Privacy Policy

Regarding Your Personal Health Information

My House of Hearing is proactive regarding the privacy and security that your Personal Health Information deserves. Our Audiologist and Data Privacy Officer, Chelsea Stewart (contact information at bottom of page), has familiarised herself with the pertinent legislation regarding your PHI and has taken all the necessary precautions -and then some- to ensure that it’s as safe as reasonably possible, while still being immediately accessible to any patients who may request it.

If you have concerns about your data, or would like to make an access request, a change request, or a file a complaint, please don’t hesitate to reach out to Chelsea directly. Her contact information can be found at the bottom of this page. Email, Phone, or Stop in.

If you come to the clinic to see Chelsea about your hearing health, she will be required to collect PHI (Personal Health Information) from you. By visiting the clinic and agreeing to an examination you are giving both implied and express consent to the collection and storage of that data by My House of Hearing, and Chelsea Stewart specifically.
We always strive to keep our data as accurate as possible. That being said, if you notice that we have any incorrect information about you during your visit to our clinic, please let us know as soon as possible so we can rectify the error.
Physical copies of your PHI may be held by our clinic for for six years after the patient is last seen. Records of pediatric patients shall be retained until two years past the age of majority or six years after the date last seen, whichever may be the later date. When the time for the PHI to be destroyed arrives, My House of Hearing may choose to a) contract the services of a certified data destruction specialist, and will have all necessary legal agreements in place before doing so. Alternatively, we will b) destroy the data ourselves, firstly by shredding it in a regular duty Office Shredder, and then by incinerating the shredded remains. This duty will be carried out by or at least in the presence of Chelsea Stewart; who will ensure your data remains confidential until it no longer exists.
My House of Hearing utilises the services of a 3rd party company, Plains.Digital Inc., to protect and encrypt all PHI using industry leading technology that ensures the continuity and privacy of your digital data is maintained regardless of the circumstances. The PHI is encrypted before leaving My House of Hearing and only our Data Privacy Officer has access to the key to view that data, should it be required. In addition to daily, redundantly located, back ups we also employ some of the most rigorous antivirus/antimalware and phishing/ransomware protection available on the market today. Your digital data is as safe as it can possibly be in our care, and you can rest assured that it will continue to be well cared for until our retention and destruction policy informs us to destroy it – which will be done in a manner that prevents it from being restored by any conventional technical methods.
In addition to protecting your private information over the internet, we are also diligent to ensure that when discussing PHI in the clinic, with you or amongst our staff, that nobody will have the opportunity to eavesdrop or intercept the information as we’re speaking it.
The physical copies of your PHI will be accounted for at all times, either in the hands of our staff while dealing with your case, or in a locked and fireproof filing cabinet with a modern alarm system. We train our staff to keep their phones off at work, and to keep their desks clear, to avoid any mistakes or opportunity for outside parties to potentially access your data through negligence or apathy.
In the unlikely event that a Privacy Breach is discovered at our clinic, we have procedures in place to immediately inform the applicable people and organisations as quickly as possible, including but not limited to the police, to minimise the potential size and scope of said breach. We also perform audits of our data use on a yearly basis, looking for any problems or potential problems in our data collection, storage, use, and disclosure.
Generally, Chelsea Stewart will be the only person to see your PHI or have any reason to access it. Exception to this may occur when routine maintenance or emergency repair is being performed on our clinics physical location or its digital locations. All the 3rd party companies we will use to provide us with these services will be under strict confidentiality agreements and have the experience and reputation to have no concerns over their professionalism or discretion. However, 3rd parties will still be discouraged from accessing any data in the clinic at all, until it has been encrypted if possible, or at least under the direct supervision of Chelsea Stewart. All current and future staff will be trained on HIPA regulations and on how to best protect you and themselves from unnecessary exposure to your PHI.


The rest of this Policy refers to non personal health data that may be collected when visiting our clinic or website. 

Your privacy is important to us. It is My House of Hearing’s policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, and other sites we own and operate.

This policy is effective as of 30 November 2021 and was last updated on 30 November 2021.

Information We Collect

Information we collect includes both information you knowingly and actively provide us when using or participating in any of our services and promotions, and any information automatically sent by your devices in the course of accessing our products and services.

Log Data

When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your device’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, other details about your visit, and technical details that occur in conjunction with any errors you may encounter.

Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

Personal Information

We may ask for personal information which may include one or more of the following:

IP Address

Legitimate Reasons for Processing Your Personal Information

We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

Collection and Use of Information

We may collect personal information from you when you do any of the following on our website:

Use a mobile device or web browser to access our content
Contact us via email, social media, or on any similar technologies
When you mention us on social media

We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:

We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:

to enable you to customise or personalise your experience of our website

to contact and communicate with you
for analytics, market research, and business development, including to operate and improve our website, associated applications, and associated social media platforms
for advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you

Please be aware that we may combine information we collect about you with general information or research data we receive from other trusted sources.

Security of Your Personal Information

When we collect and process personal information, and while we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use, or modification.

Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is 100% secure, and no one can guarantee absolute data security. We will comply with laws applicable to us in respect of any data breach.

You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services.

How Long We Keep Your Personal Information

We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. If your personal information is no longer required, we will delete it or make it anonymous by removing all details that identify you.

However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.

Disclosure of Personal Information to Third Parties

We may disclose personal information to:

a parent, subsidiary, or affiliate of our company
third party service providers for the purpose of enabling them to provide their services, for example, IT service providers, data storage, hosting and server providers, advertisers, or analytics platforms
our employees, contractors, and/or related entities
our existing or potential agents or business partners
sponsors or promoters of any competition, sweepstakes, or promotion we run
courts, tribunals, regulatory authorities, and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise, or defend our legal rights
third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you
third parties to collect and process data

International Transfers of Personal Information

The personal information we collect is stored and/or processed where we or our partners, affiliates, and third-party providers maintain facilities. Please be aware that the locations to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this privacy policy.

Your Rights and Controlling Your Personal Information

You always retain the right to withhold personal information from us, with the understanding that your experience of our website may be affected. We will not discriminate against you for exercising any of your rights over your personal information. If you do provide us with personal information you understand that we will collect, hold, use and disclose it in accordance with this privacy policy. You retain the right to request details of any personal information we hold about you.

If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email-database or opt out of communications. Please be aware we may need to request specific information from you to help us confirm your identity.

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

Use of Cookies

We use “cookies” to collect information about you and your activity across our site. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our site. This helps us serve you content based on preferences you have specified.

Limits of Our Policy

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.

Changes to This Policy

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

Contact Us

For any questions or concerns regarding your privacy, you may contact our designated Data Privacy Officer:

Chelsea Stewart
503 Main St.
Esterhazy, SK
S0A 0X0