Innomar Strategies Inc. (“Innomar”, “we”, “our”, “us”) is a leading supplier of premier health service delivery in Canada. Our Core services include pharmaceutical distribution and wholesale, pharmaceutical technology products and services, specialty business services that are focused on various pharmaceutical and pharmacy supply specialties such as specialty programs, clinic & nursing services, specialty pharmacy, specialty distribution & 3PL, strategic consulting, market access and reimbursement.
Both for its own business purposes and as required as part of the services it provides to clients, Innomar collects, uses, discloses and maintains personal information about individuals, which may include patients and members of the public, health care providers, and staff of suppliers and service providers.
Purpose & Application of this Policy
Part A of this Policy applies to personal information that Innomar collects, uses, discloses and maintains for its own business purposes.
Part B of this Policy applies to personal information that Innomar is required to collect, use and disclose for the purpose of services it is providing to a client.
Part C of this Policy applies to all personal information collected, used, disclosed, and maintained by Innomar.
In this Policy,
“Personal Information” means information in any format about an identifiable individual that Innomar collects for its own business purposes.
“Client Personal Information” means information in any format about an identifiable individual that Innomar collects, uses and/or discloses as required for or as part of providing its services to a client.
Personal Information and Client Personal Information includes personal health information. Business contact information is not Personal Information or Client Personal Information. Business contact information includes any information that individuals make available for the purpose of communicating with them in relation to their employment, business or profession, such as the individual’s name, title or office, work address, work telephone number, work fax number or work email address.
Innomar may de-identify and aggregate Personal Information and/or Client Personal Information so that the information no longer is identifiable as information relating to an identifiable individual.
This Policy may be amended and/or supplemented from time to time by notices, other policies, guidelines and rules in response to changes in Innomar’s operations, the law, and/or decisions of governmental agencies and regulators. The date that this Policy was last amended will appear in the top right hand corner. Individuals who provide Innomar with their personal information, or the personal information of others (as permitted by law), will be understood to agree to Innomar’s collection, use, disclosure and/or maintenance of the information in accordance with this Policy as amended from time to time. Questions about the meaning or implications of any of the provisions of this Policy may be directed to Innomar’s privacy officer, as indicated in section C.3 below.
Part A: Personal Information
1. Purposes for Collection, Use and Disclosure
Most of the Personal Information collected by Innomar for its own business purposes is information related to contractors, and applicants for such positions, and Innomar’s directors and officers. Innomar uses such Personal Information for purposes related to assessing applications, commencing, maintaining and terminating employment and/or like relationships including for processing payroll and benefits, fulfill such other business purposes as reasonably determined by Innomar, and otherwise complying with the laws governing corporations.
Innomar may collect, use and disclose Personal Information in the course of receiving and responding to inquiries and requests, doing business with its suppliers and service providers, making insurance claims, conducting credit checks, evaluating or implementing corporate reorganizations and other types of business transactions, including for example, acquisitions and mergers, and complying with its legal obligations.
Where we do not collect Personal Information directly from the individual to whom it relates, we will keep a note of the source of the information. We generally process or store our records of personal information in Canada, the United States, or in another country by one of Innomar’s affiliates or service providers. Where this is the case, the information may be available to foreign governments and their agencies, including law enforcement agencies and courts under a lawful order made in the applicable country or territory. Upon request in writing to our privacy officer, an individual may request up to date information regarding the location where we are storing his or her Personal Information. Instructions on how to request access to or correct Personal Information are provided in section A.5 below.
Innomar retains Personal Information only for as long as is necessary for the purpose for which it was collected. When Personal Information is no longer required, it will be destroyed or de-identified.
2. Notice and Consent
Innomar gives notice and obtains consent, where it is required by law, in a number of forms depending on whose Personal Information it is collecting. If consent was required, individuals may vary or withdraw their consent to the use and disclosure of their Personal Information, subject to legal or contractual restrictions and reasonable notice, although doing so may prohibit certain communications or transactions with Innomar.
Innomar will not use or disclose Personal Information for purposes other than those for which it was collected, except with the consent of the team member or as required or permitted by law.
3. Notice of Unauthorized Collection, Use, and Disclosure
In the event that Personal Information is stolen, lost or accessed by unauthorized persons, Innomar will notify the individual to whom the information relates as required by law and, even where not legally compelled to give notice, where we have reasonable grounds to believe that there exists a real risk of significant harm to the individual to whom the information relates and there are steps that can be taken by the individual to mitigate that harm.
When you visit our website, we assign you a unique number, which is stored in one or more cookies on your computer or mobile device’s hard drive. When you visit our website we may collect, using electronic means, technical information. This information may include the IP address of your computer and mobile device, which browser you used to access the website, your operating system, resolution of screen, location, language settings in browsers, the website you came from and searched for keywords (if arriving from a search engine).
5. Access, Inquiries, and Correction
Except in the limited circumstances established by law, individuals may obtain access to their Personal Information. Individuals may also request us to correct their Personal Information where they believe it to be out of date or otherwise inaccurate. Requests for access or correction must be made in writing and should be addressed to our privacy officer. We may decide to share your Personal Information with you through a health care provider, where appropriate.
We will assist you if you inform us that you need assistance in preparing a request concerning Personal Information. Administrative charges may apply.
Individuals may obtain more information about how we manage Personal Information by contacting our privacy officer.
Part B: Client Personal Information
1. Ownership of Client Personal Information
As between Innomar and the client, the client owns and retains custody and control of Client Personal Information. Where Innomar is retained to provide services that require the collection, use and/or disclosure of Client Information, Innomar acquires no rights in or to, custody or control over the Client Personal Information, except the right to collect, use and disclose the information to the extent required to provide the services or as otherwise permitted by the client under its agreement with Innomar.
2. Purposes for Collection, Use and Disclosure
The purposes for which Innomar collects, uses and discloses Client Personal Information are a function of the nature of the services and Innomar’s agreement with the client.
Innomar will only collect, use, and disclose Client Personal Information to the extent required for its services or as otherwise permitted by the client.
3. Innomar Personnel
Innomar will be responsible for the acts and omissions of its employees and contractors in connection with Personal Information.
Innomar will assign personnel to client retainers involving access to Client Personal Information (“Personnel”) who have received training in the permitted collection, use and disclosure of Client Personal Information and have agreed to manage the information in a manner consistent with Innomar’s privacy obligations to its clients.
Innomar will take reasonable steps to ensure compliance of Personnel with applicable privacy requirements, including through the use of written agreements, investigation of reports of suspected or actual non-compliance, suspension or termination, and reports to the applicable health regulatory body where appropriate. Innomar will take reasonable steps to terminate Personnel access to Client Personal Information at the conclusion of a project or Personnel’s involvement in a project and on termination of Personnel’s employment or affiliation with Innomar.
Access to an Innomar electronic information system will be by way of a unique set of credentials to facilitate audit of access by Personnel.
Clients may report any concerns regarding Personnel in connection with Client Personal Information to our privacy officer.
4. Segregation, Return and Destruction of Client Personal Information
Innomar will maintain Client Personal Information in such manner that it can be identified as the information of a particular client and returned to the client or destroyed at the client’s direction.
At a client’s direction, Innomar will return or destroy the client’s Client Personal Information, except as otherwise agreed to with the client or as required by law.
5. Reporting and Assistance
Innomar will report any unauthorized collection, use and/or disclosure of Client Personal Information to the client at the first reasonable opportunity.
Innomar will provide reasonable assistance to a client in relation to any investigation, inquiry, or complaint initiated or responded to by the client in connection with Innomar’s management of Client Personal Information.
Part C: General
1. Service Providers
Innomar may use external service providers (“Service Providers”) for services that require the use of Personal Information and/or Client Personal Information. We use Service Providers to support our business (e.g., internet service providers, hosting companies, data processing and storage, fulfillment services, technical support, delivery services, and financial institutions).
Innomar imposes privacy requirements on its Service Providers through agreements. The requirements limit the Service Provider’s access, use and disclosure of Personal Information/Client Personal Information to that required for it to provide its services. Innomar requires the Service Provider to protect the information to the same degree that Innomar would were it providing the services directly.
Some of Innomar’s service providers may operate outside of Canada, and we may therefore transfer and store your Personal Information/Client Personal Information outside of Canada in connection with its use by Service Providers. Where this is the case, the information may be available to foreign governments and their agencies, including their law enforcement agencies and courts under a lawful order made in the applicable country or territory. Other countries may have laws that are different from Canada.
Innomar uses commercially reasonable physical, technological and administrative safeguards to safeguard Personal Information and Client Personal Information against theft, loss and unauthorized access, use (including copying and modification), disclosure and disposal while at rest and in transit.
The nature of the safeguards we use varies depending on the sensitivity, format, and the scope of the required distribution of the information, however they include:
a. by way of physical measures, safe storage of records, locked filing cabinets, and restricted access to offices;
b. by way of administrative/organizational measures, limiting access of Personnel on a "need- to-know" basis; and
c. by way of technological measures, the use of passwords for access to our electronic records systems, encryption and audits.
Personal Information and Client Personal Information held by Innomar is stored in one of two formats:
a. electronic databases or spreadsheets with restricted access located on servers and password protected; and/or
b. hard copy (paper) records that are kept in locked filing cabinets.
3. Linked Websites
4. Contact Information for Privacy Officer
The privacy officer, who is the Chief Canadian Counsel, may be contacted at:
3470 Superior Court, Oakville, Ontario, Canada L6L 0C4
Toll free: 1-888-420-5457