Privacy Policy

1. Introduction

At Maple Retreat, we understand the sensitivity of health and personal information and treat the protection of your data with the highest priority. This Privacy Policy informs you about the nature, scope and purpose of the collection and use of personal data in our senior living community.

Our privacy practices fully comply with Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), as well as the European General Data Protection Regulation (GDPR) where applicable. As healthcare professionals, we place special emphasis on adhering to these regulations.

2. Collection and Processing of Personal Data

In our senior living community, we collect and process personal data exclusively for specific purposes related to resident care, facility management, and the fulfillment of our contractual and pre-contractual obligations. This includes:

2.1. Data you actively provide to us:

  • Contact and personal information such as name, address, telephone number, email address, and emergency contact details
  • Health-related information and medical records necessary for providing proper care
  • Communication content such as email correspondence, care planning notes, and telephone consultations

2.2. Automatically collected data:

  • Access data when visiting our website such as IP address, browser type, and operating system
  • Date and time of access
  • Information about your interaction with our website and digital services

2.3. Cookies and Tracking Technologies: On our website, we use only technically necessary cookies and security-relevant tracking technologies. Optionally, you can consent to the use of analytics cookies that help us improve our offerings. You can change your cookie settings at any time.

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • Resident Care – To provide quality healthcare services and fulfill contractual obligations
  • Health Management – To ensure appropriate medical and wellness care for our residents according to their individual needs
  • Communication – For efficient correspondence with you, family members, and relevant healthcare providers
  • Billing – For invoicing our services and accounting purposes

4. Legal Basis for Processing

The processing of your data is based on the following legal grounds:

  • Fulfillment of the resident care agreement and implementation of pre-contractual measures (Art. 6 Para. 1 lit. b GDPR)
  • Compliance with legal obligations, particularly healthcare regulations and professional standards for senior care (Art. 6 Para. 1 lit. c GDPR)
  • Protection of our legitimate interests such as quality assurance or facility improvement (Art. 6 Para. 1 lit. f GDPR)
  • Your express consent, for example for receiving newsletters or participation in special programs (Art. 6 Para. 1 lit. a GDPR)

5. Disclosure to Third Parties

Your data will only be shared with third parties in the following cases:

  • Healthcare Providers – As necessary for coordinated medical care
  • External Specialists – Such as physical therapists or specialist physicians, when necessary for your care
  • IT Service Providers – Who work for us under strict data protection conditions and ensure the secure operation of our systems

As healthcare professionals, we are bound by strict confidentiality obligations and never disclose your data without proper authorization.

6. Data Security

We implement comprehensive technical and organizational measures to protect your data. These include access restrictions, encryption according to the latest standards, regular security audits, and training our staff on data protection issues.

Particularly sensitive health data is protected through additional security measures. Nevertheless, absolute security in data transmission over the internet cannot be guaranteed, which is why we offer alternative communication channels for sensitive information.

7. Data Retention Period and Deletion

We store your data only as long as necessary for resident care and as required by legal retention periods:

  • Medical and resident care records are kept according to healthcare regulations (typically 10 years).
  • Communication data is retained for the duration of the resident relationship and, if necessary, beyond that as legally required.
  • Business correspondence, accounting documents, and similar records are kept according to tax regulations.

After expiration of the legal retention periods, your data will be securely and irretrievably deleted or anonymized.

8. Your Rights

As a data subject, you have:

  • Access to the personal data stored about you
  • Rectification of inaccurate or completion of incomplete data
  • Deletion of your data, provided no legal retention obligations or legitimate interests prevent this
  • Restriction of Processing under certain conditions
  • Data Portability in a structured, common, and machine-readable format
  • Objection to Processing due to your particular personal situation

Please direct requests to exercise your rights to privacy@mapleretreat.com or use our contact form.

9. GDPR Guidelines

As a senior care facility with international residents, we are in certain cases also subject to the provisions of the European General Data Protection Regulation (GDPR). In this context, we observe the following specific principles:

  • Data Minimization – We collect only the personal data absolutely necessary for our care services.
  • Cross-Border Data Transfer – When transmitting personal data to countries outside the EU/EEA, we ensure that appropriate guarantees according to Art. 44 et seq. GDPR are maintained.
  • Data Protection Impact Assessment – In cases where processing poses particular risks to the rights and freedoms of data subjects, we conduct a data protection impact assessment in advance.
  • Accountability – We document our data protection measures and can demonstrate compliance.

As an EU citizen, you also have the right to lodge a complaint with a European data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.

10. Changes to the Privacy Policy

This privacy policy is regularly reviewed and adjusted to legal or factual changes as needed. The current version is always available on our website. We will inform you of any significant changes through appropriate channels.

Continued use of our services after an update is considered consent to the amended privacy provisions.

As healthcare professionals specializing in senior care, the trustworthy and legally compliant handling of your data is especially important to us. If you have any questions, we are available at any time.