Privacy Policy, Data Protection & Consent to Virtual Processing of Personal Health Information
1.INTRODUCTION & SCOPE
Rumini Health Inc. and Rumini Pharmacy (collectively, “Rumini,” “we,” “our,” or “us”) are committed to protecting the privacy, confidentiality, integrity, and security of personal information and personal health information entrusted to us.
This Privacy Policy & Consent to Virtual Processing of Personal Health Information (“Policy”) explains how we collect, use, disclose, store, retain, and protect information when you:
- Access or use Rumini.ca
- Use our online pharmacy services
- Complete digital intake forms
- Participate in virtual consultations
- Communicate with us electronically
2. ABOUT RUMINI
Rumini operates as a licensed Ontario pharmacy with a pharmacy-first digital healthcare model, supported by telehealth services where clinically or legally required.
Our services include:
- Online prescription dispensing, renewals, refills, and transfers
- Pharmacist-led care, including prescribing for eligible minor ailments
- Medication therapy management and patient counseling
- Secure prescription fulfillment, packaging, and delivery
- Telehealth assessments by Ontario-licensed physicians or nurse practitioners where physician authorization is required
- Clinical care coordination, follow-ups, and patient suppor
Important Clarification:
- Rumini Pharmacy dispenses medications under Ontario College of Pharmacists (OCP) standards
- Telehealth services are used only when prescriptions or care require physician or nurse practitioner authorization
- All services are delivered in compliance with applicable federal and provincial laws
3. REGULATORY, LEGAL & PROFESSIONAL COMPLIANCE
3.1 Privacy & Health Information Laws
3.2 Pharmacy & Healthcare Regulation
- Ontario College of Pharmacists (OCP) standards and inspections
- NAPRA standards and model policies
- Professional obligations of Ontario-licensed pharmacists and physicians
3.3 Digital Health, Security & Advertising Standards
- LegitScript certification standards
- HIPAA-aligned safeguards (as a security best practice)
- GDPR & PECR principles (for cookie transparency and user control)
Rumini continuously updates its systems and policies to remain compliant with evolving regulatory expectations.
4. INFORMATION WE COLLECT
We collect only the information necessary to provide safe, lawful, and effective care.
a) Personal Information
- Full name, date of birth, contact details
- Address and identity verification information
- Insurance, billing, and payment details
- Medical history and clinical intake forms
- Symptoms, allergies, medications, and treatment history
- Pharmacist and physician assessments and notes
- Photos or diagnostic results (where clinically required)
c) Technical & Usage Information
- IP address (anonymized where possible)
- Device, browser, and session data
- Website interactions for security and optimization
All information is collected directly from you or with your explicit consent for continuity of care
5. PURPOSES FOR USING YOUR INFORMATION
Your information is used solely for legitimate healthcare, operational, and regulatory purposes, including:
- Clinical assessment and treatment eligibility
- Virtual consultations and prescribing decisions
- Pharmacy dispensing, packaging, and delivery
- Prescription renewals, refills, and transfers
- Monitoring treatment outcomes and side effects
- Care coordination and patient communication
- Identity verification and fraud prevention
- Compliance with legal, regulatory, and audit obligations
We do not sell, rent, or trade personal or health information.
6. CONSENT & LAWFUL BASIS FOR PROCESSING
Your Consent
By using Rumini’s platform, you provide express or implied consent for the collection, use, and disclosure of your information as outlined in this Policy.
Lawful Bases Include:
- Your consent
- Legal and regulatory obligations
- Professional healthcare duties necessary for patient safety and continuity of care
You may withdraw consent at any time, subject to legal, regulatory, and clinical record-keeping requirements.
7. WHO HAS ACCESS TO YOUR INFORMATION
Access is strictly limited to authorized individuals involved in your care:
- Ontario-licensed pharmacists
- Ontario-licensed physicians or nurse practitioners (when required)
- Authorized Rumini administrative staff
- Third-party service providers under strict confidentiality agreements (e.g., hosting or couriers with minimal data only)
8. DATA STORAGE, SECURITY & SAFEGUARDS
- Encrypted data storage (AES-256 or equivalent)
- Encrypted transmission (SSL/TLS)
- Role-based access controls
- Multi-factor authentication
- Audit logs and monitoring
- Regular security assessments and backups
Health information is stored on Canadian servers unless legally required otherwise under a secure, compliant framework.
9. DATA RETENTION & DESTRUCTION
- Medical records are retained for at least 10 years from last date of service or longer if required by law
- Data is securely destroyed or anonymized once retention periods expire
- Destruction follows Health Canada-accepted digital destruction standards
10. SHARING & DISCLOSURE OF INFORMATION
Information is disclosed only when necessary:
- To pharmacists or physicians involved in your care
- To laboratories or diagnostic providers (where applicable)
- To delivery partners (minimum necessary information only)
- To regulators or authorities when required by law
De-identified or aggregated data may be used for analytics and service improvement and cannot identify you
11. COOKIES & WEBSITE TECHNOLOGIES
Types of Cookies Used
- Essential cookies: required for site functionality and security
- Functional cookies: remember preferences
- Analytics cookies: anonymized analytics (e.g., Google Analytics)
- Marketing cookies: used only with explicit consent
You may manage cookie preferences via the consent banner or browser settings.
12. TELEHEALTH LIMITATIONS
- Technical issues may affect service quality
- Physical examinations may be limited
- In-person care may be recommended
By consenting, you accept these limitations.
13. ELECTRONIC COMMUNICATION
- SMS
- Secure patient portals
While encrypted, electronic communication carries minimal inherent risk. You may withdraw this consent at any time.
14. BREACH NOTIFICATION
- Notify affected individuals promptly
- Investigate and contain the incident
- Report to regulators as required
- Implement corrective measures
Our response aligns with IPC Ontario and Health Canada guidance.
15. YOUR RIGHTS
- Access your records
- Request corrections
- Withdraw consent (where permissible)
- Request information on disclosures
- File a privacy complaint
16. CHILDREN & MINORS
17. POLICY UPDATES
18. CONTACT INFORMATION
Rumini Health Inc.
Email: admin@rumini.ca
Rumini Pharmacy
OCP License #311091
Address: 45-2355 Derry Rd E, Mississauga, ON L5S 1V6
Phone: (289) 748-3812
Fax: (289) 748-3813
19. DECLARATION OF CONSENT
By accessing Rumini’s platform, submitting a medical form, or proceeding with pharmacy or virtual care services, you confirm that you:
- Have read and understood this Policy
- Consent to the collection, use, and disclosure of your personal and health information as described
- Understand that consent remains valid unless withdrawn in writing
Our Commitment
Rumini is committed to privacy, compliance, ethical pharmacy practice, and patient trust. Protecting your information is central to every aspect of our operations.