Privacy Policy
Introduction
At Jones Counselling Services (“we”, “our”, or “us”), your privacy is of utmost importance. We are committed to protecting your personal information and earning your trust. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you use our website and services, in compliance with the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Canadian privacy laws. We follow PIPEDA’s principles of transparency, consent, and security in all our practices. Our approach is warm, professional, and respectful – we want you to feel safe and confident that your information is handled with care. By using our website or services, you agree to the terms of this Privacy Policy and consent to the collection and use of your information as described here. If you do not agree, please refrain from using the site or provide only the information you’re comfortable with. We encourage you to read this policy fully and contact us with any questions.
Our commitment: We will only collect personal information for identified purposes, and we will never sell or rent your personal information to any third party. We limit sharing of data to what is needed to deliver our counselling services or as required by law, and we take careful measures to keep your data private and secure. This policy applies to information collected through our website (including contact forms and online booking) and related online services. It does not cover information collected through other means (like phone or email outside the website), which we also handle with confidentiality and according to applicable laws. We may update this policy from time to time to reflect changes in our practices or the law. We will post any updates on this page, and the “Last Updated” date at the end will be revised accordingly.
Personal Information We Collect and Use
We collect personal information that you choose to provide directly to us through our website or other communications. The types of personal information we collect and the purposes for which we use it include:
• Contact and Identity Information: When you reach out via our website’s contact form or request a consultation, we ask for information like your name, email address, and phone number. We collect these details so we can respond to your inquiry, address you properly, and provide the information or service you requested. For example, if you request a free consultation or have a question about our counselling services, we will use your name and contact details to get in touch and discuss your needs. We will also collect any information you choose to include in your message or inquiry, such as the issues you’re seeking help with or scheduling preferences. We use this information solely to understand your request and assist you appropriately. We do not use the information you provide in contact forms for marketing or any purpose other than responding to you, unless we obtain your explicit consent.
• Appointment Booking Information: If you decide to book a counselling session or consultation through our online booking system, you will be asked to provide certain personal information required for scheduling. This may include your name, contact information, and basic details necessary for setting up the appointment (such as your preferred date and time, and in some cases brief intake information). We collect this information to schedule and confirm your appointment, send you reminders or updates about your booking, and prepare for your counselling session. This booking data is considered private and is used only for managing your appointments and providing services to you.
• Client Information for Counselling Services: When you become a client of Jones Counselling Services, additional personal information will be collected as part of the counselling process. This can include personal health information or background details you share with your counsellor (for example, relationship history, health or wellness information, or counselling session notes). Such information is typically collected during intake forms or during sessions and is used strictly to provide you with counselling services and to maintain accurate records of your care. We understand that this information is highly sensitive. It is stored in our secure client management system (see the “Jane App” section below) and only accessed by authorized counselling staff. We do not collect more information than we need for your care, in accordance with PIPEDA’s principle of limiting collection and identifying purposes. We will always explain why certain information is needed and will obtain your consent.
• Website Usage Data: Like most websites, we collect certain technical information automatically when you visit our site, such as your IP address, browser type, pages viewed, and the date/time of your visit. We collect this data through cookies and similar technologies (described in the next section) for the purpose of understanding how our website is used and improving your experience. For instance, we may look at which pages are most frequently visited or how users navigate the site, so we can make our content more helpful and easy to find. This usage data is generally aggregated and not used to identify you personally. It helps us run the website more effectively and diagnose technical issues if they arise.
We collect personal information directly from you – for example, when you fill out a form or enter information on our site – and not from third-party sources, except for the limited cases of analytics or anti-spam tools which collect data automatically (see below). Wherever we ask for your personal information, it is voluntary for you to provide it. If you choose not to provide certain information (such as an email address on a contact form), we may not be able to respond to your request or provide certain services, but we will always let you know why we need the information. We aim to obtain your meaningful consent for all personal information we collect, use, or disclose. By submitting your information through our website forms or using our services, you are providing consent for us to use that information for the purposes we have explained (for example, to contact you or to schedule a session). If we ever wish to use your information for a new purpose not described here, we will seek your consent unless authorized or required by law to do otherwise.
Importantly, we do not disclose your personal information to outside parties for their own marketing or unrelated purposes. We may share your information only in a few specific scenarios: with service providers that help us operate our website or practice (and only as needed, under strict confidentiality – see “Third-Party Services” below), or if required by law (for example, if we receive a valid subpoena or if disclosure is necessary to protect someone’s safety). In all cases, we limit the information shared to the minimum necessary. Your trust is fundamental to our counselling relationship, and we work hard to keep your information confidential.
Note: If you simply browse our website without submitting any forms, the only personal data we collect would be usage data (via cookies/analytics) which does not directly identify you. You are welcome to explore our site without telling us who you are, and we will not attempt to identify you unless you voluntarily engage with us and provide your information.
Cookies and Similar Technologies
Like many websites, we use “cookies” and similar technologies to enhance your browsing experience, understand how our site is used, and improve our services. A cookie is a small text file that a website places on your device (computer, tablet, or smartphone) when you visit. Cookies serve a variety of functions, such as remembering your preferences and settings, enabling you to stay logged in (if applicable), and helping us see which pages and features are popular.
Types of cookies we use:
• Essential Cookies: These are necessary for the website to function properly. For example, if our site has any login areas or forms that need security, essential cookies might be used to maintain your session. (At present, our site is primarily informational, so we have minimal use of essential cookies beyond those that may be required by our hosting platform for site functionality.)
• Analytics Cookies: We use these to collect information about how visitors interact with our website. For instance, analytics cookies allow us to count visits and traffic sources so we can measure and improve site performance. They help us know which pages are visited most often and how visitors move around the site. The data collected is aggregated and anonymous – it does not directly identify you. We use Google Analytics for this purpose (see the next section for details), which sets its own cookies to track usage.
• Functionality Cookies: These cookies remember choices you may make on our site (such as your region or language preference) and provide enhanced features. They are there to make your experience more personalized. An example might be remembering form field values temporarily or acknowledging if you’ve seen a notification so it doesn’t show again.
• Advertising/Tracking Cookies: Good news: We do not use any advertising cookies or third-party tracking pixels for advertising purposes on our website. We do not serve ads, nor do we share your browsing behavior with advertisers. We focus solely on providing counselling information and services, not advertising products.
Cookie Consent: We believe in being transparent and giving you control over your data. When you first visit our site, you may see a cookie notice or banner that informs you that we use cookies and asks for your consent (especially for non-essential cookies like analytics). By clicking “Accept” on the cookie notice (if it appears), or by continuing to use our site after being notified about cookies, you signify your consent to the placement of cookies on your device as described in this Privacy Policy. If you do not consent to certain cookies, you have options: you can choose to decline cookies in the banner (where applicable), adjust your browser settings to refuse cookies, or see the Managing Cookies and Opt-Out Options section of this policy for more details on how to control cookies. Please note that if you disable all cookies, some features of our site may not work optimally. For example, our site may not remember your preferences or some pages might not load properly.
Similar technologies: In addition to cookies, we might use technologies like web beacons or pixels (small transparent images) in our emails or website that work in conjunction with cookies to measure usage and engagement. For example, a newsletter email might contain a tiny pixel to let us know if the email was opened (this is an example – currently, we primarily use direct emails and don’t run a mass mailing list without your consent). Another technology we use is Google reCAPTCHA on our contact forms. reCAPTCHA is a service by Google that helps us prevent spam and automated abuse by distinguishing between human users and bots. It works invisibly in the background when you fill out our forms. Note: When reCAPTCHA is active, it may collect hardware and software information (such as device and application data) and send it to Google for analysis. This means that use of our forms protected by reCAPTCHA is subject to Google’s Privacy Policy and Terms of Service. We have implemented reCAPTCHA solely to protect our website from malicious spam bots, and we only use it in compliance with Google’s guidelines.
We want to reassure you that none of our cookies or tracking methods personally identify you by name, and we do not track you across other sites or services. The cookies and similar tools we use are meant to maintain the functionality of our website and to gather useful insights (like visitor numbers and popular pages) to help us improve content for our audience. You have a right to know about these technologies, and we hope this explanation is clear. If you have any questions about our use of cookies, feel free to contact us.
Google Analytics
In order to better understand how visitors use our website and to continually improve it, we use a web analytics service called Google Analytics. Google Analytics is a popular tool provided by Google that uses cookies and scripts to collect information about website usage. Through Google Analytics, we gather information such as which pages on our site you visit, how long you stay, how you arrived at our site (e.g., via a search engine or a link), and general information about your device (like browser type and region based on IP address). This data helps us analyze trends and identify areas of the site that could be improved. For example, we can see if a lot of users drop off on a certain page, indicating we might need to clarify the content there.
The information collected via Google Analytics does not include your name, email, or any direct contact information. Instead, it focuses on technical and usage data. However, note that data such as your IP address is collected by Google Analytics as part of the analytics process (this happens automatically when your browser connects to Google’s server for analytics). To protect your privacy, we have configured Google Analytics to use IP anonymization where possible, which means that Google truncates/anonymizes the last digits of your IP address within the European Economic Area or other applicable regions before storing it (this is a standard privacy feature of Google Analytics). In any case, we do not see your full IP address in our analytics reports – we might see, for example, that a visitor came from a general area (e.g., Dawson Creek or Vancouver area), but not a precise location or identity.
How Google Analytics works on our site: When you visit our site, the Google Analytics script in our webpages causes your web browser to automatically send certain information to Google’s servers. This includes the URL of the page you’re visiting and your IP address, among other technical data. Google Analytics uses cookies to distinguish between different users (so it can tell if a new visit is from someone who has been to the site before or not). These cookies are named things like _ga, _gid, etc., and they store randomly generated identifiers. The data collected through these cookies (usage data and your truncated IP) is sent to Google and stored on Google servers. Google then compiles reports for us about website traffic and usage.
We use those reports to understand aggregate behavior of our users – for instance, we can see total visitor counts, which pages are most popular, which blog posts are getting attention, and so on. This information guides us in improving site structure and content to better serve you. We do not use Google Analytics to track or collect any personal identifiable information about you, and we do not merge the analytics data with any personal data you may provide to us (for example, if you fill a contact form, that information stays separate). Analytics data is used in aggregate form. We might know, for example, that “X number of users visited the Services page this month” or that “the average time on the site is 3 minutes”, but nothing that tells us who those users specifically are.
Google’s role: Google acts as a service provider in this case, and they have their own strict privacy and security standards. However, it’s important to note that the data Google Analytics collects may be processed on servers in the United States or other countries outside of Canada. Google is part of the EU-U.S. Data Privacy Framework and adheres to principles that aim to protect data transfers (though this primarily matters for EU data). For Canadian users, the key point is that by using our site and allowing analytics cookies, your usage data may be transferred to the U.S. or other jurisdictions where Google’s data centers are located. Google is responsible for complying with laws applicable to them, and we ensure our use of Google Analytics aligns with privacy requirements. Google has provided information on how it uses data from sites that use its services, which you can read at Google’s site “How Google uses information from sites or apps that use our services” (available at https://policies.google.com/technologies/partners). This page explains in plain language what data Google collects via partners like us and how they use it.
Your choices with Google Analytics: We understand not everyone is comfortable with being included in website analytics. If you prefer to opt out of Google Analytics tracking, you have a couple of options:
• You can disable or refuse cookies (as described in the Cookies section above), which will prevent Google Analytics from functioning on our site since it relies on cookies.
• Google also offers an official Google Analytics Opt-Out Browser Add-on. This is a small piece of software you can install in your browser that stops Google Analytics on any site from collecting your data. It’s available for most major browsers. You can download it from Google’s site. According to Google: “If you don’t want Analytics to be used in your browser, you can install the Google Analytics browser add-on”. This add-on tells the Google Analytics JavaScript not to send information about your visit.
We respect “Do Not Track” (DNT) signals as well. If your browser is set to DNT, we will treat it as an opt-out of tracking where feasible (though note that not all analytics tools fully honor DNT by default; we will do our best to manually ensure minimal tracking for such visitors).
By providing this information, we aim to be open about our use of Google Analytics. We use it to improve our service to you, but it is entirely your choice whether to participate in analytics. There are no consequences to you if you choose to opt out – you will experience the site the same way, just without contributing to our usage statistics.
For further information on Google Analytics and privacy, you can also consult Google’s Privacy Policy and Google Analytics’ terms of service, which detail how Google is committed to protecting the confidentiality of Analytics data. If you have any questions about analytics on our site, feel free to reach out to us.
Appointment Booking and Jane App
To manage our appointments and client records efficiently and securely, we use a third-party practice management platform called Jane App (by Jane Software Inc.). Jane App is a widely used online booking and record-keeping system for health and wellness practitioners. When you book an appointment with Jones Counselling Services through our website’s “Book Now” link or scheduling page, you will be interacting with Jane App’s system. This may happen in one of two ways: either you are redirected to our clinic’s booking site on Jane (which will have a URL like jonescounselling.janeapp.com), or our website might embed Jane’s booking widget. In either case, the information you enter to book a session is collected by Jane App on our behalf.
What information is collected for booking: To schedule an appointment, you will typically provide details such as your name, email address, and phone number. Jane may also prompt you to create a basic account or profile (with a username/password) for managing your appointments, especially if you are a new client. You will select a service (e.g., individual counselling or couples counselling) and a time slot from our availability. In some cases, we might have an intake form that asks a few preliminary questions (for example, “What issues are you seeking help with?” or consent to our clinic policies) – if so, that form is also hosted on Jane’s platform. All the personal and health information you submit through the Jane booking system is stored in Jane App’s secure servers. This information is used for scheduling your sessions, sending you appointment confirmations/reminders, and for us to prepare for and provide appropriate counselling services. Jane App essentially becomes our electronic filing cabinet for client records, replacing traditional paper files with a secure digital solution.
Jane App’s privacy and security: We chose Jane App because it is specifically designed for healthcare and counselling practices with privacy in mind. Jane App is PIPEDA compliant and meets the requirements of Canadian privacy laws for handling personal information. In fact, Jane is also compliant with stricter regulations like Ontario’s Personal Health Information Protection Act (PHIPA) and Alberta’s Health Information Act (HIA), and even HIPAA in the U.S., which speaks to its high standard of privacy protection. Jane’s infrastructure has robust security measures: data is stored on secure servers that undergo independent audits (SOC 2 compliant data centers). The location of the data storage is determined by the clinic’s location. Because we are a Canadian practice, our Jane data is stored on servers located in Canada (Montreal, Quebec). This means your personal information and session notes in Jane remain within Canadian jurisdiction. Jane also uses strong encryption protocols to protect data. All data transmitted between your device (when you use the online booking or telehealth features) and Jane’s servers is encrypted using 128-bit TLS encryption, and any data stored on their servers is encrypted at rest with 256-bit AES encryption – this is a level of security comparable to what banks use for sensitive information. Additionally, Jane App implements access controls: both you and our staff have to log in with secure passwords (and we encourage the use of two-factor authentication) to access any information. Each user’s access is permission-based, meaning, for example, that only authorized counsellors can view your chart or contact details.
How we use information in Jane: The personal information and any health-related details you provide via Jane are used only for purposes of delivering counselling services. This includes scheduling appointments, maintaining clinical notes about sessions, tracking progress, and, if applicable, processing payments or insurance claims. Only your counsellor (Janet Jones, RPC-C, in this case) and any administrative staff (if we had any assistants for scheduling) can access your records in Jane, and even then, access is limited to what is necessary for their role. We treat all client records stored in Jane with the same confidentiality as we would paper notes locked in a filing cabinet. Jane App simply provides a secure electronic medium. We do not share your Jane-stored information with anyone outside of our practice unless you have given explicit consent or it is required by law (for example, if a court order mandates release of records, or if there’s an imminent risk of serious harm which ethically or legally compels disclosure – those situations are rare and would be discussed with you whenever possible).
It’s worth noting that when you use Jane for booking, you will likely receive emails or texts for appointment confirmation and reminders. Those communications are automated through Jane’s system on our behalf. They will only contain minimal information (e.g., appointment date/time and our clinic name) to protect your privacy. If you ever have concerns about the information in those communications, please let us know.
For more information about Jane App’s own privacy practices, you can refer to Jane’s privacy policy (available on the Jane website). In summary, Jane acts as our service provider (data processor): they store and process your personal information solely so we can use their software to serve you. They do not use your data for any other purpose, and they will never contact you or share your data except as allowed in their agreement with us (which is focused on patient care and software functionality). We have an agreement in place with Jane that ensures they will protect your information to the standards required by Canadian privacy law. If you have any questions or concerns specifically about Jane App and how it handles your data, we will be happy to discuss them or provide you with Jane’s security documentation.
To summarize, using Jane App for booking and records helps us keep your information safe while providing you with convenient online scheduling. We are confident in Jane’s security and compliance, and we continuously stay up-to-date with their features to ensure your privacy is maintained.
Contact Forms and Google Sheets
Our website features a contact form (for general inquiries or to request your free 20-minute consultation) to make it easy for you to reach out to us. When you fill in that form and hit submit, we want to explain what happens with the information you provide. We use Google Forms and Google Sheets as part of our contact form system. Essentially, the form you fill out is powered by Google (as our site is built on Google Sites, it integrates well with Google’s tools).
Information collected via forms: The contact form will typically ask for your name, email address, phone number (optional in some cases), and a message describing what you’re looking for or any questions you have. We ask for this information so that we can contact you back and understand how we can help you. The form may also record the date and time of your submission. We only ask for information that is relevant – for example, your name helps us address you politely, and your message helps us prepare to assist you. We kindly request that you do not include highly sensitive personal details in the initial message beyond what’s necessary (e.g., you can give a broad idea of what you need help with, and we can discuss details later in a private session).
How the form data is stored: When you submit the form, your responses are sent to a Google Sheet that is accessible only to Jones Counselling Services. Think of Google Sheet as a secure spreadsheet in the cloud that collects each form entry as a new row of data. This Google Sheet is part of our Google Workspace (or Google Drive) which is protected by our Google account credentials. In other words, instead of the information coming to us via email (which can be less secure), it is stored on Google’s servers in a private document that only we can open. We then review the form submissions from that Google Sheet and respond to you, usually via email or phone as per the contact information you provided.
Using Google Sheets in this way helps us keep inquiries organized and ensures we don’t miss any messages, but it does mean that we are entrusting the initial storage of your inquiry to Google’s cloud service. Google Sheets and your privacy: Google is a very established company and they have strong security measures in place. Data in Google Sheets is encrypted during transit and at rest – this means when your form submission is sent to Google’s servers and while it resides there, it’s encrypted (scrambled so that unauthorized parties cannot read it). In fact, Google uses industry-standard TLS encryption when data is moving between your browser and their servers, and AES encryption when storing data on their disks. This gives a high level of protection. Additionally, our Google account requires secure authentication to access, and we do not share access credentials with anyone who is not authorized. Only Janet (and any authorized team member, if any in the future) would be able to log in and see the Google Sheet with contact requests. We also organize the data and delete entries from the Sheet when they are no longer needed (for example, if we have already responded and the person has become a client or decided not to proceed, we might remove their inquiry after a certain period). We will not keep your inquiry data indefinitely – it’s only retained as long as necessary to address your request or as required for administrative purposes.
Important note on Google services: Because we use Google’s services (Forms/Sheets), it is possible that your contact form data may be stored on servers outside of Canada (Google’s data centers can be worldwide, including the United States). While Google doesn’t guarantee that data stays in one country, they do adhere to rigorous privacy standards internationally. By submitting the contact form, you understand that your information will be handled by Google on our behalf. Google will process that information strictly for us (they have no reason to access it except for storage and backup). Google’s privacy policy and security policies apply to the handling of that data within their systems. We want to highlight that Google is under contract with us as a service provider and is not allowed to use your form information for any purpose other than delivering the service (in this case, providing the spreadsheet functionality to us). We treat the confidentiality of your message in the Google Sheet the same as we would if you emailed us directly – only difference is the medium of storage.
When we receive your form submission via Google Sheets, we will typically reply to you by email or phone. At that point, your communication may move out of the Google Sheet and into our email system (also likely Google Workspace email). We maintain confidentiality in those communications as well. If for some reason you prefer not to use the form, you can always contact us directly via email or phone (as listed in the Contact section of this policy). That way, you bypass Google Forms/Sheets entirely and reach us directly. We provide the form for your convenience.
No matter how you contact us – via the form, direct email, or phone – the information you provide is kept private and used only for assisting you. We handle all inquiries with sensitivity, given the personal nature of counselling services. If you decide not to proceed with our services after an initial inquiry, we will not continue to contact you, and you can request that we delete your information from our records (and we will gladly comply, barring any record-keeping requirements).
In summary, our use of Google Sheets for contact form submissions is intended to provide a smooth and secure way for you to reach us. We’ve implemented it in a way that keeps your data protected. If you have any concerns about submitting information through an online form, you are welcome to use alternative methods to contact us. Your comfort and trust are important to us.
How We Protect Your Information
We take the security of your personal information very seriously. Whether you’re filling out a contact form, booking an appointment, or sharing deeply personal details in a counselling session, we have measures in place to protect that information from unauthorized access, loss, or misuse. Here are some of the key security practices and safeguards we employ:
• Secure Websites and Encryption: Our website is hosted on a secure platform (Google Sites) and is only accessible via HTTPS. This means that any data you send through the site (such as form submissions) is encrypted in transit. Encryption scrambles the data during transmission so that if anyone were to intercept it, they wouldn’t be able to read it. Likewise, our use of Google Forms/Sheets and Jane App means that when data is in transit to those services, it’s also encrypted via HTTPS. The servers storing your data (Google’s and Jane’s) also keep the data encrypted at rest. In plain terms: we rely on industry-standard encryption technology to keep your information safe as it moves and rests in digital form.
• Access Controls and Confidentiality: The personal information we collect is only accessible to those at Jones Counselling Services who need to know it to perform their duties. In our case, that is primarily Janet Jones (Counsellor and Owner). If in the future we have administrative staff or additional counsellors, they would only access data relevant to their role and only after being trained on privacy protocols. All devices (computers, laptops, phones) that we use to access personal data are protected with strong passwords/passcodes and security software. Jane App, as mentioned, requires secure logins and even offers 2-factor authentication which we use to add an extra layer of security for account access. We take care not to leave screens unattended or records exposed in any way. Physical copies of any information (e.g., if we ever print something or have handwritten notes) are stored securely and destroyed when no longer needed. Any staff or contractors are bound by strict confidentiality agreements. We also ensure that any time we dispose of personal information (digital or physical), we do so securely – for instance, shredding physical documents or permanently deleting digital files.
• Third-Party Service Providers Security: We have chosen reputable service providers (Google and Jane) for handling data because of their strong security track records. Google’s data centers have advanced security measures and 24/7 oversight. Jane’s systems are audited and designed for sensitive health information. We regularly review the security practices of these providers via their published reports or updates. For example, Jane provides updates on their compliance and security features, and Google has certifications like ISO 27001 for security management. While using third-party services, we ensure that data protection agreements are in place where appropriate, and that these providers commit to confidentiality and appropriate safeguards.
• Routine Updates and Patches: Keeping software up-to-date is a crucial part of security. We ensure that all systems we use (our computers, any website plugins or tools, etc.) are kept updated with the latest security patches. Google Sites and Jane App manage their own updates in the cloud, which means we automatically benefit from their latest security enhancements.
• Monitoring and Prevention: We monitor our systems for any signs of unauthorized access. For instance, Google provides alerts if there is an unfamiliar login to our accounts, and Jane logs user access which we can review. We also utilize anti-malware tools on our devices. In addition, reCAPTCHA on our forms (as discussed) helps keep bots and potentially malicious actors from flooding our system with spam or attacks. These preventive measures collectively reduce the risk of a security incident.
• Data Breach Procedures: Despite all these measures, we acknowledge that no system is 100% foolproof. In the unlikely event of a data breach (for example, if our data is compromised by a cyber attack or accidentally exposed), we have a response plan in place. This includes identifying and closing the source of the breach, assessing the scope of impact, and notifying any affected individuals and authorities as required by law. Under PIPEDA, if a breach occurs that poses a real risk of significant harm, we are obligated to report it to the Office of the Privacy Commissioner of Canada and notify affected individuals. We take this responsibility seriously. We would contact you promptly with the details of what happened, what information was involved, and what steps we are taking to remediate the issue and prevent future occurrences.
• Training and Awareness: Privacy and confidentiality are ingrained in the ethics of counselling practice. As such, we (and any team members) are continuously mindful of privacy best practices. We stay informed about current privacy laws and security recommendations in Canada. If needed, we undergo training or consult with privacy experts to ensure we meet our obligations. Our internal policies guide how we handle personal information (for example, not discussing client information in public areas, using initials or ID codes instead of full names in certain contexts, etc. as additional precautions).
In summary, we employ a combination of technical safeguards (encryption, secure servers, access controls), administrative safeguards (policies, training, limited access), and physical safeguards (secure workplaces and devices) to protect your personal information. We strive to follow or exceed the standards set by PIPEDA’s Safeguards principle. We want you to feel confident that when you entrust us with your information, we’re taking every reasonable step to keep it secure. If you have any specific questions about our security measures, we will do our best to provide answers (keeping in mind that certain details might be sensitive if published, we may answer in general terms to maintain security).
Your privacy and trust are the foundation of our client relationship. We are committed to continually reviewing and improving our security practices as technology and threats evolve. You can rest assured that protecting your data is a priority in everything we do.
International Visitors and Data Transfers
Jones Counselling Services is based in Canada and serves clients located in Canada (Canadian residents). Our focus is on providing counselling across Western Canada (as noted, our counsellor is available to clients in regions like British Columbia, Alberta, etc.). We do not actively market our services outside of Canada, and our website content is primarily intended for a Canadian audience. However, because our website is on the internet, it can be accessed globally. If you are visiting our site from outside Canada, there are a few important things you should know:
• Applicable Privacy Laws: Any personal information we collect through our website or services will be handled in accordance with Canadian privacy laws (such as PIPEDA and relevant provincial laws). This means we will apply the same safeguards and rights to your data as we would for a Canadian user. We want to be clear that we do not tailor our privacy practices to non-Canadian laws (like the EU’s GDPR) for visitors — our operations are not targeted at those regions. That said, many principles of Canadian law (e.g. consent, access rights, data security) are similar to those in other jurisdictions, so we hope our protection measures will meet or exceed what you expect.
• Data Location: As described in earlier sections, some of our third-party service providers are based in or have servers in other countries. Specifically, if you fill out our contact form or otherwise interact with our site, your data may travel to or be stored in the United States (because Google’s infrastructure often uses U.S. servers) or other countries where Google operates data centers. Our appointment scheduling data on Jane App is stored in Canada for our account, but it’s accessible through the internet, so theoretically data packets could route through other countries as you connect. The key point is that your data might not remain solely within the borders of Canada. It could be transferred to another country (e.g., the U.S.) where the data protection laws might differ from those in your home country.
• Your Consent to International Transfer: By using our website or providing us with your information while located outside of Canada, you consent to the transfer of your personal information to Canada and/or the United States or other countries as needed for us to fulfill the purposes described (such as processing through Google or Jane). You also acknowledge that once transferred, your information may be subject to the laws of the jurisdiction where it is stored or processed. For example, data stored in the U.S. might, in rare cases, be accessed by U.S. authorities under their laws. We assure you that regardless of where your data is stored, we treat it according to the safeguards described in this Privacy Policy.
• Service Availability: Our counselling services (actual therapy sessions) are currently only provided to individuals in Canada. If you are reading our site from another country, please be aware that we may not be able to offer services to you due to licensing and jurisdictional restrictions. Nonetheless, you are welcome to read our content. If you contact us from outside Canada, we will still protect your inquiry under this policy, but we will let you know if we cannot serve your region and will delete your information upon request or immediately if it’s clear no service can be provided.
• EU and Other Regions: We do not specifically target the European Union, United Kingdom, or other regions with distinct privacy regulations (e.g., CCPA in California) at this time. Our site does not have features like multilingual support or pricing in foreign currencies that would indicate an intent to serve those markets. Therefore, while we are not under obligations like the GDPR to appoint an EU representative or similar, we still respect basic privacy rights universally. If you are from the EU and happen to use our site, consider that any personal data you provide is being handled under the legal basis of consent (by you providing it) or legitimate interest (e.g., responding to an inquiry) in line with how PIPEDA operates. Should you have any concerns, you can reach out and we will try to accommodate any reasonable requests in line with broader privacy principles.
In summary, our clients are Canadian-based, and our privacy practices are rooted in Canadian law. The website is accessible globally, so we want international visitors to understand that by interacting with us, your data will be protected under our Canadian privacy framework and might be transferred to Canada or the U.S. We strive to protect your data no matter where you’re from, but if you are uncomfortable with your data leaving your country, you may choose not to provide personal information on our site. If you do reach out, we are here to answer any questions and ensure you’re comfortable with how your data will be handled.
Your Rights Regarding Your Personal Information
We believe it’s important that you have control over your personal information. Under Canadian privacy laws (such as PIPEDA), individuals have certain rights with respect to their personal data, and we are committed to upholding those rights. We’ve outlined your key rights below in clear terms. If you wish to exercise any of these rights, you can contact us (see the Contact Us section) and we will be happy to assist. These rights and how we handle requests are as follows:
• Right to Access: You have the right to request access to the personal information we hold about you. This means you can ask us to confirm whether we are processing your personal data and have us provide you with a copy of that information, as well as an explanation of how it’s being used. For example, if you have been a client, you can request to see the records we have on file for you (such as your contact details, appointment history, or session notes). If you only interacted via the website contact form, you could request to know if we still have your inquiry saved. We will provide the information in an understandable format. There are rare exceptions where we might not be able to grant full access (for instance, if it involves personal information about another individual, or if it’s subject to legal privilege, etc.), but we will explain any such limitations. Generally, in a counselling context, we might offer to review your records together to ensure the context is clear (since raw therapy notes can sometimes be misinterpreted). Under PIPEDA, we will respond to access requests within a reasonable time, and at most within 30 days, unless an extension is permitted. We will not charge you for an access request (unless it is exceptionally large or repetitive, in which case any fee would be minimal and we’d inform you in advance).
• Right to Correction: If you believe that any personal information we have about you is inaccurate or incomplete, you have the right to request that we correct it. This could be as simple as a misspelled name or a wrong phone number in our contact records, or perhaps an outdated address. In a counselling context, it could also be something in your file you feel is incorrect (though note, if it’s something like a session note, we might document your perspective rather than alter a historical record). We welcome corrections and will update our records promptly, as accuracy is one of the principles we adhere to. If we have shared your information with a third party (for example, if we ever sent a report to another professional with your consent), and that information later turns out to need correction, we will communicate the corrected information to that third party where possible.
• Right to Withdraw Consent: In cases where our collection or use of your personal information is based on your consent (which is most of what we do – e.g., you consent to us using your info to contact you or to provide counselling), you have the right to withdraw that consent at any time. For example, if you initially consented to receive a newsletter or to be contacted about certain services, and you change your mind, you can let us know and we will stop that use. If you had given consent for us to keep your contact information, you can withdraw it and we will refrain from further contact (except perhaps a confirmation of removal). Withdrawing consent does not affect the lawfulness of any use we had already made based on your consent before withdrawal – it mainly means we will stop future processing. One practical example: if you signed up via our website to receive occasional updates or mental health resources by email (if we offered such an option), you can unsubscribe at any point (via a link in the email or by contacting us) and we will remove you from the mailing list. For therapy clients, if you withdraw consent for us to retain your records, we will discuss with you the implications (as by law, health practitioners might need to keep records for a certain time). But generally, we will honor requests to the extent possible, maybe by archiving or sealing your file unless needed.
• Right to Deletion (Right to be Forgotten): While Canadian law doesn’t explicitly call it “right to erasure” as in GDPR, PIPEDA does require that we retain personal information only as long as necessary and to dispose of it when no longer needed. You have the right to request that we delete your personal information from our records when it is no longer needed for the purposes you provided it. For example, if you contacted us but never became a client, you can ask us to delete the inquiry details we have on file. If you were a client, you can request deletion of certain information after the required retention period has passed. We will do our best to accommodate deletion requests promptly. However, please note there may be legal or ethical requirements to retain certain data for a minimum period. For instance, counsellors in many Canadian jurisdictions are advised or required to keep client session notes for a number of years (often 7 years, or 7 years past the age of majority for minors) to ensure continuity of care and for legal record-keeping. If that applies, we may not be able to delete your entire record immediately upon request if you have received services, but we can certainly remove you from any mailing lists and stop any active use of your data. We will also securely lock away or archive any data that we must keep so it’s not readily accessible. Once any mandatory retention period expires, we will then proceed with deletion. In cases where deletion is not fully possible (for example, if backups are involved), we will inform you of what we can do (such as isolating the data from active use).
• Right to Complain or Challenge Compliance: We are confident in our privacy practices, but we recognize your right to voice any concerns or complaints about how we handle your personal information. If you believe we are not complying with this Privacy Policy or with applicable privacy laws, please let us know. We welcome the opportunity to resolve the issue directly. You will not be retaliated against for exercising your rights or raising a complaint – we view it as a chance to improve. If you make a complaint to us, we will acknowledge it, investigate, and respond with the outcome or steps we will take. Additionally, under Canadian law, if you are not satisfied with our response to your privacy concern, you have the right to escalate your complaint to the Office of the Privacy Commissioner of Canada (OPC) or, in some cases, to your provincial Privacy Commissioner (for example, the Office of the Information and Privacy Commissioner for BC if you’re in B.C.). The OPC is the federal body that oversees PIPEDA compliance. We can provide you with contact information for the appropriate commissioner’s office. For your reference, the OPC’s website is priv.gc.ca. However, we truly hope that we can address any issues without the need for involving regulators, by working together in good faith.
• Right to Portability: This concept (common in GDPR) is not explicitly in PIPEDA, but as a service to our clients, if you need a copy of your records in a common format to transfer to another provider (for example, if you move to a new counsellor and want your information sent over), we will accommodate that as much as possible. Practically, this might mean providing you with a PDF or printout of your session summaries or a letter of summary.
• Right to Anonymity/Pseudonymity: When browsing our website, you have the right not to identify yourself (you can use the website without providing personal data). When engaging our services, you generally would provide your real name for legal and practical reasons, but if there are situations where you prefer to use a nickname or first name only (for example, on a public forum or blog comment on our site, if that ever exists), you have that option. We do not have public comment sections currently, but if we did, you could use an alias.
To exercise any of your rights, you do not need to fill out a special form or jump through hoops – simply contacting us with your request is sufficient. We may need to verify your identity to ensure we are releasing information to the correct person (especially for access or deletion requests). This could involve asking you to provide certain details we have on file to match, or to show identification if it’s a sensitive request, just to be sure. This is to protect your privacy. We will respond to your request as quickly as possible, generally within 30 days as noted, and let you know if we need more time (an extension is possible under law, but we’ll explain why if so). Usually, privacy requests are straightforward and we handle them much sooner than 30 days.
We also want to emphasize that we do not charge any fees for handling your reasonable requests regarding your personal information. Our goal is to be helpful and transparent.
If you have any questions about your rights or how to exercise them, please reach out to us. Privacy can be a complex area, but we will do our best to explain and honor your requests within the confines of the law and professional guidelines.
Managing Cookies and Opt-Out Options
As mentioned in the Cookies and Google Analytics sections, we want you to have control over the data that gets collected about your online activity. Here we provide some practical guidance on how you can manage cookies and other tracking technologies when using our website (and beyond):
1. Browser Settings for Cookies: Most web browsers (like Chrome, Firefox, Safari, Edge, etc.) allow you to manage your cookie preferences. You can usually find these options under the “Settings” or “Preferences” menu of your browser, often in a section titled “Privacy and Security” or similar. There, you might have options to:
• Clear cookies – delete existing cookies from your browser.
• Block new cookies – set your browser to reject cookies either from all websites or from specific websites. You might also be able to block third-party cookies (cookies set by someone other than the site you’re visiting, which is typically for advertising or tracking across sites – our site doesn’t use those, but the setting can be useful generally).
• Set exceptions – allow cookies from trusted sites while blocking others.
• Receive notifications – some browsers let you enable a setting to get prompted each time a website tries to set a cookie, so you can choose to accept or decline on a case-by-case basis.
The process differs by browser. For example, in Chrome you would go to Settings > Privacy and security > Cookies and other site data, and choose an option like “Block third-party cookies” or “Block all cookies” (not recommended generally because it can break site functionality). In Safari (on Mac/iPhone), you might toggle “Block all cookies” in Privacy settings or use content blockers. If you need guidance, a quick web search like “how to disable cookies on [YourBrowser]” will yield step-by-step instructions. Keep in mind that if you block all cookies, some essential functions on our site (and others) might not work. For instance, if our site had a login or a shopping cart (hypothetically), those rely on cookies. For our site, you might find that the cookie consent banner keeps appearing if it can’t set a cookie to remember your choice, or Google Analytics won’t run (which is fine if that’s your goal to block it).
2. Google Analytics Opt-Out: As described earlier, Google provides a Browser Add-on for opting out of Google Analytics tracking. You can download this add-on from Google (it’s available for Chrome, Firefox, Edge, Safari, and Opera browsers). Once installed, it will prevent the Google Analytics script on any website from running. This means you won’t be counted in analytics data at all. It’s an effective way to maintain privacy across all sites that use Google Analytics, not just ours. The add-on is maintained by Google, and using it is a one-time setup per browser. Remember to install it on each browser you use if you want full coverage (e.g., if you use both a desktop browser and a mobile browser, you’d need it on both if available). Alternatively, some browsers and extensions exist that block trackers including Google Analytics as part of their privacy features (for example, some ad-blockers or privacy-focused browsers automatically block analytics scripts).
3. Cookie Consent Banner on Our Site: If our website displays a cookie consent banner or pop-up when you first visit, you can make your choice there. If you choose “Decline” or similar for optional cookies, our site should refrain from loading Google Analytics or other non-essential cookies. If you clicked “Accept” initially but later change your mind, you can usually bring back the banner by clearing our site’s cookies (which would reset your consent status). We are exploring implementing a “Privacy Settings” link where you can adjust your cookie preferences at any time. If that is in place, it would likely appear in the footer of the site, allowing you to reopen the consent dialog. In absence of that, clearing cookies related to our site and reloading will prompt the consent again. You can also directly opt-out of analytics as per point 2.
4. Do Not Track (DNT): “Do Not Track” is a setting in most browsers that signals to websites that you do not want to be tracked. While there is no legal requirement in Canada forcing sites to honor DNT, and not all websites or services respect it, we have configured our site to honor DNT signals where possible. This means if we detect a DNT header from your browser, we will not load our Google Analytics tracking for your visit. (Bear in mind, DNT is an honor system; we commit to it, but third-party embedded content might not always heed it. We currently don’t have much third-party content beyond Google’s services which we handle ourselves, so it should be fine.)
5. Managing Other Trackers: In case we ever include additional third-party tools (like a Facebook pixel or LinkedIn insight tag for business analytics, or an embedded YouTube video which sets cookies), we will update our policy and ensure you have a way to opt out of those as well. For now, our site is relatively simple: the main trackers are Google Analytics and reCAPTCHA. reCAPTCHA is essential for security and runs only when you interact with forms; there is not an opt-out for reCAPTCHA if you want to use the form (except to not use the form), but note it mostly collects technical data for bot detection, not for profiling or marketing.
6. Email Communications: Though not exactly a “cookie”, if you have consented to receive any email updates from us (like a hypothetical newsletter or blog update notification), remember you can opt out of those at any time by clicking the “unsubscribe” link in the email (if it’s an automated mailing) or replying to us with a request to stop. We will promptly remove you from the mailing list. We don’t want to send you anything you don’t want to receive.
7. Telehealth Platform Settings: If you use our online counselling (telehealth) via Jane App, note that Jane might use certain necessary cookies to run the telehealth session (like connecting your video). Those are typically exempt from consent as they are necessary for the service. Jane doesn’t use those for tracking beyond the session’s needs. There wouldn’t be much to manage on your end for that, except ensuring you’re comfortable with Jane’s terms when you use it.
In general, we encourage you to make use of the privacy controls available to you. It’s part of our respectful approach that we empower you with knowledge on how to opt out of anything you’re not comfortable with. We hope the instructions above are clear. If you need any assistance – for example, you’re not sure how to adjust your browser settings or you have a question about what tools our site uses – please contact us. We’ll do our best to help you preserve your privacy.
Also, keep in mind that your decision to opt out of analytics or cookies on our site will never affect the quality of service you get from Jones Counselling in a counselling context. These are purely website analytics and preference tools. You are welcome to use our site and services with as much or as little data sharing as you prefer.
Lastly, if we introduce any new cookies or tracking tools on our site in the future, we will update our Privacy Policy and (if significant) provide an updated notice to obtain consent. We are committed to keeping you informed and in control.
Contact Us
We are always here to address your questions, concerns, or requests regarding your privacy and this policy. Open communication is part of building trust, so please do not hesitate to reach out if you:
• Have a question about what data we have about you or what we do with it.
• Want to request access to or correction of your information.
• Need to withdraw consent or request deletion of your data.
• Have a concern or complaint about how your information has been handled.
• Just want clarification on any part of this Privacy Policy.
Contact Information for Privacy Matters:
Email: You can email our Privacy Officer (Janet Jones) at [email protected]. This is the quickest way to reach us for privacy inquiries. We check this email regularly and strive to respond within one business day (or sooner whenever possible). Please write a subject line that indicates it’s a privacy-related request (e.g., “Privacy Request” or “Personal Data Inquiry”) so it can be prioritized. Feel free to detail your request or question in the email; if you’re requesting access or deletion, you may need to provide some identifying information so we can locate your records (for example, the email address you used to contact us originally, or your full name if you were a client).
Phone: If you prefer to speak by phone, you may call or text 780-832-7911. This is the phone number for Jones Counselling Services. If calling by phone, please note that immediate responses might not always be possible (especially if we are in sessions). However, leave a voicemail with your name, contact info, and a brief mention that it’s regarding a privacy question, and we will call you back as soon as we can. Text messages are also acceptable for quick inquiries, but for detailed requests (like getting a copy of your data), we might guide you to email for record-keeping purposes.
Mail: If you need to send us physical mail (for example, to submit a written request or forms), our mailing address is:
Jones Counselling Services
Attn: Privacy Officer
PO Box 2353
Dawson Creek, BC, Canada
V1G 4P2
(Note: We are an online practice and do not maintain a public office location; however, written correspondence can be sent to this mailing address.
Using email or phone is typically more efficient, but we include a mailing option for those who prefer it or require it.
When you contact us, please let us know clearly what you need so we can assist you effectively. If you are making a formal request (such as accessing your data), we may provide you with a form to fill out or we may ask for verification information, just to ensure we’re dealing with the correct person. This is for your protection.
We will address all requests as soon as reasonably possible. As mentioned, certain types of requests (like access to all your records) might take up to 30 days due to legal allowance, but we usually can handle things quicker. For simple questions, we often respond within hours.
Escalation: If after contacting us you feel that your issue has not been resolved to your satisfaction, you have the right to escalate the matter. We kindly ask that you let us know if you plan to do this, as we might attempt one more time to resolve any misunderstanding. Under PIPEDA, you can file a complaint with the Office of the Privacy Commissioner of Canada. They have an online form and contact details on their website. If you’re in British Columbia or Alberta or another province with its own private sector privacy law, you can also contact your provincial privacy commissioner (for example, the Office of the Information and Privacy Commissioner for B.C. for matters under B.C.’s Personal Information Protection Act). We sincerely hope that won’t be necessary and we commit to working with you in good faith to resolve any issues.
Your privacy is a priority for us, and we appreciate you entrusting us with your personal information. Thank you for reading our Privacy Policy. We hope it has addressed your concerns and given you a clear understanding of how your data is handled. If anything remains unclear, just ask – we are here to help.
________________________________________
Last Updated: May 17, 2025.