Fran├žais

MIRACULINS INC.
Privacy Policy

PRIVACY POLICY:

Miraculins Inc. ("Miraculins") is committed to protecting the privacy rights of its employees, officers, directors, shareholders, customers, patients, health care professionals, suppliers, and clinical trial participants, and we are committed to maintaining the accuracy, confidentiality, and security of your personal information. This policy explains how we collect, use, disclose and safeguard the personal information you provide to us.

BY PROVIDING PERSONAL INFORMATION TO US, YOU SIGNIFY YOUR CONSENT TO OUR COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THIS PRIVACY POLICY.

INTRODUCTION:

Ontario's health information privacy legislation, the Personal Health Information Protection Act, 2004 (PHIPA), and Canada's federal private sector privacy legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA) and other similar provincial legislations, provide the foundation of Miraculins' Privacy Policy.

For the purposes of this privacy policy, "personal information" includes personal health information, as the term is defined by the PHIPA, and any information that can identify an individual directly or through other reasonably available means.

PRINCIPLES:

PHIPA and PIPEDA are each rooted by the same ten principles (the "Principles") which are as follows:

Miraculins' privacy policy adheres to these 10 policies and the following discusses each of the foregoing principles as they apply to Miraculins' practices.

Principle 1 - Accountability
We will maintain and protect the personal information under our control. We have policies and procedures for ensuring confidentiality and security of data, which are strictly enforced to protect the individuals from whom we may collect personal information, or whose information we may have access to as a result of our business, clinical research and our website.

We have designated an individual who is accountable for compliance with the Principles. Please see Principle 10 to obtain the contact information for our Manager, Operations, who acts as our Privacy Officer. Our Privacy Officer is responsible for Miraculins' compliance with this policy is responsible for ensuring that our business activities including all clinical research studies and collection of personal information via our website is implemented in accordance with current legal requirements with regard to the protection of personal information.

Principle 2 - Identifying Purposes
Miraculins will identify to you the purposes for which it will use personal information before or at the time the information is collected.

Purposes for the Collection of Your Personal Information:

Clinical Research Purposes:
Data are used for research and statistical purposes only. Miraculins collects personal information on its clinical trial participants in order to assist the Principal Investigator of the clinical trial by monitoring the participant's progress in the particular trial. Miraculins uses and/or collects only the information necessary to meet the pre-identified written and ethically-approved research purposes. In most cases, a third party collects the information from individuals and only transfers aggregated, anonymized data (data which cannot identify any individuals), to Miraculins. However, even in the instances when Miraculins only receives anonymized data, Miraculins is still required to conduct audits at such third party's facilities to ensure the integrity of the data. As such, Miraculins will have access to your personal information during such audits.

Employee Relationships:
Miraculins collects personal information on employees for purposes of hiring and managing the employer/employee relationship which includes, without imitation, activities such as processing payroll and providing certain employer sponsored benefit plans.

Other/Commercial Purposes
Other purposes for which we may collect and use your personal information include:

We may also use your personal information for other purposes that are disclosed at the time of collection, or as otherwise permitted or required by law. If a new purpose is identified for the use of the information Miraculins collected, the new purpose will be identified prior to its new use. Unless the new purpose is required by law, the consent of the individual is required before information can be used for that purpose. This may be done verbally, (i.e. by telephone) or in writing using a consent form.

Principle 3 - Consent
Your knowledge and informed consent is required for the collection, use or disclosure of your personal information.

By providing personal information to us, you signify your consent to the collection, use and disclosure of your personal information in accordance with this privacy policy.

You may withdraw your consent at any time by contacting our Privacy Officer, within the bounds of legal and/or contractual restrictions and reasonable notice.

Consent for Clinical Trials:

Consent can be obtained in several ways:

  1. A study-specific, customized form will be used to seek consent, outlining the purpose of the study, the information to be collected, the risks and benefits of study participation, and a description of how the information will be used. All the study components are described to the individual by the investigator/designate and all individuals will have the opportunity to ask questions and obtain further information. By completing and signing the form, the individual is giving his or her express consent to the collection for the specified uses.
  2. Third party researchers (or research organizations) who are sponsored by Miraculins will explicitly request the consent of study participants to the transfer to Miraculins of personal information obtained in the context of clinical trials. These third party researchers sign confidentiality agreements and use data for specified research and statistical purposes and as allowed by applicable law.
  3. Consent may be given verbally when permitted by law.
  4. Principle 4 - Limiting Collection
    The personal information collected by us shall be limited to those details necessary for the purposes identified to you. How and When We Collect Personal Information:

    We collect your personal information where you provide it to us voluntarily, with your consent, or otherwise as permitted or required by law. We may collect your personal information when you:

    • Request information, including Miraculins news by email;
    • Inquire or provide comments about our products and services;
    • Participate in advisory boards;
    • Participate in clinical trials;
    • Participate in contests or other promotions;
    • Fill out questionnaires or surveys;
    • Provide your resume or personal information in connection with employment possibilities with us; or
    • Provide your personal information in connection with the PREVU* POC training process.

    What Sort Of Personal Information May We Collect:
    The type of personal information we may request depends on and is related to the reason (or purpose) such personal information was provided to us.

    In a clinical trial, the trial site will collect information from trial participants, as specified in the clinical trial protocol. This data is reported back to Miraculins on a case report form (CRF). The patient's identity is not disclosed on the CRF. Only an alphanumeric code will appear on the CRF. As per Good Clinical Trial Practices, all sponsors of clinical trials must visit the trial sites on a regular basis to ensure that the information reported on the CRF matches the information in the patient's file. During these monitoring visits, the clinical trial monitor, who is a Miraculins employee, will have access to all patient files. This individual will verify that the data contained in the CRF matches the source documents, will remove a copy of the CRF for filing at Miraculins but will not remove any patient files or documents that identify patients from the trial site. Patient files at clinical sites may contain:

    • contact information, such as your name, mailing and/or e-mail address, and home telephone number
    • demographic information, such as your age, gender, ethnic origin, and date of birth
    • occupation
    • existing medical conditions, medication prescribed and other medical information, including that which was collected at the clinical trials and the results from tests conducted as a result of the clinical trial.

    The following is a description of the types of personal information that we may request from officers, directors and employees:

    • contact information, such as your name, mailing and/or e-mail address, and home telephone number
    • demographic information, such as your gender and date of birth
    • social insurance number, income, and bank account information
    • emergency contact information
    • information you provide when you contact us

    Principle 5 - Limiting Use, Disclosure and Retention
    We will only use or disclose your personal information in accordance with the purposes for which it was originally collected unless you have otherwise consented, or when it is required or permitted by law. We will retain your personal information only for so long as is required to fulfill the purpose for which it was collected or as required by law.

    Miraculins has agreements in place with third parties who may transfer personal information to Miraculins. Such third parties have obtained the appropriate consents from the individuals, maintain the security of the information, are operating in accordance with all applicable laws, and only anonymized data (data which cannot identify an individual) is provided to Miraculins. As noted above, the only time Miraculins may have access to the personal information that can identify an individual is when Miraculins conducts audits of such third party to ensure the integrity of the data. After the audit is conducted and Miraculins has certified the integrity of its data upon which its research is based, Miraculins does not retain any personally identifiable information.

    Personal information that is no longer required to fulfill the identified purposes will be destroyed or erased after the agreed-upon retention period and all retention periods required by law, have been met. Miraculins has developed guidelines and implemented procedures to govern the destruction of personal information.

    Agents and Service Providers

    Personal information may be transferred to third-party service providers, agents or affiliates we engage to provide data warehousing, IT services, fulfillment, distribution, printing, market research, contest management or other services on our behalf, some of which may be located in the U.S. or elsewhere outside of Canada.

    If your personal information is transferred to agents or service providers that perform services on our behalf, we use contractual and other means to require such third parties to protect your personal information and not use or disclose it for any other purpose other than as directed by us or as permitted or required by law. Please note that the privacy laws in other jurisdictions may differ from Canadian privacy laws and that in some jurisdictions your personal information may be accessed by law enforcement authorities or the courts. If you would like to obtain more information about our policies and practices with respect to our transfer and processing of personal information outside of Canada, please contact us in any of the ways described below under "Principle 10 - Inquiries and Concerns".

    DISCLOSURE OF PERSONAL INFORMATION:

    When Information May Be Disclosed to Outside Parties:

    Except as specifically provided for in this Privacy Policy, or as otherwise consented to by you, we do not disclose any personal information to third parties. The following are the limited instances where we may disclose your personal information to third parties:

    • When required or permitted by law.
    • To investigate potentially fraudulent or questionable activities regarding your relationship with Miraculins.
    • In anticipation of and in the course of an actual or potential sale, reorganization, consolidation, merger or amalgamation of our business.
    • For data warehousing and storage.

    Principle 6 - Accuracy
    We shall make every reasonable effort to ensure your personal information is maintained in an accurate, complete and up-to-date form.

    In the context of clinical trials, Miraculins ensures that all information collected will be accurate, complete and up-to-date as possible at the time of collection. This requirement ensures that the information derived from the study is valid. Miraculins will not update personal information collected in the context of clinical trials, unless such a process is necessary to fulfill the research purpose for which the information was collected initially. Information that has been provided to Miraculins in an anomymized form cannot be updated by Miraculins, unless the organization collecting the data verifies and updates the information.

    Miraculins will rely upon you to provide accurate and complete information and to advise us if circumstances change over time. If you contact us with a request, we will take appropriate steps to update or correct the personal information in our possession that you have previously provided to us. You are entitled to challenge the accuracy and completeness of your personal information and have it amended, as appropriate.

    Principle 7 - Safeguarding Information
    Miraculins considers the information we have to be highly sensitive. Miraculins will utilize industry standard technologies and maintain current security standards to ensure that your personal information is protected against unauthorized access, disclosure, inappropriate alteration or misuse.

    The nature of the safeguards will vary depending on the type, amount, distribution and format of the information. For instance, the information provided by employees, officers and directors is maintained on an Employee Data Sheet with a password on the Office Manager's hard drive. A hard copy of the data sheet is kept in the employee's personnel file and on the payroll. This information, as well as files pertaining to former employees, is locked in filing cabinets. Access is restricted. Data Sheets are printed, filed and then deleted from the Office Manager's hard drive.

    Other methods of protection Miraculins has in place include:

    1. Physical measures: locked facility, locked filing cabinets and restricted access to offices. Personal information pertaining to clinical trial participants is stored and maintained at clinical trial sites and is not stored or maintained at Miraculins locations.
    2. Organizational measures: research agreements, employee confidentiality agreements (with dismissal as a sanction), access limited to need-to-know basis, audits; policies and procedures for the destruction of personal information. Our security practices are reviewed on a regular basis and we routinely employ current technologies to ensure that the confidentiality and privacy of your information is not compromised.
    3. Technological measures: use of passwords to protect information, firewalls to prevent external access. Miraculins manages its server environment appropriately and our firewall infrastructure is strictly adhered to.
    4. Anonymization of data: when information is provided to Miraculins by third parties, we insist that it is provided to us in an anonymized fashion. This means that the only time Miraculins has access to personally identifiable information is when Miraculins conducts audits of such third party to ensure the integrity of the data.

    While we have enacted security measures, we cannot guarantee the security of any information that you submit via e-mail or over the Internet. Submissions of personal information using such networks is done at your own risk, since no Internet transmission is ever 100% secure or error-free (in particular, emails sent to or from our websites may not be secure). You should take special care in deciding what information you send to us via e-mail or posting on our websites. Moreover, where you use passwords, ID numbers or other special access features on our web sites, it is your responsibility to safeguard them.

    Our Employees and Your Personal Information:
    In the course of daily operations, access to private, sensitive and confidential information is restricted to authorized employees who have a legitimate business purpose and reason for accessing it. As a condition of their employment, all employees of Miraculins are required to abide by the privacy standards we have established. Employees are informed about the importance of privacy and they are required to agree to a code of conduct that prohibits the disclosure of any customer information to unauthorized individuals or parties.

    Unauthorized access to and/or disclosure of personal information by an employee of Miraculins is strictly prohibited. All employees are expected to maintain the confidentiality of personal information at all times and failing to do so will result in appropriate disciplinary measures, which may include dismissal.

    Principle 8 - Openness
    If you would like a copy of our Privacy Policy we would be more than happy to provide one to you and if you have any questions regarding the policy, we are more than happy to discuss them with you.

    Principle 9 - Individual Access
    Upon your request, we shall inform you of: (i) the type of personal information we have collected; (ii) how we have used your personal information in the past, and how we may in the future; and (iii) whether or not we have disclosed your personal information to any third parties (and, if so, to whom). Individuals may verify the accuracy and completeness of their personal information, and may request that it be amended, if appropriate.

    However, please keep in mind that if Miraculins has obtained only aggregated, anonymized data, we cannot tell you what information you provided that contributes to the aggregated data. For those instances, you will have to contact the party who collected the information from you originally. In this circumstance, if you can tell us what study you were a part of, we will do everything we can to assist you in providing you contact information for such third party.

    Please note that before we are able to provide you with any information or correct any inaccuracies we may ask you to verify your identity and to provide other details to help us to respond to your request.

    Principle 10 - Inquiries or Concerns
    Individuals may direct any questions or enquiries with respect to this Privacy Policy or, about Miraculins' information handling practices, or challenge Miraculins' compliance with this Privacy Policy, by contacting our Privacy Officer at:

    Attention: Privacy Officer
    Miraculins Inc.
    6-1250 Waverley Street,
    Winnipeg, Manitoba
    Canada
    R3T 6C6
    Phone: 1-888-928-7205 or 204-453-1408
    Fax: 204-453-1546
    Email: prevu@miraculins.com

    Individuals with inquiries or complaints will be informed in a timely fashion by Miraculins about relevant procedures. Miraculins will investigate all complaints in a timely fashion. If a complaint is found to be justified, Miraculins will take appropriate measures including, if necessary, amending its policies and procedures.

    Please contact us to withdraw your consent or with any enquiry, request or complaint related to this Privacy Policy or our privacy practices concerning personal information about you.

    Web Sites Governed by this Privacy Policy:
    The web sites that are governed by the provisions and practices stated in this Privacy Policy are: www.Miraculins.com, www.Miraculins.ca, www.Miraculinsinc.com, www.Miraculinsinc.ca, www.prevu.com and www.prevu.ca (the "Websites").

    Some areas of our web sites may ask you to submit personal information in order for you to benefit from specified features or to participate in surveys or other promotions. Our web sites clearly indicate what information is required and what information is optional.

    Certain non-personal information is recorded by the standard operation of Miraculins' Internet servers. Information such as the type of browser being used, its operating system and your IP address is collected in order to enhance your online experience at our web sites.

    What are Cookies: Cookies are pieces of information that a web site transfers to an individual's computer hard drive for record keeping purposes. Cookies make using our web sites easier by, among other things, saving your passwords and preferences for you. These cookies are restricted for use only on our web sites, and do not transfer any personal information to any other party. Most browsers are initially set up to accept cookies; however, you can reset your browser to refuse all cookies or indicate when a cookie is being sent. (Note: you will need to consult the help area of your browser application for instructions.) If you choose to disable your cookies setting or refuse to accept a cookie, some parts of Miraculins' web sites will not function properly or may be considerably slower.

    What are IP Addresses: An IP address is a number that's automatically assigned to your computer by your Internet provider whenever you're surfing the Internet. When you request pages on the web sites, our servers log your IP address. Miraculins collects IP addresses for the purposes of system administration, to report aggregate information to our advertisers, and to audit the use of our web sites. We do not link IP addresses to anything personally identifiable, which means that your session will be logged, but you will be anonymous to us. We may use your IP addresses in cooperation with your Internet provider to identify you if we feel it is necessary to enforce compliance with our Terms of Use or to protect our service, web sites, customers, or others.

    Miraculins' web site may contain links to other third party sites that are not governed by this privacy policy. Although we endeavour to link to only those sites with high privacy standards, our Privacy Policy will no longer apply once you leave Miraculins' web site. Additionally, we are not responsible for the privacy practices employed by other third party web sites. Therefore, we suggest that you examine the privacy statements of those sites to learn how your information may be collected, used, shared and disclosed.

    BY PROVIDING PERSONAL INFORMATION TO US, YOU SIGNIFY YOUR CONSENT TO OUR COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THIS PRIVACY POLICY.

    Updating this Privacy Policy:
    Any changes to our privacy policy and information handling practices will be reflected in this policy in a timely manner. We may add, modify or remove portions of this policy when we feel it is appropriate to do so. You may determine when this policy was last updated by referring to the modification date found at the bottom of this privacy policy.

    Last revised June, 2012