Joelle Aesthetics is committed to protecting the privacy, confidentiality, and security of your personal information and personal health information.
As a provider of medical aesthetic services in Ontario, we operate as a Health Information Custodian under the Personal Health Information Protection Act (PHIPA). We also comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), where applicable.
We have designated a Privacy Officer responsible for ensuring compliance with PHIPA and applicable privacy laws.
Privacy Officer Contact Information:
Name/Title: Alyshia DeWofle, Owner & Privacy Officer
Email: Joelle.Aesthetics.Windsor@gmail.com
Phone: 519-992-3703
We collect only the information necessary to provide safe and appropriate medical aesthetic services.
A. Personal Information
Name
Date of birth
Address
Email address
Telephone number
Emergency contact details
B. Personal Health Information (PHI)
Medical history
Current and past medications
Allergies
Health conditions
Treatment history
Consultation notes
Procedure records
Aftercare documentation
C. Digital Images
Before-and-after photographs
Treatment progress images
Clinical assessment images
D. Website & Technical Information
IP address
Browser type
Device information
Cookies and analytics data
Information submitted through website forms
We collect, use, and disclose information for the following purposes:
Assessing treatment suitability and safety
Providing medical aesthetic services
Maintaining accurate clinical records
Scheduling and confirming appointments
Processing payments
Communicating about treatments and follow-ups
Meeting regulatory and legal requirements
Improving our services
Marketing communications (with express consent only)
We limit collection to what is reasonably necessary for these purposes.
We obtain meaningful consent before collecting, using, or disclosing your information. Consent may be:
Written (intake and treatment forms)
Electronic (online submissions)
Verbal (documented in your clinical record where appropriate)
Separate Express Consent Required For:
Use of identifiable before-and-after images for marketing
Social media publication
Testimonials linked to your identity
Email or SMS marketing communications
You may withdraw consent at any time, subject to legal or clinical limitations.
Under PHIPA, you have the right to request restrictions on the disclosure of your personal health information to other healthcare providers or third parties (“lockbox”).
We will honour such requests, except where disclosure is required by law or necessary to eliminate a significant risk of serious bodily harm.
We take reasonable steps to protect your information against loss, theft, unauthorized access, disclosure, copying, modification, or destruction. Safeguards include:
Secure website encryption (HTTPS)
Password-protected electronic systems
Role-based access for staff and authorized agents
Confidentiality agreements for employees and contractors
Secure storage of digital images
Locked storage for physical files (if applicable)
Secure destruction of records when no longer required
Only authorized staff (“agents” under PHIPA) may access personal health information as necessary to perform their duties.
We do not sell your personal or health information. We may disclose information:
To authorized staff and contractors acting as our agents
To service providers assisting with operations (e.g., secure booking or payment processing)
As required by law (e.g., court orders)
To regulatory bodies governing healthcare professionals
Where necessary to reduce or eliminate a serious risk of harm
All third parties are required to safeguard information appropriately.
We retain personal health information in accordance with Ontario regulatory requirements and professional college standards. Generally, medical records are retained for:
At least 10 years from the date of the last entry, or
10 years after a minor patient reaches the age of 18
When records are no longer required, they are securely destroyed or permanently anonymized.
Under PHIPA, you have the right to:
Request access to your personal health information
Request correction of inaccurate or incomplete records
Requests must be submitted in writing to the Privacy Officer. We will respond within 30 days as required by PHIPA.
If we refuse access or correction, we will provide written reasons and inform you of your right to file a complaint.
If a privacy breach occurs that poses a real risk of significant harm, we will:
Notify affected individuals
Report the breach to the Information and Privacy Commissioner of Ontario, where required
Take corrective steps to prevent recurrence
Some service providers may store or process information outside of Ontario or Canada. In such cases, information may be subject to the laws of those jurisdictions. We take reasonable steps to ensure appropriate safeguards are in place.
We collect personal health information from minors only with appropriate parental or guardian consent, unless otherwise permitted by law.
If you have concerns about our privacy practices, please contact our Privacy Officer.
If you are not satisfied with our response, you may contact:
Information and Privacy Commissioner of Ontario
Website: https://www.ipc.on.ca/complaints/
We may update this Privacy Policy from time to time. The revised version will be posted on our website with an updated effective date.
Joelle Aesthetics
Email: Joelle.Aesthetics.Windsor@gmail.com
Phone: 519-992-3703