Privacy Policy

Updated: December 4th, 2025
bt_bb_section_bottom_section_coverage_image

Last updated: December 4, 2025

Branches of Life Therapy (“we”, “us”, “our”) is committed to protecting the privacy, confidentiality,
and security of your personal health information in accordance with Ontario and Canadian privacy laws.

This Privacy Policy explains how we collect, use, disclose, and protect your information when you receive
services from Branches of Life Therapy or interact with us (in person, by phone, by email, or online).

Important: This policy is for general informational purposes only and does not replace legal advice.
For specific legal questions, please consult a lawyer.

1. Applicable Privacy Laws

As a psychotherapy / counselling practice operating in Ontario, Branches of Life Therapy is subject to:

  • Personal Health Information Protection Act, 2004 (PHIPA) – Ontario’s health privacy law governing
    the collection, use, disclosure, retention, and protection of personal health information (PHI) by
    “health information custodians.”
  • Personal Information Protection and Electronic Documents Act (PIPEDA) – Canada’s federal
    private-sector privacy law, which may apply to personal information that is not personal health
    information or when information is shared across provincial or national borders in the course of
    commercial activities.
  • Canada’s Anti-Spam Legislation (CASL) – which governs how we send commercial electronic messages
    (such as marketing emails) and requires consent, identification of the sender, and an unsubscribe mechanism.

Where there is any conflict between this policy and applicable privacy law, the law will prevail.

2. Who We Are Under PHIPA

In most cases, Branches of Life Therapy (and any regulated health professionals working here) will act as a
Health Information Custodian (HIC) under PHIPA. As a HIC, we are responsible for ensuring that your
personal health information is collected, used, disclosed, stored, and disposed of in a way that protects
your privacy and confidentiality.

If therapists or staff work “for or on behalf of” another custodian (for example, if space or records are shared
with another practice), they may also act as an agent of that custodian. Agents are required to follow
the HIC’s privacy policies and PHIPA.

3. What Information We Collect

We may collect two main categories of information:

a) Personal Health Information (PHI)

“Personal health information” under PHIPA includes identifying information about you in oral or recorded form that
relates to your physical or mental health, your health history, or the provision of health care to you.

This may include:

  • Your name, date of birth, and contact information
  • Health history, presenting concerns, and therapy notes
  • Referrals and reports from other health providers
  • Information about sessions (dates, attendance, modalities used)
  • Billing information related to health services (e.g., insurer, policy number)

b) Other Personal Information

We may also collect non-health personal information, such as:

  • Contact details for appointment reminders
  • Payment and invoicing information
  • Technical or usage information when you visit our website (e.g., IP address, browser type, pages visited – where applicable)

In some circumstances, this non-health information may fall under PIPEDA if it is collected, used, or disclosed as
part of a commercial activity not covered by PHIPA (for example, processing payments unrelated to care).

4. How and Why We Collect Your Information

We collect information directly from you whenever possible, including:

  • During intake and assessment
  • Throughout therapy sessions
  • Through emails, phone calls, or secure messaging
  • Via our website or online forms (if applicable)

We may also receive information from:

  • Your family physician, psychiatrist, or other health providers (with your consent, unless an exception applies)
  • Your insurer or third-party payer (e.g., extended health benefits)
  • Other third parties as permitted or required by law

We collect your information to:

  • Provide safe and effective assessment and treatment
  • Maintain accurate clinical records
  • Communicate with you about appointments, cancellations, or changes in service
  • Coordinate care with other health professionals (with your consent, unless permitted otherwise by law)
  • Process payments and manage billing
  • Maintain quality assurance, training, and practice management
  • Meet legal, regulatory, and professional obligations (e.g., record retention, responding to College or court requests)

5. Consent

Under PHIPA, we generally require your knowledge and consent to collect, use, and disclose your
personal health information, except in specific circumstances authorized or required by law.

Consent may be:

  • Express – spoken or written (e.g., signed consent forms, clear verbal consent)
  • Implied – where it is reasonable to believe you understand and agree to the collection, use, or
    disclosure for purposes related to your care (e.g., continuing to participate in therapy, accepting services
    after being given this policy)

You may withdraw or modify your consent at any time, subject to legal and contractual restrictions
and reasonable notice. Withdrawing consent may affect our ability to provide services.

6. How We Use and Disclose Your Information

We will only use or disclose your personal health information:

  • For purposes related to your assessment and treatment
  • For administration and management of the practice (scheduling, billing, accounting)
  • To communicate with you (e.g., appointment reminders, follow-up)
  • To contact or collaborate with other health professionals involved in your care (with your consent,
    unless permitted otherwise by law)
  • When required for regulatory and legal purposes (e.g., responding to a College investigation, court
    order, or mandatory reporting)
  • For risk management, quality improvement, and training, in a manner that limits identification whenever possible

We apply the “limited collection and use” principle – we collect, use, and disclose only as much
information as is reasonably necessary for the purposes identified.

Disclosures Without Consent (Examples)

PHIPA allows or requires certain disclosures without your consent, such as when:

  • Required by law (e.g., reporting child protection concerns, serious risk of harm to self or others, or as ordered by a court)
  • Needed to respond to an urgent or emergency situation
  • Required by a regulatory body (e.g., a College) in the course of an investigation
  • Required for specific public health, legal, or law-enforcement purposes as set out in PHIPA

Whenever feasible and lawful, we will discuss these situations with you.

7. Safeguards and Security

We take reasonable administrative, technical, and physical safeguards to protect your personal
health information against loss, theft, unauthorized access, copying, modification, disclosure, or disposal.

Measures may include:

  • Locked filing cabinets and controlled access to physical records
  • Password-protected devices and encrypted electronic records, where applicable
  • Secure practice management or electronic health record software (if used)
  • Policies limiting access to information to those who need it to perform their duties
  • Confidentiality agreements with staff, trainees, and service providers
  • Secure destruction methods for paper and electronic records when retention periods expire

Despite our best efforts, no system is entirely risk-free. We will notify you, and any applicable authority,
of any privacy breach as required by PHIPA.

8. Retention and Destruction of Records

We retain your records for the period required by law and professional standards. Typically, personal health
information is kept for:

  • A minimum of 10 years from the date of the last entry in the record, or
  • For minors, 10 years after the day the client turns 18,

unless a longer retention period is required for legal reasons.

After the required retention period, records are securely destroyed (e.g., shredding of paper files,
secure deletion of electronic data).

9. Your Rights Under PHIPA

Under PHIPA, you have several rights regarding your personal health information, including the right to:

  • Be informed about our privacy practices (via this policy and other materials)
  • Access your record of personal health information, subject to limited exceptions
  • Request corrections to your record if you believe it is inaccurate or incomplete
  • Withdraw or modify your consent for collection, use, or disclosure (subject to legal limits)
  • Request restrictions on who can see your information, where feasible
  • Be informed of a privacy breach that affects you, where required by law
  • File a complaint with us and/or with the Information and Privacy Commissioner of Ontario (IPC)

How to Access or Correct Your Record

To request access to or correction of your record:

  1. Submit a written request to our Privacy Contact (see Section 15).
  2. We will respond within the time limits set out in PHIPA, usually no later than 30 days.
  3. We may charge a reasonable fee for copying or preparing records, as permitted by law.

If we cannot grant access or make corrections (for example, where doing so would cause serious harm or
reveal another person’s confidential information), we will explain why and inform you of your options.

10. Email, Text, Telehealth, and Electronic Communications

We may offer services or communication using electronic means, such as:

  • Email communication
  • Text message reminders
  • Telehealth / video sessions
  • Online forms or portals

While we take reasonable steps to protect these communications, electronic transmission always carries some risk
(e.g., interception, misdirection, unauthorized access).

By choosing to communicate with us electronically or to participate in telehealth services, you acknowledge and
accept these risks. You may opt out of certain electronic communications (like text reminders) at any time.

11. Marketing, Newsletters, and CASL

If we send newsletters, updates, or promotional content by email or other electronic means, we comply with
Canada’s Anti-Spam Legislation (CASL). This means we will:

  • Obtain your express or implied consent before sending commercial electronic messages (CEMs)
  • Clearly identify ourselves as the sender
  • Include a simple and effective unsubscribe mechanism in each message

You can withdraw your consent to receive marketing or promotional communications at any time by using the
unsubscribe link in our emails or by contacting us directly. This will not affect your ability to receive
necessary clinical or administrative messages related to your care.

12. Third-Party Service Providers

We may use third-party service providers to support our practice (e.g., practice management software,
secure email, cloud storage, payment processors).

These providers may have access to personal information only to the extent necessary to provide their services and
are required to protect that information in a manner consistent with PHIPA and, where applicable, PIPEDA.

We do not sell or lease your personal information.

13. Our Website and Cookies (If Applicable)

If you visit the Branches of Life Therapy website:

  • We may collect basic usage data (e.g., IP address, device type, pages visited) to improve the site and ensure security.
  • We may use cookies or similar technologies to enhance user experience or analyze traffic.

Any analytics or third-party tools we use will be chosen with privacy in mind, and we will avoid collecting
more data than reasonably necessary. You can often manage cookies through your browser settings.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

  • Applicable laws and regulations
  • Professional standards
  • Our services, technology, or administrative practices

The “Last updated” date at the top of this policy indicates when it was most recently revised.
The current version will always be available upon request and, where applicable, on our website.

15. Questions, Concerns, or Complaints

If you have any questions about this Privacy Policy or our privacy practices, or if you wish to make a request
or complaint, please contact:

Privacy Contact – Branches of Life Therapy
Noelle Allison
[email protected]

We will do our best to resolve any concerns directly.

If you are not satisfied with our response, you have the right to contact:

Information and Privacy Commissioner of Ontario (IPC)
Website: https://www.ipc.on.ca

B.O.L.T.

Build resilience
Overcome with strength
Learn new paths
Thrive and grow

https://branchesoflifetherapy.ca/wp-content/uploads/2022/01/line_05.png
LINKS
CONTACT

T: (289) 438-8338

[email protected]

HOURS

Mon – Sun
Please inquire about
specific session times

©2025 Branches Of Life Therapy

Terms of use

Legal

Privacy Policy

©2025-2026 Branches Of Life Therapy

Terms of use

Cookie policy