Privacy Policy

1. Who We Are

HealIn is a Canadian allied health practitioner directory operating at healin.ca. We are responsible for the personal information we collect under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.

2. Information We Collect

Practitioners:

• Name, email address, phone number
• Professional credentials (registration number, regulatory body, province)
• Practice details (city, neighbourhood, specialties, fees, session format)
• Profile photo
• Billing information (processed by Stripe — we do not store card numbers)

Visitors: We collect standard web analytics (page views, referrers) via Google Analytics. No personal information is collected from visitors who do not create an account.

3. How We Use Your Information

• To create and display your public practitioner profile
• To process subscription payments
• To send transactional emails (account confirmations, verification notices)
• To verify your registration status with the relevant regulatory body
• To improve the platform and detect fraud

We do not sell your personal information to third parties.

4. Third-Party Service Providers

We share data with the following trusted processors, each bound by their own privacy policies:

• Clerk — identity and authentication
• Supabase — database hosting (servers in the United States)
• Stripe — payment processing
• Resend — transactional email delivery
• Google Analytics — aggregate website analytics
• Netlify — web hosting

Where data is processed outside Canada, we take steps to ensure it receives equivalent protection.

5. Data Retention

We retain your account data for as long as your account is active and for a reasonable period afterward. Billing records are retained as required by law. You may request deletion at any time (see Section 7).

6. Cookies & Tracking

We use cookies for authentication sessions and Google Analytics for aggregate usage statistics. You can disable cookies in your browser settings; however, core features (sign-in, dashboard) require session cookies to function.

7. Your Rights

Under PIPEDA, you have the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Withdraw consent and request deletion of your account
• File a complaint with the Office of the Privacy Commissioner of Canada

To exercise these rights, email privacy@healin.ca. We will respond within 30 days.

8. Security

We implement industry-standard security measures including TLS encryption in transit, row-level security on our database, and access controls on all internal systems. No method of transmission is 100% secure; if you have concerns, contact us immediately.

9. Changes to This Policy

We may update this policy periodically. Material changes will be communicated by email to registered practitioners. The current version is always available at healin.ca/privacy.

10. Contact

Privacy inquiries: privacy@healin.ca