Privacy Policy
Last updated: December 12, 2025
MedExpress Digital Health Inc. (“MedExpress”, “we”, “our” or “us”) owns and operates the MedExpress Platform. The Platform provides registered users with access to virtual Healthcare Services that are provided by Healthcare Practitioners.
MedExpress is committed to protecting your privacy. This Privacy Policy describes how your personal information is collected, used and disclosed in connection with your use of the MedExpress Platform. It also outlines your rights and choices with respect to your personal information, and how to contact us if you have any queries or concerns.
Definitions
| Term | Definition |
|---|---|
| Healthcare Practitioner | Regulated health professionals, such as physicians and nurse practitioners, who are licensed to practice in a province or territory of Canada. |
| Healthcare Services | Virtual healthcare services that are provided by Healthcare Practitioners through the Platform, including treatment consultations and the prescribing of medications. |
| Medical Record | Any records of personal health information that are collected by or on behalf of a Healthcare Practitioner in connection with the Healthcare Services. |
| Personal Information | Any information that can be used to identify an individual directly or indirectly. Personal information does not generally include any business contact information that is solely used to communicate with you in relation to your employment, business or profession, such as your name, position name or title, work address, work telephone number, work fax number or work e-mail address. |
| Platform | www.medexpress.co/ca and all related websites, applications, content, products and services owned and/or operated by MedExpress. |
| Services | Any services made available by MedExpress, including facilitating access to Healthcare Services and any other services accessed through the Platform. |
Collection of Personal Information
Generally, the following types of personal information are collected about you in connection with your use of the Platform.
Information you provide
- Registration: When you register to receive the Services (e.g., when you create an account on a website, or contact us by other means), MedExpress will collect personal information to provide you with access to the Services you require. The information we collect may include your name, address, email, date of birth, and phone number.
- Healthcare Services: If you request Healthcare Services, including prescription-only medication, you may be asked to complete a consultation or otherwise provide information about your health, including information about your body composition (potentially with pictures), medical history and conditions (including previous diagnoses you’ve received), ethnicity (if relevant to the prescription), current medications, and allergies. This information forms part of your Medical Record.
- Ordering Goods from Us: If you order goods or services from us, we will collect information we require to complete your purchase, including your payment details, government-issued ID, and other contact details.
- Contacting Us: If you contact us via social media, email, telephone or otherwise, we will collect any personal information you choose to provide to us.
- Responding to Surveys and Prize Draws: We will collect personal information about you if you respond to surveys on our site, or otherwise enter any competition, promotion or survey we run.
Information we receive from other sources
We work closely with third parties (including, for example, business partners, service providers, advertising networks, analytics providers, and search information providers) and may receive information about you from them. If you choose to sign in using a third party (for example, your Gmail account), we will also receive information from that third party.
This may be combined with other personal information we collect about you.
Use of Personal Information
The personal information that is contained in your Medical Record is primarily used by Healthcare Practitioners to provide you with the Healthcare Services, which includes making decisions about your medical diagnosis, healthcare and treatment.
We may also use your personal information for the following purposes:
- To register your account and keep it secure.
- To verify your identity.
- To process and fulfil any orders that you place with us (through our website).
- To respond to any queries, refund requests or complaints.
- To carry out market research so that we can improve the services we offer.
- To communicate with you. We may use your personal information, preferences, and details of your transactions to keep you informed by email, web/social media, text and telephone.
- To send you promotional messages. We may contact you about relevant products and services including special offers, discounts, promotions, events, surveys, and competitions tailored to you. This may include promotions offered by other entities in the HeliosX group of companies. You can opt out of hearing from us about these at any time.
- To train our Machine Learning (ML) or Artificial Intelligence (AI) models. We may use your personal information to train our ML/AI models, which we use to improve, promote and provide our Services, as well as for analytics. For example, we use AI to spot bad quality verification pictures uploaded by our customers.
- For clinical research. For example, we may use your personal information for the development of products used to diagnose and treat your symptoms or to study the effectiveness of our existing products and services.
- To allow you to participate in interactive features of our services when you choose to do so.
- To improve our products. For example, we may capture your product reviews when you buy goods and services from us by following up with an inquiry about your experience of the product to help us gauge customer satisfaction. We may also conduct customer surveys or otherwise conduct market research. You are not obligated to leave reviews or complete surveys, but this facility would enable you to get your views of the product across should you wish to do so.
- To personalise customer experience and inform marketing strategies.
- To continuously improve our service to our customers by monitoring telephone calls which we receive at our call centres for the purposes of staff training, quality control and service improvement.
- To track and analyse activity on our Platform.
- To communicate with you in the event that any Services requested are unavailable or if there is a query or problem with your order.
- To notify you about any changes to our Services and to send you service emails relating to said services, like payment confirmations, delivery updates, and similar.
- As part of our efforts to keep our Platform safe and secure.
- To prevent fraud. Where relevant, we will compare customer uploaded images with each other to ensure they show to the same person. This may rely on facial recognition software making an assessment that is then manually reviewed.
- To send you app notifications and reminders that you set up on your device.
We may also create, use, and share de-identified or anonymized data for any purpose, to the extent permitted by law. De-identified or anonymized data is generally not considered personal information because it cannot be used to identify you.
Sharing of Personal Information
We generally identify to whom, and for what purposes, we will disclose your personal information (and we obtain your consent to such disclosure) at the time we collect your personal information.
Your personal information may be disclosed to the following persons for the following purposes:
- Other healthcare providers: If you receive Healthcare Services, we will ask for your consent for your Healthcare Practitioner to disclose your personal information to other healthcare providers, such as your family physician, to facilitate the provision of your healthcare, including to verify your medical details and provide an appropriate prescription.
- Alberta - your Healthcare Practitioner may override your request to not share your records in limited circumstances where the sharing is necessary to protect your health or safety.
- Pharmacy services: If you request to have your prescription filled by a pharmacy we have partnered with, your Healthcare Practitioner will disclose your personal information, such as prescription information and the name of the Healthcare Practitioner, to the pharmacy for the purpose of filling your prescription. At your request, we may also transmit your prescription information to a pharmacy of your choosing.
- Potential business partners: Your personal information may be disclosed to a third party in the event of any significant business transaction, such as a merger or reorganization.
- Where required by law: Your personal information may be disclosed to third parties, such as public authorities or regulatory bodies, when such disclosure is required or permitted by law.
We rely on affiliates and service providers to perform a variety of services on our behalf, including payment card processing, marketing and analytics, technical support, and data storage and processing service providers. If we transfer your personal information to a service provider, we require that they maintain the confidentiality of your personal information and only use it for the purposes for which it was provided.
Your Consent
We may collect, use, and disclose your personal information with your consent. How we obtain your consent, including whether it is express or implied, will depend on the circumstances and the sensitivity of the personal information in question. Generally, we will seek your consent at the time we collect your personal information, either orally, electronically, or in writing.
If you provide personal information about another individual to us, it is your responsibility to obtain the consent of that individual to enable us to collect, use and disclose their information as described in this Privacy Policy.
If you wish to withdraw your consent to our collection, use or disclosure of your personal information, please contact us using the contact information in the “How to Contact Us” section below. We will accommodate your request to withdraw consent, subject to legal or contractual restrictions. Withdrawal of your consent may mean that we will no longer be able to provide you with certain products or Services.
In certain circumstances, we may collect, use, and disclose your personal information without your consent to the extent permitted or required by law.
Opting Out of Marketing Communications
If you no longer want to receive marketing-related e-mails from us, you may opt out by clicking the “unsubscribe” link at the bottom of any e-mail you receive from us. You may also opt out by contacting us directly using the contact information in the “How to Contact Us” section below.
If you opt out from receiving marketing-related e-mails, we may still need to send you communications about your use of our products or services, or other matters.
Testimonials
If you provide us with a testimonial, which may include personal information such as your name or alias, location, age, treatment details, and photographs, we will retain this information for as long as necessary to fulfil the purposes for which it was collected. We will always process this information in accordance with our data retention policies, and you may be contacted after a certain period to ask if you wish to provide an updated testimonial.
The primary purpose of collecting and using testimonials (including related photographs, and data) is for marketing purposes. This may include displaying the materials on our website, social media platforms (including Facebook, Instagram, and Reddit), and within marketing emails. Additional marketing channels may also be utilised as part of our broader marketing strategy and business needs.
Retention, Storage, and International Transfer of Personal Information
We generally will retain your personal information for as long as necessary to fulfill the purposes for which we collected it, and for a longer period when permitted or required by law. For example, we retain personal information associated with your account and the use of our Services for as long as you maintain an account with us and for a limited period of time thereafter. Your Medical Record will be retained for a longer period of time, as required by law and health regulatory guidelines that apply to Healthcare Practitioners.
Your personal information (including your Medical Record) may be transferred outside of Canada to fulfill the purpose for which we collected it, including for processing and storage by service providers in the United States, in the United Kingdom, and in the European Union. While your personal information is outside of Canada, it is subject to the laws of the country in which it is located, which may have different data protection laws than Canada. Those laws may require disclosure of your personal information to authorities in that country. For more information about our policies and practices regarding service providers outside of Canada, contact us using the contact information in the “How to Contact Us” section below.
Information Security
We have implemented physical, organizational, contractual, and technological security measures in an effort to protect your personal information from loss or theft, unauthorized access, use, or disclosure.
Despite these measures, we cannot guarantee that our safeguards will always be effective. A breach of security safeguards can result in risks such as phishing and identity theft. We will address such breaches as required by law.
We may also require that you assist us in safeguarding your personal information. For example, if you create an account through our website or applications, you should use a unique and strong password and not share your password with others.
If you have reason to believe that your personal information is no longer secure, please contact us immediately using the contact information in the “How to Contact Us” section below.
Your Privacy Rights
We expect you to supply us with updates to your personal information, when required. We will not routinely update your personal information unless such a process is necessary.
You may have the following rights with respect to your personal information, including your Medical Record:
- Access: You may make a request to review any personal information about you that we have collected, used, or disclosed, and information about those uses and disclosures, and we will provide you with any such personal information to the extent required by applicable laws.
- Correction: You may challenge the accuracy or completeness of your personal information. If you demonstrate that your personal information is inaccurate or incomplete, we will amend or delete your personal information as required. We may transmit the amended information to third parties to whom we have disclosed your personal information.
- Conditions on Consent: You may place conditions on your consent, including by instructing your Healthcare Practitioner to restrict access to all or parts of your Medical Record by certain other persons.
We may require that you provide sufficient identification to fulfill your request to access or correct your personal information or place conditions on your consent. We will not charge you any fees to access your personal information in our records without first providing you with an estimate of the approximate fees, if any.
If you are not satisfied with how we handle your request, you may have the right to make a complaint to the relevant privacy commissioner in your province of residence.
Third-Party Websites and Services
We may provide links to third-party websites for your convenience and information. We may also make opportunities available to you to purchase, subscribe to, or use other products or services from third parties with different privacy practices. Those other websites, products, or services are governed by the Privacy Policies and policies of the respective third party. This Privacy Policy does not extend to any websites, products, or services provided by third parties. We do not assume responsibility for the privacy practices of third parties not acting on our behalf and we encourage you to review all third-party Privacy Policies prior to using third-party websites, products, or services.
Changes to this Privacy Policy
The Privacy Policy was last revised as of the date that appears at the top of this page.
From time to time, we may make changes to this Privacy Policy. When changes are made, they will become immediately effective when published in a revised Privacy Policy posted on our website, unless otherwise noted. We may also communicate the changes to this Privacy Policy by other means.
How to Contact Us
All comments, questions, concerns, or requests regarding your personal information or our privacy practices should be forwarded to our Privacy Officer at care.ca@medexpress.co.
If you have concerns about our privacy practices, you may also contact the applicable privacy commissioner in your province or territory of residence.
Cookies and Tracking Technologies
We use cookies, pixels, tags, and similar tracking technologies (collectively, “cookies”) to operate our Platform, enhance your experience, and conduct marketing activities. Cookies are small text files containing a string of alphanumeric characters that are stored and accessed on your browser or the hard drive of your device.
Types of Cookies We Use
We use both first-party cookies (set by MedExpress) and third-party cookies (set by our partners). Cookies on our Platform generally fall into the following categories:
- Necessary Cookies: These cookies are strictly necessary for the Platform to function (e.g., secure login, payment processing, medical intake forms). These cannot be switched off.
- Preferences Cookies: These cookies allow the Platform to remember your choices (e.g., username, region, language) and provide enhanced, personalized features.
- Statistics, Analytics and Performance Cookies: These cookies help us measure traffic and usage trends to improve our Platform’s performance.
- Marketing and Targeting Cookies: These cookies are used by us and our advertising partners to build a profile of your interests and show you relevant ads on other sites.
For a detailed list of the specific third-party providers we use for these purposes, please view our List of Service Providers.
Your Consent and Choices
MedExpress is committed to offering you meaningful privacy choices. You have a number of options to object, control or limit how we, our partners, and other third parties use cookies. You can block cookies through the mechanisms described below. Cookies are important to many aspects of the Platform. If you disable all cookies or do not consent to our use of cookies, you may not be able to enjoy all features of the Platform.
- Managing Preferences: When using our Platform, a cookie banner will appear, giving you the option to accept or reject non-essential cookies and manage your cookie preferences. By continuing to use our Platform after seeing our cookie banner, you consent to the use of cookies as described in this Privacy Policy. You can withdraw consent or change your preferences at any time by clicking “Cookie Preferences” in our website footer.
- Browser Settings: You can use your web browser settings to withdraw or modify your consent to our use of cookies at any time. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Most browsers allow you to choose the level of privacy settings you want and control your cookie settings. For more information on how to manage the most popular browsers, please see below:
Do Not Track
Our Platform does not currently respond to “Do Not Track” signals from web browsers.