Privacy and Cookie Policy
Effective Date (Last Updated): November 22, 2023
1. Medexus Pharma’s Commitment to Privacy Protection
Medexus Pharmaceuticals Inc. (“Medexus”, “we”, “us”, “our”) is committed to protecting the privacy of consumers who visit our websites and of our customers (“you”, “your”) in accordance with applicable law. Please read this Privacy and Cookies Policy (“Policy”) before using the following Medexus websites: shopmedexus.com and any website operated by Medexus relating to a Medexus product that Medexus distributes in Canada (“website(s)”).
Please note that these websites and their content are intended for Canadian residents only. Medexus makes no representation that the Content is appropriate for residents of any other jurisdiction. Any product information available on these websites is intended only for the Canadian market. Medexus makes no representation that these products are available anywhere outside Canada or are legal for sale in any jurisdiction outside Canada.
2. Overview
This Policy applies to the websites named above and outlines how we collect and process your personal data. It applies to information we collect, use, or disclose about you on the websites named above; in email, text, and other electronic messages between you and those websites; and when you interact with our advertising and applications on third-party websites and services if those applications or advertising include links to this policy.
Please read this Policy carefully to understand our policies and practices for collecting, processing, and storing your information. If you do not agree with our policies and practices, your choice is not to use our websites. By accessing or using our websites, you indicate that you understand, accept, and consent to the practices described in this Policy.
This Policy does not apply to information that we collect offline or through any other means, including on any other Medexus or third-party website (including those of our affiliates and subsidiaries), or that you provide to or is collected by any third party (including our affiliates and subsidiaries) through any application or content (including advertising) that may link to or be accessible from or on the websites named above.
Our websites and other marketing materials may include links to third-party websites, plug-ins, services, social networks, or applications. Clicking on those links or enabling those connections may allow the third party to collect or share data about you. If you follow a link to a third-party website or engage a third-party plugin, please note that these third parties have their own privacy policies and we do not accept any responsibility or liability for these policies. We do not control these third-party websites, and we encourage you to read the privacy policy of every website you visit.
3. Changes to This Privacy and Cookies Policy
Medexus reserves the right to change, modify, add, or delete portions of this Policy at any time. If amended, we will provide notice to you by publishing the most current version of this Policy and revising the Effective Date at the top of this page. If we make a material change to this Policy, we will provide additional notice by displaying a prominent notice on our websites or, if required by law, by sending you an email.
It is your responsibility to review this Policy regularly. By continuing to use our websites after changes to this Policy come into effect, you agree to the revised Policy. You may contact us at the address in section “Contact Us”, below, to obtain a copy of this Policy at any time.
4. Personal Data We Collect and Why
Medexus collects your personal data, with your consent, for a variety of purposes. When you create a customer account on our websites, we collect your first and last name, email address, postal address, phone number, and other consumer preferences and information. In creating your credentials used for authentication and customer account access, we (or third-party service providers acting on our behalf) collect a username and password. When you order products and complete a transaction form on our websites (in particular, but without limitation, shopmedexus.com), we (or third-party service providers acting on our behalf) collect data needed to process your order, including your billing and shipping information, business name if applicable, and information related to your selected payment method from these options: credit card, PayPal. (We would also collect information related to your selected payment method from these additional options where available: Shopify Payments, Apple Pay, or Google Pay.) Without this data, we cannot enter into a contractual relationship with you and fulfill your order. Please see our Terms and Conditions for more information. You may also refer to {https://www.shopify.com/legal/privacy} for information about Shopify’s privacy policies.
When you email us via a contact form on our websites or send us mail via postal service, we collect your personal data so we can respond to you and keep a record of our correspondence. We also collect your personal data when you opt-in to receive email newsletters and when you submit comments, feedback, questions, or product reviews.
If we change the purpose for which we use your personal data, we will obtain your consent for that new purpose prior to using your data.
Medexus does not intentionally or knowingly collect sensitive personal information about you, meaning, for example, any information that reveals your race or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic information, biometric information used to identify you, and any information concerning your health, sex life, or sexual orientation. If you share sensitive personal information with us, we may delete it with the understanding that you explicitly consented to its deletion.
Our websites use cookies to collect data about you and your internet enabled device, such as your computer, smartphone, or other device. (See section “How We Use Cookies and Similar Technologies”, below, for more information.) We also collect your IP address and geographical location from which you accessed our websites, your internet connection and browser type, and information about how you use our websites, such as which pages you view, when you view them, and what you click on. We use this data to understand more about how you and other users interact with our websites.
5. How We Use Your Personal Data
Medexus uses your personal data to provide you with a better experience on our websites. We use your data to help us market and sell our products to you, to provide you with customer support, to fulfill your order requests and provide invoices, confirmations, and updates, to improve and develop our products and websites, to make product recommendations, and to send you promotional communications, targeted advertising, and relevant offers. We use your data to respond to your comments, feedback, and questions, to notify you about changes to our websites, to carry out our obligations from any contracts entered into between you and us (see our Terms and Conditions for more information), and to provide you with emails and other communications if you have consented to receiving these from us.
We use the personal data we collect to understand how you and other users interact with our websites and our other marketing communications. We perform various data analytics to deepen this understanding. We seek to improve our websites and marketing activities by better understanding this usage behavior.
Whenever required to do so, we will use personal data to comply with our legal obligations and any applicable laws and regulations.
6. Collection of Personal Data From Children
Our websites and marketing activities are not aimed at children under 13 years of age, and customer accounts on our websites are intended for adults who are at least the age of majority in their province, or place of residence. We intend to comply with the Children’s Online Privacy Protection Act of 1998 (“COPPA”) and we therefore do not knowingly collect personal data from children.
If you are under 13 years of age, do not use or provide any information on our websites or on or through any of its features, register on the websites, make any purchases through our websites, use any of the interactive or public comment features of our websites, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use.
If we become aware that we have personal data of children, whether through error, deception, or fraud, we will delete the data unless there is a justifiable reason to retain such data in compliance with COPPA. See our Terms and Conditions for more information.
7. Where We Store and Process Personal Data
Medexus is based in Canada with a global reach. To help us market and sell our products online, we use a variety of other third-party service providers. For example, we use Shopify to host some of our websites.These service providers collect and process certain personal data on our behalf and have servers located in the United States of America and other countries or regions around the world. See section “Who We Share Your Personal Data With and Why”, below, for more information.
8. Who We Share Personal Data With and Why
We share your personal data only when we have a legitimate reason for doing so. We will share your personal information with our subsidiaries and affiliates. We also use several third-party service providers to help us market and sell our products online, many of which are involved in collecting and/or processing personal data on our behalf, and we will share your personal information with these third-party service providers for the purposes described in this Policy.
We do not sell or give away your personal data. We may collect aggregated, anonymous information (such as demographic and profile data, usage and selection data, and similar data) about our website users and customers. We may share aggregated statistics about our users and customers with our third-party service providers, agents, marketing consultants, and advertisers. Before sharing this information, we would aggregate or reasonably de-identify your personal data so that any information could not reasonably be used to identify you. We would share this data in order to better understand and learn more about our customers and their preferences, to improve our products, services, and websites, and for related marketing and research purposes.
We will disclose your personal data in response to a court order or other governmental request, and in compliance with any legal obligation we must uphold. We will also share your personal data in connection with a merger, sale of company assets, or acquisition of all or a portion of our business by another company. In the unlikely event that we go out of business or enter bankruptcy, your personal data would likely be one of the assets that is transferred to or acquired by a third party. If any of these business transfers happens, this Policy would continue to apply to your personal data and the party receiving your data would continue to follow this Policy.
We may process, store, and transfer your personal information in and to a foreign country that is subject to different privacy laws that may or may not be as comprehensive as Canadian law. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country or others may be able to obtain access to your personal information through the laws of the foreign country.
By submitting your personal information to or engaging with our websites, you consent to the transfer, storage, and processing described in this Policy.
9. How Long We Retain Personal Data
We store your personal data until it is no longer necessary for us to provide our products and services to you or until your customer account or other data is deleted. (See section “How to Access and Control Your Personal Data”, below, for information on how to delete your personal data.) We retain your personal data to comply with legal and regulatory requirements or for our legitimate business purposes, such as responding to enquiries, and may sometimes need to keep it for a longer period. When you make a purchase on our websites, we retain your billing information and order details for accounting, tax, and regulatory purposes. If we determine that we do not need to retain your information, we may delete, destroy, or anonymize it sooner (although we do not typically do so).
Note that our third-party service providers may also retain your personal data, and we may not be able to ensure that these service providers delete your personal data once it is no longer necessary to store it.
10. How to Access and Control Your Personal Data
You have the right to access, verify, update, edit, delete, obtain a copy of, and transfer your personal data in our systems as set out in this Policy and applicable law. (See the section “How to Contact Us”, below, for more information about requesting access to or a copy of your data.)
You may contact us at any time to request access to, deletion of, and/or updates to your personal data. If you have a customer account on our websites, or have posted any comments our websites, you can request to receive an exported file of your personal data. We will provide access to your personal information, subject to exceptions set out in applicable privacy legislation. Examples of such exceptions include information protected by lawyer-client privilege, information that is part of a formal dispute resolution process, information that is about another individual that would reveal their personal information or confidential commercial information, and information that is prohibitively expensive to provide.
Where you have provided your consent to the collection, use, and transfer of your personal information, you may have the legal right to withdraw your consent under certain circumstances. You may also submit an objection to or a request to restrict our use of your personal data, and can request that we delete any personal data we hold about you, subject to any retention obligations we may be subject to for administrative, legal, or security purposes.
To submit a request, contact us at the address provided in the “How to Contact Us” section, below. Please note that if you withdraw your consent then we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you with your decision. When you request access to your personal data, we are required to use all reasonable measures to verify your identity before granting access. We do this to protect your data and limit the risk of potential identity fraud/theft or unauthorized access.
You retain the right to contact the privacy or data protection regulator in the country where you live to make a complaint regarding our use of your personal information.
11. How We Keep Your Personal Data Secure
We use Shopify to store data on secure servers and create server logs used to monitor network security. We seek to review our systems for unusual or suspicious activity, to implement mechanisms for preventing unauthorized access, and to block distribution of malicious code. Server logs collect your IP address, the webpages you access on our websites, information you request and the date/time of your request, the source of your access to our websites (for example, the website or link which referred you to our websites), your browser version, and your operating system. Secure Sockets Layer (“SSL”) technology is used to encrypt payments you make on or via payment websites associated with Medexus. We require our staff and any third parties who carry out any work on our behalf to comply with appropriate compliance standards, including obligations to protect personal data when using and transferring such data.
No data transmission over the internet can ever be guaranteed as 100% secure; by accessing our websites and submitting your personal data over the internet, you do so at your own risk. (See our Terms and Conditions for more information.) If a data breach occurs and jeopardizes the security of your personal data, we will work with Shopify and our other third-party service providers to address the breach. We will notify users of our websites of a data breach as, to the extent, and within the timeframes required by applicable law.
12. How We Use Cookies and Similar Technologies
Cookies are small text files sent to and stored on your web-enabled device (for example, your computer, smartphone, or other device) when you visit a website. This data uniquely identifies your device. When we use the term “cookies”, we include other technologies that accomplish similar tasks or help cookies function. For example, web beacons are electronic tags on webpages used to help deliver cookies. Web beacons can also be used in emails to collect information about delivery rate, open rate, and click through rate this helps us assess the level of engagement by our email recipients.
We use cookies on our websites to fulfil many different legitimate business purposes. Cookies help us distinguish you from other users of our websites and help us improve your experience on our websites. Cookies help us store your preferences and settings, enable you to sign-in to your customer account, and help us provide you with interest-based advertising. We also use cookies to combat fraud and analyze how our websites are performing. Cookies allow us to automate the display of our advertisements on other websites you visit. This automation increases our efficiency in providing relevant content: we can direct our advertising to consumers who are interested in our products based on their activity on our websites.
When we include links to other websites, those sites will have their own privacy and cookie policies that will govern the use of your personal data on those sites. We recommend you check their policies as we are not responsible or liable for their practices.
Web browsers are typically set up to accept cookies. If you wish to amend your cookie preferences, you may be able to do so through your browser settings. If you choose to turn off certain cookies, it may affect the functionality of our websites. The cookies we use cannot access your computer, phone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive. If you use a public computer to access our websites, our cookies cannot be used by anyone else who has access to that computer to find out anything about you, other that the fact that someone using that computer may have visited our websites.
13. How to Contact Us
If you have any questions about this Policy, please contact us at the address below. Also, please send us any comments or complaints about this Policy or our handling of your personal data. Send us a written request if you wish to withdraw your consent to our use of your personal data, for any specified purpose, or to request access to or a copy of your data we have on file in order to review it for accuracy, to make changes, to transfer it, or delete all of part of it.
Medexus Pharmaceuticals Inc.
35 Nixon Road, Unit 1
Bolton, Ontario L7E 1K1
Attn: Privacy Policy Administrator
Corporate.Notices@Medexus.com
We will respond to your question, inquiry, or complaint within a reasonably prompt timeframe. We strive to respond within thirty business days, except where required by law to respond sooner.