Privacy Policy

Context

The protection of personal information is of utmost importance to Lime Health. 

Our privacy policy aims to inform you about our practices regarding the collection, use, disclosure, and retention of your personal information, in compliance with applicable regulations, including the Act on the Protection of Personal Information in the Private Sector of Quebec and the Canadian Personal Information Protection Act.

Our privacy policy applies both to our website Emilianotes.com, to Emilia, our AI-powered conversational scribe for patients, and to any interaction with an employee, representative, or authorized subcontractor of Lime Health, including by email, phone, in person, or by video conference. When processing practices differ based on the intended purpose, separate sections specify the rules applicable to each use.

As part of operating the Emilia application, Lime Health may collect certain personal information about you in order to personalize and better target advertising distributed by third parties. This targeted advertising is one of the sources of funding that allows us to maintain a high-quality, free service for users, without compromising the protection of your privacy.

We are committed to limiting this collection to only the information necessary to achieve these objectives, and to never use or disclose your personal information for purposes not authorized by law or without your explicit consent.

The purpose of this policy is to inform you clearly and transparently about:

• The types of personal information we collect when you use the emilianotes.com website and the Emilia application

• The specific purposes for which this information is used, including targeted advertising

• The measures we put in place to protect your data

• Your rights of access, rectification, withdrawal of consent, and deletion, and how you can exercise them

By accessing our website or using the Emilia application, you acknowledge that you have read this policy and that you freely, knowingly, and specifically consent to the collection, use, and disclosure of your personal information as described below. You may withdraw your consent at any time by changing your preferences in the application settings or by contacting us at the address provided in the Contact section.

Who are we?

Emilia is powered by Lime Health, a health technology company whose mission is to measure and improve the patient experience. To achieve this, we develop digital tools that facilitate communication between users and the healthcare network. In this context, we collect and use certain personal data you provide.

Our privacy policy applies both to our website Emilia and to our Emilia app. When processing practices differ based on the intended purpose, separate sections specify the rules applicable to each use:

• What personal data is collected 

• How personal data is collected, used, shared, stored, and otherwise processed.

• The security procedures implemented to protect your data.

• Your choices and rights regarding the use of your data.

• How you can contact us for questions such as correcting inaccuracies in your data or requesting the deletion of your personal data.

Emilia Application
When using the Emilia application, users may voluntarily provide personal information related to their health. This information, considered sensitive under the law, is collected only with your explicit consent and is handled securely, in compliance with applicable personal data protection laws.

What data do we collect?

“Personal information” refers to any information that can identify a person or allows for their identification. This includes “health information,” which encompasses any information related to a person's health, including diagnosis, treatments, and care received. This data collection is conducted in accordance with applicable legislation and aims to improve your experience as a patient while protecting your personal information.

We have access to all data that you voluntarily provide via email, phone, forms, chat functions, user registration, newsletter subscription, contests, surveys, and other methods of data collection.

Corporate Website
When you visit our corporate website, use our Emilia app, or interact with us for communication, information, or recruitment purposes, Lime Health may collect certain personal information that you voluntarily provide. 

This includes, but is not limited to:

• First and last name

• Email address

• IP address

Emilia Application
In the operation of the Emilia application, we only collect personal information strictly necessary for the operation of its scribe functionalities. The types of personal information we may collect include, but are not limited to:

• Unique identifier associated with your account or device

• IP address

• Information regarding your medical consultation, including:

  • Your medical status and care journey

  • Your medical history

  • Your ongoing treatments

  • Your test results

  • Any other health-related information discussed between you and your healthcare professional during the consultation registration

Log in
When you choose to link your Emilia account to a third-party service or platform (such as Google, Facebook, or any other authentication partner), certain personal information may be collected from these third parties. This collection occurs only if you expressly consent by activating this connection. The information received may include any data you have provided to these third parties and that they make available to us. We do not control the privacy practices of these third parties and encourage you to review their policies to understand how your data is processed by them.

This information is collected only with your explicit consent, handled confidentially, and protected in accordance with applicable personal information and privacy laws.

Why, how, and for how long do we collect your personal data?

Corporate Website
To fully access the website, you, as a user, may voluntarily create an account by filling out a registration form. Certain data is collected during this process, including your name and email address. This information is used to contact you, offer you relevant products and services, and improve your user experience. Therefore, if you use our Corporate Website, the data collected may be used to:

• Provide you with relevant information about our products and services

• Respond to your messages or contact requests

• Manage recruitment processes or subscriptions to our newsletters

This information is used solely for communication purposes, responding to your requests, enhancing your experience on our website, or for administrative and compliance purposes in accordance with applicable laws.

Emilia Application
Depending on the purpose for which we process your personal data, we may need to process it for different reasons. When you use our Emilia application, your information will be used exclusively to process your responses in the generation of summarized notes. Your personal information will be treated as strictly confidential and will not be disclosed to third parties, except in accordance with this Privacy Policy and Emilia’s Terms and Conditions.

Thus, if you use our Emilia application, the data collected may be used to:

• Provide and customize services based on the patient experience

• Create and manage user accounts

• Provide relevant content related to a care plan.

• Comply with our legal and regulatory obligations

We may use your personal information to contact you about new services, updates, or improvements to existing services. We may also invite you to participate in surveys or share your feedback in order to better understand your needs, assess the quality of our services, and improve the experience offered by Emilia. Your participation in these communications or surveys is entirely voluntary.

Your information will be used exclusively for processing your medical consultations.

We will not retain your personal data longer than necessary to achieve the purposes for which we collected it, including any legal requirements. 

In all cases of use, personal data may be processed without the user's knowledge or consent in situations where the law requires or permits, or when the personal data has been made anonymous or pseudonymous so that it is no longer associated with the user. This means we have removed personally identifiable information so that the data we have left cannot be linked to you as an individual.

Consent

We process personal data with your consent, and you have the right to withdraw your consent to processing for specific purposes. By submitting personal information through the Emilia corporate website or using our Emilia application, you consent to their collection, use, and disclosure in accordance with our privacy policy, within the limits permitted by law. You can withdraw your consent at any time by contacting our personal information protection officer. If you provide personal information about someone else, you guarantee that you have the necessary authorization.

How do we share your data?

Your personal data may be shared with regulatory authorities in accordance with legal requirements. In the event that Lime Health is required to comply with a request, order, subpoena, injunction, or any other legal process from a competent authority regarding your personal data, Lime Health will conduct a reasonable review of the validity and scope of such request and will disclose only the information expressly required under applicable law.

Personal data may also be shared with third parties when necessary to provide services to users and/or for other legitimate interests.

Third parties include service providers, professional advisors, and other members of the Lime Health network. All third parties are contractually obligated to maintain the confidentiality and security of the data, and are not permitted to use the data beyond the services required.

The third parties who may have access to personal data provide services such as web hosting, IT and cloud services, consulting services, bug reporting, logging, and analytics. These parties do not retain, share, or use personal data beyond the defined purpose necessary to perform their service. We only share aggregated data with our partners. This data is not linked to the identity of any individual user.

In the event that Lime Health is involved in a merger, acquisition, asset sale, bankruptcy, financing, or any other form of corporate reorganization, your personal data may be transferred as part of that transaction. In such cases, Lime Health will take reasonable measures to ensure that your personal data remains protected and that you are informed, in accordance with applicable data protection laws.

We do not sell or trade your personal data to third parties, except as required by law.

Where do we process your data?

If you visit or use the corporate website and/or the Emilia application, please note that you are sending personal information to our servers located in Canada.

Lime Health is committed to ensuring that all Client Data and Personal Information is encrypted and hosted primarily on servers located in Quebec or elsewhere in Canada, in compliance with applicable security standards and the requirements of the Quebec Ministry of Health and Social Services.

In certain cases, and only when required to provide the Services, some de-identified data may be processed by third-party providers located outside your province, territory, or country of residence, including in the United States. When such transfers occur, Lime Health implements commercially reasonable contractual, technical, and organizational measures to ensure a level of protection equivalent to that provided under the applicable laws of Quebec and Canada.

The personal data we collect may be transferred to other countries for various purposes described below:

We have implemented security measures and controls to ensure that data remains appropriately protected in these jurisdictions.

How long do we retain your data?

We will retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Unless otherwise required by law, the original data is deleted within a maximum of 24 hours following its collection. Notwithstanding the foregoing, Lime Health may use your personal data for purposes other than those for which it was collected if you expressly consent or if required or permitted by law. Personal data may also be retained for longer periods if it is solely intended for archiving in the public interest, for scientific or historical research purposes, or for statistical purposes. In determining the appropriate retention period, we comply with the relevant legal requirements.

How do we protect your data?

Protecting your data is a priority for us. We, along with our partner healthcare establishments, protect your personal data with great care. We implement robust measures to ensure your information remains secure. We have established appropriate protection measures to prevent personal data from being lost, misused, accessed, altered, or disclosed by unauthorized parties.

Your data is stored in protected systems, and only a limited number of authorized individuals can access it. These individuals have special rights to view this information and must keep it confidential.

Moreover, employees and third parties only receive personal data on a need-to-know basis and only the minimum amount necessary to perform their specific job. All employees are also subject to confidentiality agreements and undergo annual training on the proper handling of sensitive data.

Procedures have been developed and tested to manage a potential data breach. These procedures are designed to ensure concerned individuals and regulatory bodies are informed of the breach and that harm can be minimized.

Finally, to further strengthen the protection of your data, we have implemented various security methods, including the following:

• Data encryption during storage and transfer

• Strict access controls based on secure IDs and passwords

• Logging and monitoring of access

• Regular security testing and system monitoring
  
  

Use of Cookies

See our cookie policy here.

Your Rights

We strive to keep data accurate and up to date. If your personal data changes, please let us know or update your data on your profile page.

The law protects you and grants you several rights regarding your personal data. Here’s what you can do:

• Access your data: You may request to know if we hold any information about you, and if so, obtain a copy of that information.

• Correct your data: If any information is incorrect, you may request that it be corrected.

• Request deletion: In certain cases, you may request that your data be deleted.

• Limit the use of your data: You may request that the way your data is used be reduced in certain situations.

• Receive or transfer your data: You may request to receive your data in an easy-to-read format or request that it be sent to another organization.

• Object to the use of your data: For personal reasons, you may object to the use of your data at any time.

• Withdraw your consent: If you have given your consent to use your data, you may revoke that choice anytime, without having to justify your decision.

• Express any concerns regarding the data we have collected about you.

To exercise these rights, please contact us via the email address, mail, or phone number provided below in the "How to contact us" section.

Notice: these rights are subject to certain rules and will be examined individually by our data protection officer.

You also have the right to lodge a complaint if you believe that your personal data is not processed in accordance with Law 25.

If you live in Quebec: If the organization does not respond or if its response is unsatisfactory, you may file a complaint with the Commission d’accès à l’information du Québec (CAI): https://www.cai.gouv.qc.ca/plaindre

If you live in Canada: If you do not receive a satisfactory response or within a reasonable timeframe, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC): https://www.priv.gc.ca

Children’s Information

We do not knowingly collect Personal Information from children under the age of 14. If you are under 14, you must not provide us with your Personal Information without the consent of your parent or guardian. If you are a parent or guardian and you discover that your child under the age of 14 has provided Personal Information without consent, you may contact us using the details provided in the “How to contact Us” section below and request that we delete your child’s Personal Information from our systems.

How to contact us?

Lime Health has appointed Jonathan Santerre as the personal information protection officer and access to information. He also serves as the data protection delegate. Jonathan is responsible for addressing questions, requests, and complaints regarding this privacy notice as well as the collection and processing of your personal data, and any requests about access to information. 

Certain individuals within Lime Health may participate in the collection, processing, and day-to-day management of your personal information. They may also be authorized or delegated to act on behalf of the Privacy and Access to Information Officer in order to ensure compliance with internal policies and procedures and to guarantee the protection of your data in accordance with applicable law. 

For more information about Lime Health's privacy practices or to request access, correction, or deletion of your personal information, please contact Jonathan Santerre by email at [email protected] or toll-free by phone at 1 877 503-LIME.

Changes to this Privacy Policy

This Privacy Policy takes effect on the date indicated at the top of this page. Lime Health reserves the right to amend or update it at any time. Any changes will be published on our website, and the revised version will be made available upon request from the Privacy Officer. We encourage you to review this policy regularly to stay informed of any updates. You may also access previous versions upon request from the Privacy Officer.