Get started

Privacy Policy

Horizon Trial and Treatment Notifier

Effective Date: February 26, 2026
Last Updated: February 26, 2026

1. Introduction

Horizon Trial and Treatment Notifier (“Horizon,” “we,” “us,” or “our”) is committed to protecting your privacy and safeguarding the personal information and health-related data you entrust to us. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use our platform, website, and related services (collectively, the “Platform”).

This Privacy Policy is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), applicable provincial privacy legislation including the Personal Health Information Protection Act (PHIPA) in Ontario, and Canada’s Anti-Spam Legislation (CASL).

Note on PHIPA: Horizon is not a “health information custodian” as defined under PHIPA, as we do not provide health care services directly. However, because the Platform collects and processes personal health information from Ontario residents, we voluntarily adopt PHIPA-aligned safeguards — including purpose-specific consent for health data, restricted access controls for personal health information, and secure retention and disposal practices — to provide an enhanced standard of protection for your health-related data. If Horizon engages agents or service providers who may access personal health information, we ensure they are bound by contractual obligations consistent with PHIPA’s agent requirements.

By using the Platform, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. If you do not agree with this Privacy Policy, you must not use the Platform.

2. Definitions

  • “Personal Information” means information about an identifiable individual, as defined under PIPEDA, including but not limited to name, email address, phone number, and payment information.

  • “Personal Health Information” means identifying information about an individual that relates to their physical or mental health, the provision of health care, or their health care history, as defined under applicable provincial legislation.

  • “Anonymized Data” means data that has been processed to remove or obscure personal identifiers such that the individual cannot reasonably be identified.

  • “User” means any individual who accesses or uses the Platform, including Patients, Caregivers, Physicians, and CRO Users.

3. Information We Collect

3.1 Information You Provide Directly

All Users

  • Full name

  • Email address

  • Password (stored in encrypted/hashed form only)

  • Account preferences and notification settings

Patients and Caregivers

  • Health Questionnaire Data (Required):

    • Primary diagnosis or condition

    • Date of diagnosis

    • Current stage or severity of condition

    • Previous treatments received

    • Demographic information: date of birth, biological sex

    • Location: province/state, postal code or ZIP code

    • Willingness to travel (distance in kilometres)

    • Preferred contact method

    • Notification frequency preferences

  • Health Questionnaire Data (Optional):

    • Current medications

    • Other medical conditions

    • Allergies

    • Family medical history

    • Smoking status

    • Performance status (ECOG scale)

    • Insurance information

  • Caregiver-Specific:

    • Relationship to patient

    • Authorization documentation or confirmation

Caregiver Authorization: If you register as a Caregiver, you represent that you have the legal authority to act on behalf of the patient whose profile you are managing. Horizon may require you to provide documentation evidencing your authority (e.g., a power of attorney, guardianship order, or a signed authorization form from the patient). Under PIPEDA, a Caregiver acts as the patient’s authorized agent, meaning the patient’s consent rights — including the right to access, correct, and withdraw consent — continue to apply and may be exercised by the patient directly at any time. If your authorization to act on behalf of the patient is revoked or expires, you must notify Horizon immediately at privacy@horizonnt.ca. Upon notification, we will suspend Caregiver access to the patient’s profile and contact the patient to confirm how they wish to proceed with their account.

Physicians

  • Medical licence number

  • Province or territory of licensure

  • Specialty areas of practice

  • Practice address and location

  • Professional credentials for verification

CRO Users

  • Organization name

  • Business registration number

  • Contact person name and role

  • Organization address and contact details

  • Clinical trial listing information (trial descriptions, eligibility criteria, site locations, recruitment status)

3.2 Information Collected Automatically

When you use the Platform, we automatically collect:

  • Device Information: Browser type, operating system, device type

  • Usage Data: Pages visited, features used, timestamps of activity

  • Log Data: IP addresses, access times, error logs

  • Session Data: Login/logout timestamps, session duration

3.3 Information from Third Parties

  • ClinicalTrials.gov: We import publicly available clinical trial data from ClinicalTrials.gov, a service of the U.S. National Library of Medicine, to populate our trial database.

  • Health Canada Clinical Trials Database (CTDB): We import publicly available Canadian clinical trial data from Health Canada’s Clinical Trials Database to supplement our trial listings.

  • Stripe: Our payment processor provides us with transaction confirmation data. We do not store full credit card numbers — this data is handled entirely by Stripe in compliance with PCI DSS standards.

Continuing exactly as provided, with no changes to wording, punctuation, formatting, or characters:

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Core Service Delivery

  • Creating and maintaining your account

  • Processing health questionnaire data to generate clinical trial matches

  • Facilitating communication between patients and CROs through the contact request process

  • Processing payments for physician subscriptions and CRO contact request fees

  • Verifying physician credentials and CRO organization legitimacy

  • Sending transactional notifications (match alerts, contact requests, payment confirmations, subscription renewals)

4.2 Platform Improvement

  • Improving the accuracy and performance of our matching algorithm

  • Analyzing aggregate, de-identified usage patterns to enhance the user experience

  • Identifying and resolving technical issues

  • Conducting internal research and analytics using anonymized data

4.3 Safety and Compliance

  • Detecting, preventing, and investigating fraud, abuse, or security incidents

  • Complying with legal obligations, regulatory requirements, and lawful requests from authorities

  • Maintaining audit logs for compliance and security purposes

  • Enforcing our Terms and Conditions

4.4 Communications

  • Responding to your inquiries and support requests

  • Sending service-related announcements (e.g., policy changes, scheduled maintenance, security alerts)

  • Sending notifications based on your communication preferences

We will not use your personal information for purposes unrelated to the Services without obtaining your separate consent.

5. Clinical Trial Matching and Anonymization

5.1 How Matching Works

Our matching algorithm compares your health profile against clinical trial eligibility criteria using the following key factors:

  1. Condition Matching — Alignment between your condition and trial target conditions

  2. Eligibility Filtering — Age, sex, inclusion/exclusion criteria

  3. Geographic Scoring — Distance to trial sites relative to your travel willingness

  4. Treatment History Alignment — Previous and current treatment compatibility

Each factor is weighted to produce an overall relevance score from 0 to 100%. The specific weights applied to each factor are proprietary and may be adjusted over time to improve matching accuracy.

5.2 Anonymized Candidate Profiles

When your profile matches a clinical trial, the CRO sponsoring that trial may view an anonymized version of your profile. This anonymized profile includes only:

  • Match relevance score

  • Age range (e.g., “40-49,” not exact date of birth)

  • Biological sex

  • General geographic location (province only)

  • Summary of treatment history

  • Eligibility indicators (met/not met/unknown)

Your name, email address, phone number, and detailed health information are never shared with a CRO without your explicit consent.

5.3 Contact Request and Consent Process

A CRO may request contact with you based on your anonymized profile. When this occurs:

  1. You receive a notification describing the trial and the requesting organization

  2. You review the request and the trial details

  3. You make an informed decision to accept or decline the request

  4. Only if you accept is your contact information (name, email, phone number) released to the CRO

  5. The CRO is charged a fee only after your acceptance

You may decline any contact request without consequence. Declining does not affect your account, future matches, or standing on the Platform.

6. Consent

6.1 Consent Model

We operate on a model of informed, meaningful consent as required by PIPEDA:

  • Registration Consent: By creating an account and completing your profile, you consent to the collection and use of your information for the purposes described in this Privacy Policy.

  • Data Sharing Consent: Before any personally identifiable information is shared with a CRO, we obtain your separate, explicit consent through the contact request process described in Section 5.3.

  • Notification Consent: You may configure your notification preferences at any time and opt out of non-essential communications.

  • Cookie Consent: We use essential cookies for Platform functionality. Details are provided in Section 11.

6.2 Withdrawing Consent

You may withdraw your consent at any time by:

  • Declining individual contact requests

  • Modifying your notification preferences in account settings

  • Deleting your account (see Section 9)

  • Contacting us at privacy@horizonnt.ca

Withdrawal of consent may limit your ability to use certain features of the Platform. Withdrawal does not affect the lawfulness of processing conducted prior to the withdrawal.

6.3 Consent Logging

All consent actions (grants, withdrawals, and modifications) are logged with timestamps for compliance and audit purposes.

7. Disclosure of Information

We disclose your personal information only in the following circumstances:

7.1 With Your Consent

  • To CROs, when you accept a contact request (as described in Section 5.3)

  • To physicians, if you initiate a connection through the Platform

7.2 Service Providers

We share information with trusted third-party service providers who assist in operating the Platform, subject to contractual obligations to protect your data:

Service Provider Purpose Data Shared
Stripe Payment processing Payment method details, transaction amounts, billing address
Email Service Provider (SendGrid/AWS SES) Transactional emails Email address, notification content
Authentication Provider (Auth0/AWS Cognito) User authentication and identity management Email address, hashed password, login metadata
Google Maps Platform Geographic distance calculations for trial matching General location data (postal code or ZIP code)
Redis (AWS ElastiCache) Session management, caching, and background job processing Session tokens, cached data, queued job metadata
Cloud Infrastructure (AWS ca-central-1) Data hosting and storage All Platform data (encrypted)

We require all service providers to comply with PIPEDA and use your information only as directed by us.

7.3 Legal Requirements

We may disclose your information when required to do so by law, including:

  • In response to a valid court order, subpoena, or other legal process

  • To comply with applicable laws or regulations

  • To respond to lawful requests from Canadian law enforcement or government authorities

  • To protect the rights, property, or safety of Horizon, our users, or the public

7.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity. We will notify you of any such transfer and any choices you may have regarding your information.

7.5 Anonymized and Aggregate Data

We may share anonymized, aggregate, or de-identified data that cannot reasonably be used to identify you for research, analytics, or reporting purposes.

Continuing exactly as provided, with no changes to wording, punctuation, formatting, or characters:

8. Data Security

We implement comprehensive technical and organizational measures to protect your personal information:

8.1 Encryption

  • Data in Transit: All data transmitted between your device and our servers is encrypted using TLS 1.3.

  • Data at Rest: All personal information and health data stored on our servers is encrypted using AES-256 encryption.

  • Database Encryption: Transparent data encryption is applied to our databases.

  • Backup Encryption: All data backups are encrypted.

8.2 Access Controls

  • Role-based access control limits access to personal information to authorized personnel only

  • Multi-factor authentication (MFA) is available for all users and required for CRO and administrative accounts

  • Session timeouts are enforced after 30 minutes of inactivity

  • API authentication uses session-based cookie authentication with CSRF protection for browser clients, and secure tokens with expiration for programmatic access

8.3 Infrastructure Security

  • Data is hosted on Canadian data centres (AWS ca-central-1 region) to comply with Canadian data residency requirements

  • Regular security assessments and vulnerability testing are conducted

  • Security events are monitored, logged, and investigated

8.4 Audit Logging

All sensitive actions are logged, including:

  • Login and logout events (with timestamps and IP addresses)

  • Profile changes

  • Consent actions (grants, withdrawals, modifications)

  • Payment transactions

  • Administrative actions

  • Data access and export requests

Audit logs are retained for a minimum of 3 years.

8.5 Breach Response

In the event of a data breach involving your personal information, we will:

  1. Investigate and contain the breach promptly

  2. Assess the risk of harm to affected individuals

  3. Notify affected individuals as soon as feasible after determining that a breach has occurred, and in accordance with PIPEDA’s breach notification requirements

  4. Report the breach to the Office of the Privacy Commissioner of Canada if the breach creates a real risk of significant harm

  5. Maintain a record of every breach of security safeguards (whether or not reported to the OPC) for a minimum of 24 months, as required by the Breach of Security Safeguards Regulations under PIPEDA

9. Data Retention and Deletion

9.1 Retention Periods

We retain your personal information only as long as necessary for the purposes set out in this Privacy Policy, or as required by law:

Data Type Retention Period Basis
Active user accounts and profiles Duration of account plus 7 years after last activity Service delivery and legal compliance
Health questionnaire data Duration of account; deleted upon account deletion Service delivery
Clinical trial data Indefinitely Historical reference and public interest
Payment and billing records 7 years after transaction Canada Revenue Agency requirements
Audit logs 3 years Compliance and security
Analytics data (anonymized) 2 years Platform improvement

9.2 Account Deletion

You may request deletion of your account and personal data at any time by:

Upon receiving a valid deletion request, we will:

  1. Verify your identity

  2. Delete or anonymize your personal information within 30 days

  3. Confirm the deletion to you in writing

9.3 Data We Must Retain

Certain data may be retained after account deletion as required by law, including:

  • Payment records (7 years — Canada Revenue Agency requirements)

  • Audit logs containing your actions (3 years — compliance obligations)

  • Records of consent actions (as required for legal compliance)

Retained data is stored securely, used only for the required legal purpose, and deleted at the end of the applicable retention period.

9.4 Data Portability

You may request an export of your personal data in a commonly used, machine-readable format. Export requests are processed within 30 days and logged for compliance purposes.

10. Your Privacy Rights Under Canadian Law

Under PIPEDA and applicable provincial legislation, you have the following rights:

10.1 Right of Access

You have the right to request access to the personal information we hold about you. We will respond to access requests within 30 days.

10.2 Right to Correction

You have the right to request correction of inaccurate or incomplete personal information. You may update most information directly through your account settings, or contact us for assistance.

10.3 Right to Withdraw Consent

You may withdraw consent for the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions. We will inform you of the implications of withdrawal.

10.4 Right to Deletion

You may request the deletion of your personal information, subject to the retention requirements described in Section 9.3.

10.5 Right to Complain

If you believe your privacy rights have been violated, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada:

Office of the Privacy Commissioner of Canada
30 Victoria Street
Gatineau, Quebec K1A 1H3
Toll-free: 1-800-282-1376
Website: https://www.priv.gc.ca

You may also file a complaint with your provincial privacy commissioner if applicable.

10.6 Exercising Your Rights

To exercise any of these rights, contact us at:

We may request identification to verify your identity before processing your request. We will not charge a fee for access requests except in cases of excessive or manifestly unfounded requests, as permitted by law.

11. Cookies and Tracking Technologies

11.1 Cookies We Use

Cookie Type Purpose Duration
Essential/Session Cookies Authentication, session management, CSRF protection Session (deleted on browser close)
Preference Cookies Remembering your settings and preferences Up to 1 year

11.2 Cookies We Do Not Use

We do not use:

  • Third-party advertising or tracking cookies

  • Cross-site tracking cookies

  • Social media tracking pixels

11.3 Consent for Cookies

  • Essential Cookies: These are strictly necessary for the Platform to function and are exempt from consent requirements under CASL. They are set automatically when you use the Platform.

  • Preference Cookies: By continuing to use the Platform after being presented with our cookie notice, you provide implied consent to the use of preference cookies. You may withdraw this consent at any time by adjusting your browser settings or clearing your cookies.

11.4 Managing Cookies

You can manage or delete cookies through your browser settings. Disabling essential cookies may prevent you from using the Platform. If you disable preference cookies, certain settings (such as display preferences) may not be retained between sessions.

12. Children’s Privacy

The Platform is not intended for individuals under the age of 18 or the age of majority in their province or territory of residence, whichever is greater. We do not knowingly collect personal information from minors. If we become aware that we have collected personal information from an individual who does not meet the age requirement without appropriate parental or guardian consent, we will take steps to delete that information promptly.

13. International Data Considerations

13.1 Data Residency

All personal information collected through the Platform is stored on servers located in Canada (AWS ca-central-1 region, Montreal). We do not routinely transfer personal information outside of Canada.

13.2 Limited Cross-Border Transfers

In certain limited circumstances, personal information may be accessible from outside Canada by our service providers (e.g., Stripe for payment processing). Where this occurs:

  • We ensure the service provider offers an equivalent level of protection as required by PIPEDA

  • Data transfers are governed by contractual agreements that require the service provider to protect the data in accordance with Canadian privacy law

  • We assess the privacy laws of the recipient jurisdiction

14. Third-Party Links and Integrations

The Platform may contain links to third-party websites, including ClinicalTrials.gov and individual trial registration sites. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

15. Canada’s Anti-Spam Legislation (CASL)

We comply with Canada’s Anti-Spam Legislation (CASL) in all electronic communications:

  • Transactional Messages: Service-related messages (match notifications, contact requests, payment confirmations, security alerts) are sent as transactional messages as permitted under CASL.

  • Digest and Summary Emails: If you opt in to receive periodic email digests (e.g., weekly or daily match summaries), these are sent based on your express consent. You may adjust or disable digest preferences at any time through your notification settings. Digest emails that promote Platform features or encourage engagement may be classified as commercial electronic messages and are sent only with your express consent.

  • Physician-Initiated Trial Sharing: When a physician shares clinical trial information with a patient via the Platform, the resulting email is sent by Horizon on behalf of the physician. These emails are treated as transactional messages related to the physician-patient relationship. The physician initiating the share is responsible for ensuring they have an appropriate relationship with the recipient. Horizon includes its sender identification and contact information in all such emails.

  • Commercial Messages: Any commercial electronic messages will only be sent with your express consent or as otherwise permitted under CASL.

  • Unsubscribe: All electronic messages include a clear and functional unsubscribe mechanism. Unsubscribe requests are processed within 10 business days as required by CASL.

  • Sender Identification: All messages clearly identify Horizon as the sender and include our contact information.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  1. We will post the updated Privacy Policy on the Platform with a revised “Last Updated” date

  2. We will notify registered users by email for material changes

  3. Material changes take effect 30 days after notification for existing users

Your continued use of the Platform after the effective date constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you should stop using the Platform and delete your account.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:

Horizon Trial and Treatment Notifier — Privacy Office
Email: privacy@horizonnt.ca
General Support: support@horizonnt.ca
Website: https://app.horizonnt.ca

We aim to respond to all privacy-related inquiries within 30 days.

17.1 Accessibility

This Privacy Policy is available in accessible formats upon request. If you require this Privacy Policy in an alternative format (e.g., large print, screen-reader-compatible text), please contact us at support@horizonnt.ca. Horizon is committed to compliance with the Accessibility for Ontarians with Disabilities Act (AODA) and WCAG 2.1 AA standards.

18. Privacy Officer

Horizon has designated a Privacy Officer responsible for overseeing compliance with this Privacy Policy and applicable privacy legislation. The Privacy Officer can be reached at privacy@horizonnt.ca.

By using the Horizon Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.

 

 

 

Get started