We will only use your personal information in accordance with this policy, and with applicable federal and provincial privacy laws. We collect, use, and disclose your personal information only for purposes that a reasonable person would consider appropriate, in light of the original intent and use to which you consented. We take steps to ensure that the personal information that we collect about you is not excessive and used for limited purposes.
Please read the policy that is set out below carefully to understand our policies and practices for collecting, processing, and storing your information. If you do not agree with our policies and practices, do not download, register with, or use the Website.
This policy may change from time to time. Your continued use of this Website after we make changes indicates that you accept, and consent to, those changes, so please check the policy periodically for updates.
In this policy, references to “law” or “laws” includes references to all applicable legislation and regulations.
We collect information about you through:
Direct interactions with you when you provide it to us, for example, completing self-attestation forms, responding to questions, or corresponding with us.
- Digital system or test results portal, for example, if you choose to register for testing services and results reporting through our digital system or the Website.
- Automated technologies or interactions, when you use the Website, for example, usage details, IP addresses, and information collected about your location.
We may collect and use the following information about you:
- Your name, birth year, photo(s) that you provide to us, email address, recent travel history, personal health information and any other information from which you may be identified (collectively, “personal information”).
- When you register for testing services, your name, contact information, health provider information, symptoms, health history and COVID-19 test results (“personal health information”).
- Non-personal information that does not directly or indirectly reveal your identity or directly relate to an identifiable individual, such as demographic information, or statistical or aggregated information. We may derive non-personal statistical or aggregated data from personal information. For example, we may aggregate personal information to calculate the demographics of users accessing a specific feature of the Website.
- Technical information, including your login information, device type, time zone setting, and usage details.
Information You Provide to Us
When you register with, or use this Website, we ask you to provide:
- Information by filling in forms on the Website. You will be asked to register and to complete a consent form when you use this Website.
- Information about your connected organizations. A connected organization is typically a company, institution, or other entity (i) with which you have a pre-existing relationship; and (ii) which has enrolled in a COVID-19 workplace screening program. For example, this could be your employer or your place of work.
- Information when you report a problem with the Website. We use this information to troubleshoot and help correct performance issues.
- Information about your health status and testing results. We may also ask you to provide information about your health so that we can provide you, your connected organizations and their administrator(s), and other third parties with updates relating to your health status and testing. We will always ask for your consent before we collect, use, or disclose your personal health information.
Automatic Information Collection and Tracking Technologies
Such third parties may also ask for your consent prior to testing, and they will provide more details on how your information is used and shared.
In addition to the above, your personal health information that is provided will be used;
- to provide testing services to you;
- to provide you with your booking information and consent via the PHIPA compliant data management organization
- to provide, if applicable, your connected organization(s) and their administrator(s) with the same booking information list above and testing results with your consent; and
- to comply with legal, Public Health, and professional regulatory reporting obligations.
When you use this site, we may automatically collect certain details of your access to and usage details of the Website, including but not limited to location data, logs, and other communication data. This data allows us to optimize website use, and track traffic volumes to our site.
We reserve the right to make changes to this Policy at any given time. To stay up to date, please visit this page.
Through the use of the booking page, you are consenting to the data collection procedures expressed by this Policy.
It is always up to you whether to disclose personal or business identifiable information. If you elect to not do so, we reserve the right to not provide you with services that Good To Go Test offers as applicable.
Why We Collect Information
Good To Go Test asks for your information for several reasons:
- To better understand your needs and provide you with the services you have requested;
- To provide you with information about our programs from time to time
- To improve our services or website
We may keep this information for the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations; any limitation periods within which claims might be made; any retention periods prescribed by law or professional bodies or associations; and the type of contract we have with you.
Disclosure of Information
Good To Go Test may not use or disclose the information provided by you except under the following circumstances:
- As necessary to provide you services or products you have requested
- As required by law, to comply with a court order, or in response to public health requests and guidelines
- As necessary to enforce the Terms of Service
- To partners and potential partners of Good To Go Test who have agreed to keep the information confidential as well.
Good To Go Test will communicate with you, your organization where applicable, using email or telephone for the interest of timely communication, and that, however unlikely, this may increase risks to the security and confidentiality of your PHI. The risks include, but are not limited to, the following: The privacy and security of email / technology based/technology-based communication cannot be guaranteed. Employers and online services may have a legal right to inspect and keep emails /messages that pass through their system. Email is easier to falsify than handwritten or signed hard copies. In addition, it is impossible to verify the true identity of the sender, or to ensure that only the recipient can read the email once it has been sent. Emails can introduce viruses into a computer system, and potentially damage or disrupt the computer. Email/messages can be forwarded, intercepted, circulated, stored or even changed without the knowledge or permission of the physician or the patient, resulting in it being sent to many unintended and unknown recipients. The use of technology may increase the risk of your PHI being unintentionally disclosed or intercepted by third parties. Technical failures and technological issues may result in a loss of PHI and/or delay or interruption. Email /messaging is indelible. Even after the sender/recipient has deleted their copies of the email, back-up copies may exist on a computer/cyberspace. Use of email/messaging to discuss sensitive information can increase the risk of such information being disclosed to third parties. You understand that you may ask to communicate with a medical professional by telephone and this will be respected. Good To Go Test assumes no responsibility or liability for any technical failures or technological issues associated with delivering results to you by email.
Please keep us informed if your personal information changes between testing appointments. You have the right to and to correct your own personal information or remove your consent; however please note that the removal of your consent, however this should not be considered complete until you receive confirmation in writing from Good To Go Test or its vendors and may mean you may not be able to participate in services provided by Good To Go Test.
CANADA’S ANTI-SPAM LEGISLATION AND ELECTRONIC COMMUNICATIONS
Where applicable, we will seek your express consent to contact you, including by way of commercial electronic messages. You can unsubscribe at any time from receiving commercial electronic messages by following the instructions in the message.
Even if you have opted out of receiving marketing communications from us, please be aware that we may still contact you electronically for other purposes. For example, we may contact you to provide communications you have consented to receive, regarding the services we provide to you, or if you contact us with an inquiry.
With your consent, we may communicate limited personal health information via email or text in the interest of promoting timely communication. The use of technology may increase the risk of your personal information being unintentionally disclosed or intercepted by third parties. Technical failures and technological issues may result in a loss of personal information and/or delay or interruption of the services we provide to you. We assume no responsibility or liability for any technical failures or technological issues associated with communicating through electronic communications, and you hereby indemnify us and hold us harmless from any damages you may suffer as a result of such failures or issues.
The security of your personal information is very important to us. We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us either directly on your device or with our third-party cloud storage service provider(s). Information stored on your device (iOS or Android) is stored using a minimum AES-256bit encryption and in a secure hardware enclave located on your device. Information that is stored in the cloud is encrypted at rest and in transit and is stored using a minimum AES-256bit encryption on the server.
We only use cloud storage service providers that maintain high industry standards, including globally recognized security and data use & protection certifications.
Except as otherwise permitted or required by applicable law, we will only retain your personal information for as long as necessary to fulfill the purposes for which it was collected and for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize or aggregate your personal information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you and without your consent.
CHILDREN UNDER THE AGE OF 13
Our Website is not intended for children under 13 years of age. No one under age 13 may directly provide any personal information to or on the Website. If you are under 13, do not use this Website.
If we learn that we have collected or received personal information from or about a child under 13 without parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes. You have the right to request access to and to correct the personal information that we have on record in your regard.
If you want to review, verify, correct, or withdraw consent to the use of your personal information you may also send us an email at email@example.com to request access to, correct, or delete any personal information that you have provided to us. We may not accommodate a request to change or delete information if we believe the change would violate any law or legal requirement, cause the information to be incorrect, or would put the health or safety of others at risk.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
WITHDRAWING YOUR CONSENT
Where you have provided your consent to the collection, use, and transfer of your personal information, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact us at firstname.lastname@example.org. Please note that if you withdraw your consent we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you make your decision.
CONTACT INFORMATION AND CHALLENGING COMPLIANCE
Attn: Privacy Officer
Good To Go Test
Email: Info @goodtogotest.ca
If you are not satisfied with our privacy practices, you may bring a complaint to the Office of the Privacy Commissioner or provincial information and privacy commissioner, as applicable.
Good To Go Test operations are located exclusively in Canada.
For any questions, please contact us. Info@GoodToGoTest.ca