Carefile Privacy Policy

Version 1.0, June 2020

Your privacy and permission is important to us…

We are committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By using Carefile software you are accepting and consenting to the practices described in this policy.

Please note that some of the features discussed below may not be available in the current Carefile software release and may reflect feature additions scheduled to be incorporated in future releases.

We may change this policy from time to time by updating this page. You should check back occasionally to ensure that you are happy with any changes. This version of the policy is effective from June 1, 2020.

Who we are

Our website address is https://www.carefile.com

What personal data we collect and why we collect it

We do not collect any personal information about you or your use of Carefile software. Should you choose to communicate with us via email (for customer support or any other inquiries) we may save your name and email address for the express purpose of facilitating future communications. Under no circumstance will we disseminate this information to a third party.

Sensitive data

We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.

Google Calendar users – your privacy and the Carefile application

If you are a Google Calendar user and would like enable the Carefile application's ability to sync with your Google calendar, you will be asked to authenticate a link between the Carefile application and your Google Account. This privacy policy clearly lays out Actions the Carefile application may perform using this authentication. The summary below is consistent with the “Google API Services User Data Policy” (May 30, 2019 version) . This privacy policy will be reviewed quarterly for ongoing consistency.

Google Calendar information that Carefile collects

At a high level, the Carefile application collects the following information:

  • persistent identifiers (your Google ID);
  • various tokens required to access the Google Calendar API;
  • calendar and event information;
  • information that we get from you either directly or via the permissions API.

The ID and API token information is saved locally and is strongly encrypted.

Carefile accurately represents its identity and intent:

1. Our Identity: You authorise Carefile to access Google API Services on behalf of your account and these credentials are kept confidential and secure.

2. Data Requested: The data types Carefile requests are limited to read-write access to your calendar and event information. If this changes from what is disclosed in this privacy policy, then we will update this privacy policy and prompt Carefile users to re-consent to any changes before we may access additionally requested data. When you authorise Carefile to access your Google Account, we request permissions to view/modify your list of calendars and all events associated with your calendars.

How Carefile uses information in, and with Google Calendar

So that you can recognise these Actions triggered by, or impacting Google Calendar as an integrated system the next time you access them in the Carefile application, information from your Google Calendar account is used in the following actions in the Carefile application:

  • to sync your Carefile schedule to your Google calendar – using the Google Calendar API we will sync all events in your associated Carefile schedule with your Google calendar; this is a one-way sync from your Carefile schedule to your Google calendar;
  • to sync your Google calendar to your Carefile schedule – using the Google Calendar API we will sync any changes made to your Google calendar events back to your Carefile schedule (note that this is not yet implemented but is planned for a future release)

Carefile's use of Google Calendar "Scopes"

When you give Carefile permission to access your Google Calendar, Carefile does so via the use of "scopes". This is Google's mechanism to restrict an application's access only to specific areas of your Google account. Carefile uses the following scope to access your Google Calendar data:
  • https://www.googleapis.com/auth/calendar
    Carefile will use the https://www.googleapis.com/auth/calendar scope to obtain a list of all available calendars in your Google account. We will also use this scope to create a special calendar in your Google account which will serve as a repository for your Carefile appointments. We will also use this scope to list, modify, and create events in this calendar in order to perform a sync with your Carefile appointments (the up-sync is functional and the down-sync is currently planned for a future release).

Note that Carefile does not request access to information that it does not need.

How we protect your data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

Data retention

We retain your calendar information locally in the Carefile database which is protected by the Carefile application's built-in security system, as configured by the user. This data will not, under any circumstance, ever be shared with a third party.

Copyright © 1998-2020 Carefile Medical Systems Inc.. All rights reserved.