PRIVACY POLICY FOR WAVES COLLECTIVE COUNSELLING + COACHING

Updated: November 19, 2024 

1. General  

Waves Collective Counselling + Coaching (“Waves Collective,” “we,” “us,” or “our”) is dedicated to protecting the privacy and confidentiality of all individuals who use our services (“you” or “your”).  

Our use of the personal information we collect from our clients is subject to the British Columbia Personal Information Protection Act (“PIPA”) and/or the federal Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”). PIPA and PIPEDA (as applicable) set out the ground rules for how British Columbia businesses and not-for-profit organizations may collect, use and disclose personal information. 

In accordance with PIPA and PIPEDA (as applicable), we will inform our clients of why and how we collect, use and disclose their personal information, obtain their consent where required, and only handle their personal information in a manner that a reasonable person would consider appropriate in the circumstances. 
This Privacy Policy, in compliance with PIPA and PIPEDA (as applicable), outlines the principles and practices we will follow in protecting the personal information of our clients. Our privacy commitment includes ensuring the accuracy, confidentiality, and security of that personal information and allowing our clients to request access to, and correction of, their personal information. 

2. Scope and Application 

This Privacy Policy applies to Waves Collective in connection with counselling, coaching, and related services and to any service providers collecting, using or disclosing personal information on behalf of Waves Collective. This Privacy Policy does not apply to any service providers or other parties that you choose to link to your account or otherwise provide access to any account or personal profile you establish with Waves Collective. In those instances, the privacy policies of such service providers and other parties may apply. 

3. Definitions 

Personal information – means information about an identifiable individual, which may include such information as name, age, gender, home address, phone number, e-mail address, social insurance number, username, password and credit card information. Personal information does not include business contact information (described below). 

Business contact information – means information that would enable an individual to be contacted at a place of business and includes name, position name or title, business telephone number, business address, business email or business fax number. Contact information is not covered by this policy or by PIPA or PIPEDA (as applicable). 

Privacy Officer – means the individual designated responsibility for ensuring that the Company complies with this policy and with PIPA and PIPEDA (as applicable). 

4. Collecting personal information
 
Unless the purposes for collecting personal information are obvious and the client voluntarily provides his or her personal information for those purposes, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection.  

To provide effective counselling and coaching services, we may collect the following types of personal information: 

• Personal Identifiers: Your name, contact information (address, phone number, email), and date of birth. 

• Health and Medical Information: Mental health history, medical records, details of any prior treatment, and information relevant to your counselling or coaching sessions. 

• Session Records and Progress Notes: Documentation of sessions, including personal goals, progress, and any information that may impact your treatment or coaching. 

• Payment Information: Information necessary for billing and payment processing, such as credit card or bank account details, if applicable. 

5. Purpose of Collecting and Using Personal Information 

We are committed to limiting the collection of personal information to only what is necessary to fulfill these purposes. 

We collect and use personal information to provide high-quality, personalized counselling and coaching services, including: 

• To verify identity; 

• To assess your needs and goals for counselling or coaching; 

• To open and manage a user account and or personal profile (where applicable); • To track progress and develop treatment or coaching plans; 

• To maintain accurate records for follow-up and continuity of care; 

• To manage billing, receipts, and financial records for services; 

• To ensure a high standard of service to our clients; 

• To ensure compliance with professional standards and legal requirements under PIPA and other relevant regulations. 

We use cookies to gather information on website use, provide more personalized service and targeted advertising. Our website uses third party marketing products for analysis, marketing and personalization. You can withdraw your consent to our use of these cookies at any time by accessing the settings on your browser and clearing data about cookies.  

We do not knowingly collect personal information directly from children under the age of 13 without parental consent. Our website is not specifically targeted to our intended for use by children. 

6. Obtaining Consent 

We will get your consent to collect, use or disclose your personal information, except where we are legally authorized or required by law to do so without consent.  

We will obtain your consent by notifying you of the purposes for collecting your personal information, including by listing the purposes in this policy. Your consent may be oral, in writing or electronic, and may be implied by your use of features of our website which result in providing personal information to us.  

By engaging in our services or providing information for an obvious purpose, you consent to our handling of your information as outlined in this policy.  

Consent will not be required beyond what is necessary to provide you services. Please be aware that if you do not consent to (or withdraw your consent for) we may not be able to provide certain services. You may withdraw your consent at any time by providing us reasonable notice unless we require that personal information to complete our legal obligations to you under a contract for service. 

7. Disclosure of Personal Information 

We prioritize the confidentiality of client information. We will not collect, use or disclose personal information except for the purposes identified unless you have provided us with consent for those additional purposes or where authorized or required by law. 

Personal information will only be disclosed as permitted or required under the following circumstances: 

• With Your Consent: When you provide written or verbal permission to share specific information with a designated individual, such as a family member or healthcare provider. 

• LegalRequirements: When disclosure is required by law, such as in response to a court order, subpoena, or other legal process. 

• Duty to Protect: If we believe there is a risk of harm to yourself or others, such as in cases of suicidal intent, threats of violence, child abuse, or neglect, we may disclose information to prevent harm. 

• Professional Consultation and Supervision: In certain situations, we may consult with other professionals to ensure the best possible care. We do not authorize these professionals to use or disclose your personal information for purposes other than what we have retained them. We only disclose personal information to the extent required to fulfill the purposes identified in this Privacy Policy. You may request that Waves Collective not share your personal information with any other professionals by contacting our Privacy Officer as detailed below. 

We will not use or disclose client or user personal information for any additional purpose unless we obtain consent to do so. 

We will not sell, lease or rent client lists or personal information, as such, to other parties.

8. Safeguarding Personal Information 

We are committed to ensuring the security of client personal information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal, or similar risks. 

We protect your personal information by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, modification or disposal of personal information. The safeguards we take depend on the sensitivity of the personal information and include: 

• Physically securing offices where personal information is held; 

• The use of user IDs and passwords (where applicable); 

• The use of firewalls and Secure Socket Layers for stored personal information;

• The use of encryption (where applicable); 

• Restricting employee access to personal information as appropriate (i.e., only those that need to know will have access, and such access will require a password); and 

• Contractually requiring any employee, contractor, service providers, and affiliated professionals to use best practices for information security and to maintain confidentiality regarding personal information. 

• Contractually requiring any employee, contractor, service providers, and affiliated professionals to provide comparable security measures. 

We will use appropriate security measures when destroying client’s and user’s personal information such as shredding documents and deleting electronically stored information. 

We will periodically review and update our security policies and controls as technology changes to ensure ongoing personal information security. 

9. Retention and Disposal of Personal Information 

If we use client personal information to make a decision that directly affects the client, we will retain that personal information for at least one year so that the client has a reasonable opportunity to request access to it. 

Subject to our other retention policies, we will retain personal information for as long as is required to fulfill the purposes, for a legitimate business purpose, for the security of Waves Collective and Waves Collective’s Services or to protect users, the public or third parties and/or to comply with any legal requirements, including statutory retention periods and corporate best practices, after which we securely destroy or anonymize personal information.  

10. Access and Correction of Personal Information 

Clients have a right to access their personal information, subject to limited exceptions outlined in the relevant sections of PIPA and PIPEDA (as applicable). 
A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought. A request to access personal information should be forwarded to the Privacy Officer identified below. 

Upon request, we will also tell clients how we use their personal information and to whom it has been disclosed, if applicable. 

We will make the requested information available within 30 business days or provide written notice of an extension where additional time is required to fulfill the request. 

A minimal fee may be charged for providing access to personal information. Where a fee may apply, we will inform the clients of the cost and request further direction from the client on whether or not we should proceed with the request. 

If a request is refused in full or in part, we will notify the client in writing, providing the reasons for refusal and the recourse available to the client. 

You have the right to access the personal information that we hold about you and to request corrections if the information is inaccurate or incomplete. To make a request, please contact us using the information provided below. We strive to respond to access or correction requests within 30 days of receiving them, as permitted by PIPA, and may need to verify your identity before providing access to your records. 

11. Privacy Rights and Complaints 

The Privacy Officer is responsible for ensuring Waves Collective’s compliance with this Privacy Policy, PIPA and PIPEDA (as applicable). 

Clients should direct any complaints, concerns or questions regarding Waves Collective’s compliance in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, the client may also write to the Office of the Information and Privacy Commissioner for British Columbia or the Office of the Privacy Commissioner of Canada (as applicable). 

12. Changes to this Privacy Policy 

We may change our Privacy Policy from time to time, and such changes will be posted in this Privacy Policy. We will not reduce your rights under this Privacy Policy without your express consent. 

We may update this privacy policy periodically to reflect changes in our practices, legal obligations, or other considerations. Any significant changes will be communicated to clients directly through our website, email, or other appropriate methods. We encourage you to review this policy periodically to stay informed about how we protect your personal information.

13. Contact Information 

For any inquiries, requests, or concerns regarding this privacy policy or the handling of your personal information, please contact Waves Collective’s Privacy Officer: 
wavescollectivecounselling@gmail.com