The privacy and security of personal information is very important to Rubicon Pharmacies (the “Company”).
The Company operates a number of pharmacies (the Pharmacies) across Western Canada and is committed to complying with all applicable privacy laws.
Why does Rubicon collect personal information?
Rubicon may collect personal information for the following purposes:
- To provide, continue or support health services for you, such as:
- initiating, managing, administering prescriptions, dispensing medications and providing related advice and counselling services;
- delivering pharmacy profession services and counselling;
- providing and recommending health related products or services to you;
- providing immunizations and related advice;
- providing other services provided by licensed pharmacists and their staff.
- To arrange, process or administer the payment for services or products or arrange, process or administer insurance or other third-party payors;
- For planning, review, monitoring and audit purposes;
- To administer, plan, and manage the relationship with you and to communicate with you;
- To provide you with requested information, products, and/or services;
- To better understand how Rubicon may improve its products and services, to develop and conduct its business and operations, and for other market research or reasonable internal business purposes;
- To provide you with information on current and future products and services or other developments with respect to Rubicon and their partners (in accordance with Canada's Anti-Spam Legislation – see below); and
- To comply with applicable legal and regulatory requirements or to protect Rubicon's legal rights and property;
- To create, manage or administer promotions, loyalty, warranty or similar programs;
- To process, manage and administer payments, delivery, transactions, returns or special orders,
(collectively, the "Authorized Purposes”).
The type of information that Rubicon may collect from you includes, for example:
- Identifying, billing and contact information such as health card number, insurance information, birthdate, name, address, phone number and email address;
- Personal health information such as medical history, diagnosis, prescription and drug information, immunization information and other information relating to your healthcare needs or requirements;
- Financial information such as debit and credit card information and insurance and third-party payor information;
- Technical information such as information related to website site access (see below);
- Tax information such as information related medical and drug expenses;
- Marketing and sales information such as products or services ordered, purchased or returned and information related to loyalty, warranty or promotional programs;
- Survey information such as satisfaction surveys or customer experience surveys.
and other information individuals choose to provide.
Rubicon may collect personal information for other purposes where it has a legal duty or right to do so or where Rubicon has a good faith belief that it is necessary to protect the property or rights of Rubicon.
Rubicon does not collect personal information for any other purposes, unless it has the consent of the individual to whom it relates or is otherwise authorized by law.
How does Rubicon collect personal information?
Generally, Rubicon colleccts personal information directly from the individual to whom it relates, whether via Rubicon's website, social media, e-mail, text, telephone, fax, or in person. Rubicon will also collect personal information from third party sources such as family members, Physician offices and other healthcare organizations and professionals and insurance companies and other third-party payors.
Visitors to Rubicon's website should also be aware that anonymous technical information may be collected by Rubicon because of a visit to Rubicon's website. For example, this information may include the visitor’s IP address, browser type, operating system, domain name, access times and referring website addresses. Rubicon uses this anonymous technical information for purposes such as diagnosing problems with Rubicon's servers, improving the operation and content of Rubicon's website and compiling aggregate and statistical information.
Rubicon may link or match such anonymous technical information with any personally-identifiable information for legitimate business purposes or where Rubicon (or its service providers) have detected or reasonably suspect any unlawful use of Rubicon's services or a security breach, or Rubicon has a legal duty or right to do so.
Rubicon may use “cookies” on its website. “Cookies” are small text files placed on computers that can collect and store a variety of information. Permanent cookies are stored indefinitely on a user’s hard drive unless manually deleted, while temporary cookies are automatically deleted from the user’s browser upon logging out of a website. Web browsers typically allow users to disable permanent and/or temporary cookies.
Please note that Rubicon uses Google Analytics. There is more information about how Google collects, uses, and processes data here.
When does Rubicon use or disclose personal information?
Rubicon only uses or discloses personal information as reasonably required to facilitate the Authorized Purposes listed above.
In some cases, Rubicon may share personal information with third party service providers performing functions on Rubicon's behalf, including, for example, vendors that provide information technology services or provide analytics or assessment services.
Rubicon does not otherwise use or disclose personal information unless Rubicon has an individual’s consent, Rubicon has a good faith belief that disclosure of the information is necessary to protect the rights or property of Rubicon, or Rubicon has a legal duty or right to do so.
Rubicon does not rent, sell or trade customer lists or other personal information.
Consent – Is there a choice?
Individuals provide their implied consent to the collection, use, and disclosure of personal information by Rubicon when they provide their information to Rubicon or use its products or services. In some cases express consent is obtained for specific purposes.
Individuals can deny or withdraw their consent to Rubicon's collection, use and disclosure of their personal information at any time upon reasonable notice, subject to any legal or contractual requirements. However, if consent is denied or withdrawn, Rubicon may not be able to provide certain products or services and Rubicon will retain the information already provided for a reasonable retention period.
Rubicon may use personal information to inform individuals of current and/or new products or services or other developments that Rubicon believe will be of interest to individuals in accordance with Canada's Anti-Spam Legislation. Such communications may be made by way of telephone, text message, direct messaging, e-mail, fax or regular mail. Individuals provide their consent to Rubicon contacting them in this manner when they use Rubicon's products or services. Individuals may opt-out of receiving such communications by contacting Rubicon at the address below.
How does Rubicon protect the security of personal information?
Rubicon has in place reasonable policies, procedures and safeguards (including physical, technological and organizational measures) designed to protect the security of personal information under its control.
The protection of personal information is of paramount concern to Rubicon, and Rubicon is prepared to take appropriate and timely steps in the event of any incidents involving personal information in accordance with applicable privacy laws.
Rubicon makes every reasonable effort to ensure that personal information is accurate and complete. This may involve requesting further information or updates from you. Rubicon relies on individuals to notify Rubicon if there is a change to their personal information that may affect their relationship with Rubicon.
Rubicon retains personal information only if it is reasonable to fulfill the Authorized Purposes, or for legal or reasonable business purposes.
Does Rubicon provide access to personal information?
Rubicon will provide you with access to the personal information Rubicon holds about you in accordance with applicable laws. Rubicon reserves the right to require that any request for access to personal information be made in writing. Generally, there is no cost for such access. However, Rubicon reserves the right to charge such costs on a case by case basis in accordance with applicable laws. The individual will be notified in advance if charges apply.
Rubicon will correct or amend the personal information in its files where it can be shown that the information is incorrect or incomplete.
Storage and Processing
Rubicon will store the personal information on its internal servers and/or with its services providers.
Rubicon's service providers may store and/or process personal information outside of Canada (including in the United States of America). When information is stored or processed outside of Canada, it may be subject to the laws of and be accessible by legal authorities in such other jurisdictions. Rubicon has taken appropriate technical, organizational, and legal steps to secure this information.
For further information about Rubicon's privacy practices, to make a request for access to personal information to exercise any other rights outlined above, please contact Rubicon at the following address:
Chief Financial Officer
410-1020 Lorimer Blvd.
Winnipeg, Manitoba, R3P 1C7
In addition, each Pharmacy will have its own Privacy Officer. If your access or other request relates to a specific Pharmacy, you are encouraged to contact the Privacy Officer for that Pharmacy.
Complaints or concerns
If you have a complaint or concerns with how Rubicon is collecting, using or disclosing personal information please contact Rubicon's Privacy Officer as follows:
Chief Financial Officer
410-1020 Lorimer Blvd.
Winnipeg, Manitoba, R3P 1C7
Rubicon will review your complaint and if appropriate, investigate and provide a response to you. If your concern or complaint relates to a specific Pharmacy, you are encouraged to contact the Privacy Officer for that Pharmacy.
Rubicon will notify individuals of privacy and security breaches as and when required by applicable privacy laws (i.e. when there is a real risk of significant harm).
Sale or Transfer of Business
From time to time Rubicon may decide to sell or transfer all or part of its business to a related company or to a third party, to merge with another entity, to insure or secure its assets, or to engage in another form of corporate or financing transaction. If your Personal Information is required in connection with any such transactions, Rubicon will require that the parties involved, including affiliates, advisors or other service providers, agree to protect your Personal Information with policies meeting standards equivalent to those set out in this policy both during and after completion of the transaction.
The foregoing policy is effective as of July 1, 2020. Rubicon Pharmacies reserves the right to change this policy at any time in accordance with applicable laws – please check our website for updates to this policy.
Affiliates and Subsidiaries
Rubicon Pharmacies is a business name registered to Amenity Holdings Inc. Amenity Holdings Inc. operates its pharmacies through a number of wholly-owned subsidiaries of Amenity Holdings Inc.
For further information relating to Canada's Anti-Spam Legislation, visit their website: http://fightspam.gc.ca/eic/site/030.nsf/eng/home