Privacy Policy

Introduction

At Nexirra ("we," "our," or "us"), we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our massage therapy services.

We understand that your personal and health information is sensitive and private. We are committed to maintaining the highest standards of privacy protection in accordance with applicable Canadian privacy laws.

Information We Collect

Personal Information

• Contact Information: Name, address, phone number, email address
• Identification: Date of birth, government-issued ID (if required)
• Emergency Contact: Name and contact information of emergency contact person

Health Information

• Health History: Current health conditions, medications, allergies
• Treatment Records: Services received, therapist notes, treatment outcomes
• Consent Forms: Signed consent forms and waivers

Payment Information

• Billing Details: Credit card information (encrypted), payment history
• Insurance: Extended health coverage details (if applicable)

Website Information

• Usage Data: IP address, browser type, pages visited
• Cookies: Session cookies for website functionality
• Communications: Messages sent through our contact forms

How We Use Your Information

Primary Purposes

• Providing massage therapy and wellness services
• Scheduling and managing appointments
• Processing payments and insurance claims
• Maintaining treatment records for continuity of care
• Communicating about your treatments and appointments

Secondary Purposes (with consent)

• Sending wellness tips and health information
• Promotional communications about services and special offers
• Quality improvement and service development
• Statistical analysis (anonymized data only)

Legal Requirements

• Compliance with professional regulatory requirements
• Tax reporting and business record keeping
• Response to legal requests or court orders

Information Sharing and Disclosure

Limited Disclosure Circumstances

We may share your information only in the following circumstances:

Healthcare Providers

• With your explicit consent, we may share relevant health information with your physician or other healthcare providers
• For referrals to other healthcare professionals when medically appropriate

Service Providers

• Payment processors (encrypted financial information only)
• Appointment booking system providers
• IT support and maintenance companies (under strict confidentiality agreements)

Legal Requirements

• When required by law or court order
• To comply with regulatory body investigations
• In cases of suspected child abuse or neglect (as required by law)
• To prevent serious harm to you or others

Data Security

Security Measures

• Encryption: All sensitive data is encrypted in transit and at rest
• Access Controls: Limited access on a need-to-know basis only
• Staff Training: All staff receive privacy and security training
• Physical Security: Locked filing cabinets and secure facilities
• Digital Security: Firewalls, antivirus software, and regular security updates

Data Backup and Recovery

We maintain secure backups of your information to ensure continuity of care and comply with record retention requirements. All backups are encrypted and stored securely.

Data Retention and Disposal

Retention Periods

• Treatment Records: 10 years from last treatment (as required by CMTO)
• Financial Records: 7 years (as required by CRA)
• Marketing Consents: Until withdrawn or 3 years of inactivity
• Website Data: 2 years or until consent withdrawn

Secure Disposal

When information is no longer needed, it is securely destroyed using:

• Professional shredding services for paper records
• Secure digital deletion for electronic records
• Certificate of destruction for sensitive materials

Your Privacy Rights

Access Rights

You have the right to:

• Request access to your personal information
• Receive a copy of your treatment records
• Know how your information is being used
• Request information about who has accessed your records

Correction Rights

• Request correction of inaccurate information
• Add a statement of disagreement if correction is refused
• Update your contact information at any time

Consent Rights

• Withdraw consent for marketing communications
• Refuse certain uses of your information (where legally permissible)
• Request limited disclosure to third parties

How to Exercise Your Rights

To exercise any of these rights, please contact our Privacy Officer using the information provided in the "Contact Us" section below.

Cookies and Website Privacy

Types of Cookies We Use

• Essential Cookies: Required for website functionality
• Analytics Cookies: Help us understand website usage
• Marketing Cookies: Used only with your consent

For detailed information about our cookie practices, please see our Cookie Policy.

Third-Party Services

Our website may use third-party services such as:

• Google Analytics (anonymized data)
• Google Maps for location services
• Payment processors for secure transactions

Changes to This Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in privacy laws or regulations
• New services or business practices
• Technological updates
• Feedback from privacy regulators

Notification Process

We will notify you of material changes through:

• Email notification to active clients
• Prominent notice on our website
• Updated "last modified" date on this policy

Contact Our Privacy Officer

If you have questions, concerns, or complaints about our privacy practices, please contact our Privacy Officer:

Privacy Complaints

If you are not satisfied with our response to your privacy concern, you may file a complaint with: