This Policy explains how we collect, use, disclose, and protect your information when you visit our website and when you engage our clinical services. It is intended to meet requirements under Ontario’s Personal Health Information Protection Act (PHIPA) for clinical records, and Canada’s PIPEDA for general (non-clinical) personal information. This Policy is for information only and is not legal advice.
This Policy explains how we collect, use, disclose, and protect your information when you visit our website and when you engage our clinical services. It is intended to meet requirements under Ontario’s Personal Health Information Protection Act (PHIPA) for clinical records, and Canada’s PIPEDA for general (non-clinical) personal information. This Policy is for information only and is not legal advice.
Identifiers & contact details: name, email, phone number, and the content of your message when you submit a form or request a consultation.
Technical data: IP address, device/browser type, pages visited, time on page, and referral source (collected via cookies, logs, and analytics tools).
Cookies & similar tech: Used for basic site functionality, security (e.g., spam filtering), and analytics. You can adjust browser settings to limit cookies.
Intake & session information: demographics, contact/ emergency contact, health history, presenting concerns, therapy notes, treatment plans, referrals, and correspondence related to your care.
Scheduling & billing: appointment history and invoices/receipts. We do not store full payment card numbers on our servers.
Please avoid sharing sensitive clinical details through general website forms. We will gather PHI through appropriate intake and session processes.
Respond to your questions and consultation requests.
Operate, secure, and improve our website (including analytics and performance monitoring).
You may withdraw consent at any time, subject to legal and contractual restrictions. Withdrawal may affect our ability to provide certain services.
Send administrative messages you request (e.g., confirmations). Marketing emails are sent only with your express consent; you may unsubscribe anytime.
Provide psychotherapy services you request.
Coordinate care (with your consent) with other providers or third parties you designate.
Meet legal, regulatory, audit, insurance, and professional college requirements.
Website (PIPEDA): We collect, use, and disclose personal information with your consent (express or implied), or as otherwise permitted by law (e.g., fraud prevention, security).
Clinical (PHIPA): We collect, use, and disclose PHI with your knowledge and consent, or as permitted/required by PHIPA (for example, to reduce serious risk of harm, comply with a court order, report abuse where required, or respond to regulatory inquiries).
We do not sell your information. We may disclose information:
Service providers: Trusted vendors who host our site, provide secure email, forms, practice management, telehealth, payments, or analytics. They only access what’s needed to perform services and must protect it.
Care coordination (PHI): With your consent, or as authorized by PHIPA.
Legal/ safety: If required by law, professional obligations, or to protect anyone from imminent risk of serious harm.
Business changes: If our practice is restructured/sold, permitted PHI and personal information may transfer under confidentiality safeguards and subject to applicable law.
Some service providers may store or process data in other provinces/countries (including the U.S.). Where cross-border transfers occur, we take steps to protect your information, but it may be subject to foreign laws.
Website/general info: Kept only as long as necessary for the purposes described, or as required by law.
Clinical records (PHI): Retained in accordance with PHIPA and professional standards — generally at least 10 years from the date of the last entry, or 10 years after a client turns 18, whichever is later.
Access & copies: You may request access to your health record and receive copies, subject to limited exceptions in PHIPA.
Corrections: You may request corrections to your PHI.
Accounting of disclosures: You may ask about certain disclosures made without consent, as permitted by law.
Complaints: You may contact the Information and Privacy Commissioner of Ontario (IPC) about PHI privacy concerns.
Access & correction to personal information we hold, and to withdraw consent for future use.
To exercise these rights, contact us using the details below. We may need to verify your identity and, where appropriate, may require requests in writing.