TELUS Health Corporate Privacy Commitment

Last updated: November 17, 2025

As a leader in privacy and data protection, TELUS Health is deeply committed to handling personal information in a responsible and transparent manner. 

The TELUS Health Corporate Privacy Commitment (“Commitment”) describes our privacy practices relating to the information that TELUS Health collects, uses, discloses and otherwise processes (“process” or “processes”) about our websites’ and physical sites’ visitors, and prospects and contacts within our business customer, supplier and business partner organizations with whom we have or contemplate a business relationship. This Commitment may be supplemented with privacy notices aimed at providing you with additional privacy information. These supplemental notices form an integral part of the Commitment, and take precedence in case of conflict.

For the purpose of this Commitment, TELUS Health is a data controller of this personal information under applicable privacy law and as such, directly accountable for its processing. 

This Commitment does not apply to our processing of personal information about individuals who use or may use our services (e.g. health, wellness and workplace management services, in-person clinical care services, virtual care services, mental health support services, virtual pharmacy services), whether these services are offered through their employer, educational institutions or other third parties, or whether they obtain these services directly from us. Our privacy practices relating to the collection, use and disclosure of personal information about these individuals are described in the TELUS Health Services Privacy Commitment

This Commitment also does not apply to subsidiaries that have their own privacy commitment, notice or statement, or non-affiliated websites, products or services linked to TH websites. 

For information about TELUS Health’s privacy practices relating to business customers’ personal information that we process in our capacity as a “service provider” or “data processor” to business customers, please refer to our Privacy Information for TELUS Business Customers

In this Commitment, the words “we”, “us”, “our” or “TELUS Health” refer to TELUS Health Inc. and its subsidiaries. 

Personal information, also known as “personal data”, is information that can be linked to an identifiable individual.

What personal information we process and for what purposes

We process the following categories of personal information about you:

  • When you request information about our services, or register for or engage with us at an event, we may collect your contact information such as name, telephone number, and email address;

  • When you engage with us via a social media platform, we may collect contact information that includes social media handles;

  • When you visit our offices, we may collect your contact information and details about your visit such as the time and date of your arrival and departure;

  • When you access a TELUS Health website, we may collect information about your device such as your device ID, browsing history, IP address, system settings, and usage, performance, and crash data;

  • We may also collect other information you may choose to provide through our interactions.

We may process your personal information for the following purposes:

  • To develop and maintain our business relationships; 

  • To manage our internal operations and for business purposes, such as for analytics and business intelligence, research and development, network security, disaster recovery and business continuity, fraud prevention, and internal audits and investigations;

  • To market our products and services as permitted by applicable law and with your consent if required, including to evaluate the success of our advertising and promotional campaigns and to send you information communications such as satisfaction surveys;

  • To manage our events and communicate with you in relation to these events; 

  • To understand your needs and preferences, including to personalize your experience when interacting with us; 

  • To develop, maintain, and improve our products and services; and

  • To meet contractual, legal, and regulatory requirements, such as by cooperating with public and government authorities, courts or regulators, in accordance with our legal obligations under applicable laws. 

We collect the above categories of personal information from you and from your interactions with us. We may also collect personal information from other sources, such as marketing agencies, other TELUS affiliates, or publicly available sources.

We may de-identify personal information in such a manner that it is no longer considered personal information under applicable laws, for a variety of reasons. For example, we may de-identify personal information to protect your personal information, prior to conducting analytics or research for planning or product improvement and development purposes, for reporting, or to operate and expand our business opportunities.

What legal basis or authority do we rely on to process your personal information 

We mainly process your personal information based on TELUS Health’s legitimate interests, where permissible under applicable laws. Such legitimate interests include operating our business, developing, improving and promoting our products and services and managing our relationship with prospective customers.

In some situations, we may process your personal information based on your consent. This may be the case for processing activities that are purely voluntary, to market our products and services, share your personal information if required, or where the proposed processing under the above listed purposes could be considered as falling outside of your reasonable expectations.

In others, we may have a legal obligation to process your personal information, such as for tax reporting purposes, in response to a court order or other legally valid inquiry, or to exercise, establish or defend legal claims. 

If you have questions about the legal basis we are relying upon for a specific processing activity, please contact us using the contact information under the “How to contact us” section below.

How we share your personal information

There are a variety of circumstances in which we share your personal information in order to achieve the purposes identified above. 

  • We may share your personal information with other TELUS affiliates for the purposes identified in this Commitment, and in particular if we think TELUS products and services offered by other TELUS affiliates might be of interest to you. Such personal information may be used by other TELUS affiliates to understand your needs and preferences, or enhance or develop products and services;

  • We may share your personal information with third party service providers for the purposes identified in this Commitment and supplemental privacy notices, such as hosting service providers, payment processors, marketing agencies, and advertising partners or networks. We require these third party service providers to handle your personal information in accordance with our instructions, this Commitment, and applicable law, and we take steps to verify that they provide a level of protection equivalent to TELUS Health’s; 

  • If we sell parts of our business, sell or securitize assets, or merge or amalgamate parts of our business with other entities, we may share personal information about you in the normal course of such transactions as part of due diligence and/or on completion of the transaction.

  • When required by law or contract, or when TELUS Health determines in its sole discretion that it is desirable to do so to protect TELUS Health’s or a third party’s interest, we may share your personal information with government, law enforcement agencies and other public institutions;

  • We may share de-identified information with our partners for a variety of reasons. For example, we share de-identified information to conduct analytics or research for planning or product improvement and development purposes, for reporting, or to operate and expand our business opportunities.

  • We may share personal information about you through online tracking technologies, such as cookies we use on our websites, for purposes such as analytics and targeted advertising as described in our Cookie Statement. You may opt-out at any time by clicking “Manage Cookies” at the bottom of the page. 

  • We do not “sell” your personal information within the meaning of the California Consumer Privacy Act. Should we engage in such practices in the future, or share your personal information with non-affiliated third parties for their marketing purposes, we will notify you and provide you with appropriate choices regarding the processing of your personal information.

  • We may otherwise share your personal information with other third parties, where permitted or required by law.

Where we transfer your personal information 

As a global company, we transfer your personal information to TELUS affiliates and third parties, including service providers, who process personal information outside of the jurisdiction in which you are located. Their processing may be subject to laws applicable in the jurisdictions in which they process your personal information. 

We have implemented legal, technical and organizational safeguards required under applicable law to enable these cross-border transfers of your personal information. For example, we may rely on model contracts to enable such transfers, seek authorization from the relevant supervisory authorities, or obtain your consent.

In particular, for transfers outside of the European Economic Area and the United Kingdom, we rely upon the European Commission’s approved EU Standard Contractual Clauses, which can be accessed here. For transfers from the United Kingdom, we rely upon the International Data Transfer Addendum to the EU Standard Contractual Clauses, issued by the Information Commissioner and laid before Parliament in accordance with s.119A of the Data Protection Act 2018 on 2 February 2022, which can be accessed here

What rights do you have with regards to your personal information 

Local laws may provide you with certain rights with regards to your personal information. For example, you may have the right to:

  • Request access to and obtain a copy of your personal information, including confirming whether we are processing your personal information;

  • Request correction of your personal information where it is inaccurate, incomplete or outdated. In some cases, we may provide self-service tools that enable you to update your personal information;

  • Request deletion of your personal information; 

  • Request restriction of our processing of your personal information;

  • Withdraw consent, which you may have provided for certain processing activities, at any time;

  • Object to the processing of your personal information by us;

  • Request data portability, i.e. obtain a copy of your personal information in a commonly used format to transmit it to another organization, or request that we do so on your behalf;

  • Request the review of decisions which are taken solely based on automated processing and that significantly affect you.

These rights may be limited, such as when fulfilling your request would reveal personal information about another person, or when you ask us to delete information which we are required by law to retain.

If you wish to exercise these rights, please see the “How to Contact Us” section below. Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. To authorize an agent, provide written authorization signed by you and your designated agent and contact us as set forth in the “How to Contact Us” section below. You will not receive discriminatory treatment for exercising any rights conferred to you by applicable privacy laws. 

To protect your privacy, we will take steps to reasonably verify your identity before fulfilling your request. These steps may involve asking you to provide information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Examples of our verification process may include asking you to provide the email address we have associated with you and following the instructions we provide to you.

We will endeavor to provide a written response to your request or complaint within one month unless applicable law requires a shorter response time. If you have unresolved concerns, you have the right to complain to your privacy regulator. Relevant contact details are available here. We will not take any action against you for filing a complaint.

If you would like to receive further information about your rights or how to enforce them, please contact us using the “How to Contact Us” section below.

How long we retain your personal information 


TELUS Health retains your personal information as long as necessary to fulfill the purposes for which it was collected or as otherwise required or permitted by law. In addition, TELUS Health retains data on matters that are likely to give rise to a legal challenge for applicable statutory limitation periods. TELUS aims to keep its files current and disposes of data pursuant to its Records Retention Policy.

How we protect your personal information 

TELUS Health is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, we store the personal information you provide on limited access computer servers that are located in controlled facilities, and we protect certain sensitive personal information through encryption in transfer and at rest. 

Children’s privacy

Our websites are not intended for children or persons under the age of majority in their jurisdiction. 

How to contact us

If you have any questions or concerns about our privacy practices, or wish to exercise any rights in respect of your personal information, please write to us at [email protected] or at:

TELUS Health
c/o Chief Data & Trust Officer
25 York Street, Floor 3
Toronto ON, M5J 2V5

In certain jurisdictions, such as the European Union, we may appoint a Data Protection Officer as required by law. To get in touch with our Data Protection Officer, email [email protected].

Modifications to this Commitment

We will review this Commitment annually and update it thereafter as needed to reflect changes in laws, our data management practices, and in other circumstances. We will notify you when material changes to this Commitment are made to the extent we hold personal information about you which is subject to this Commitment.