Product Namerrespondance
← Back to Home

Privacy Policy

Last updated: February 9, 2026

1. Introduction

RockyRidge AI Solutions Inc. ("we," "our," or "us") operates CorrespondanceAI, an AI-powered receptionist service for Canadian healthcare practices. We are committed to protecting your privacy and ensuring the security of personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.

2. Information We Collect

We collect the following types of information:

2.1 Practice Information

  • Practice name and contact details
  • Practice size and location (province/territory)
  • Practice Management System (PMS) software used
  • Practice-specific protocols and preferences

2.2 Contact Information

  • Contact name and email address
  • Phone number
  • Communication preferences

2.3 Patient Data

When you use our Service, we process patient data on your behalf, including but not limited to:

  • Patient contact information
  • Appointment scheduling data
  • Call transcripts and recordings (with consent)
  • Insurance information for verification purposes
  • Clinical triage information

3. How We Use Information

We use the information we collect to:

  • Provide and improve our AI receptionist service
  • Process appointment bookings and scheduling requests
  • Verify insurance information
  • Perform clinical triage and route patient inquiries appropriately
  • Maintain service quality through monitoring and auditing
  • Comply with legal obligations and respond to lawful requests
  • Send service-related communications and updates

4. Data Storage & Security

Canadian Data Residency: All data processed by CorrespondanceAI is stored and processed exclusively within Canada. We do not transfer, store, or process personal information outside of Canadian borders, ensuring full compliance with Canadian data residency requirements.

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security audits and assessments
  • Secure data centers located in Canada
  • Employee training on privacy and data protection

5. PIPEDA Compliance

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), which governs how private sector organizations collect, use, and disclose personal information in the course of commercial activities. Our practices align with PIPEDA's ten fair information principles:

  1. Accountability
  2. Identifying purposes
  3. Consent
  4. Limiting collection
  5. Limiting use, disclosure, and retention
  6. Accuracy
  7. Safeguards
  8. Openness
  9. Individual access
  10. Challenging compliance

6. Provincial Privacy Acts

In addition to PIPEDA, we comply with applicable provincial privacy legislation, including:

  • PIPA (Alberta, British Columbia): Personal Information Protection Act
  • PHIPA (Ontario): Personal Health Information Protection Act
  • Loi 25 (Quebec): An Act to modernize legislative provisions as regards the protection of personal information
  • Other applicable provincial privacy acts

7. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

  • With your explicit consent
  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety, or that of our users
  • With service providers who assist in operating our Service (all bound by confidentiality agreements)
  • In connection with a business transfer (with notice to users)

8. Your Rights

Under PIPEDA and applicable provincial privacy laws, you have the right to:

  • Access your personal information
  • Request correction of inaccurate information
  • Withdraw consent (subject to legal and contractual restrictions)
  • File a complaint with the Privacy Commissioner of Canada or applicable provincial privacy commissioner
  • Request information about our privacy practices

9. Cookies and Tracking

We use cookies and similar tracking technologies to improve your experience on our website. These technologies help us understand how you interact with our Service and enable certain features. You can control cookie preferences through your browser settings.

10. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

11. Children's Privacy

Our Service is designed for healthcare practices and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

13. Contact for Privacy Inquiries

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:

Privacy Officer
RockyRidge AI Solutions Inc.
Email: privacy@rockyridgeai.com
(Contact information to be updated)

You also have the right to file a complaint with:

Privacy Commissioner of Canada
Website: www.priv.gc.ca

← Back to Home