MD Analytics Privacy Policy

Last updated: May 8, 2023.

This Privacy Policy applies to MD Analytics Inc., (“MD Analytics”, “we”, “us” and “our”).

MD Analytics is committed to ensuring the privacy of your personal information. We are further committed to preventing unauthorized access to that information. Our Privacy Policy details what personal information is collected from our members, participants, users, business representatives, and others and explains how we use it, how it is stored, and your choices related to our use of your information.


MD Analytics provides industry-leading healthcare and pharmaceutical marketing research, supported by our proprietary panel of healthcare professionals. We developed our platform and services to achieve larger sample sizes and increased accuracy with surveys conducted in accordance with market dynamics and industry codes of conduct. Our goal is to deliver intuitive visual story-based reporting based on the best research data.

MD Analytics operates in Canada and the United States, incorporated as MD Analytics Inc., based in Vancouver, Canada and MD Analytics (WA) Inc. based in Marsyville, Washington, USA. Established in 2003, our proprietary healthcare professionals panel is managed within North America. Our panelists include primary care physicians, medical specialists, pharmacy professionals, physician assistants, nurses and other healthcare professionals. We also survey individuals representing a variety of health issues, providing valuable market research data by geographical location, age bracket, and other significant factors. We operate the MD Analytics website located at, our related online survey and study platform powered by third-party software, and related research and other services and business activities (collectively referred to as “Services”).

We respect your privacy and take safeguarding your data seriously. Please read this Privacy Policy to understand what Personal Information (defined below) we collect from you, how we use it, and your choices related to our use of your Personal Information. If you do not agree with this Privacy Policy, please do not use the Services.


“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual. Under specific laws, Personal Information may include any information relating to a household.


We process Personal Information that you actively submit to us, that we automatically collect through your use of our Services, and that we collect from third-party sources. We may process your Personal Information with or without automatic means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of your Personal Information. We will not collect Personal Information indiscriminately and will limit our collection of your Personal Information to what is reasonably necessary to provide a product or service either directly or indirectly and which is reasonably necessary for the purposes for you were given notice. We may also collect information as authorized by law.

Personal Information that you actively submit to us.

We collect Personal Information that you actively submit to us when you register an account with us, participate in surveys, interviews, and focus groups, subscribe to email services, contact us, request or provide business services, interact with us through social media, or send us feedback. Examples are provided below. You will know when we collect your Personal Information because we will directly ask you for the information. We will require certain Personal Information for you to use our Services or for us to be able to contact you. There may also be circumstances where providing Personal Information is optional and does not impact your access to Services.

Your Account. When you register as a panelist, either as a healthcare professional or as an individual participant, we ask you to provide your name, email, and password, and to select whether your prefer the language set to English or French. For professionals joining the professional panels, we gather key information regarding your profession, employment, and experience. For individuals joining our consumer health ailment panels, we gather key information from you, including your mailing address, residential city and postcode, gender, employment status, marital status, income, ethnicity, religion, gender, health issue diagnosis, and status of medical treatment. Some of the questions are optional.

Participation in Surveys, Interviews, and Focus Groups. Participants will provide information specific to the market research being conducted, including in the form of online surveys, telephone interviews, focus groups, opinions, and general feedback. Where applicable, payment is made in the form a cheque is sent to the address on file.

Email Subscriptions. Members have an option to subscribe to email communications of interest and can opt-in to the following:

  • Latest topical data findings and company news.

Contact Us / Request More Information. We provide an online form for users to contact us or submit their requests for more information. We collect your name, email address, company, request type, and a description of the request. We also provide a phone number or an option to write to us directly.

Social Media. We invite users to join us on social media, through platforms like Twitter, LinkedIn, and Facebook, with links available directly from the MD Analytics website.

Personal Information we automatically collect through your use of the Services.

We receive some Personal Information automatically when you visit MD Analytics Services. This includes information about the device, browser, and operating system you use when accessing our Services, your IP address, the website that referred you, which pages you request and visit, and the date and time of each request you make.

Personal Information of minors.

The Services are not intended for users younger than 13. We do not actively collect or otherwise process Personal Information from users under the age of 13. If we become aware that an individual under the age of 13 has submitted Personal Information without verifiable parental consent, we will remove his or her information from our files.

California Consumer Privacy Act of 2018 (“CCPA”).

The categories of Personal Information we have collected about consumers in the preceding 12 months are:

  • Identifiers such as a real name, alias, postal address, email address, unique personal or online identifier, Internet Protocol address, account name;
  • Education, employment status, medical information
  • Race, religion, gender identity, marital status, medical conditions, ethnicity, disability, age
  • Internet or other electronic network activity information, including, browsing history, search history, and information regarding a consumer’s interaction with an internet website, or advertisement; and
  • Professional or employment-related information.


We (and the third-party service providers working on our behalf) use various technologies to collect Personal Information. This may include saving cookies to your device. For information on what cookies are, which ones we use, why we use them, and how you can manage their use, please see our Cookie Policy.


Regarding consent, we will obtain your consent to collect, use or disclose Personal Information except where we are authorized or required by law to do so without consent, e.g. Information is publicly available, obtaining legal advice, investigations. Your consent in some jurisdictions can be express, implied, or given through an authorized representative such as a lawyer, agent or broker. It can also be given verbally, in writing, electronically, through inaction upon notice, or otherwise. You may withdraw consent at any time (subject to legal, contractual and other restrictions) if you give reasonable notice to us. After we have received such notice, we will inform you of the likely consequences of withdrawing consent, which may include our inability to provide certain services to you or to continue our relationship with you.


We use your Personal Information to operate our Services, fulfill our contractual obligations in our service contracts with customers, to analyze the use of the Services in order to understand how we can improve our content and service offerings and products, and for administrative and other business purposes. We process Personal Information for our business purposes, including payments, employee training, data analysis, security monitoring, auditing, research, and to comply with applicable laws, exercise legal rights, and meet tax and other regulatory requirements.

In this context, the legal basis for our processing of your Personal Information is either the necessity to perform contractual and other obligations, our legitimate business interest as a provider of security services, regulatory requirements, or in some instances your explicit consent.

MD Analytics and its representatives collect, use and disclose Personal Information for purpose that specifically include:

  • authenticating your identity and confirming your credentials;
  • determining your eligibility to participate in surveys;
  • contacting you to participate in surveys;
  • clarifying your responses to surveys;
  • determining your eligibility for prizes;
  • providing and administering requested products and services to you;
  • protecting MD Analytics, yourself and others from fraud and error;
  • managing or transferring MD Analytics’ assets or liabilities, for example in the case of an acquisition or merger, the provision of security for a credit facility or
  • the change of a supplier; and
  • complying with legal requirements and acting pursuant to legal authorizations.


We may share your Personal Information in the following circumstances:

Our Customers. We disclose aggregate survey responses with our customers; we do not disclose personally identifiable information about you to our customers without prior written consent (unless we are required or authorized to do so by law.)

Service Providers. We may share information we collect about you with third-party service providers to perform tasks on our behalf in supporting the Services. The types of service providers, or sub-processors, to whom we entrust Personal Information include: (i) payment providers; (ii) providers of hosting services; (iii) sales and marketing providers; (iv) providers of analytic data services; and (v) other services such as system support.

Governing Bodies. We may disclose your Personal Information to governing bodies such as colleges of physicians and surgeons.

Regulatory Bodies, Government Departments, Agencies, and Law Enforcement. We may access and disclose your Personal Information to regulatory bodies if we have a good-faith belief that doing so is required under applicable law or regulation. This may include submitting Personal Information required by tax authorities. We may disclose your Personal Information in response to lawful requests by public authorities or law enforcement, including to meet national security or law enforcement requirements. If we are going to release your Personal Information in this instance, our policy is to provide you with notice unless we are prohibited from doing so by law or court order.

Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, then your Personal Information may be transferred as part of such a transaction as permitted by law and/or contract. Should such an event occur, MD Analytics will endeavor to direct the transferee to use Personal Information in a manner that is consistent with the Privacy Policy in effect at the time such Personal Information was collected.

Other Disclosures. We may also disclose your Personal Information to exercise or defend legal rights; to take precautions against liability; to protect the rights, property, or safety of the Services, of any individuals, or of the general public; to maintain and protect the security and integrity of our services or infrastructure; to protect ourselves and our services from fraudulent, abusive, or unlawful uses; or to investigate and defend ourselves against third-party claims or allegations. Disclosures may be made to courts of law, attorneys and law enforcement, or other relevant third parties in order to meet these purposes.

Please note that we share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling, and other similar purposes. In addition, our Services may contain links to other websites not controlled by us, and these other websites may reference or link to our Services; we encourage you to read the privacy policies applicable to these other websites.

CCPA (For California Residents).

As noted above, we disclose to our customers only aggregate information. We DO NOT disclose to any personally identifiable information to our customers. From time to time, our service providers may need to access databases containing personal information to provide services to us, and such access and use of any such information is limited exclusively to the provision of services to our business. The categories of Personal Information that may have been disclosed to service providers for this limited business purpose in the preceding 12 months are the same categories collected as part of our Services and include:

  • Identifiers such as a real name, alias, postal address, email address, unique personal or online identifier, Internet Protocol address, account name;
  • Education, Employment status, medical information
  • Race, religion, gender identity, marital status, medical conditions, ethnicity, disability, age
  • Internet or other electronic network activity information, including, browsing history, search history, and information regarding a consumer’s interaction with an internet website, or advertisement; and
  • Professional or employment-related information

We DO NOT sell Personal Information.


MD Analytics retains Personal Information for a reasonable time period to fulfill the processing purposes mentioned above. Personal Information is then archived for time periods required or necessitated by law or legal considerations. When archival is no longer required, Personal Information is deleted from our records. We will keep Personal Information used to make a decision affecting you for at least one year after using it to make the decision.

We retain your account information, including Personal Information in your profile, while your account is active. After termination or deactivation of your account, we delete your account as part of our standard delete function. If you participated in market research, your contribution becomes part of the market data and is retained indefinitely, with data anonymized and aggregated.

We will destroy, erase or make anonymous documents or other records containing personal information as soon as it is reasonable to assume that: (a) the original purpose is no longer being served by retention of the information, and (b) retention is no longer necessary for legal or business purposes. Please note we may retain information within our internal systems for backup, archival, audit, or other purposes.

We retain Personal Information that we are required to retain to meet our regulatory obligations including tax records and transaction history. We regularly review our retention policy to ensure compliance with our obligations under data protection laws and other regulatory requirements. We regularly audit our databases and archived information to ensure that Personal Information is only stored and archived in alignment with our retention policies.


MD Analytics protects the Personal Information in its custody or control by making reasonable security arrangements to protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. MD Analytics will take reasonable steps, through contractual or other reasonable means, to ensure that a comparable level of Personal Information protection is implemented by its suppliers and agents who assist in providing products and services to you. Some specific safeguards include:

  • physical measures such as locked filing cabinets;
  • organizational measures such as restricting access to files and databases as appropriate; and
  • electronic measures such as encryption, passwords and firewalls.

We will take reasonable steps, through contractual or other reasonable means, to ensure that a comparable level of Personal Information protection is implemented by the suppliers and others whom we ask to assist in providing services to you and us. We regularly consider appropriate new security technology and methods as we maintain and develop our software and systems. Please be aware that despite our best efforts to ensure the security of your data, we cannot guarantee that your information will be 100% secure. Note that confidentiality and security are not assured when information is transmitted through email or wireless communication.


If you have a MD Analytics account, we rely upon you to keep your information up to date. You may edit your profile information at any time through your account settings. For email subscriptions, you may opt-out at any time by selecting the “Unsubscribe” link at the end of the email communication. Similarly, for email communication of a marketing nature, we provide the ability for you to unsubscribe directly from the email.

If you demonstrate the inaccuracy or incompleteness of Personal Information, MD Analytics will amend the information as required. If appropriate, we will send the amended information to third parties to whom the information has been disclosed. When a challenge regarding the accuracy of Personal Information is not resolved to your satisfaction, MD Analytics will annotate the Personal Information under its control with a note that a correction was requested but not made.

Personal Information subject rights under the CCPA apply to residents of California. These rights include the right to: (i) know what Personal Information is being collected about them, (ii) know whether their Personal Information is sold or disclosed at to whom, (iii) say no to the sale of Personal information, (iv) access their Personal Information, and (v) equal service and price, even if they exercise their privacy rights. Please note we do not sell Personal Information.

We respect the privacy of all individuals and invite you to submit your requests, irrespective of where you reside. Our contact details are provided at the end of this Privacy Policy.


This document is effective as of the date indicated at the top of this Privacy Policy under “Last updated”. This document may be amended from time to time.


Inquiries may be made through any of the following means:

Privacy Officer: Meeta Nordahl
Online Form:
Phone: 604-633-1927, ext. 1513
Toll Free: 1-866-617-0741
Facsimile: 604-633-1921
Attention: Meeta Nordahl
MD Analytics Inc.,
555 Burrard Street, 1st Floor,
Vancouver, BC V7X 1M8

We are here to answer your questions.