Personal Information Protection Policy

Last Updated: April 8, 2025

At Evolving Health Inc, we are committed to providing our clients with exceptional service.  As providing this service involves the collection, use and disclosure of some personal information about our clients, protecting their personal information is one of our highest priorities.

We will inform our clients of why and how we collect, use and disclose their personal information, obtain their consent where required, and only handle their personal information in a manner that a reasonable person would consider appropriate in the circumstances.

This Personal Information Protection Policy, in compliance with British Columbia’s Personal Information Protection Act (“PIPA”), outlines the principles and practices we will follow in protecting clients’ personal information.  Our privacy commitment includes ensuring the accuracy, confidentiality, and security of our clients’ personal information and allowing our clients to request access to, and correction of, their personal information.  

Scope of this Policy  

This Personal Information Protection Policy applies to Evolving Health Inc. 

This policy also applies to any service providers collecting, using or disclosing personal information on behalf of Evolving Health Inc.

Definitions

Personal Information – means information about an identifiable individual such as name, sex, age, date of birth, home address, phone number, marital status, demographical information, medical information, health history information, and other relevant information as required.  

Contact Information – means information that would enable an individual to be contacted at a place of business and includes name, position name or title, business telephone number, business address, business email or business fax number.  Contact information is not covered by this policy or PIPA.

Payment Information – refers to the specific means by which a client or customer provides payment for services rendered. This may include, but is not limited to, credit or debit cards, electronic funds transfers (EFT), online payment platforms (e.g., PayPal, Stripe), mobile payment applications, bank drafts, or other approved financial instruments. The payment method selected will be used to process transactions securely and in compliance with applicable privacy and security regulations.

Privacy Officer – means the individual designated responsibility for ensuring that Evolving Health Inc. complies with this policy and PIPA. 

Policy 1 – Collecting Personal Information

1.1  Unless the purposes for collecting personal information are obvious and the client voluntarily provides his or her personal information for those purposes, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection. 

1.2  We will only collect client information that is necessary to fulfill the following purposes: 

  • To onboard clients;
  • To identify client goals, preferences;
  • To deliver requested services;
  • To provide testing and consulting services;
  • To enrol the client in a program that we offer;
  • To contact our clients; 
  • To ensure a high standard of service to our clients; 
  • To enhance your experience with our website, including to save our client’s preferences i and login information where applicable, and to create hashed identifiers that can be used to help us identify our clients on our website and third-party sites; 
  • To analyze usage of our website; and
  • To measure or understand the effectiveness of the advertising we serve to our client’s and others, and to deliver relevant advertising to our clients.

1.3   In order to fulfill the purposes identified in section 1.2 above, we collect and use several types of information from and about our clients, which may include the following:

  • Personal information that we can reasonably use to directly or indirectly identify our clients, such as name, mailing address, email address, telephone number, Internet protocol (IP) address used to connect the client’s computer to the Internet, user name or other similar identifier, billing and account information, and any other identifier we may use to contact our clients; and
  • Health information that we require in order to provide our clients with services, such as medical/health history, medication/supplement history, environmental exposures, family history, lifestyle/social, exercise, psychosocial, symptoms nutrition diaries, blood sugar data, microbiome data, and the results of tests that we conduct as part of the services we provide.

1.4  We use different methods to collect clients’ information, including through:

  • Direct interactions with clients when they provide it to us, for example, by filling in forms, or corresponding with us in person, by phone, by email or otherwise; and
  • Obtaining the results of tests as part of the services we provide.

1.5  As you navigate through and interact with our website, we may use cookies or other automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to our website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we collect automatically is statistical information and may include personal information, and we may maintain it or associate it with personal information we collect in other ways, that you provide to us, or receive from third parties. It helps us to improve our website and to deliver a better and more personalized service, including by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our website according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our website.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website. 
  • Web Beacons. Pages of our website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics. Some applications on our website, such as Google Analytics and the Meta Pixel are provided by third parties. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioural) advertising or other targeted content. 
  • Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our website. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. We encourage our clients to review Google's Privacy Policy to find out how Google tracks and uses personal information.
  • Meta (Facebook) Pixel. Our website may include code known as the Meta Pixel that allows us to collect data regarding visitor activity on our website. This data is shared with Meta. We encourage our clients to review Meta's Privacy Policy to find out how Meta tracks and uses personal information.

Policy 2 – Consent

2.1  We will obtain client consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent). 

2.2  Consent can be provided orally, in writing, electronically, through an authorized representative or it can be implied where the purpose for collecting using or disclosing the personal information would be considered obvious and the client voluntarily provides personal information for that purpose. 

2.3  Consent may also be implied where a client is given notice of a specified purpose for collection, use or disclosure of the client’s personal information and a reasonable opportunity to opt-out of his or her personal information being collected, used or disclosed for the specified purpose. 

2.4  Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), clients may withhold or withdraw their consent for Evolving Health Inc. to use their personal information in certain ways.  A client’s decision to withhold or withdraw their consent to certain uses of personal information may restrict our ability to provide a particular service or product.  If so, we will explain the situation to assist the client in making the decision. 

2.5  We may collect, use or disclose personal information without the client’s knowledge or consent in the following limited circumstances: 

  • When the collection, use or disclosure of personal information is permitted or required by law;
  • When the collection, use or disclosure of personal information is necessary for medical treatment of the client and the client is unable to give consent;
  • In an emergency that threatens an individual's life, health, or personal security;
  • When the personal information is available from certain public sources as described in PIPA’s regulations (such as a telephone directory);
  • When we require legal advice from a lawyer;
  • For the purposes of collecting a debt;
  • To the information is needed for an investigation (for example, for breach of contract or fraud and getting consent might comprise the information’s availability or accuracy;

Policy 3 – Using and Disclosing Personal Information

3.1  We will only use or disclose client personal information where necessary to fulfill the purposes identified at the time of collection, which may include disclosure to our contractors and service providers when it is necessary in order for us to fulfil such purposes and to third parties we use to support our business (such as analytics and search engine providers that assist us with website improvement and optimization).

3.2  We will not use or disclose client personal information for any additional purpose unless we obtain consent to do so. 

3.3  We will not sell client lists or personal information to other parties unless we have consent to do so

Policy 4 – Retaining Personal Information

4.1  If we use client personal information to make a decision that directly affects the client we will retain that personal information for at least one year so that the client has a reasonable opportunity to request access to it, and/or we are able to refer to it for future appointments and consultations. 

4.2  Subject to policy 4.1, we will retain client personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose. 

Policy 5 – Ensuring Accuracy of Personal Information

5.1  We will make reasonable efforts to ensure that client personal information is accurate and complete where it may be used to make a decision about the client or disclosed to another organization. 

5.2  Clients may request correction to their personal information in order to ensure its accuracy and completeness.  A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought. 

A request to correct personal information should be forwarded to the Privacy Officer or designated individual.

5.3  If the personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required and send the corrected information to any organization to which we disclosed the personal information in the previous year.  If the correction is not made, we will note the clients’ correction request in the file. 

Policy 6 – Securing Personal Information

6.1  We are committed to ensuring the security of client personal information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks. 

6.2  The following security measures will be followed to ensure that client personal information is appropriately protected: 

  1. Premises are locked and safeguarded by a monitored alarm system;
  2. Access to personal information is restricted as appropriate and only shared with personnel that require access in order to provide the requested service.  
  3. All external gateways of Evolving Health Inc.’s network are protected by an active business grade firewall and business grade antivirus across the entire network including servers and endpoints (commercial/business grade means antivirus and firewall protection which is suitable for businesses only, not for households/consumer use);
  4. All data that is necessary to run the Evolving Health Inc.’s is business backed-up at least every 7 days;
  5. All critical data is backed-up to an environment which is completely separate from the Evolving Health’s network, and tested for integrity at least every 180 days;
  6. Critical patches are installed within 30 days of release; and

\

  1. All portable media devices including tablets, phones, and computers are password protected with two-factor authentication.

6.3  We will use appropriate security measures when destroying client’s personal information such as shredding documents, and deleting electronically stored information. 

6.4  We will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security. 

Policy 7 – Providing Clients Access to Personal Information

 7.1  Clients have a right to access their personal information, subject to limited exceptions. 

7.2  A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought.  A request to access personal information should be forwarded to the Privacy Officer or designated individual.

7.3  Upon request, we will also tell clients how we use their personal information and to whom it has been disclosed if applicable. 

7.4  We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request. 

7.5  A minimal fee may be charged for providing access to personal information.  Where a fee may apply, we will inform the client of the cost and request further direction from the client on whether or not we should proceed with the request. 

7.6  If a request is refused in full or in part, we will notify the client in writing, providing the reasons for refusal and the recourse available to the client. 

Policy 8 – Questions and Complaints:  The Role of the Privacy Officer or designated individual

8.1 The Privacy Officer is responsible for ensuring Evolving Health Inc.’s compliance with this privacy policy and the Personal Information Protection Act. 

8.2 Clients should direct any complaints, concerns or questions regarding Evolving Health Inc.’s compliance in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, the client may also write to the Information and Privacy Commissioner of British Columbia. 

Contact information for Evolving Health Inc. Privacy Officer:

Jennifer Sirounis

jennifer@evolvinghealth.ca

Policy 9 – Changes to this Privacy Policy

9.1 We will post any changes we make to this privacy policy on this page with a notice that our privacy policy has been updated on our website home page. If we make material changes to how we treat our clients’ personal information, we will notify our clients by email to the primary email address we have on file and through a notice on our website home page. 

9.2 We will include the date this privacy policy was last revised at the top of the page. Clients are responsible for ensuring we have their up-to-date, active, and deliverable email address, and for periodically visiting our website and this privacy policy to check for any changes.

Transform your life with the science of longevity.

Follow us:
Legal
Privacy Policy
Terms and Conditions
© Evolving Health Inc. All Rights Reserved 2025. Designed by RxMedia.