sanoMidLife Privacy Pledge

For the purposes of this Pledge:

(i) “Personal Information” or “PI” means information about an identifiable individual, which includes information, used alone or with other information, that can directly or indirectly be used to identify, contact, or locate a person.

(ii) “Personal Health Information” or “PHI” means information about an identifiable individual, that can directly or indirectly be used to identify that individual and that relates directly to the individual’s physical or mental health, including the name of the patient, date of birth, medical history, medical treatment, medical test results, medication list, and any other health information. PHI may be found in medical records, treatment and examination notes, and communications between clients and our healthcare professionals via the Platform.

(iii) “Anonymized Information” means information that is about you and for which it is, at all times, reasonable to predict, in the circumstances, that it will no longer be possible to identify you directly or indirectly.

(iv) “De-Identified Information” means information that no longer directly identifies you.

(v) “Virtual Consultation Services” means healthcare services provided at a distance using information and communications technologies, such as interactive messaging, audio and video technology. The Platform allows you to access quality medical and healthcare services.

We may collect various types of information from you when you access and use our Platform, including:

Personal Information

• Legal Name
• Address
• Email address
• Phone number
• Sex at Birth
• Preferred Pronoun
• Date of Birth
• Provincial Healthcare Card number
• Private Health Insurance details
• Credit card information

This information is collected when you submit forms related to our Services.

Technical Information

• Geo-location information
• Browser type and version
• Time zone setting
• Preferred language
• Browser plug-in types and versions
• Operating system and platform
• Information about your internet connection
• Equipment used to access our Website
• Usage details

Digital Interaction Information

• URLs
• Clickstream data
• Products viewed or searched for
• Page response times
• Download errors
• Length of visits to certain pages
• Page interaction information (e.g., scrolling, clicks, mouse-overs)
• Methods used to browse away from the page
• Phone numbers used to contact our customer service

We use the information we collect, including PI, for various purposes, including but not limited to:

To Communicate with You

We may use your PI to communicate with you, including:

• Providing our Platform services to you, including the delivery of content and interactive features.
• Notifying you about new products or services releases, partnerships, and important information related to sanoMidLife.
• Informing you about changes to sanoMidLife.
• Providing you with relevant healthcare information and updates on healthcare trends and best practices.
• Providing you with support, answering your questions or requests for information, or handle your concerns.

For Study, Research, and Statistical Purposes

We may use your PI for research, analysis, and statistical purposes to improve our Website, products, services, marketing, and customer experiences. When required by law, we use De-Identified or Anonymized Information for these purposes.

To Process Payments

If you make payments through sanoMidLife for services beyond the coverage of provincial health insurance or private workplace insurance benefits, we will collect and process your payment information securely through a PCI-compliant third-party provider.

To Improve Our Services and Marketing

PI provided by you or collected by us may be de-identified and used for product development, website quality verification, and marketing material improvement.

For Legitimate Business Activities

We may use your PI to carry out our obligations and enforce our rights arising from contracts with you, including billing, collection, legal compliance, and implementation of data security measures. For example informing your Benefit Sponsor, if you have one, about your registration and other information.

Various individuals and entities may have access to your PI and PHI:

Professionals Providing Services via sanoMidLife

Health professionals and coaches providing Virtual Consultation Services on sanoMidLife may have access to your personal information, including PHI when necessary to deliver their services and comply with legal and regulatory obligations. All professionals engaged by sanoMidLife are contractually obligated to maintain confidentiality.

Our Service Providers

We may share your personal information, including PHI, with service providers who assist us in delivering our Services. This can include requisitions for blood work, referrals to physician specialists, etc. We ensure that transferred information is properly protected when using independent service providers.

Your Benefit Sponsor

In limited cases, we may provide certain personal information to your Benefit Sponsor, including your name, email address, your registration date, and the date on which you last used our Platform. Generally, we restrict this sharing to not include specific details of your Platform activity or any details about your use of Services. This restriction may not apply where sharing some of your activity is necessary for processing the payment of your services received.

Our Corporate Clients

We may share Anonymized, De-Identified, or aggregated information with our clients for reporting purposes. This helps us and our clients understand the effectiveness of our Services and develop relevant products and offerings.

Other Persons, When Permitted or Required by Law

In certain circumstances, we may disclose your personal information to others as permitted or required by law. This includes complying with court orders, laws, judicial proceedings, governmental or regulatory requests, and enforcing our agreements.

We employ robust security measures to protect your data:

Required Two-Step Authentication

Two-Step Authentication is mandatory for all client accounts to prevent unauthorized access.

Secure Storage

Personal information is stored in a secure environment in compliance with global privacy and data protection standards.

Network Security

We segregate internal and publicly-accessible systems to enhance security.

Privacy Policies and Training

Our team receives privacy training and is bound by confidentiality obligations.

SOC 2 Type II Compliance

We comply with trust services criteria relevant to security.

Encryption

We use advanced encryption for data in transit and at rest.

Access Control

Access is restricted to authorized personnel on a need-to-know basis.

Regular Audits and Assessments

We conduct security audits and assessments to address vulnerabilities.

We retain PI and PHI only as long as necessary for the original purposes or as required by law. De-Identified Information may be used for legitimate business purposes. Some of your personal information and PHI cannot be deleted due to statutory retention requirements (for example, the minimum retention period of patient records varies by jurisdiction ranging from 10 to 34 years). For any deletion request, please follow the deletion request procedure in the Platform or contact us at privacy@sanoliving.ai, and we will let you know if we can accommodate your request.

As part of our Services, sanoLiving employs a natural language generative AI bot, Sano designed to enhance your experience. This AI bot is used for various purposes, including but not limited to:

• Guided Assessments
  Our AI bot aids in conducting guided assessments to gather relevant health information for the development of personalized care plans.
• Surfacing Personalized Educational Content
  The AI bot offers personalized educational content tailored to your specific health needs and preferences.
• Reminders and Motivation
  It provides reminders and motivation to help you adhere to your care plan, establish health habits, and stay on track with your wellness journey.

We want to assure you that your interactions with Sano are handled with the same commitment to privacy and security as all other aspects of our platform. Any data collected and processed by the Sano is subject to the same safeguards and protections outlined in this Pledge.

At sanoLiving, we take your privacy seriously and are dedicated to providing a secure and valuable experience as you engage with Sano and other platform features. If you have any concerns or questions about the Sano’s functionality or data handling, please do not hesitate to contact us at privacy@sanoliving.ai.

We use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and personalize content. Cookies are small text files that are placed on your device when you visit our website. They help us remember your preferences, understand how you interact with our site, and provide features such as account login and tailored content.

Types of Cookies We Use:

• Essential Cookies: These cookies are necessary for the operation of our website. They enable you to navigate the site and use its features, such as accessing secure areas.
• Performance Cookies: These cookies collect information about how visitors use our website, such as which pages are visited most often. This data is used to improve the website’s performance and user experience.
• Functional Cookies: These cookies allow the website to remember choices you make (such as your language or region) and provide enhanced, more personal features.

You can control and manage cookies in various ways. Most browsers allow you to refuse or accept cookies, delete existing cookies, or set your browser to automatically reject cookies. However, please note that disabling cookies may affect your ability to use certain features on our website.

By continuing to use our website, you consent to our use of cookies and similar tracking technologies in accordance with this policy. If you do not agree to our use of cookies, you should adjust your browser settings or discontinue use of our site.

Access and Correction of Your Information

We value the accuracy and currency of your personal information. If your personal details change, please let us know. You have the legal right to access and correct the personal information we hold about you, including your patient record and any PHI.

• Access and Correction via sanoMidLife: You can review and update your personal information by logging into your sanoMidLife account.
• Requesting Access or Corrections: To access or correct your personal information or PHI, email us at privacy@sanoliving.ai. We may require specific details to confirm your identity.
• Access Restrictions: Legal and regulatory requirements or our record retention practices may limit your access to some information. We’ll explain why if we can’t provide access.

Withdrawal of Consent

If you’ve given consent for collecting, using, and transferring your personal information, you can withdraw it under certain circumstances. Contact us at privacy@sanoliving.ai to withdraw consent. Keep in mind that withdrawing consent may affect the availability of certain products, services, or access to sanoMidLife.

• Opting Out of Emails: To stop receiving certain emails, email your opt-out request to info@sanoliving.ai. This doesn’t apply to transactional emails related to product or service purchases.
• Push Notifications: If you’ve agreed to receive push notifications related to our services and no longer wish to receive them, you can change your preferences via sanoMidLife or email us at info@sanoliving.ai.

We’ll update any Pledge changes on this page and provide a notice on the sanoMidLife platform when we make material changes to how we handle your personal information. We’ll also send an email notification to your primary email address. Please ensure your email address is up-to-date and visit our Pledge periodically to stay informed about any updates.