Privacy Policy

(Updated August 5, 2021)

My Viva Plan and Your Privacy

My Viva Plan (“MVP”) is a digital lifestyle program designed to help you take control of your health. My Viva Inc. is an industry leader in up-to-date, evidence-based mental health, nutrition, and physical fitness coaching. Through this coaching, we help motivate and empower you in achieving your health goals. Whether you need support losing weight, live with pre-diabetes, diabetes, high blood pressure, high cholesterol, anxiety, depression, allergies or intestinal issues we are here to assist you. We support and guide you through your health journey and will be there every step of the way.

The program provides you with health and fitness tools to help you visualize how your actions and behaviors impact your personal and professional journey. Participating in the program starts by completing your online customer profile at MVP.

In order for you to participate in the program and for MVP to support the program services, we need to collect and use certain information about you – your Personal Information. MVP is committed to protecting your privacy and the confidentiality and security of your Personal Information.

This Privacy Policy explains:

how and why we collect, use, and sometimes disclose your Personal Information;
how you can access your Personal Information that we hold; and
who to contact if you have questions or concerns about your privacy.

It applies only to your Personal Information collected through the MVP online tool or through our mobile application.

Definitions:
As used in this Privacy Policy, the capitalized words below have the following meanings:
Applicable Privacy Laws means any and all applicable laws relating to privacy and the collection, use and disclosure of Personal Information in all applicable jurisdictions, that are in existence as of the last update of this Privacy Policy or subsequently come into existence, as they may be amended, re-enacted, consolidated and/or replaced, from time to time, and any successor to the foregoing

Personal Information means information about an identifiable individual, including, but not limited to, your name, birthdate, physical or mental health, health history, diagnostic, treatment and care information. It does not include the name, title or business address or telephone number of an employee of an organization.

Aggregate Information means data that has been compiled from record-level data to a level of aggregation that ensures that the identity of the individuals to which the data relates cannot be determined by reasonably foreseeable methods.

What type of information does MVP collect?

Personal Information You Provide

MVP collects your Personal Information that is necessary to support the delivery of our programs to you. When you register for the program, you must complete your online customer profile by providing us with your contact information: your full name, email address, telephone number, unique username and password, city, province, and country of residence. We only collect Personal Information that we need to develop a specialized program for you as described below. This information includes your age, sex at birth, gender, height, weight, waist circumference, lifestyle habits, as well as your short and long-term goals. Should you choose to supply it, this information will also include your current and historical medical information, such as past diagnosis or current medications, blood pressure, blood sugar levels, and cholesterol.

Information Obtained by Connected Devices

If you choose to connect MVP with third-party health and fitness devices, Personal Information from these devices will be shared with MVP. This information will include heartrate, blood pressure, blood sugar levels, and other vitals as collected depending on the device and your settings. (Not live yet)

Information Obtained Automatically – Cookies

“Cookies” are an example of “digital markers”: a small file placed on your computer by a website that you visit. They are stored there so that the web server can remember certain pieces of information about you and make your visit easier – you do not have to re-enter the same information every time. This information is used by the web server during the same or another visit to the website. A cookie captures the Internet Protocol (“IP”) address of the device you use to access our website. The IP address on its own may not identify you but can do so when combined about other data automatically collected when you visit our web page, such as the name of the page you visited and the date and time of your visit. MVP collects your IP address which will be used should we require it to investigate any unusual access by our users.

You can set your Internet browser to send you an alert before a cookie is placed on your device. You may adjust your browser settings to reject digital markers, including cookies. Disabling cookies when you visit our website will have no discernible impact on your browsing experience for MVP. However, you will need to turn them on should you select “remember me” for automatic sign in. Please consult your browser’s Help Menu for instructions.

Two-factor authentication

In addition, MVP uses two-factor authentication (2FA) which is a security process whereby you provide two different authentication factors- (security questions or a code sent to your email address) to verify yourself. Two-factor authentication adds an additional layer of security to the authentication process by making it harder for attackers to gain access to a person’s devices or online accounts.

How Does MVP Use My Personal Information?

Your Personal Information will only be used by authorized MVP staff and coaches for the purpose for which it was originally collected as set out below, or if you provide us with your consent to use it for another purpose.

The purpose of the Personal Information you provide regarding your health history, current health issues, eating and exercise habits is to develop individual plans to assist you with weight management, pre-diabetes, diabetes, high blood pressure, high cholesterol, fitness nutrition, prenatal and postnatal care, anxiety, depression, dietary restrictions, allergies and intestinal health.

My Viva uses device information, including IP addresses, for security purposes. Device information is logged when your account is accessed. If we suspect your account has been compromised, we will use your contact information to notify you. My Viva may also use your contact information to inform you of other security or maintenance issues. These include anticipated downtime, potential changes to your account level, or future changes to our corporate status.

On occasion, My Viva works with researchers for studies to improve healthcare quality. My Viva always asks for consent prior to your participation or use of your information in such studies

Use of Aggregate Information

If you have joined My Viva on a corporate plan, we will assist your corporate entity to promote the long-term health of its employees by providing it with

Aggregate Information related to the number of employees using the service, stress assessments, categories for blood pressure results, and percentages of employees completing their daily reflections.

My Viva also uses Aggregate Information to improve its website and online products. Using cookies, My Viva compiles reports of Aggregate Information of site visitors. This information is used to improve our services, website layout and product design.

How Does MVP Share My Personal Information?

MVP does not sell, share or disclose your Personal Information to others for any type of mailing list. In addition to these measures, we will not disclose or transfer your Personal Information to third parties without your permission, except as specified in this Privacy Policy.

MVP may disclose your Personal Information

for the purpose of the program for which it was collected (see “How does MVP Use my Personal Information” for more details);
to meet or comply with any applicable laws, regulation, legal process, audit or enforceable request from a government agency or regulatory body;
in specific circumstances, with your prior consent;
in connection with a bankruptcy proceeding or the sale, merger or change of control of MVP; and
if MVP is acquired or merged with another company, we may transfer information about you to the extent the Personal Information is necessary to carry on the business or activity that was the object of the transaction. In this instance, we will give notice to affected individuals before their Personal Information is transferred or MVP becomes subject to a different privacy policy.

From time-to-time MVP may retain other companies and contractors to provide services on our behalf (“Service Providers”). These Service Providers may have limited access to Personal Information in order to provide

their services. MVP uses contractual means to require these Service Providers to maintain the confidentiality and security of the information to the same degree as does MVP. Contracts prohibit them from using or disclosing the information about our members for any other purpose other than to provide the services.

We store your Personal Information in Canada. However, some of MVP’s Service Providers (as described above) may operate outside of Canada. These Service Providers are contractually required to meet MVP’s privacy standards. By using MVP, you consent to the access of your Personal Information from outside Canada.

You understand that if your information is accessed from, or stored in a foreign country, it may be subject to foreign laws and accessible to law enforcement and national security authorities with that jurisdiction.

Except as set forth in this Privacy Policy and any updates and/or changes thereto, we will not collect, use or disclose your Personal Information for any other purposes without your consent.

What Safeguards are in Place to Protect my Personal Information?

MVP has implemented reasonable security safeguards to protect your Personal Information against such risks as unauthorized access, collection, use, disclosure or disposal. Security measures have been integrated into the design and day-to-day operating practices as part of MVP’s commitment to the protection of the Personal Information it holds.

MVP uses technical, administrative (organizational) and physical safeguards to protect your Personal Information:

Technical Safeguards include but are not limited to:

Firewalls
Secure servers
Use of Encryption when data is in transit and at rest
Strong password standards
Limited user access based on need-to-know principles
Maintaining logs of access to your Personal Information and auditing these logs to confirm only authorized users have accessed information.

Administrative (Organizational) Safeguards

We have put in place privacy and security policies and procedures, as well as entered into confidentiality agreements with our staff/coaches to ensure a proper level of protection of your Personal Information.
Our staff/coaches are trained on our policies and procedures so that they understand their privacy and security responsibilities.
My Viva enters into contracts with all third-party suppliers that need access to your Personal Information to provide their services, which contracts require that they will enact their own safeguards and only use Personal Information for the purpose of providing services.

Physical Safeguards include but are not limited to:

Use of Microsoft Azure secure cloud. Microsoft Azure is certified as compliant with ISO Standard 27018 Code of Practice for personal identifiable information (PII) protection in public clouds acting as PII processors. In addition to the independent certification process under ISO27018, the Standard also includes the right to audit Microsoft for compliance.
Secure Office Buildings
Secure and limited physical file storage

Accuracy and Correction of my Personal Information

As a My Viva Plan member you are entitled to access all of your Personal Information (as described above) that we have in our custody and control. You may access your Personal Information via your secure online account. If you would like to request our staff to access your information for this purpose, please contact us per our contact information below and provide us with your username. Once we verify your identity and confirm the request, we will generate a copy of your information for you.

Once we receive your request, we may contact you further for more information. We will respond to all requests for information within 7 days or sooner if possible. Prior to information release, My Viva reserves the right to verify the identity of the requestor and refuse access requests on grounds of suspicious activity.

You may correct and update your Personal Information at any time by accessing your account through the website or our mobile applications.

We rely on you to ensure that the Personal Information you provide to us is accurate and up to date. It is very important that you maintain the accuracy and currency of your information so that we can tailor your program to your ongoing and/or changing needs.

How May I Close my Account?

If you have a personal account, you may close your account at any time by accessing your account and payment history and selecting the “cancel” option. Your account will be cancelled immediately, but you will have access to it until the end of the current billing cycle. If your MVP account is provided to you and paid for by a third party such as your employer or your insurance company, please contact that third party directly in order to close your account.

When you cancel your membership and close your account, My Viva Inc. retains your Personal Information only so long as required by law or regulations. In the event My Viva is required to hold any Personal Information, your contact information will be retained in the event you need to be contacted over the mandatory retention.

If My Viva is not required to retain your Personal Information by law, the information will be destroyed by secure means.

How Will I Know if MVP Makes Changes to This Privacy Policy?

MVP may update and/or make changes to this Privacy Policy at any time. When we make changes, the “last updated” date at the top of the Policy will be revised. Every time that a change to this Policy is made, users will be notified.

Privacy Policy updates will be reflected on this page so that visitors to the site and users of the Service are always aware of what information we collect, how we use it, and under what circumstances we disclose it. When you access MVP, you should check to ensure that you are familiar with the latest version of this Privacy Policy.

By registering to use our services (whether through the MVP website, or our mobile applications), you consent to the collection, use and disclosure of your Personal Information as described in this Privacy Policy. Your continued use of MVP after having been notified of any updates and/or changes to the Privacy Policy constitutes your agreement and continued consent.

Compliance with Applicable Privacy Laws

MVP complies with the Applicable Privacy Laws of the relevant jurisdiction in which MVP operates at any given time (the “Applicable Laws”). MVP regularly reviews the Applicable Privacy Laws to reflect any changes in its policies and practices.

You-AR-Ok (YARO)

My Viva Inc. also manages and is responsible for the You-AR-Ok (YARO) Avatar application.

YARO collects anonymous information – information that does not reveal your identity or that of any other person – from you to access and use the Avatar application through the iPhone Operating System (iOS) or Google Play Store. No Personal Information is requested or required in order to use this application.

What type of information does YARO collect?

YARO collects your anonymous information that is necessary to engage with the Avatar in support of your mental and physical wellness. The information is collected and stored in an anonymous account and uploaded to the MVP database. Only authorized MVP clinicians and IT Staff have access to the anonymous data.

How Do I Contact MVP to Answer My Questions About this Privacy Policy or Make a Privacy- Related Complaint?

MVP has appointed a knowledgeable individual within its organization to be responsible for privacy compliance. It is the Privacy Officer’s responsibility to monitor and enforce this Policy.

If you have any questions about this Privacy Policy, or wish to make a complaint about how MVP manages your Personal Information, please contact our Privacy Officer at:

3728-91 Street NW
Edmonton, Alberta T6E 5M3
Telephone: 780-450-2027
Email: privacy@myvivaplan.com

If, having shared your concerns with us, you are still not satisfied, you may file a complaint with the privacy regulator:

Office of the Information and Privacy Commissioner

#410, 9925 – 109 Street NW
Edmonton, AB T5K 2J8
Phone: 780-422-6860
Toll-Free: 1-888-878-4044
Email: generalinfo@oipc.ab.ca

Privacy Policy

Privacy Policy

My Viva Plan automates the creation and delivery of personalized care plans with your unique insight as a health coach or allied health professional to their challenges & lifestyle habits at home and on the go.

Get On The List!