Privacy Policy

TripleTee Software Company

Last modified: November 23, 2013 This Policy governs the collection, use and disclosure of personal information by TripleTee Software Company (“We”) in accordance with statutory privacy regimes in Canada. It complies with the B.C.’s Personal Information Protection Act (PIPA) and, where applicable, with the Freedom of Information and Protection of Privacy Act (FIPPA) and the federal Personal Information Protection and Electronic Documents Act (PIPEDA). This policy (together with the Data Sharing Agreement and any additional applicable policies, guidelines, restrictions or rules that may be posted on our Website from time to time) sets out the basis on which any personal data we collect from you or about you, or that you provide to us, will be processed by us. Other than as described in this Policy, we will not give any information about you to others without your express consent. Please read the following carefully to understand our views and practices. In the event of a conflict or disagreement between this Privacy Policy and the Terms of Use, the Terms of Use will prevail. 1. Definitions PIPA is an Act about privacy in the private sector in British Columbia. It applies to all private organizations and to all personal information held by organizations in the course of commercial activity unless PIPA says otherwise. Some examples of an organization include a corporation, a sole proprietorship, a partnership, a society, a service provider, a pharmacy, a laboratory, a physician’s office, a dentist’s office, a health care practitioner’s office. FIPPA regulates public bodies in British Columbia, in particular provincial government ministries, regional health authorities, hospitals and self-regulating professional bodies. This Policy complies with FIPPA in regard to information received from a public body that maintained control over that information through contractual measures. PIPEDA is a federal act that protects personal information in provinces and territories that do not have their own private-sector privacy law. PIPEDA also applies to inter-provincial transfers of personal health information; and to personal health information that relates to employees of federal works, undertakings and businesses. PIPEDA may apply to this Policy in regard to the personal information of residents from other provinces. Personal Information includes any factual or subjective information about an identifiable individual, which means a person can be identified by the information, either directly (e.g. name, image, job title) or in combination with other information. For example, a health report about an unnamed individual would contain personal information if the individual could be identified through a street address, personal health number, phone number or other information that could link the information to the affected individual. Non-identifiable or aggregate information, such as statistical information about groups of individuals, is not personal information. This Policy applies to personal information whether the information is recorded or not. A Cookie is a text-only string of information that is stored by your browser when you navigate around a website. Cookies are required to use our Products and Services. Cookies cannot be used to see content of your computer, nor can they determine your e-mail address or identity. The Products and Services mean all products and services that are offered by us, including our Web sites. “You” means our customer, our prospective customer and/or their employees and agents. “We” means TripleTee Software Company. 2. We are accountable for our information practices. 2.1.       We are responsible for all personal information under our control even if it is not in our custody. Control includes our authority or ability to decide how to use, disclose and store personal information, how long to keep personal information and how to dispose of it. 2.2.       We protect personal information that is under our control by implementing policies and procedures to protect personal information, including privacy protection clauses in contracts to make sure that our contractors protect personal information the way we do or using other means to ensure a comparable level of protection while the personal information is being held by a third party. 2.3.       We may use outside companies, called third parties, to help us provide the product or service you request. Regardless of the location of these third parties, we require these third parties to comply with Canadian privacy legislation and our Privacy Policy. Certain third parties may be located in the United States and therefore may also be subject to US legislation. 2.4.       We investigate all complaints and take appropriate measures in response if a complaint is justified, including amending our policies and practices if necessary. 2.5.       We have a designated Privacy Officer who is accountable for compliance with our policies and statutory privacy regimes in Canada. You can reach our Privacy Officer by email privacy@tripletee.com. 3. What personal information we collect, use or disclose and for what purposes. 3.1.       We limit the collection, use and disclosure of personal information to that which is necessary to provide our Products and Services to you. 3.2.       We will explain why we need your information before or when we collect it, if the purpose is not already clear. We will assume that the purpose is clearly identified and that we have your implied consent when we collect, use or disclose your personal information to

3.2.1.           open your customer accounts;

3.2.2.           fulfill your product or service request, including free trial;

3.2.3.           provide you with customer support;

3.2.4.           provide quality assurance and maintenance of our Products and Services;

3.2.5.           ensure confidentiality and privacy of your account;

3.2.6.           ensure that your use of our Products and Services is in compliance with our Terms;

3.2.7.           verify the validity of your practitioner/payment number and of your MSP Teleplan account (for medical and health care practitioners);

3.2.8.           verify that you are in a good standing with a provincial/territorial regulatory authority/College (for medical and health care practitioners);

3.2.9.           reset your MSP Teleplan password on your behalf and update it in your Claim Manager Online (for medical and health care practitioners);

3.2.10.       make inquiries to MSP Teleplan support staff regarding your billing issues on your behalf (for medical and health care practitioners);

3.2.11.       issue invoices and process your payment, including recurring payments when you request them, and collect debts;

3.2.12.       update you as to the status of your order and/or account;

3.2.13.       identify your preferences;

3.2.14.       alert you to new services, important service revisions or updates;

3.2.15.       establish your eligibility and inform you about special offers, discounts and benefits;

3.2.16.       invite you to participate in customer surveys or other opinion-gathering devices;

3.2.17.       inform you about our educational events, such as training seminars, conferences and online training sessions.

3.3.       We will ask for your explicit consent before collecting, using or disclosing your personal information for any other purposes. 3.4.       Personal information that we collect might include, but not limited to

3.4.1.           your full name,

3.4.2.           your personal or business address,

3.4.3.           your contact information such as phone and fax numbers and emails,

3.4.4.           your business website,

3.4.5.           your business name,

3.4.6.           your Data Centre Number,

3.4.7.           your MSP Teleplan login name and password,

3.4.8.           your MSP Teleplan billing option,

3.4.9.           your MSP Teleplan billing history and remittance files,

3.4.10.       your practitioner and payment number,

3.4.11.       your job title,

3.4.12.       your professional designation,

3.4.13.       your accreditation with a provincial/territorial regulatory authority (College).

3.5.       If you sign up for Claim Manager Online or Claim Manager Desktop applications, we might have access to your patients Personal Health Information (“PHI”).  The privacy of this information is governed by our Data Sharing Agreement with you. 3.6.       We restrict internal access to personal information to select members of our staff and limit their access to a need-to-know basis. We do not use your personal information to market third-parties products or services. 3.7.       To use our Website and services, your browser must be able to accept cookie. We use cookies to enhance your experience with our Products and Service in the following ways

3.7.1.           to keep a session open after you log in,

3.7.2.           to compile individual and aggregated statistics that allow us to understand how you use our Products and Services and to help us improve them,

3.7.3.           to customize your visit to our Web sites by recognizing you when you return,

3.7.4.           to access your account without entering your login name each time when you has enabled ‘Remember Me on This Computer.’

3.7.5.           to authenticate registered users and to provide access to certain areas of our Web sites that are available to limited registered users only.

3.8.       With or without cookies, our Web sites track usage data, such as the source address that a page request is coming from, your IP address or domain name, the date and time of the page request, the referring Web site (if any), request method, requested resources, protocol and version, response code, size of the response, your software and other parameters. We use this data to better understand Web site usage in the aggregate so that we know what areas of our Web site users prefer. This information is stored in log files and is used for aggregated and statistical reporting. 3.9.       We use aggregate data of your usage of our Products and Services to modify current and to  develop new Products and Services and/or pricing plans; 3.10.   Our Web site may include banner advertisements or links to third-party Web sites. Advertising networks that serve ads may assign different cookies to you. Those cookies may be used to track your involvement with the advertising site. You may choose not to accept these cookies. We do not control these parties, and you should review their privacy policies to learn more about what, why and how they collect and use personal information. 3.11.   We DO NOT collect or have access to your credit card information. All financial transactions are done via PayPal. We do not initialize any automatic charges on our customer’s credit cards. Only our customers themselves can initialize the payment. 4. We obtain consent before collecting, using or disclosing personal information. 4.1.       We collect personal information by fair and lawful means. We will explain why we need your information before or when we collect it, if the purpose is not already clear. We will not use or disclose your personal information other than for the purposes for which it was collected, with the exception of receiving your consent or as permitted or required by law. We will not rent, sell, or otherwise distribute your personal information without your permission. When providing information in response to a legal inquiry or order, we will verify its validity and only disclose information that is legally required. 4.2.       Your consent to our collection, use or disclosure of personal information can be expressed consent, deemed (implied) consent or consent by not declining to give consent (consent by not opting out) in accordance with PIPA. Consent can be given in writing or verbally, in person, by phone, by mail or the Internet. 4.3.       Deemed (implied) consent does not require written or verbal notice of its intended use or disclosures of personal information because it only works in cases where those purposes for collection are considered so obvious that notification is not necessary. Your consent to use your personal information will be implied when the purpose is clearly identified. 4.4.        We can collect, use and disclose personal information without consent or collect personal information from another source only in limited and specific circumstances as specified by PIPA. 4.5.       There are several ways we might collect information:

4.5.1.           through your trial, purchase and use of our Products and Services,

4.5.2.           through your request to import your information for your use with our Products and Services,

4.5.3.           through your inquiry about our Products and Services,

4.5.4.           through technical support,

4.5.5.           through completed TripleTee Software Company’s rebate or coupon certificates that are filled out and mailed in,

4.5.6.           through request for information,

4.5.7.           from third parties whom you authorize to share such information.

4.6.       You can put reasonable terms and conditions on your consent or you can cancel or change your consent by giving us a notice, as long as doing so does not break a legal duty or promise between us and you or interrupts our Services to you. We will let you know what the consequences of cancelling or changing consent will be. 4.7.       If you volunteers more personal information than is needed for the company’s intended purposes, we will not record, use or disclose the irrelevant information. 5. We provide access to your personal information. 5.1.       You have the right to access your own personal information in our control. Most of the time your personal information is available on your online personal account with us. You can access this information by logging in to your personal account on our Web site. 5.2.       If the sought information is not available on your personal online account with us, you can make a request to provide you with a copy of your personal information in our control. A request for access must be in writing and must give enough information so we can find the information with reasonable effort. You do not have to say why you are asking for the information. 5.3.       When we respond to a request, we will tell you the following:

5.3.1.           whether we have a document that contains your personal information,

5.3.2.           whether we will give access to all or part of the personal information, and

5.3.3.           if access is given, where, when and how it will be given,

5.4.       If we refuse access to all or part of a document, we will tell you the following:

5.4.1.           the reasons for refusing access and the sections of PIPA that allow or require it to refuse access,

5.4.2.           the name of the person in the organization who can answer questions about the refusal, and

5.4.3.           that the applicant may ask the Commissioner to review your organization’s decision to refuse access .

5.5.       Unless we do not have personal information about the applicant or PIPA allows or requires us to refuse access, we will provide the applicant with the following upon request:

5.5.1.           access to his or her personal information,

5.5.2.           information on how the company has used or is using his or her personal information, and

5.5.3.           the names of the individuals and organizations the company has disclosed his or her information to.

5.6.       We will process and respond to your inquiry within thirty (30) business days from the day when we receive your inquiry. It can take up to an extra thirty (30) business days to respond in the following circumstances:

5.6.1.           You do not give enough information to allow us to find the requested personal information or document.

5.6.2.           A large amount of personal information is requested or has to be searched and meeting the time limit would unreasonably interfere with our operations.

5.6.3.           We have to consult with another organization or public body to decide if access should be given.

5.7.       We will charge you a minimal fee for access to their personal information. Minimal means that what we charge must cover only the actual costs we incur in producing the record. Typically, a minimal charge would include costs associated with locating, retrieving and producing a document, preparing it for disclosure, shipping it, and providing a copy of the document. 5.8.       When charging fees, we will give an individual a written estimate of the total fee for the company to respond before it processes the request. We may require the individual to pay a deposit before processing the request. 5.9.       We may and/or must refuse access to your personal information in a limited number of situations as determined in PIPA. 6. We allow for correction of your personal information. 6.1.       We will make reasonable effort to ensure that your personal information is as accurate, complete and up-to-date as necessary for the identified purposes for which it was collected. 6.2.       If you believe that there is an error or omission to your personal information, you can ask us to correct it. 6.3.       Most of the time, you can correct your personal information directly in your personal account on our Web site. 6.4.       If you are not able to correct your information directly, you must make a written request for correction and give us enough background information so that we, with reasonable effort, can identify the correction being sought. 6.5.       If we decide that there is no error or omission, we will annotate the personal information with your requested correction that we did not make. If you are not satisfied with our decision, you can ask the Commissioner to review the matter. 6.6.       If we decide to correct any errors or omissions, we will provide our corrections to any other organizations we disclosed the incorrect information to in the past year. 6.7.       If we receive a notice from another organization that an individual’s personal information previously disclosed to us has been corrected, we will correct that personal information. 6.8.       We will not charge a fee for handling requests for correction. 7. We follow the rules for protection of your personal information. 7.1.       We use reasonable physical, administrative and technical safeguards to protect personal information from theft, modification, unauthorized access, collection, use, disclosure, and destruction. 7.2.       Your personal account with us is protected with a password of your choice. You should keep your password in a private and secure place and change it regularly. 7.3.       We can have an access to your password and your account for the purposes of quality assurance, customer support and troubleshooting. 7.4.       You should not use public computers or insecure Internet connection to login to your personal account with us. 7.5.       Your data is sent securely across the internet

7.5.1.           Our servers use SSL security certificates so all data transferred between your computer and our servers is encrypted. However, the internet is not in itself a secure environment. You should only enter, or instruct the importation of, data to the database within a secure environment. This means that your browser must support the encryption security used in connection with our servers.

7.5.2.           We host personal information on virtual dedicated servers. Our hosting provider does not have access to that information. We might have to allow for that access if our customer support issues with our provider cannot be successfully resolved without it.

7.5.3.           Our hosting provider has been awarded TRUSTe’s Privacy Seal signifying that its Privacy Policy and practices have been reviewed by TRUSTe for compliance with TRUSTe’s program requirements, including transparency, accountability and choice regarding the collection and use of your personally identifiable information.

8. We follow the rules for retention of personal information. 8.1.       We destroy personal information or make the information anonymous as soon as it is reasonable to assume the following:

8.1.1.           the purpose for which the personal information was collected is no longer being served by keeping the personal information, and

8.1.2.           it is no longer necessary to keep the personal information for legal or business purposes.

8.2.       Even if you have changed or taken back your consent for collecting, using or disclosing information, we can keep that information if there are legal reasons to do so. 9. Contacting Us 9.1.       Don’t hesitate to contact our Privacy Officer (privacy@tripletee.com) should you have any questions, concerns, suggestions or complaints related to the ways we protect your privacy. Your feedback is very important for us. 10. Severability 10.1.   If a provision of this policy is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions will continue in effect. If any unlawful and/or unenforceable provision would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect. Our postal address is 1574 Gulf Road, # 262 Point Roberts WA 98281 Phone: +1 (604) 626-9903 Fax: +1 (866) 863-6217 Email: support@tripletee.com