Midtown Medical Center — SMS Privacy Policy

Effective date: August 24, 2025
Applies to: Text (SMS/MMS/RCS) messages sent to or from Midtown Medical Center (the “Clinic”).

We take your privacy seriously. This policy explains what personal information we collect through our SMS service, how we use it, who we share it with, and your choices. This SMS Privacy Policy supplements our general website and patient privacy notices and, for Ontario patients, is intended to align with PHIPA and PIPEDA.

1) What personal information we collect via SMS

When you opt in to receive texts from us or text us directly, we may collect:

  • Contact & identity details: your name, mobile phone number, and (if applicable) date of birth or patient ID to match your record.

  • Consent & preference data: the fact and method of opt-in, timestamp, source (e.g., web form, in-clinic), topics selected (e.g., appointment reminders), and opt-out status.

  • Message content: the text you send us and the content of messages we send to you (e.g., reminders, links). We discourage sharing sensitive health details by SMS.

  • Message metadata: timestamps, delivery status, short-code/long-code used, message IDs, and limited device/carrier information necessary for delivery.

  • Support interactions: when you text HELP, call our clinic, or email about SMS issues, we collect details to resolve your request.

Note: SMS is not a secure channel for detailed medical discussions or emergencies. For urgent care, call 911. For private medical questions, please use our phone line or secure patient portal.

2) How we use personal information collected via SMS

We use your information to:

  • Deliver the SMS service you requested, including appointment reminders, confirmations, wait-time updates, clinic announcements, and links to secure resources.

  • Coordinate your care, e.g., prompting you to book follow-ups or complete forms (clinical details, if any, are kept minimal over SMS; clinically relevant information may be documented in your medical record).

  • Administer consent and compliance, e.g., maintaining opt-in/opt-out logs required by telecom/carrier rules.

  • Provide support, respond to HELP requests, and troubleshoot delivery issues.

  • Improve service quality and safety, such as monitoring aggregate delivery performance and preventing spam or misuse.

  • Meet legal and regulatory obligations.

We do not sell your personal information. We do not use SMS consent for targeted advertising.

3) Who we share personal information with

We share only what is necessary to provide the SMS service:

  • Telecom and message delivery providers (processors): our SMS gateway/platform and underlying carriers that transmit messages. These providers are contractually required to protect your information and may process data in Canada or other jurisdictions.

  • Clinic service providers: IT support, security/anti-fraud vendors, and website form vendors as needed to operate the service.

  • Legal or regulatory authorities: if required by law, regulation, court order, or to protect health and safety.

Clear carrier-required statement: “SMS consent is not shared with third parties.” We also confirm that we do not share SMS consent with third parties or affiliates.

4) Your choices and controls

  • Opt-in: You will receive texts only after you give consent (e.g., ticking a box on a form or texting a keyword to subscribe).

  • Opt-out at any time: Text STOP to cancel. You may also call or email us to withdraw consent. We will confirm your opt-out by text.

  • Help: Text HELP for assistance, or contact us using the details below.

  • Message frequency & charges: Message frequency varies. Message and data rates may apply.

  • Access & correction: You may request access to, or correction of, your personal information held by the Clinic, subject to legal limitations.

Alternative channels: You can receive clinic communications by phone, email, or patient portal instead of SMS.

5) Data retention

  • SMS logs and consent records are retained only as long as necessary to provide the service, maintain accurate consent history, and satisfy legal/telecom compliance.

  • Medical record entries: If a text contains clinically relevant information, we may document it in your medical record; those records are retained under PHIPA and College standards (e.g., typically at least 10 years from last entry).

6) Security

We use administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including access controls, encryption in transit where supported by providers, and audit logging. No method of transmission is fully secure; avoid sending sensitive health details by SMS.

7) Children and dependents

If you are under 16 or consenting on behalf of a dependent, we may require consent from a parent or legal guardian and may communicate through the authorized contact number on file.

8) International processing

Our processors (e.g., SMS gateways or carriers) may process information outside of Ontario/Canada. Contractual safeguards are used to protect your information; however, it may be accessible to foreign authorities under applicable laws.

9) Changes to this policy

We may update this policy to reflect operational or legal changes. The “Effective date” above indicates the latest version. Significant changes will be communicated via our website and/or SMS where appropriate.

10) Contact us (Privacy Officer)

Midtown Medical Center — Privacy Officer
702 King St W, Kitchener ON, N2G 1E2
Phone: (226) 686-0119
Email: info@midtown.clinic

For Ontario patients, you may also contact the Information and Privacy Commissioner of Ontario (IPC) regarding PHIPA matters. 

SMS Terms of Service

By opting into SMS from a web form or other medium, you are agreeing to receive SMS messages from Midtown Medical Center. This includes SMS messages for customer care. Message frequency varies. Message and data rates may apply. Message HELP for help. Reply STOP to any message to opt out.