PRIVACY POLICY
Last updated: March 17, 2026
Effective date: March 17, 2026
This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
This Privacy Policy should be read together with Our Client Privacy and Data Protection Policy, which governs how WaiveTheWait handles data received from Clients in the delivery of Our Services.
1. Interpretation and Definitions
Interpretation
The words whose initial letters are capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by, or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Company (referred to as either "the Company", "We", "Us" or "Our" in this Privacy Policy) refers to WaiveTheWait Inc., 1545 Maley Dr, Sudbury, ON P3A 4R7.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: Ontario, Canada.
Device means any device that can access the Service such as a computer, a cell phone or a digital tablet.
Personal Data (or "Personal Information") is any information that relates to an identified or identifiable individual. We use "Personal Data" and "Personal Information" interchangeably unless a law uses a specific term.
Personal Health Information (PHI) has the meaning given to it under the Personal Health Information Protection Act (PHIPA), and includes identifying information about an individual in oral or recorded form, if the information relates to the physical or mental health of the individual or to the provision of healthcare to the individual.
Service refers to the Website and the clinic automation platform operated by WaiveTheWait.
Service Provider means any natural or legal person who processes data on behalf of the Company, including third-party analytics, scheduling, and CRM providers.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
Website refers to Waive - The Intelligent Clinic Company, accessible from www.waivemedical.com.
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
2. Collecting and Using Your Personal Data
Types of Data Collected
Personal Data: While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. This may include:
Email address
First name and last name
Phone number
Company or clinic name
Role or job title
Usage Data
Usage Data: Usage Data is collected automatically when using the Service and may include information such as Your device's IP address, browser type, browser version, pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Patient and Clinical Data: WaiveTheWait processes Personal Health Information and clinical data on behalf of Clients as part of the Service. This data is subject to PHIPA, PIPEDA, and applicable provincial privacy legislation, as well as WaiveTheWait's Client Privacy and Data Protection Policy. Retention periods vary by Service: data processed through the Automated Task Management and Patient Reminders services is deleted within twenty-four (24) hours of the completion of the relevant service transaction; data processed through the Document Triaging Service is retained for a maximum of seven (7) days. Unless a different retention period is expressly agreed upon with the Client in writing or required by applicable law, no PHI will be retained beyond these periods.
Tracking Technologies, Analytics and Cookies
We use cookies, analytics tools, and similar tracking technologies to track activity on Our Service and improve Our website and marketing. The third-party tools We use include:
Google Analytics 4 (GA4) — Collects data including pages visited, time on pages, device type, browser, geographic location, and referral source. Subject to Google's Privacy Policy. You may opt out via the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout.
Google Ads and Google Click ID (gclid) — Used to measure advertising campaign effectiveness and attribute conversions. Conversion data may be shared with Google Ads.
Google Tag Manager — Used to manage and deploy marketing and analytics tags on Our Website.
Microsoft Clarity — Used to understand visitor interactions through session recordings, heatmaps, and behavioral analytics. Subject to Microsoft's Privacy Policy. Learn more at clarity.microsoft.com.
UTM Parameters — Captured from marketing campaign URLs and stored in Your browser's local storage for up to 30 days to attribute Your visit to the correct marketing channel.
Calendly — Used for demo scheduling. Collects Your name, email address, and booking information. Subject to Calendly's Privacy Policy. Booking data may be passed to Our CRM.
Attio CRM — Used to manage customer and prospect relationships. Stores Your name, email address, company, role, and any tracking parameters associated with Your visit.
Zapier — Used to automate workflows between Our Service and other third-party tools. May process Your contact and activity data as part of automated processes.
All third-party Service Providers with access to Personal Data are contractually required to maintain appropriate data security and privacy standards consistent with applicable law and WaiveTheWait's requirements.
Cookie Categories
We use both Session and Persistent Cookies. Session Cookies are deleted when You close Your browser. Persistent Cookies remain on Your device until deleted or expired. The categories of cookies We use are:
Necessary / Essential Cookies (Session) — Essential to provide You with services available through the Website.
Cookie Preference Cookies (Persistent) — Identify if users have accepted the use of cookies.
Functionality Cookies (Persistent) — Remember choices You make when using the Website.
Analytics and Performance Cookies (Persistent, Third Party: Google, Microsoft) — Collect information about how visitors use Our website. Require Your consent where required by applicable law.
Advertising and Targeting Cookies (Persistent, Third Party: Google Ads) — Deliver relevant advertisements and measure campaign effectiveness. Require Your consent where required by applicable law.
Where required by law, non-essential cookies are only used with Your consent. You may withdraw consent at any time through Your browser settings or Our cookie preferences tool.
We also use browser local storage to retain UTM parameters and tracking identifiers for up to 30 days. This is not a cookie but serves a similar purpose of attributing Your actions to the correct marketing source.
3. Use of Your Personal Data
The Company may use Personal Data for the following purposes:
To provide and maintain our Service, including to monitor the usage of our Service.
To manage Your requests: To attend and manage Your requests to Us, including demo bookings and contact form submissions.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication regarding updates, informative communications, and services.
To provide You with news, special offers, and general information about other goods, services and events which We offer that are similar to those that you have already purchased or inquired about, unless You have opted not to receive such information.
For marketing and advertising measurement: To measure the effectiveness of Our paid advertising campaigns, attribute conversions to the correct marketing channel, and optimize Our marketing spend. This includes sharing conversion data with Google Ads for campaign optimization purposes.
For analytics and service improvement: To analyze how visitors use Our website, identify usage trends, understand which content and campaigns are most effective, and improve Our Service, products, and marketing.
For business transfers: We may use Your Personal Data to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets.
We may share Your Personal Data in the following situations:
With Service Providers: Including analytics providers (Google, Microsoft), scheduling tools (Calendly), CRM platforms (Attio), and automation tools (Zapier) to monitor and analyze the use of our Service and to manage leads and customer relationships.
With Advertising Partners: We may share conversion data (such as demo booking completions) with Google Ads for the purpose of measuring and optimizing Our advertising campaigns.
For business transfers: We may share or transfer Your Personal Data in connection with any merger, sale of Company assets, financing, or acquisition.
With Affiliates: We may share Your Personal Data with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy.
With Your consent: We may disclose Your Personal Data for any other purpose with Your consent.
As required by law: We may disclose Your Personal Data where required to do so by applicable law, court order, or governmental authority.
4. Data Retention
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, or as required by applicable law. Specific retention periods are as follows:
Patient and Clinical Data (PHI): Retention periods vary by Service. Data processed through the Automated Task Management and Patient Reminders services is deleted within twenty-four (24) hours of the completion of the relevant service transaction. Data processed through the Document Triaging Service is retained for a maximum of seven (7) days. Unless a different retention period is expressly agreed upon with the Client in writing or required by applicable law, no PHI will be retained beyond these periods.
Account Information: Up to 24 months after account closure.
Customer Support Data: Up to 24 months from ticket closure.
Chat transcripts: Up to 24 months for quality assurance purposes.
Website analytics data (cookies, IP addresses, device identifiers): Up to 24 months from the date of collection.
UTM parameters and tracking identifiers stored in local storage: Up to 30 days from the date of collection.
CRM data (Attio): Retained for the duration of our business relationship and up to 24 months thereafter, unless You request deletion.
Server logs: Up to 24 months for security monitoring and troubleshooting purposes.
Financial and legal records: Retained for the period required under applicable law or indefinitely as required for business purposes.
When data is no longer required, it will be securely deleted or destroyed in accordance with WaiveTheWait's Data Management Policy.
5. Data Breach Notification
WaiveTheWait maintains a Data Breach Response Policy and Plan that governs how We respond to confirmed or suspected data breaches. In the event of a confirmed or suspected breach involving Personal Data:
WaiveTheWait will notify affected Clients as soon as practicable, and no later than forty-eight (48) hours from the date WaiveTheWait obtains actual knowledge of the breach.
Notification will include the nature of the breach, the Personal Data affected, the number of individuals impacted (to the extent known), and steps WaiveTheWait has taken or plans to take.
WaiveTheWait will notify affected individuals and applicable privacy regulators as required by PHIPA, PIPEDA, and other applicable legislation.
WaiveTheWait will cooperate with Clients in any investigation, notification to affected parties, and remedial measures as required.
6. Your Privacy Rights and Choices
Depending on Your location and applicable law, You may have the right to:
Access the Personal Data We hold about You
Request correction of inaccurate Personal Data
Request deletion of Your Personal Data
Withdraw consent for non-essential cookies and tracking at any time
Opt out of analytics tracking via the Google Analytics Opt-out Browser Add-on
Object to the processing of Your Personal Data for direct marketing purposes
To exercise any of these rights, please contact Us at info@waivethewait.com. We will respond to Your request within a reasonable timeframe and in accordance with applicable law.
7. Security of Your Personal Data
The security of Your Personal Data is important to Us. WaiveTheWait maintains technical and organizational security measures designed to protect Personal Data against unauthorized access, disclosure, alteration, or destruction. These measures include encrypted storage and transmission, access controls, password management policies, network security controls, and malware protection.
However, no method of transmission over the Internet or electronic storage is 100% secure. While We strive to use commercially reasonable means to protect Your Personal Data, We cannot guarantee its absolute security.
8. Children's Privacy
Our Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us at info@waivethewait.com so that We can take the necessary steps to remove that information.
9. Links to Other Websites
Our Service may contain links to other websites that are not operated by Us. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
10. Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy. Your continued use of the Service after any changes constitutes Your acceptance of the revised Privacy Policy.
11. Contact Us
If you have any questions about this Privacy Policy, please contact us:
By email: info@waivethewait.com By mail: WaiveTheWait Inc., 1545 Maley Dr, Sudbury, ON P3A 4R7 By website: www.waivemedical.com
This Privacy Policy was last updated on March 17, 2026. WaiveTheWait recommends seeking independent legal advice to ensure this Privacy Policy is appropriate for your specific circumstances before publishing.
Last updated: March 17, 2026
Effective date: March 17, 2026
This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
This Privacy Policy should be read together with Our Client Privacy and Data Protection Policy, which governs how WaiveTheWait handles data received from Clients in the delivery of Our Services.
1. Interpretation and Definitions
Interpretation
The words whose initial letters are capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
Definitions
For the purposes of this Privacy Policy:
Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by, or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Company (referred to as either "the Company", "We", "Us" or "Our" in this Privacy Policy) refers to WaiveTheWait Inc., 1545 Maley Dr, Sudbury, ON P3A 4R7.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: Ontario, Canada.
Device means any device that can access the Service such as a computer, a cell phone or a digital tablet.
Personal Data (or "Personal Information") is any information that relates to an identified or identifiable individual. We use "Personal Data" and "Personal Information" interchangeably unless a law uses a specific term.
Personal Health Information (PHI) has the meaning given to it under the Personal Health Information Protection Act (PHIPA), and includes identifying information about an individual in oral or recorded form, if the information relates to the physical or mental health of the individual or to the provision of healthcare to the individual.
Service refers to the Website and the clinic automation platform operated by WaiveTheWait.
Service Provider means any natural or legal person who processes data on behalf of the Company, including third-party analytics, scheduling, and CRM providers.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself.
Website refers to Waive - The Intelligent Clinic Company, accessible from www.waivemedical.com.
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
2. Collecting and Using Your Personal Data
Types of Data Collected
Personal Data: While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. This may include:
Email address
First name and last name
Phone number
Company or clinic name
Role or job title
Usage Data
Usage Data: Usage Data is collected automatically when using the Service and may include information such as Your device's IP address, browser type, browser version, pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Patient and Clinical Data: WaiveTheWait processes Personal Health Information and clinical data on behalf of Clients as part of the Service. This data is subject to PHIPA, PIPEDA, and applicable provincial privacy legislation, as well as WaiveTheWait's Client Privacy and Data Protection Policy. Retention periods vary by Service: data processed through the Automated Task Management and Patient Reminders services is deleted within twenty-four (24) hours of the completion of the relevant service transaction; data processed through the Document Triaging Service is retained for a maximum of seven (7) days. Unless a different retention period is expressly agreed upon with the Client in writing or required by applicable law, no PHI will be retained beyond these periods.
Tracking Technologies, Analytics and Cookies
We use cookies, analytics tools, and similar tracking technologies to track activity on Our Service and improve Our website and marketing. The third-party tools We use include:
Google Analytics 4 (GA4) — Collects data including pages visited, time on pages, device type, browser, geographic location, and referral source. Subject to Google's Privacy Policy. You may opt out via the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout.
Google Ads and Google Click ID (gclid) — Used to measure advertising campaign effectiveness and attribute conversions. Conversion data may be shared with Google Ads.
Google Tag Manager — Used to manage and deploy marketing and analytics tags on Our Website.
Microsoft Clarity — Used to understand visitor interactions through session recordings, heatmaps, and behavioral analytics. Subject to Microsoft's Privacy Policy. Learn more at clarity.microsoft.com.
UTM Parameters — Captured from marketing campaign URLs and stored in Your browser's local storage for up to 30 days to attribute Your visit to the correct marketing channel.
Calendly — Used for demo scheduling. Collects Your name, email address, and booking information. Subject to Calendly's Privacy Policy. Booking data may be passed to Our CRM.
Attio CRM — Used to manage customer and prospect relationships. Stores Your name, email address, company, role, and any tracking parameters associated with Your visit.
Zapier — Used to automate workflows between Our Service and other third-party tools. May process Your contact and activity data as part of automated processes.
All third-party Service Providers with access to Personal Data are contractually required to maintain appropriate data security and privacy standards consistent with applicable law and WaiveTheWait's requirements.
Cookie Categories
We use both Session and Persistent Cookies. Session Cookies are deleted when You close Your browser. Persistent Cookies remain on Your device until deleted or expired. The categories of cookies We use are:
Necessary / Essential Cookies (Session) — Essential to provide You with services available through the Website.
Cookie Preference Cookies (Persistent) — Identify if users have accepted the use of cookies.
Functionality Cookies (Persistent) — Remember choices You make when using the Website.
Analytics and Performance Cookies (Persistent, Third Party: Google, Microsoft) — Collect information about how visitors use Our website. Require Your consent where required by applicable law.
Advertising and Targeting Cookies (Persistent, Third Party: Google Ads) — Deliver relevant advertisements and measure campaign effectiveness. Require Your consent where required by applicable law.
Where required by law, non-essential cookies are only used with Your consent. You may withdraw consent at any time through Your browser settings or Our cookie preferences tool.
We also use browser local storage to retain UTM parameters and tracking identifiers for up to 30 days. This is not a cookie but serves a similar purpose of attributing Your actions to the correct marketing source.
3. Use of Your Personal Data
The Company may use Personal Data for the following purposes:
To provide and maintain our Service, including to monitor the usage of our Service.
To manage Your requests: To attend and manage Your requests to Us, including demo bookings and contact form submissions.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication regarding updates, informative communications, and services.
To provide You with news, special offers, and general information about other goods, services and events which We offer that are similar to those that you have already purchased or inquired about, unless You have opted not to receive such information.
For marketing and advertising measurement: To measure the effectiveness of Our paid advertising campaigns, attribute conversions to the correct marketing channel, and optimize Our marketing spend. This includes sharing conversion data with Google Ads for campaign optimization purposes.
For analytics and service improvement: To analyze how visitors use Our website, identify usage trends, understand which content and campaigns are most effective, and improve Our Service, products, and marketing.
For business transfers: We may use Your Personal Data to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets.
We may share Your Personal Data in the following situations:
With Service Providers: Including analytics providers (Google, Microsoft), scheduling tools (Calendly), CRM platforms (Attio), and automation tools (Zapier) to monitor and analyze the use of our Service and to manage leads and customer relationships.
With Advertising Partners: We may share conversion data (such as demo booking completions) with Google Ads for the purpose of measuring and optimizing Our advertising campaigns.
For business transfers: We may share or transfer Your Personal Data in connection with any merger, sale of Company assets, financing, or acquisition.
With Affiliates: We may share Your Personal Data with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy.
With Your consent: We may disclose Your Personal Data for any other purpose with Your consent.
As required by law: We may disclose Your Personal Data where required to do so by applicable law, court order, or governmental authority.
4. Data Retention
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, or as required by applicable law. Specific retention periods are as follows:
Patient and Clinical Data (PHI): Retention periods vary by Service. Data processed through the Automated Task Management and Patient Reminders services is deleted within twenty-four (24) hours of the completion of the relevant service transaction. Data processed through the Document Triaging Service is retained for a maximum of seven (7) days. Unless a different retention period is expressly agreed upon with the Client in writing or required by applicable law, no PHI will be retained beyond these periods.
Account Information: Up to 24 months after account closure.
Customer Support Data: Up to 24 months from ticket closure.
Chat transcripts: Up to 24 months for quality assurance purposes.
Website analytics data (cookies, IP addresses, device identifiers): Up to 24 months from the date of collection.
UTM parameters and tracking identifiers stored in local storage: Up to 30 days from the date of collection.
CRM data (Attio): Retained for the duration of our business relationship and up to 24 months thereafter, unless You request deletion.
Server logs: Up to 24 months for security monitoring and troubleshooting purposes.
Financial and legal records: Retained for the period required under applicable law or indefinitely as required for business purposes.
When data is no longer required, it will be securely deleted or destroyed in accordance with WaiveTheWait's Data Management Policy.
5. Data Breach Notification
WaiveTheWait maintains a Data Breach Response Policy and Plan that governs how We respond to confirmed or suspected data breaches. In the event of a confirmed or suspected breach involving Personal Data:
WaiveTheWait will notify affected Clients as soon as practicable, and no later than forty-eight (48) hours from the date WaiveTheWait obtains actual knowledge of the breach.
Notification will include the nature of the breach, the Personal Data affected, the number of individuals impacted (to the extent known), and steps WaiveTheWait has taken or plans to take.
WaiveTheWait will notify affected individuals and applicable privacy regulators as required by PHIPA, PIPEDA, and other applicable legislation.
WaiveTheWait will cooperate with Clients in any investigation, notification to affected parties, and remedial measures as required.
6. Your Privacy Rights and Choices
Depending on Your location and applicable law, You may have the right to:
Access the Personal Data We hold about You
Request correction of inaccurate Personal Data
Request deletion of Your Personal Data
Withdraw consent for non-essential cookies and tracking at any time
Opt out of analytics tracking via the Google Analytics Opt-out Browser Add-on
Object to the processing of Your Personal Data for direct marketing purposes
To exercise any of these rights, please contact Us at info@waivethewait.com. We will respond to Your request within a reasonable timeframe and in accordance with applicable law.
7. Security of Your Personal Data
The security of Your Personal Data is important to Us. WaiveTheWait maintains technical and organizational security measures designed to protect Personal Data against unauthorized access, disclosure, alteration, or destruction. These measures include encrypted storage and transmission, access controls, password management policies, network security controls, and malware protection.
However, no method of transmission over the Internet or electronic storage is 100% secure. While We strive to use commercially reasonable means to protect Your Personal Data, We cannot guarantee its absolute security.
8. Children's Privacy
Our Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us at info@waivethewait.com so that We can take the necessary steps to remove that information.
9. Links to Other Websites
Our Service may contain links to other websites that are not operated by Us. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
10. Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy. Your continued use of the Service after any changes constitutes Your acceptance of the revised Privacy Policy.
11. Contact Us
If you have any questions about this Privacy Policy, please contact us:
By email: info@waivethewait.com By mail: WaiveTheWait Inc., 1545 Maley Dr, Sudbury, ON P3A 4R7 By website: www.waivemedical.com
This Privacy Policy was last updated on March 17, 2026. WaiveTheWait recommends seeking independent legal advice to ensure this Privacy Policy is appropriate for your specific circumstances before publishing.
© 2026 Waive
© 2026 Waive
© 2026 Waive
© 2026 Waive