Please Note

Privacy Policy

Please Read Carefully

ASIF420 ltd. and its subsidiaries (collectively, “ASIF420”) are committed to maintaining the accuracy, confidentiality and security of your personal information. This Privacy Policy describes the personal information that ASIF420 collects from or about you, as well as how we use and to whom we disclose that information. Please review this entire document carefully.

PRIVACY POLICY EFFECTIVE WORLDWIDE

It is ASIF420’s policy to comply with the privacy legislation within each jurisdiction in which we operate. Sometimes such legislation and / or an individual’s right to privacy are different from one jurisdiction to another. This Privacy Policy covers only those activities that are subject to the international and provincial privacy laws, as applicable.

This Privacy Policy has a limited scope and application. Consequently, the rights and obligations contained in this Privacy Policy may not be available to all individuals or in all jurisdictions.

WHAT IS PERSONAL INFORMATION?

For the purposes of this Privacy Policy, “personal information” is any information about an identifiable individual, other than an individual’s business contact information when collected, used or disclosed for the purposes of enabling the individual to be contacted in relation to their business responsibilities. This definition would include, among other things, information about the physical or mental health of an individual.

We may collect information related to your visit to any of our websites, including the IP address and domain used to access our websites, the type and version of your browser, the website you came from to access our website(s), the page you entered and exited at, any website page within our website(s) that is viewed by that IP address and what country you are from. We use this information to monitor our websites’ performance (such as number of visits, average time spent, page views) and for our business purposes such as: (i) customizing certain content that we think you might like based on your usage patterns; (ii) improving our products and services; and (iii) upgrading our websites.

We may place a “cookie” on the hard drive of your computer to track your visit. A cookie is a small data file that is transferred to your hard drive through your web browser that can only be read by the website that placed the cookie on your hard drive. The cookie acts as an identification card and allows our websites to identify you and to record your passwords and preferences. The cookie allows us to track your visit to our website(s) so that we can better understand your use of our website(s) so that we can customize and tailor them to better meet your needs. Most web browsers are set to accept cookies. However, on most web browsers you may change this setting to have your web browser either: (i) notify you prior to a website placing a cookie on your hard drive so that you can decide whether or not to accept the cookie; or (ii) automatically prevent the placing of a cookie on your hard drive. It should be noted that if cookies are not accepted, you may not be able to access a number of web pages found on our websites.

Our websites may contain links to other websites that may be subject to less stringent privacy standards. We cannot assume any responsibility for the privacy practices, policies or actions of the third parties that operate these websites. ASIF420 is not responsible for how such third parties collect, use or disclose your personal information. You should review the privacy policies of these websites before providing them with personal information.

Finally, our websites may provide you with an opportunity to interact with others and share your thoughts, information, content and materials (collectively “User Generated Content”). You are solely responsible for the User Generated Content that you post on our websites. Unless explicitly stated otherwise, any User Generated Content that you post onto our websites (including your username) will be made publicly available. As such, do not post any personal information onto our websites (such as your name or email address) if you wish to remain anonymous.

WHY DO WE COLLECT PERSONAL INFORMATION?

ASIF420 collects personal information to enable us to manage, maintain, and develop our operations, including for example:

  • to establish, maintain and manage our relationship with you so that we may provide you with, or receive from you, the products and services that have been requested;
  • to enable you to register and access an account with us;
  • to obtain and process payments for the products and services that we provide to you;
  • to be able to review the products and services that we provide to you so that we may: (i) understand your requirements for our products and services; and (ii) work to improve our products and services;
  • to be able to review the products and services that we obtain from you so that we may work with you and so that you may understand our requirements for such products and services;
  • to send you promotional and other marketing materials that we think might be of interest to you; 
  • to respond to requests made by, or on behalf of, your insurance provider to review your insurance claim(s), to the extent applicable;
  • to monitor and investigate incidents  and managing claims;
  • to create Aggregated Information (as defined below);
  • to be able to comply with your requests (for example, if you prefer to be contacted at a business or residential telephone number and advise us of your preference, we will use this information to contact you at that number);
  • to protect ASIF420 against error, fraud, theft and damage to our goods and property;
  • to enable us to comply with applicable law or regulatory process; and
  • any other reasonable purpose to which you consent.

Please note that our video surveillance systems may collect your personal information when you attend our retail and other locations. Such collection is done:

  • to facilitate a safe and secure environment;
  • to support an immediate response to an observed or reported incident;
  • to help us collect certain demographic information (e.g. age and gender) to enable us to better understand who our customers are; 
  • to enable us to know how many customers we have, how they shop, and their shopping preferences;
  • to protect ASIF420 against error, fraud, theft and damage to our goods and property (e.g. by integrating point-of-sale transactional data with videos taken at the time of transactions); and
  • to enable us to comply with applicable law.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We may use your personal information:

  • as permitted or required by applicable law or regulatory requirements;
  • for the purposes described in this Privacy Policy; and
  • for any additional purposes for which we have obtained your consent to the use or disclosure of your personal information.

As above, we may use your personal information to create Aggregated Information for the purposes of managing, maintaining, and developing our operations. Such purposes include: (i) identifying the demographics of our clients, the types of diagnoses that our clients are using cannabis to treat, and the types of strains that are most beneficial for different diagnoses; (ii) creating and selling benchmarks, reports, summary metrics, predictive algorithms; and (iii) developing new or improving our existing products and/or services). In this Privacy Policy, “Aggregated Information” means information that: (i) arises from the compilation, combination and/or analysis of personal and other information; and (ii) is anonymized.

WHEN DO WE DISCLOSE YOUR PERSONAL INFORMATION?

When we provide you with medical cannabis, we may share your personal information with your healthcare providers (which may also be referred to as your “circle of care”) and your authorized family members. We may also share it with others but only with your consent or as otherwise permitted by law. For example, we may share your personal information with designated individuals (e.g. parents, caregivers) who have authority to collect such information. All such sharing is done in a manner consistent with this Privacy Policy.

We may also share your personal information with our employees, contractors, consultants, affiliates and other parties who require such information to assist us with managing our relationship with you, including third parties that provide services to us or on our behalf.

For example, we may share your personal information from time to time with our third-party information technology, data processing, payment processing, advertising/marketing, call center and age/identity verification service providers so that we may operate our business, some of which may be located in the United States. As a result, your personal information may be collected, used, processed, stored or disclosed in the United States and may potentially be accessible to law enforcement and national security authorities of that jurisdiction. However, it is important to note that in the unlikely event United States law enforcement and/or national security authorities request your personal information, it shall only be provided in strict accordance with the law and subject to all required legal permissions. To the extent permissible, you will be informed if disclosure of your personal information is requested by law.

In addition, personal information may be disclosed or transferred to another party during the course of, or completion of, a change in ownership of or the grant of a security interest in, all or a part of ASIF420 through, for example, an asset or share sale, or some other form of business combination, merger or joint venture, provided that such party is bound by appropriate agreements or obligations and required to use or disclose your personal information in a manner consistent with the use and disclosure provisions of this Privacy Policy, unless you consent otherwise.

Finally, your personal information may be disclosed:

  • for the purposes described in this Privacy Policy;
  • to third party databases for the purposes of verifying your age;
  • as part of an audit by the Minister of Health;
  • as permitted or required by applicable law or regulatory requirements;
  • to comply with valid legal processes such as search warrants, subpoenas or court orders;
  • as part of the regular reporting activities of ASIF420;
  • to protect the rights and property of ASIF420;
  • during emergency situations or where necessary to protect the safety of a person or group of persons; and
  • with your consent.


YOUR CONSENT IS IMPORTANT TO US

It is important to us that we collect, use or disclose your personal information where we have your consent to do so. Depending on the sensitivity of the personal information, your consent may be implied, deemed (using an opt-out mechanism) or express. Express consent can be given orally, electronically or in writing. Implied consent is consent that can reasonably be inferred from your action or inaction. For example, when you enter into an agreement with us, we will assume your consent to the collection, use and disclosure of your personal information for purposes related to the performance of that agreement and for any other purposes identified to you at the relevant time.

Typically, we will seek your consent at the time that we collect your personal information. In certain circumstances, your consent may be obtained after collection but prior to our use or disclosure of your personal information. If we plan to use or disclose your personal information for a purpose not previously identified (either in this Privacy Policy or separately), we will endeavor to advise you of that purpose before such use or disclosure.

We may collect, use or disclose your personal information without your knowledge or consent where we are permitted or required to do so by applicable law or regulatory requirements.

You may change or withdraw your consent at any time, subject to legal or contractual obligations and reasonable notice, by contacting our Chief Legal Officer, who also acts as ASIF420’s Chief Privacy Officer, using the contact information set out below. All communications with respect to such withdrawal or variation of consent should be in writing and addressed to our Chief Legal Officer.

We assume that, unless you advise us otherwise, you have consented to the collection, use and disclosure of your personal information as explained in this Privacy Policy.

HOW IS YOUR PERSONAL INFORMATION PROTECTED?

ASIF420 will endeavor to maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to prevent your personal information from loss and unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction. Unfortunately, we cannot guarantee complete security: (i) unauthorized access, use, or disclosure, (ii) hardware or software failure, and (iii) other events may potentially compromise the security of your personal information.

The security of your personal information is important to us, please advise our Chief Legal Officer immediately of any incident involving the loss of or unauthorized access to or disclosure of personal information that is in our custody or control.

UPDATING YOUR PERSONAL INFORMATION

It is important that the information contained in our records is both accurate and current. If your personal information happens to change during the course of our relationship, please keep us informed of such changes.

In some circumstances we may not agree with your request to change your personal information and will instead append an alternative text to the record in question.

ACCESS TO YOUR PERSONAL INFORMATION

You can ask to see your personal information. If you want to review, verify or correct your personal information, please contact our Chief Legal Officer. Please note that any such communication must be in writing.

When requesting access to your personal information, please note that we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you. We may charge you a fee to access your personal information; however, we will advise you of any fee in advance. If you require assistance in preparing your request, please contact our Chief Legal Officer.

Your right to access the personal information that we hold about you is not absolute. There are instances where applicable law or regulatory requirements allow or require us to refuse to provide some or all of the personal information that we hold about you. In addition, the personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and practices. In the event that we cannot provide you with access to your personal information, we will endeavor to inform you of the reasons why, subject to any legal or regulatory restrictions.

INQUIRIES OR CONCERNS?

If you have any questions about this Privacy Policy or concerns about how we manage your information, please contact our Chief Legal Officer by telephone, in writing or by e-mail. We will endeavor to answer your questions and advise you of any steps taken to address the issues raised by you. If you are dissatisfied with our response, you may be entitled to make a written submission to the Privacy Commissioner in your jurisdiction.

REVISIONS TO THIS PRIVACY POLICY

ASIF420, from time to time, may make changes to this Privacy Policy to reflect changes in its legal or regulatory obligations or in the manner in which we deal with your personal information. We will post any revised version of this Privacy Policy on our websites, and we encourage you to refer back to it on a regular basis.

This Privacy Policy was last updated on December 5, 2018.

INTERPRETATION OF THIS PRIVACY POLICY

Any interpretation associated with this Privacy Policy will be made by our Chief Legal Officer. This Privacy Policy includes examples but is not intended to be restricted in its application to such examples; therefore, where the word “including” is used, it shall mean “including without limitation”.

This Privacy Policy does not create or confer upon any individual any rights, or impose upon ASIF420 any rights or obligations outside of, or in addition to, any rights or obligations imposed by Canada’s federal privacy laws and its provincial privacy laws, as applicable. Should there be, in a specific case, any inconsistency between this Privacy Policy and any such laws, this Privacy Policy shall be interpreted, in respect of that case, to give effect to, and comply with, such privacy laws.