

4.5. To Ensure Compliance with Legal and Regulatory Requirements

• 4.5.1. Legal Compliance: We collect and retain personal and medical information to comply with applicable laws, regulations, and industry standards (e.g., health data privacy regulations).
• 4.5.2. Audit and Record Keeping: We may retain transaction records for legal, accounting, and regulatory purposes, ensuring that we meet compliance obligations, including tax laws and consumer protection standards.

4.6. To Improve Our Services and Platform

• 4.6.1. Platform Optimization: We collect platform usage data to analyze user behavior and improve the functionality of our platform.
• 4.6.2. User Experience: We use the information to enhance our platform’s design and performance, ensuring that you have a seamless experience when navigating the platform.
• 4.6.3. Security: Your data helps us detect and prevent fraudulent activity, protect your account, and maintain the integrity and security of our platform.

4.7. To Send Marketing Communications and Promotional Offers

• 4.7.1. Marketing: If you opt-in to receive marketing communications, we use your contact details to send you relevant offers, promotions, and updates about our products and services.
• 4.7.2. Product Updates: We may also inform you about new products, special discounts, or other offers tailored to your preferences.

4.8. To Maintain and Improve Health and Safety Standards

• 4.8.1 Medical Information Usage: We may collect medical information such as prescriptions, diagnoses, and treatment plans to ensure that we provide the right products to meet your medical needs.
• 4.8.2 Quality Control: Information provided helps us track the quality of products and services, ensuring they meet health and safety regulations.

5. Use of Information

5.1. Local Storage: The data you enter on the platform is stored locally on your device. We do not share or transmit this data to our servers or third parties, except where explicitly stated in this Privacy Policy. Any transmission of data to our systems occurs solely for purposes essential to the functionality of our services and is handled in compliance with applicable data protection regulations.

5.2. Personalization: The information you provide is utilized to customize the content, features, and services on the platform to better align with your preferences and requirements. This includes but is not limited to tailoring and enhancing functionalities to ensure an optimized and personalized user experience.

6. Sharing Your Information

6.1. We deeply value the trust you place in us when you share your personal information. Our commitment to safeguarding that trust is unwavering, and as such, we adhere to strict principles when it comes to sharing your information. Here is how we ensure your data is handled with the utmost respect and care:

• 6.1.1. We do not sell, rent, or share your personal information with external entities, including third-party marketers, data aggregators, analytics firms, or any other organizations, unless you provide explicit consent. Our data usage practices are strictly limited to internal operations and service improvements, ensuring that your privacy remains protected at all times.
• 6.1.2. We may in some cases collaborate with carefully selected third-party service providers to deliver and enhance our services effectively (e.g., cloud hosting, cybersecurity firms) who assist in maintaining our infrastructure. These providers are contractually obligated to maintain confidentiality and cannot use your data for any unauthorized purposes.
• 6.1.3. There are circumstances where we may be required by law to share your information, such as in response to a legal process or to comply with governmental requests. Additionally, if it becomes necessary to protect the rights, property, or safety of our platform, our users, or the public, we may share information within the bounds of legal requirements. This includes efforts to prevent fraud or potential threats to security.
• 6.1.4. We may share data with law enforcement agencies, regulatory bodies, or government authorities when necessary to comply with legal requirements, enforce our policies, protect our rights or the rights of others, prevent fraud, or ensure security.
• 6.1.5. If there is a specific need to share data beyond these internal use cases, we will obtain clear, informed, and documented consent before proceeding.

7. Data Protection & Security

7.1. We implement robust data security measures along with industry-standard security measures to protect your personal information from unauthorized access, alteration, or disclosure, or destruction. Our security protocols include the following. All information collected through our platform is securely stored on our dedicated servers, which are designed to protect against unauthorized access, breaches, and other security risks. To ensure the highest level of data protection, we implement a combination of technical, administrative, and organizational safeguards in line with industry best practices and regulatory compliance standards. Our security protocols include the following:

• 7.1.1. Encryption: We use encryption technology to protect sensitive data transmitted over the internet and stored in our systems. This ensures that your personal information remains confidential and secure.
• 7.1.2. Access Controls: We restrict access to personal information to authorized personnel only. Our systems have role-based access controls to limit who can view or modify your data.
• 7.1.3. Regular Audits: We conduct regular security audits and assessments to identify and address potential vulnerabilities. This helps us maintain a high level of security and adapt to emerging threats.
• 7.1.4. Integration with Third-Party Services: We ensure that these services comply with our data protection standards and have their own security measures in place. We regularly review their practices to ensure alignment with our commitment to data security.
• 7.1.5. Incident Response: In the event of a data breach, we will notify affected users promptly, following applicable legal requirements. We will provide information on the nature of the breach, the data affected, and the steps we are taking to mitigate the impact.

8. User Rights

8.1. We are committed to ensuring that your rights concerning data privacy are clearly articulated and easily accessible. As a user, you have the following rights:

• 8.1.1. Right to Access: You can request access to the personal information we hold about you. We will provide you with a copy of your data and inform you of how it is used.
• 8.1.2. Right to Rectification: If your personal information is inaccurate or incomplete, you have the right to request that we correct or update it.
• 8.1.3. Right to Erasure: You can request that we delete your personal information when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.
• 8.1.4. Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information under certain circumstances.
• 8.1.5. Right to Withdraw Consent: If we rely on your consent for processing your personal information, you can withdraw your consent at any time.

9. Compliance

9.1 We are committed to complying with all applicable international privacy and data protection laws and regulations to ensure the protection and confidentiality of your personal information, no matter where you are located. This includes, but is not limited to:

• 9.1.1. Personal Information Protection and Electronic Documents Act (PIPEDA): We adhere to PIPEDA, which sets strict guidelines for the collection, processing, storage, and transfer of personal data. This includes ensuring lawful bases for processing personal data, obtaining explicit consent where necessary, and providing rights to access, rectify, and erase personal information.
• 9.1.2. The Privacy Act: We also adhere to the Privacy Act which also establishes stringent regulations for the collection, processing, storage, and transfer of personal data. This includes ensuring a lawful basis for processing, obtaining explicit consent when required, and granting individuals the right to access, rectify, and delete their personal information.
• 9.1.3. Other Data Privacy Laws: We may also comply with any other relevant data privacy law and regulation applicable to our users.
• 9.1.4. In the event of new regulations, we will update our policies accordingly and notify all users of these changes.

10. Data Retention and Deletion

10.1. We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The duration for which we retain your personal data depends on the nature of the data and the purposes for which it was collected, as outlined in this Privacy Policy.

• 10.1.1. Transaction Data: We will retain transaction data, such as order details, payment information, and shipping information, for a period of 12 years to comply with legal, tax, and regulatory obligations.
• 10.1.2. Account Data: We will retain your account data, including personal details and purchase history, for as long as you maintain an active account with us or as otherwise required by law.
• 10.1.3. Medical Information: Any medical information you provide, including prescriptions, diagnoses, and treatment details, will be retained for the period necessary to fulfill the purpose of your order and in accordance with legal and regulatory obligations unless a shorter retention period is applicable.

10.2. Data Deletion

• 10.2.1 You have the right to request the deletion of your personal data, subject to any legal obligations or legitimate business interests that require us to retain such data. If you wish to delete your account or request that we delete your personal data, you may do so by contacting us directly at btran@impact-medical.ca or calling 647-482-8965. Please note that if you request the deletion of certain information, it may impact your ability to use our services or make purchases on our platform. Once we no longer require your personal data for the purposes outlined in this Privacy Policy, or upon your request (unless we are required to retain certain data by law), we will securely delete, anonymize, or de-identify your data.
• 10.2.2 Account Data: We take reasonable steps to ensure that data is securely erased and disposed of when it is no longer required, utilizing industry-standard methods to prevent unauthorized access, use, or disclosure of the data.

11. Account Suspension and Termination

11.1. We reserve the right to suspend or terminate your account if you violate our Terms and Conditions, engage in fraudulent activities, or fail to comply with applicable laws. Suspended accounts may lose access to features like purchasing or account management.

11.2. If your account is terminated, you will lose access to your account and any associated data, subject to legal retention requirements. You may request account termination at any time, and we will handle your data in accordance with our Data Retention Policy.

11.3. If your account is suspended or terminated and you wish to reinstate it, please contact us. However, we are under no obligation to restore access to terminated accounts.

12. No Third-Party Data Sharing

12.1. We do not share, sell, or transfer any of your personal data to third parties. Your data remains private and is used solely to provide and improve the functionality of the Website.

12.2. Financial data collected, including loan status, outstanding dues, repossession history, and payment defaults, is used strictly for agency operations.

• 12.2.1. This data is not shared with any third parties apart from the hosting server for storage purposes only.
• 12.2.2. Agencies must ensure that they have legal permission to process and handle such data, in compliance with applicable financial regulations.

13. Cookies and Tracking Technologies

13.1 We may use cookies and similar tracking technologies to collect and use personal data about you, including to serve interest-based advertising. Our use of cookies and tracking technologies includes:

• 13.1.1. Essential Cookies: These cookies are necessary for the operation of our Website. They enable you to move around our Website and use its features.
• 13.1.2. Performance and Analytics Cookies: These cookies collect information about how you use our platform, allowing us to improve its functionality and user experience. For example, these cookies help us understand which pages are visited most frequently and how users navigate the site.
• 13.1.3. Functionality Cookies: These cookies allow our Website to remember your choices (such as your username, language, or the region you are in) and provide enhanced, more personalized features.
• 13.1.4. Advertising Cookies: These cookies are used to deliver advertisements more relevant to you and your interests. They also help limit the number of times you see an ad and measure the effectiveness of advertising campaigns.

13.2. You have choices regarding the use of cookies and tracking technologies, including adjusting browser settings to refuse cookies, using opt-out mechanisms from industry-wide initiatives, and setting privacy preferences for specific tracking technologies.

14. Jurisdiction and Dispute Resolution

This Privacy Policy, and any disputes related to it or to our services, shall be governed by and construed in accordance with the laws of Canada, without regard to its conflict of law principles.

14.1. Jurisdiction: Any disputes arising out of or relating to this Privacy Policy shall be submitted to the exclusive jurisdiction of the competent courts located in Ontario, Canada. By using our platform, you agree to submit to the personal jurisdiction of such courts for the purpose of litigating any such disputes.

14.2. Dispute Resolution: We encourage you to first contact us at btran@impact-medical.ca to seek resolution of any issues before pursuing legal action. We are committed to resolving any concerns promptly and effectively.

15. Acknowledgment and Acceptance of Terms

15.1 Understanding and Agreement:

• 15.1.1. By accessing and utilizing our services, you affirm that you have thoroughly read, understood, and embraced the terms laid out in this Privacy Policy as well as our Terms of Use. This acknowledgment is crucial, as it forms the basis of our mutual understanding and agreement regarding your data and privacy.
• 15.1.2. Before completing the registration process, agencies and users must explicitly acknowledge and accept the Privacy Policy, Terms & Conditions, and Data Processing Policies.
• 15.1.3. This digital acknowledgment serves as a legal agreement, confirming that users understand and consent to the terms before using the platform.

16. Policy Updates

16.1. We are committed to regularly reviewing and updating this Privacy Policy. Our aim is to stay aligned with emerging legal standards, technological advancements, and shifts in our service offerings.

16.2. If any significant modifications, revisions, or amendments are made to this policy, we pledge to provide you with timely notifications. This ensures that you are always well-informed about how we handle your personal data, thereby empowering you to make choices that are best suited to your privacy preferences.

Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact us at:

Contact Name: Brady Tran
Email: btran@impact-medical.ca
Phone: 647-482-8965