Effective date: September 12, 2017
At Aria, your privacy is important to us. The purpose of this privacy statement is so that you understand how we collect, use and disclose personal information, and to inform you of your rights with respect to such personal information. It is intended to be a clear and understandable statement about how we comply with the Personal Information Protection and Electronic Documents Act (Canada) and how we assist our Counsellors in complying with their obligations under relevant provincial privacy laws.
Aria is an innovative cloud-based system that permits collaboration between counsellors and clients, and also acts as an information management system for counsellors. Because it is a system, it has a number of parts, some of which are visible only to counsellors, some are used directly by the client and some are in the background, making it all happen. Taken together, we refer to this in our Privacy Statement as the “Aria System.”
At Aria, we classify the personal information we collect, use and disclose into two main categories: The first is information about our Counsellors, who are generally psychologists, life coaches, psychotherapists, clinicians or counsellors, and the second is about our Counsellor’s Clients. The term Client refers to those individuals whose personal information is collected and processed using the Aria System for therapeutic purposes.
It should be noted that “Counsellor” may refer to an incorporated group practice, so that more than one individual “counsellor” is included in the term “Counsellor”.
This statement relates to “personal information”, meaning information about an identifiable individual, whether that individual is our Counsellor or is a Client. You will note that the nature of the personal information varies depending on whether it relates to a Counsellor or a Client, so each is specifically addressed in this Privacy Statement.
You should also note that we are custodians of Client personal information as service providers to our Counsellors. The collection, use and disclosure of Client personal information would also be subject to the privacy practices of the relevant Counsellors, so Clients should refer to them for additional information. This privacy statement can only provide you with information about how Aria itself collects, uses and discloses personal information. As between a Counsellor and his or her client, the Counsellor is primarily responsible for complying with privacy laws and other professional obligations.
We collect personal information related to Counsellors to provide them with the Service and to administer the accounts associated with the Service.
Other than as described in this Privacy Statement, Aria does not use any Client personal information for its own purposes. Client personal information is only processed by Aria to provide the Service to our Counsellors. How Counsellors will use the Client data will be as determined by applicable law and the Counsellor’s individual privacy practices. Clients should refer to their Counsellors’ privacy statements for an understanding of how individual Counsellors collect, use and disclose personal information beyond its processing on the Aria platform.
Personal Information of Clients and Counsellors may be used by Aria in order to tailor the Service to your individual needs, to provide you with relevant advertising and to contact you as necessary in connection with the Service.
From our Counsellors, we collect only information that is necessary to establish and maintain the provision of the Service to them. This information includes:
The use of the Aria System by our Counsellors and their end users involve the collection of the following Client personal information:
Cookies: Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the website, pages visited, language preferences, and other web traffic data. We use the information for security purposes, to facilitate online navigation, to display information more effectively, to personalize your experience while using the website, and to otherwise analyze user activity. We can recognize your computer to assist your use of the website.
Pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) may be used in connection with our website to, among other things, track the actions of users of the website and other means of communication with you (including e-mail recipients), measure the success of our marketing campaigns, and compile statistics about usage of the website and response rates.
Information provided by Clients when using the Aria System under the direction of a Counsellor will be made available to that Counsellor.
Personal information of Clients and Counsellors may be transferred to Aria’s affiliates, partners or service providers in order to run or manage the Aria System. All such transfers will be subject to strict confidentiality requirements and each recipient of any personal information will be advised of their obligations under this Privacy Statement.
We will not disclose Personal Information of a Counsellor or a Client to any third party other than with your consent or if we are lawfully obliged to disclose it. If we receive any legal process that would compel us to disclose any such Personal Information, we will make reasonable efforts to give the relevant individual notice of the disclosure provided we are lawfully able to do so. We will make efforts to give this notice in advance so that the affected individual can contest it.
If Aria were to be acquired by another company, the Personal Information necessary to operate Aria as a going concern would be transferred to the purchasing company. The purchasing company would be subject to this privacy statement.
We are required by law to safeguard the personal information in our custody or control. We use industry standard measures to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. We protect personal information regardless of the format in which it is held. We recognize that Client personal information is sensitive mental health information and we protect it accordingly.
Our methods of protection include (a) physical measures, such as restricted physical access to our information system; (b) organizational measures, including limiting access on a “need-to-know” basis; and (c) technological measures, including the use of passwords and encryption.
We use Service providers, including data hosting providers, to facilitate providing the Aria System. We use contractual means to make sure that our service providers only deal with personal information on our behalf to provide the Aria System and not for any other purposes. We also undertake diligence to satisfy ourselves that our service providers will implement adequate safeguards to protect personal information.
Counsellors have a right to access their personal information that is in Aria’s custody or control. We endeavor to make it easy for you to access all of your information in the Aria System. You can request access to your own personal information by contacting us at the below address (see “Privacy Contact”). You may be required to provide additional information so that we can confirm your identity.
We note that because Aria does not collect, use or disclose Client personal information on its own account (but only as service providers to Counsellors), Clients seeking access to information beyond what is available and visible to them in the Aria System should seek access to this information from their Counsellor.
Aria is a Canadian company, operated entirely in Canada. We store and manage Counsellor and Client personal information in Canada. Some of our service providers (such as payment processors and analytics providers) may be based outside of Canada, but we do not permit the transfer of personal health information outside of Canada.
We also note that the internet is inherently international and communications between Aria and its users may be routed over the internet in ways that we cannot control. We do put in place safeguards to protect against interception and other unlawful use of user data, such as SSL and TLS encryption. To the extent that it may be necessary or desirable, you consent to the transfer of your personal information as described in this paragraph.
The limits on use of information described in this privacy statement are for “personal information”, meaning information that is or can reasonably be connected to a particular individual using the information itself or information that may be reasonably available. Aria may use de-identified information, derived from personal information, for a range of purposes such as:
We will take industry standard steps so that this de-identified information cannot be connected to any particular individual.
We may revise this Privacy Statement at any time by posting an updated version, which will include a version date. If we consider a change to be significant (meaning it materially affects the Service as we provide it, your right or your obligations), we will provide you with additional notice such as via a pop-up, by email or via an in-app notification. We will endeavour to provide you with such notice in advance of the revisions coming into effect. Your continued use of the Aria System after a change to this Privacy Statement constitutes your binding acceptance of the revised Privacy Statement.
The terms “post” and “posting” as used in this Privacy Statement shall mean the act of submitting, uploading, publishing, displaying, or similar action on the Aria System.
If you have any questions or concerns about Aria’s personal information handling practices, of if you are looking for access to your own personal information, please contact us at the following coordinates:
51 Sherbrooke West, Suite 5
Montreal, Quebec H2X 1X20