Privacy Policy
Last Updated: 15. April 2026
Effective Date: 15. April 2026
This Privacy Policy explains how Oakville Cardiologists, Inc. (“we,” “us,” or “our”) collects, uses, and protects personal information when you interact with our website at https://www.coeurly.ca, our products, or any related services (collectively, the “Services”). We are committed to safeguarding your information and handling it responsibly in accordance with applicable data protection laws.
Our business is located at 90 Dorval Drive - Suites 300 and 400, Oakville, Ontario, L6K 3W7.
If you have questions about this Privacy Policy or the way we process personal information, you can contact using the contact form ("Contact Us") on the website or via post to the address indicated below.
Our Role in Data Processing
Depending on the context, we act as both a data controller and a data processor.
As a data controller, we determine how and why personal information is processed when we operate our website, manage user accounts, provide customer support, or carry out other core activities related to offering our Services.
As a data processor, we may process personal information on behalf of other organizations and according to their instructions when our Services are used to store, manage, or handle data that belongs to those organizations.
Table of Contents
- Information We Collect
- How We Collect Information
- How We Use Your Information
- How We Process Your Information
- Automated Decision-Making and Profiling
- Cookies & Tracking Technologies
- How We Share Information
- International Transfers
- How Long We Retain Information
- How We Keep Information Safe
- Your Rights
- Children’s Privacy
- Updates to This Policy
- How to Contact Us
1. Information We Collect
We collect personal information that you provide directly and information obtained from third-party tools that support our operations. We do not collect any information that is entered in the pamphlet generator as this data is stored locally on your computer only. The specific personal information we collect depends on how you interact with our Services, the features you use, and the choices you make.
Personal information we receive directly from you or collect automatically includes:
Communication Data
- Messages or information provided through forms or support (i.e. via the "Contact Us" form)
Some features of our Services require specific personal information to function.
All personal information you provide must be accurate, complete, and up to date. You are responsible for notifying us if any of your information changes so we can maintain accurate records.
We collect personal information through a combination of information you provide directly, information gathered automatically when you use our Services, and information supplied by third-party providers that support our operations.
Information Collected Automatically
When you visit our website or use the Services, we automatically collect certain technical and usage information. This data does not usually reveal your identity but may include:
- IP address and device identifiers
- browser type, operating system, and device characteristics
- language settings and time zone
- pages viewed, links clicked, and navigation patterns
- error logs, performance data, and diagnostic information
- cookie data, analytics events, and usage logs
This information helps us operate, secure, and optimize the Services, and supports internal analytics, reporting, and service improvement.
We only process personal information when we have a valid legal basis under applicable data protection laws. This means we process data when it is necessary to provide our Services, fulfill our contractual obligations, comply with legal requirements, protect important interests, or pursue legitimate business purposes that do not override your rights.
Legal Bases We Rely On
We may rely on the following legal bases to process personal information:
- Contract - when processing is necessary to provide the Services or take steps at your request.
- Consent - when you voluntarily provide information for a specific purpose; you may withdraw consent at any time.
- Legitimate interests - when processing is necessary for our business operations and does not override your rights.
- Legal obligation - when we must process data to comply with applicable laws.
- Vital interests - when necessary to protect the safety or vital interests of an individual.
Purposes for Which We Process Personal Information
-
We analyze usage data to understand how our Services are used and to improve functionality, performance, and user experience.
Legal basis: based on our legitimate interests (e.g., website security and performance optimization)
Our legitimate interests include website security and performance optimization.
We process personal information in ways that are appropriate to the nature of the data and the purposes for which it is collected. This includes storing, organizing, using, transmitting, and deleting information when it is no longer required. We apply principles of data minimization, purpose limitation, and accuracy to ensure that personal information is processed only when necessary and for clearly defined purposes.
Access to personal information is limited to authorized personnel who require it to perform their job duties and who are bound by confidentiality obligations. We implement technical and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, or misuse. These measures may include access controls, authentication procedures, logging, encryption in transit and at rest (where appropriate), monitoring, and routine security assessments.
We may combine information collected from different sources when this is necessary to operate the Services or when required to meet a lawful purpose, such as preventing fraud or maintaining the security of our platform.
We retain personal information only for as long as needed for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. For more details, see the “How Long We Retain Information” section.
Where required by applicable laws, we provide users with the ability to access, update, delete, restrict, or withdraw consent to the processing of their personal information. Additional rights may apply depending on your location; see the “Your Rights” section for more information.
5. Automated Decision-Making and Profiling
We do not use automated decision-making or profiling in a way that produces legal or similarly significant effects. If this changes in the future, we will update this Policy and provide any required notices or options.
6. Cookies & Tracking Technologies
We do not use cookies or similar tracking technologies on our website.
We use the following third-party Service Providers to maintain and improve our Service:
8. International Transfers
We do not share personal information with third parties, except when required by law or to protect our legal rights.
9. How Long We Retain Information
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal and regulatory requirements, resolve disputes, and enforce our agreements. We do not keep personal information longer than needed, and retention periods may vary depending on the type of data and the reason it was collected.
When we no longer have a legitimate business need to process personal information, we will delete or anonymize it. If deletion is not immediately possible (for example, due to technical constraints or backup systems), we will securely store the information and isolate it from further processing until deletion is feasible.
We retain personal information for the following periods:
- Security logs: indefinitely.
With regard to cookies and tracking data, we retain personal information according to the durations listed in the Cookie Policy. If no specific retention period applies, we delete or anonymize personal information once it is no longer necessary for the purpose collected.
We implement appropriate technical and organizational measures to protect personal information from unauthorized access, disclosure, alteration, or destruction. These measures are designed to provide a level of security appropriate to the risks associated with processing personal information.
Our safeguards may include:
- Encryption of data in transit and at rest
- Access controls to limit who can view or handle information
- Monitoring and logging of system activity to detect potential issues
- Regular security assessments and updates to our systems
- Secure data storage and transmission practices
- Employee training on data protection and security
While we take reasonable steps to safeguard personal information, no system or method of transmission over the internet is completely secure. Because of this, we cannot guarantee absolute security.
If we identify a data breach that affects your personal information, we will notify you and any applicable supervisory authorities when required by law.
11. Your Rights
Individuals have certain rights regarding their personal information. These rights vary depending on where they live, but we aim to provide clear and accessible options for all users.
Rights for All Users
Regardless of where you live, we provide all users with the ability to:
- Request access to the personal information we hold.
- Request corrections or updates.
- Request deletion where appropriate.
- Withdraw consent where processing is based on consent.
You can submit a request to exercise your rights by contacting us using the details provided in the “How To Contact Us” section. Users in jurisdictions requiring consent for cookies and tracking (e.g., EU/EEA) may withdraw consent at any time via the cookie banner, privacy settings page, or by contacting us. Withdrawal does not affect the lawfulness of processing performed before withdrawal. We may need to verify your identity before processing your request.
12. Children's Privacy
Our Services are not intended for children under 16, and we do not knowingly collect personal information from individuals under this age. If we become aware that we have collected personal information from a child under 16, we will delete it as soon as reasonably possible.
If you believe that a child has provided personal information to us, please contact us using the details in the “How To Contact Us” section.
13. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, operational needs, or applicable laws. When we make changes, we will update the “Last Updated” date at the top of this Policy.
We use the following method(s) to notify users of significant changes to this Privacy Policy:
- Posting a notice on our website
We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information.
If you have questions, concerns, or requests related to this Privacy Policy or our handling of personal information, you may contact us using the contact form ("Contact Us") on the website, or the details below:
Oakville Cardiologists, Inc.
90 Dorval Drive - Suites 300 and 400
Oakville, Ontario
L6K 3W7
.