Effective date: May 23, 2026 · Hearthlane Care Inc., Ontario
Hearthlane Care Inc. ("Hearthlane," "we," "us," or "our") is a registered Ontario business providing non-medical in-home companion care services. We are subject to Ontario's Personal Health Information Protection Act (PHIPA) and Canada's federal Personal Information Protection and Electronic Documents Act (PIPEDA).
Privacy inquiries can be directed to our Privacy Officer at hello@hearthlanehomes.com.
We collect only what is necessary to provide and improve our services.
| Category | Examples | Why we collect it |
|---|---|---|
| Identity | Full name, date of birth, relationship to care recipient | Account creation, scheduling, caregiver matching |
| Contact | Address, phone number, email | Visit coordination, billing, emergency contact |
| Care information | Health considerations, mobility notes, dietary needs, personal preferences | Safe and appropriate caregiver matching |
| Account data | Google account (used for portal login via Firebase Authentication) | Secure portal access |
| Usage data | Portal activity, visit clock-in/out records, messages with coordinator | Service delivery, payroll, visit records |
| Device & notification | Browser push token (FCM), device type | Sending you visit reminders and alerts (if you opt in) |
| Payment | Billing records (we do not store raw card numbers) | Invoicing and payment processing |
We do not collect sensitive health information beyond what is needed to ensure safe care (e.g., fall risk, dietary restrictions). We never collect SIN, passport numbers, or financial account credentials.
We will never sell, rent, or trade your personal information to third parties for marketing purposes.
If you allow notifications in your browser, Hearthlane uses Firebase Cloud Messaging (FCM), a service provided by Google LLC, to send visit reminders, coordinator messages, and care alerts to your device — even when your browser tab is closed.
To enable this, your browser generates a push notification token that is stored securely in our Firebase Firestore database. This token identifies your device for push delivery only and does not reveal your identity to Google.
You can revoke notification permission at any time in your browser settings (Settings → Notifications). Revoking permission stops all future pushes; your token will no longer be used.
Firebase services used by Hearthlane: Firebase Authentication, Cloud Firestore, Firebase Cloud Messaging. Firebase is operated by Google LLC under Google's privacy policy.
Push notifications sent by Hearthlane are limited to service-related communications: visit reminders, schedule changes, coordinator messages, and care alerts. By providing express consent through your portal, you authorize Hearthlane to send these electronic messages to your device. You may withdraw consent at any time by disabling notifications in your browser or contacting us.
Hearthlane uses Google Firebase, whose servers are operated by Google LLC, a United States company. As a result, your personal information — including personal health information collected under PHIPA — may be stored and processed on servers located in the United States or other jurisdictions outside Ontario and Canada.
Google LLC is certified under data processing frameworks and maintains contractual protections that provide equivalent protection to Canadian privacy law. By using Hearthlane's services, you consent to this transfer. If you have questions about cross-border data handling, contact our Privacy Officer at hello@hearthlanehomes.com.
We share personal information only in the following limited circumstances:
We do not share your information with advertisers or data brokers.
Care-related personal health information (such as mobility notes or dietary needs collected to support safe visits) is handled in accordance with Ontario's Personal Health Information Protection Act (PHIPA). This means:
We retain your personal information for as long as your account is active and for a reasonable period afterward to comply with legal obligations (typically 7 years for billing and tax records under Ontario law). Care notes and visit records may be retained for up to 10 years.
You may request deletion of your account and personal data at any time (subject to legal retention requirements) by emailing hello@hearthlanehomes.com.
Under PIPEDA and PHIPA, you have the right to:
To exercise any of these rights, email hello@hearthlanehomes.com with the subject line "Privacy Request" and describe what you are requesting. We will acknowledge your request within 5 business days and respond fully within 30 days. If additional time is needed, we will notify you in writing.
Requests for deletion of personal health information are processed in compliance with PHIPA retention requirements. We cannot delete records we are legally required to retain (e.g., billing records, visit logs required for regulatory compliance), but we will delete all other personal data upon request.
In the event of a privacy breach that creates a real risk of significant harm to individuals, Hearthlane will:
If you believe your personal information has been compromised, contact our Privacy Officer immediately at hello@hearthlanehomes.com or (647) 655-2883.
The Hearthlane website uses minimal cookies necessary for session management and login functionality. We do not use third-party advertising cookies or cross-site tracking.
We may collect basic anonymous analytics (page views, referral source) to understand how visitors use our site. This data cannot be used to identify you personally.
We take reasonable technical and organizational measures to protect your information, including:
No system is completely secure. In the unlikely event of a data breach affecting your rights, we will notify you and the applicable Privacy Commissioner as required by law.
Our services and portals are not directed at persons under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us personal information, please contact us immediately.
We may update this Privacy Policy from time to time. We will notify active clients of material changes via email or portal notification. The effective date at the top of this page reflects the date of the last update. Continued use of our services after changes take effect constitutes acceptance.
For any privacy questions or concerns, contact our Privacy Officer:
If you are not satisfied with our response, you may contact: