Healthcare Heart Inc

“HEALTHCARE HEART INC.®️” 

PRIVACY POLICY

Last Revised: 05.25.2025

Version 1.1

Healthcare Heart Inc. (HH INC.) Incorporation (“HH INC.”) respects the privacy of our users of the various HH INC. Services (as defined below) and is committed to protecting Personal Healthcare Information of our users through HH INC.’s compliance with this Privacy Policy (the “Privacy Policy”), as well as adhering to the various privacy laws that govern how HH INC. conducts its business using Personal Healthcare Information of our users. This means that HH INC. does not transfer, distribute, disclose, or sell any of HH INC.’s users’ Personal Healthcare Information to third-parties, except as provided for in this Privacy Policy or as specifically consented by HH INC.’s users.

HH INC.’s “HH INC. Services” mean

• HH INC.’s mobile applications that HH INC. makes available for the use of providing HH INC. Services (“Apps”),
• (ii) HH INC.’s website currently located at https://www.JennaChou.com/and the webpages within that website) (“Website”), and (iii) any software, platforms, digital services, features, tools, and functionalities, as well as any content of HH INC. or its licensors, made available via or accessible through HH INC.’s Apps or HH INC. has developed policies and procedures consistent with Canada’s “Personal InformationProtection and Electronic Documents Act” (“PIPEDA”), and other relevant privacy laws, including “Canada’s Privacy Act”, “Healthcare Consent Act, 1996”, “Long-Term Care Homes Act, 2007”, “Personal Health Information Protection Act, 2004” (“PHIPA”), as well as adherence to United States’ “Health Insurance Portability and Accountability Act of 1996” (“HIPAA”) and “Health Information Technology for Economic and Clinical Health of 2009” (“HITECH”).

GENERAL TERMS & CONDITIONS (Terms of Services)

These “HH INC.’S GENERAL TERMS OF SERVICES (TOS)” are between you (i.e. the end-user) (“You”) and Healthcare Heart Inc. (HH INC.) Incorporation (“HH INC.”), and they govern Your use of the HH INC. Services (as defined below). In these “HH INC.’S GENERAL TERMS OF SERVICES (TOS)”, the word “use” means “access or use”.

HH INC. makes available, via its Website and its Apps, an online service that allows Users seeking home care service to arrange, schedule and pay for home care services from third party service providers who wish to complete such services for the requesting User.

You may contact HH INC. by e-mail at Privacy@HealthcareHeart.ca with questions about these “HH INC.’S GENERAL TERMS OF SERVICES (TOS)”.

SCOPE 

This Privacy Policy applies to all PersonalInformation collected, used or disclosed by HH INC. from any user (“you” or “your”) of HH INC. Services, including any Independent Healthcare Provider and any Recipient/ Client of HH INC..“Personal Information” is any  form that identifies or can identify an individual or could be combined by HH INC. or our service providers and affiliates with other information to identify you,and includes your personal health
information.

By using (the word “use” in this Privacy Policy will mean “access or use”) any of HH INC. Services, you “expressly consent” to HH INC.’s collection, use and disclosure of your Personal Information in accordance with this Privacy Policy. “Express consent” means that you are consenting in written format on our requiredlegal documents.

For other types of instances where you consent to HH INC.’s collection, use and disclosure of your Personal Information, please see the information under the sub–heading “Consent” below.

“Provider” includes Certified Personal Support Workers (PSWs), Registered Nurses (RNs), Physiotherapists, and other Accredited Healthcare Professionals and are all legallydesignated as HH INC.’s Independent Healthcare Service Providers.

ACCOUNTABILITY 

HH INC. is responsible for and the collection, storage, usage, and distribution of Healthcare Personal Information provided by HH INC.’s users. HH INC.’s “Privacy Office” is responsible for ensuring that HH INC.’s business operations adhere to the various relevant Privacy Laws and regulations specified in the “Introduction” section of this Privacy Policy. HH INC.’s “Privacy Office” is accountable for the strict adherence to ALL relevant Privacy & Data Security Laws and Regulations.

HH INC. has developed policies and procedures consistent with Canada’s “Personal InformationProtection and Electronic Documents Act” (“PIPEDA”), and other relevant privacy laws, including “Canada’s Privacy Act”, “Healthcare Consent Act, 1996”, “Long-Term Care Homes Act, 2007”, “Personal Health Information Protection Act, 2004” (“PHIPA”), as well as adherence to United States’ “Health Insurance Portability and Accountability Act of 1996” (“HIPAA”) and “Health Information Technology for Economic and Clinical Health of 2009” (“HITECH”). Other Canadian and International applicable healthcare privacy and security laws relating to Healthcare Personal Information can be answered by contacting HH INC.’s “Privacy Office” at: Privacy@HealthcareHeart.caor by texting 1-416-571-3662 for HH INC.’s “Privacy & Governance Officer”, Jenna Chou, PMP.

INFORMATION HH COLLECTS

1) Personal Information 

Personal Information that HH INC. collects, or may have access to, includes, but not limited to:

• Registration information, such as name, date of birth, age, e-mail address, physical address, postal code, and phone numbers;
• Billing and payment information, including credit card information, billing address, and bank account details;
• MAC addresses or other device identifiers;
• IP addresses;
• Geo-locations;
• Web Server Logs and Application Logs;
• Health Information: Medical history, health card number, family physician(s), specialists’ diagnoses reports, prescriptions, and the individual’s health treatment plans from physicians/specialists, whether provided by you directly via HH INC.’s technological services platforms, or indirectly via HH INC. Services through HH INC.’s Independent Healthcare Service Providers (who may collect such information during the delivery of Home Care Services);
• Personal Information contained within contents uploaded to HH INC. Services by HH INC.’s users, mostly using connected/linked third-party Apps/websites/other service providers that you already provided your Personal Information to, such as the various social media accounts platforms;
• Any other Personal Information that you may provide when you use HH INC. Services, or when you contact HH INC. with questions and/or inquiries about your healthcare requirements;
• Technical support records;
• Any information that HH INC. collects from you that is intended to improve and personalize HH INC. Services to provide HH INC.’s users with the best personalized healthcare experience

2) Non-Personal Information(NPI) 

HH INC. collects Non-Personal Information (“NPI”) about HH INC.’s users when they interact with any of HH INC. Services via HH INC.’s various technological platforms and communication channels. For instance, NPIs may include, but not limited to: browser information, types of computers or devices, and technical information about HH INC.’s users’ means of connecting to HH INC. Services, such as through different operating systems, users’ Internet Service Providers’ information, and Cellular Carrier Service Providers’ details. HH INC. uses NPIs in ongoing efforts to better understand and serve the users’ of HH INC. Services, includes providing HH INC. Services and to improve the contents and functionalities of the various HH INC. Services and HH INC.’s technological platforms.

For instance, HH INC. uses NPIs to monitor traffic and to collect statistical data. HH INC. also conducts research using HH INC.’s users’ demographics and behaviours based on these Personal Information and the NPIs that HH INC. collects from HH INC.’s users. These research projects are compiled and analyzed on an aggregated and de-identified basis and therefore are treated as NPIs under HH INC.’s Privacy Policy.

The NPIs collected by HH INC. will not be shared with third-parties, except in situations expressly indicated in this Privacy Policy, or with HH INC.’s Affiliates, business partners and other third- parties providers which deliver HH INC. Services and for other legal business operational purposes. Furthermore, the HH INC. App may access the metadata and other information stored on your personal devices.

How Does HH Use Healthcare Personal Information?

HH INC. collects Healthcare Personal Information to:

• Provide HH INC. Services to you and other users of HH INC. Services;
• Understand HH INC. Services’ users’ needs and preferences;
• Facilitate transactions between or among you, other HH INC. Services users, and HH INC. (for example, HH INC.’s Independent Healthcare Providers may use HH INC.’s Recipients’/Clients’ Personal Information to provide higher quality Healthcare Home Care Services);
• Establish and maintain responsible business and healthcare services relations with all of HH INC.’s users;
• Communicate with you as part of HH INC. Services, including to provide you with HH INC. Services or administrative messages to respond to any correspondence you may communicate to HH INC.;
• Permit HH INC.’s payment provider, currently “STRIPE”, to provide direct bank accounts payment transfer services. Stripe’s Privacy Policy is available here:http://www.stripe.com/ca/privacy

HH’s INTERNAL POLICIES 

HH INC.’s Internal Policies

• Enforce HH INC.’s “General Terms of Services is available here:https://www.JennaChou.com/TOS.pdf
• Enforce HH INC.’s “Non-Disclosure Agreement for HH INC.’s ISPs” is available here:https://www.JennaChou.com/ISPNDA.pdf

Adhere to National and Provincial privacy legal and regulatory requirements;

• Prevent, detect and mitigate illegal or fraudulent activities related to the use of HH INC.’s users’ Personal Information;
• Improve HH INC. Services; and
• For any other reasonable purposes in which you have provided your “express written consent” or in which your consent can be reasonably implied (in adherence to the relevant privacy laws, “implied consent” applies to situations in which you provide your Personal Information via the various social media platforms and services, which are considered as “Public Data”).
• In addition, HH INC. may use Personal Information, on an aggregated and “de-identified” basis, for research purposes in order to improve HH INC. Services. These aggregated and de-identified information/data do not have any actual knowledge of residual information that can identify any individual. This de-identification process follows closely with United State’s “HIPAA” (“Health Insurance Portability and Accountability Act”, 1996) laws, in which 18 “Identifiable Elements” of Personal Information are required to be removed before the data can be legally utilized, especially for research purposes. These 18 identifiable elements include:

1.    Names

2.    All geographic subdivisions smaller than a state

3.    All elements of dates (except year) for dates directly related to an individual

4.    Telephone numbers

5.    Facsimile numbers

6.    Electronic mail addresses

7.    Social security numbers

8.    Medical record numbers

9.    Health plan beneficiary numbers

10.                  Financial account numbers

11.                  Certificate/license numbers

12.                  Vehicle identifiers and serial numbers, including license plates

13.                  Device identifiers and serial numbers

14.                  Web URLs

15.                  IP addresses

16.                  Biometric identifiers, including fingerprints, voiceprints, and Face IDs

17.                  Full-face photographic images and any comparable images

18.                  Other unique identifying number, characteristic, or code, unless otherwise permitted by the Privacy Rule for “re-identification” of the Personal Information/data Once the Personal Information are de-identified in accordance with the legal requirements, the data are considered and treated as NPIs under HH INC.’s Privacy Policy.

Automatic Collection

HH INC. Services may automatically receive and store certain types of information about HH INC.’s users and their use of HH INC. Services using their various devices, including IP addresses, geo- locations, browser types, web pages viewed, time stamps (date and time), as well as how users interact with HH INC., as stated above in the previous sections of this Privacy Policy.

Three types of cookies may be used during your visit to the HH INC. website:

• “Session” cookies, which are not permanently stored on your hard drive and are permanently deleted from your computer after two hours of inactivity or when you end your session, are used solely to help you to navigate around the site;
• “Persistent” cookies, which remain on your computer for a period of time so that the website can recognize you when you return; and
• “Third-party” cookies used by our sponsors and advertisers to measure the effectiveness of their strategies.

CONSENT

you have the right to determine how your personal health information is used and disclosed. For most health care purposes, your consent is implied as a result of your consent to treatment, however, in all circumstances “express consent” must be in written format, digital signatures are acceptable. you may expressly give your consent in writing, verbally or through other electronic methods (such as emails). HH INC. respects your privacy and, unless otherwise required by law, HH INC. will not collect, use or disclose your Personal Information without your prior expressed and written consent. your consent may be expressed or implied. In certain circumstances, your consent may be implied by your actions. For example, providing HH INC. with your Personal Information to register for HH INC. Services is considered as “implied consent”, and HH INC. uses such information to provide HH INC.’s users with the associated and the most appropriate HH INC. Services.

Your express written consent will be forwarded to HH INC.’s “Privacy Office”, which will document/securely store the consent documents in HH INC.’s Recipients’/Clients’ Electronic Medical Records (EMR), then notifies the appropriate HH INC.’s Independent Healthcare Providers and HH INC.’s employees and supporting staffs to fulfill HH INC.’s Recipients’/Clients’ healthcare service requirements, given that the consent documents are signed and completed prior to providing HH INC. Services.

HH INC.’s Recipients/Clients who have withdrawn their consents to disclose their PHI must sign and date the “Withdrawal Consent Form”.  It is understood that the consent directive applies only to the PHI which HH INC.’s Recipients/Clients had already provided, and not to PHI which the patient might provide in the future: PHIPA permits certain collections, uses, and disclosures of the PHI, despite the consent directive; healthcare providers may override the consent directive in certain circumstances, such as emergencies or when the Recipient/Client of HH INC.’s “Capacities to Consent” comes into question. All written “Withdrawal Consent Form” will be forwarded to HH INC.’s “Privacy Office” will document and securely store all of these legal consent documents in HH INC.’s Business “Central Documents Repository” locations.

HH INC.’s “Withdrawal Consent Form” is located here: https://www.JennaChou.com/WithdrawalConsentForm.pdf

Where appropriate, HH INC. will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before its use. In obtaining consent, HH INC. will use all available and reasonable efforts to ensure that HH INC.’s users are appropriately advised of the identified purposes for which Personal Information collected will be used or disclosed by HH INC. in order to provide the best home care services to HH INC.’s Recipients/Clients.

The form of consent sought by HH INC. may vary, depending upon the circumstances and type of information disclosed. In determining the appropriate form of consent, HH INC. shall consider the sensitivity levels of the Healthcare Personal Information and adhere to the governments’ protocols regarding sensitive healthcare personal data. In accordance with the relevant Privacy Laws, the governments and other regulated legal entities base their data protection regulations on three classes of data:

• Highly Sensitive Data
• Confidential Data
• Public Data

The above regulations apply to the “Highly Sensitive” class, which is comprised of:

• PHI: Protected Health Information
• PII: Personally Identifiable Data
• HH INC. will seek “express consent” when the information is considered Highly Sensitive or Confidential. “Implied consent” will generally be appropriate where the information is less sensitive, such as Public Data that are shared on Social Media Sites. HH INC.’s users may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notices. In order to withdraw your consent, you must provide notice to HH INC. in writing by completing the “Withdrawal Consrnt Form”: https://www.JennaChou.com/WithdrawalConsentForm.pdf

Limiting Use, Disclosure And Retention

In the event your Personal Information is disclosed to a third-party pursuant to a business transaction, HH INC. will ensure that it has entered into an agreement under which the collection, use and disclosure of the information is related to those business purposes and applicable to the business transactions conducted.

Subject to the foregoing, only HH INC. and HH INC.’s Affiliates’ employees with a business need-to- know, or whose duties reasonably so require, are granted access to Personal Information about HH INC.’s users. All HH INC.’s employees are required as a condition of employment to sign HH INC.’s legal “Healthcare Personal Information Privacy and Security Disclosure Agreement” document and to consent to contractually respect the confidentialities of HH INC.’s users’ Personal Information. HH INC.’s “Healthcare Personal InformationPrivacy and Security Disclosure Agreement” document can be found here: https://www.JennaChou.com/EmployeeNDA.pdf

In addition, all of HH INC.’s “Independent Healthcare Services Providers” (“ISPs”) are required to sign HH INC.’s “ISP Non-Disclosure Agreement“. This non-disclosure agreement protects HH INC.’s Recipients’/Clients’ Personal Healthcare Information that HH INC.’s ISPs may be provided to in order to ensure the most appropriate healthcare services are provided. HH INC.’s “ISP Non-Disclosure Agreement “can be found here:

https://www.JennaChou.com/ISPNDA.pdf

HH INC. will retain Personal Information for only as long as required to fulfill the identified business purposes or as required by law. Personal Information data that are no longer required will be destroyed/archived, according to the guidelines and procedures established by the relevant National and Provincial Privacy Laws and HH INC.’s Privacy Policy. 

However, due to our on-going exposure to potential claims, some information is kept for a longer period. HH INC.’s adherence to the retention of Healthcare Personal Information applied to both paper-based records and digital/electronic documents.

HH INC. may disclose your Personal Information without your knowledge or consent if HH INC. receives an order, subpoena, warrant or other legal requirement issued by a court, tribunal, regulator, or other entities with jurisdiction to compel disclosure of your Personal Information.

If HH INC. receives a written request from a police officer or other law enforcement agency with authority to request access to your Personal Information in the course of an actual or potential criminal investigation into breach of laws, HH INC.’s policy is to provide the requested information to the legal authorities. Under these circumstances, the legal entities requesting the Personal Information shall be the ones responsible for informing the individuals the reasons for the requests.

Links To Other Online Services And Social Networks

Any links are provided for your convenience. HH INC. does not have any control over those third- party websites or services and HH INC. does not provide any guarantee that the privacy practices of these third-party providers meet HH INC.’s privacy standards. The use of any third-party websites or services is at your own risks and will be governed by the Privacy Policies of those third-party websites or services and not by HH INC.’s Privacy Policy or Practices. Do not disclose your Healthcare Personal Information via third-party websites or services without reading their Privacy Policies first, in order to understand how your healthcare Personal Information are being used and shared by these third-party entities.

HH INC.’s users may choose to log-in to or register for HH INC. Services through various social media platforms (e.g., Facebook, Google, Apple, etc.). When you do so, Personal Information from your social media service accounts may be shared with HH INC.. Information that you share on various social media platforms are considered as “Public Data”, in which HH INC. or any other third-party entities can freely access/use/distribute legally. HH INC. is not responsible for how these third-parties use and disclose your Personal Information. Therefore, it’s crucial to refer to those third-parties’ Privacy Policies to understand how they use and share your Personal Information. HH INC.’s users may create connections/links between HH INC. Services and the various social media sites. If you do so, HH INC. may be able to publish updates about HH INC. Services to your social media service accounts through the connections/links that you authorized between HH INC. and your various social media accounts. you may choose to terminate these connections/links at any time by configuring your social network accounts’ privacy and security settings.

Children And Minors

HH INC. Services are not intended for the use of children under the age of majority. HH INC. does not collect Personal Information about children under the age of majority. Please do not submit any Personal Information about minors. The general age of majority is age 16 for most of Canada’s Provinces, however, the age of majority differs across countries and Provinces/States. Since HH INC. is a digital healthcare tech company which operates its digital technological platforms internationally for users/visitors around the world, please adhere to the legal requirements for the age of majority in your own countries/locations.  Generally, minor can still have the right to consent, by adhering to the legislations in your geographic areas.  In situations where STDs are involved, minors can consent without parental authorities being present.

How Can I Access My Personal Information?

Upon request, HH INC. will provide you information regarding the existence, use and disclosure of your Personal Information and you will be given access to that information. HH INC. will respond to the applications for users’ access to their own Personal Information they provided HH INC.. Such data requests will be resolved within a reasonable time and at minimal or no cost to the individual (fees may be charged in accordance with the relevant laws). You may challenge the accuracy and completeness of the information and have it amended as appropriate.

In certain circumstances, HH INC. may not be able to provide access to all of your Personal Information that it holds. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation privileges. HH INC. will provide the reasons for denying access upon request by working with HH INC.’s legal teams.

Safeguards

HH INC. protects your Personal Information by security safeguards appropriate to the sensitivity of the information. HH INC. will protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.

HH INC.’s methods of protection include:

• Physical measures: such as filing cabinets which are kept locked when not in use and are access-restricted, both to HH INC.’s physical place of business and other physical locations where paper-based Personal Information documents are archived;
• Organization measures: such as security clearances and limited access on a need-to- know basis by HH INC.’s employees; and
• Technological measures: such as the use of passwords, firewalls, VPN, proxy servers, and the most advanced encryption

Inquiries Regarding Challenging Compliance

An individual will be able to make inquiries and/or address challenges concerning HH INC.’s privacy compliances with this Privacy Policy and other relevant Privacy Laws.

HH INC. will maintain procedures for addressing and responding to all inquiries and/or complaints from HH INC.’s users. HH INC. will investigate every and all complaints. All inquiries or complaints involving HH INC.’s handling of Personal Information or compliances with Privacy Laws shall be directed to: Privacy@HealthcareHeart.ca.

HH INC.’s “Privacy Office” will respond to all such inquiries or complaints within 14 business days of receipt. HH INC. will make reasonable efforts to resolve all such complaints within 30 days of receipt of the initial complaint. If HH INC. finds a complaint to be justified by HH INC.’s compliance to Privacy Laws, HH INC. will take appropriate measures, including resolving the complaints with the claimants first, and/or amending/updating HH INC.’s Privacy Policies and procedures.

However, if the complaints cannot be resolved, HH INC. will, if necessary, initiate the necessary legal actions with the appropriate jurisdiction information privacy legal authorities.

HH INC. has developed policies and procedures consistent with Canada’s “Personal hInformationProtection and Electronic Documents Act” (“PIPEDA”), and other relevant privacy laws, including “Canada’s Privacy Act”, “Healthcare Consent Act, 1996”, “Long-Term Care Homes Act, 2007”, “Personal Health Information Protection Act, 2004” (“PHIPA”), as well as adherence to United States’ “Health Insurance Portability and Accountability Act of 1996” (“HIPAA”) and “Health Information Technology for Economic and Clinical Health of 2009” (“HITECH”).

Applicable Courts Of Law 

The applicable legal courts for the purpose of filing formal complaints against HH INC.’s data privacy and security of HH INC.’s Users’ personal healthcare information adherences to the relevant Laws stated above. The applicable courts in Canada are:

Ontario (and individual Provinces) Superior Court of Justice, Canada Provincial Divisional Courts and Provincial Queen’s Bench Courts, Courts of Appeal, and other privacy and security legal regulator bodies that may be involved in the Data Breach Lawsuits.

Common Law Tort Of Invasion Of Privacy 

The defendant’s conduct must be intentional; The defendant must have invaded, without lawful justification, the plaintiff’s private affairs or concerns; and. A reasonable person would regard the invasion as highly offensive, causing distress, humiliation or anguish.

—————————————————————————————————————-

CONTACT INFO

1) HH INC.’s Privacy Office 

HH INC. Privacy & Governance Officer: Jenna Chou, PMP, PgM, MBA, MSc.

Private Business Cell: 1-416-571-3662

E-mails: Privacy@HealthcareHeart.ca

2) HH INC.’s General Business Contact Info 

E-mail: Contact@JennaChou.com

Address: HH INC. (Healthcare Heart Inc.) Incorporation

9471 Yonge, Unit 907, Richmond Hill, L4C 0Z5, Canada

Website: https://www.HealthcareHeart.ca/

Phone: 1-416-571-3662

3) Information And Privacy Commissioner Of Ontario 

If, after contacting us, you feel that your concerns have not been addressed to your satisfaction, you have the right to complain to the “Information and Privacy Commissioner of Ontario”. The Commissioner can be reached at:

Address: 2 Bloor Street East, Suite 1400, Toronto, Ontario, M4W 1A8

Phone: 1-800-387-0073

Fax: 1-416-325-9195

4) The Privacy Commissioner Of Canada 

If your concern involves a privacy issue that requires further escalation to higher privacy legal authorities, in order to find resolutions that result in outcomes satisfactory to the complainers. Any and all of HH INC.’s users may contact the office of the Privacy Commissioner of Canada by: Telephone: 1-800-282-1376

Quebec: 1-819 994-5444

Fax: 1-819 994-5424

Website: http://www.priv.gc.ca

IMPORTANT NOTICE

HH INC. reserves the right to modify and/or amend this Privacy Policy from time to time in its sole discretion without prior notice to HH INC.’s users. Any such amendment(s) will be posted on HH INC.’s various technological platforms (including the HH INC. App, HH INC.’s website, as well as all HH INC.’s various social media sites). The updated Privacy Policy will be effective as of the date of posting.