Privacy Policy

FYL.CARE complies with:

• Bill 25 (Quebec) - An Act to modernize legislative provisions respecting personal information protection

• PIPEDA - Personal Information Protection and Electronic Documents Act (Canada)

• Quebec Professional Code regarding confidentiality

• Standards of the Order of Psychologists of Quebec and other relevant professional orders

Professional account information:

• First name, last name, professional member number

• Professional email address

• Professional phone number

• Billing information (if applicable)

Client file data (under your control):

• Information YOU choose to record in files

• Clinical notes and reports YOU create

• Documents YOU upload

Usage data:

• Login logs for security

• Anonymized usage data to improve service

Your data is used ONLY to:

• Provide FYL.CARE platform services

• Ensure security of your account and data

• Contact you for technical support

• Comply with our legal obligations

We NEVER sell your data to third parties.

We NEVER share your data with third parties for marketing purposes.

We NEVER use your data for targeted advertising.

Hosting:

• Servers located in Canada (Bill 25 compliance)

• AWS Canada infrastructure (Montreal and Toronto)

• Data NEVER transferred outside Canada

Technical security:

• SSL/TLS encryption for all communications

• Encryption at rest (AES-256) for all sensitive data

• Secure authentication with encrypted passwords

• Daily encrypted automatic backups

• 24/7 security monitoring

• Regular penetration testing

Data access:

• Access restricted to minimum necessary employees

• Logging of all administrative access

• Multi-factor authentication for administrators

Under Bill 25, you have the following rights:

Right of access:

• View all data we hold about you

• Obtain a copy of your data in structured format

Right to rectification:

• Correct any inaccurate or incomplete data

• Update your information at any time

Right to erasure:

• Request deletion of your account and all your data

• Effective deletion within 30 days of request

Right to portability:

• Export all your data in standard format (JSON, CSV, PDF)

• Transfer your data to another service

Right to object:

• Refuse processing of certain data

• Withdraw your consent at any time

To exercise these rights, contact us at: privacy@fyl.care

Account data:

• Retained while your account is active

• Deleted 30 days after account closure (unless legally required)

Client files:

• Retained according to YOUR professional needs

• YOU control retention period

• Compliant with your professional order requirements

Billing data:

• Retained 7 years (Canadian tax requirements)

Security logs:

• Retained 12 months for security and compliance

In case of data breach (Bill 25 compliance):

• Notification to affected users within 72 hours

• Report to Quebec's Commission d'accès à l'information (CAI)

• Immediate corrective measures

• Transparent communication about measures taken

Security track record:

• No security incidents since our launch

• Regular security testing by third-party experts

We ONLY share data with:

Essential providers:

• AWS Canada (hosting) - Signed DPA, SOC 2 certified

• Transactional email service (notifications) - minimal data

NEVER shared with:

• Advertising agencies

• Data brokers

• Social networks

• Invasive third-party analytics services

All our subcontractors:

• Sign strict confidentiality agreements

• Comply with Canadian laws

• Subject to regular audits

Essential cookies only:

• Session authentication (necessary for operation)

• Language preferences

NO cookies for:

• Advertising tracking

• Third-party analytics (Google Analytics, Facebook Pixel, etc.)

• Behavioral profiling

You maintain full control:

• Modifiable cookie settings

• Ability to refuse non-essential cookies

Important: As a healthcare professional:

YOU are responsible for:

• Compliance with your professional order

• Respect for professional secrecy

• Obtaining consent from your clients

• Appropriate file retention according to your profession

FYL.CARE provides you with:

• Technical tools compliant with standards

• Data security and encryption

• Ability to export your data at any time

• Support for your compliance obligations

• Any changes will be notified by email 30 days in advance

• Archived version available on request

• You can close your account if you don't accept the changes

Data Protection Officer:

FYL.CARE

Email: privacy@fyl.care

Support: support@fyl.care

Quebec Commission d'accès à l'information (CAI):

If you are not satisfied with our response, you can file a complaint with the CAI:

• Website: www.cai.gouv.qc.ca

• Phone: 1 888 528-7741

• Address: 525, boulevard René-Lévesque Est, bureau 1.200, Québec (Québec) G1R 5S9