By supplying Personal Information to us, you agree to this Policy.
For the purposes of this Policy, the term “Personal Information” means any information that is defined to be personal information under applicable privacy laws. Usually, this refers to any information about an identifiable individual or any information that can be used to identify an individual and may include, for example, your name and home address, your date of birth and gender, health information, your occupation, medical conditions or other health information, your personal financial records or credit information, or any personal identification numbers.
Our Site does not automatically gather Personal Information from you. We would only obtain this information if you supplied it to use by sending an email or by filling out a form in a secure portion of the Site.
We may collect, use or disclose personal information for the purposes identified at the time of collection, as otherwise permitted or required by applicable law, or for any of the following purposes:
- to provide Services to you or to allow you to access to the Site;
- to comply with our legal obligations and regulatory requirements;
- to provide information to anyone working with or for us as needed for the provision the Services;
- to develop and manage our business and operations, including but not limited to for billing, accounting and debt collection services relating to the Services;
- to establish, maintain and manage our relationships with users of the Services;
- to respond to your questions and concerns;
- to detect and protect the Company and third parties from error, negligence, breach of contract, fraud, theft or other illegal activity, and which may include sharing Personal Information with our insurers, and to otherwise communicate with our insurers;
- to generate, maintain, and utilize (as required to provide the Services) a user’s account for any Services;
- to generate analytics and statistical data; and
- for any other purpose for which we have obtained your consent.
Privacy legislation requires that we obtain the consent of an individual for the collection, use or disclosure of Personal Information in many circumstances. By providing your Personal Information to us, you agree that we may collect, use and disclose your Personal Information in accordance with this Policy and as otherwise permitted or required by law, and that we may access, process and store your Personal Information in Canada or another jurisdiction.
When we receive Personal Information from you for the purposes of providing you with the Services, or for other uses identified herein, you are providing us with consent as follows:
- to allow us to deal with that Personal Information in a reasonable manner;
- to allow us to provide your Personal Information to third parties we engage to provide or support the Services;
- to allow us to use and store your Personal Information for the purpose of providing you with the products and Services you purchase from us and to utilize the Services; and
- to allow us to transfer your Personal Information outside of Canada (whereby your Personal Information will be treated in accordance with applicable foreign laws) for the purpose of storage and use of your Personal Information by the Company.
If you need to provide us with Personal Information about other individuals, you represent and warrant to us that, where required by law and prior to your disclosure to us, you will obtain the consent of each individual to the collection, use and disclosure by us for the specific purpose(s) that the disclosure is made by you.
Providing us with your Personal Information is always your choice. When you request Services from us, or utilize our Services, we ask that you provide information that enables us to respond to your request and/or provide you with our Services. In doing so, you consent to our collection, use and disclosure to appropriate third parties of such Personal Information for these purposes. If we sell our organization or merge with another party, your consent will be implied to transfer your information to our successor for the same purposes as set out in this Policy.
There are legal exceptions where we will not need to obtain consent or explain the purposes for the collection, use or disclosure of Personal Information. Some examples of situations where consent is not required include an emergency that threatens the life, health or security of an individual, or if we must comply with a court order or governmental order.
We will only collect such information that is deemed necessary to meet the purpose for which such Personal Information is collected.
Limited Use, Disclosure and Retention
We will only use your Personal Information in accordance with this Policy. If in the course of managing its business operations, we share your Personal Information with professional advisors, franchisees, suppliers, any such entities shall be required to comply with privacy guidelines that impose obligations at least commensurate with this Policy. We do not sell or disclose Personal Information to third parties, other than in compliance with this Policy and as required to satisfy any law, regulation, legal request, to protect its business interests, and to co-operate with any law enforcement investigation or on matters concerning public policy and safety.
Collection of additional Personal Information through the Services
As part of the use of the Services online, the Company may collect additional Personal Information (“Online Information”) about the use of the Services, and this Policy applies to this Online Information with the appropriate adjustments. General information, such as demographic statistics about Users, the number of Users and the average time of use of the Services, is likewise considered Online Information.
The Company collects or obtains Online Information as part of the operation of the Services. For example, when a User decides to use the Services, the Company may automatically collect information obtained by way of analytical tools or digital markers. These analytical tools collect only a limited dataset, in particular the time and date when a Service was used and the IP address. A Service may also contain analytical tools placed by advertising partners or service providers in order to allow us to evaluate the effectiveness of the Services, including Google Analytics, Google Marketing Platform and Google Ad Manager.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses Online Information collected to track the use of the Services and to personalize ads. You can opt-out of having your Online Information being used by Google Analytics for example by installing the Google Analytics opt-out browser add-on available at: https://tools.google.com/dlpage/gaoptout.
More information on the privacy practices of Google is available at: https://policies.google.com/technologies/partner-sites
In addition to what is already provided in this Policy in regard to Personal Information, we use Online Information to track the use of the Services and improve their use, customize the experience of the Users, in particular by proposing customized advertisements and offers, make statistical analyses of all the characteristics and behaviours of Users, measure the demographic variables and interests of Users with respect to specific Services, describe its Services to third parties and potential commercial partners and determine how and where Company resources can be allocated more effectively. No Personal Information is disclosed as part of such activities. This Online Information is necessary for us to be able to collect the data required to record the number of Users, the functionalities or aspects of the Services most used, the technology used by the Users of the Services, the referral websites and the location of the Users.
Cookies left on Users’ hard drive are harmless and may be read or deleted at any time. Users therefore have complete control over them. The information allows the Company to determine the total number of visitors to each web page and the time spent on it. Every time Users go to a website, a cookie is created and left on their computer, therefore allowing the Company to “recognize” them.
The Services may use retargeting services (for example Google Analytics) to identify Users who have used the Services and reach them with online advertising once they have stopped using the Services, in order to transmit advertisements associated with prior use of the Services, without however disclosing any Personal Information in doing so.
We employ software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. This software receives and records the Internet Protocol (IP) address of the computer that has contacted our Site, the date and time of the visit and the pages visited. We make no attempt to link these addresses with the identity of individuals visiting our site unless an attempt to damage the site has been detected.
Third Party Links
Cloud Based Servers
We process and store Personal Information using our server(s) based in Canada but, on occasion, also use cloud service providers. Under the GDPR, we act as a “controller” of your data. The cloud-based service provider is a data “processor” who may process Personal Information on our behalf. As a controller, we have ensured that our cloud service providers are bound to maintain the Personal Data in accordance with this Policy. By accepting this Policy or using the Site or Services, you agree to the transfer of any Personal Information that you provide to such cloud based servers.
We take special precautions to comply with applicable laws regarding children’s advertising and privacy. The Services are not for children, We do not intend to collect Personal Information from children without verified parental consent or in any other way not allowed by law. If you think we have done this, please let us know.
Access and Correction
We recognize that you may have the right to access your Personal Information. Any access request must be made to the Chief Privacy Officer whose contact details are set out below.
We may charge a reasonable fee for providing information in response to an access request, and, upon request, we will provide an estimate of any such fee upon receiving a request to access information. We may require a deposit for all or part of the fee.
Where applicable or permitted, we will make the information available within 30 days or provide written notice when we require additional time to respond to a request for access to information.
In some situations, we may not be able to provide access to certain Personal Information as the right to access personal information is not absolute. If we do not provide you with the requested information, we will notify you in writing and explain our reason(s) for not fulfilling your request.
Questions, comments, suggestions or complaints
For any questions, comments or suggestions regarding this Policy or the Personal Information protection practices of the Company not discussed in this Policy, you can write to the Company’s Chief Privacy Officer by email or regular mail at the coordinates below. You can submit complaints to the Company’s Chief Privacy Officer if you think that the Company is not meeting its obligations with respect to the protection of Personal Information. We will investigate such complaints and if they are justified, will take appropriate measures to correct the situation. If you are not satisfied with this internal review of your complaint, you can contact the Office of the Privacy Commissioner of Canada.
Notice to California Residents
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of Personal Information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year. To request a copy of this information or to opt out of these disclosures, please contact our Chief Privacy Officer.
European Union (EU) Notice
Transfers of Personal Information
We are a data controller and responsible for your Personal Information, which we process and store in Canada or on the cloud through the Google Suite of Services. The European Commission has decided that Canada ensures an adequate level of protection of individuals’ personal information. We may use the following safeguards when transferring your Personal Information to a country, other than Canada, that is not within the EU:
- Only transfer your Personal Information to countries that have been deemed by the European Commission to provide an adequate level of protection for Personal Information;
- Where we use certain service providers, we may use specific contracts which give Personal Information the same protection it has in the EU.
Your Legal Rights
Under certain circumstances, you may have rights under the data protection laws in relation to your Personal Information, including the right to:
- Request access to your Personal Information.
- Request correction of your Personal Information.
- Request erasure of your Personal Information.
- Object to processing of your Personal Information.
- Request restriction of processing your Personal Information.
- Request transfer of your Personal Information.
- Right to withdraw (revoke) consent.
If you wish to exercise any of these rights, please contact our Chief Privacy Officer at the coordinates below.
We may change this Policy from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review our Policy to stay informed. If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email or through the Platform. If you disagree with the changes to this Policy, you should contact the Chief Privacy Officer.
How to contact the Chief Privacy Officer
Company is responsible for Personal Information under its control and has designated a Privacy Officer who is accountable for this Policy and applicable Canadian and other privacy and data protection laws. Should you have any questions about your Personal Information or Company’s privacy practices, please contact our Privacy Officer at the information below.
Users may contact us with requests that we delete their Personal Information from our systems, or to request access or correction to their Personal Information. We will attempt to accommodate such requests to the extent possible. If all such information is deleted from our systems, your account may become deactivated. In any event, we may retain an archived copy of your records as required by law or for legitimate business purposes.
The Privacy Officer may be contacted at:
Attn: Chief Privacy Officer
120 Adelaide Street West
Suite 2500 Toronto, ON M5H1T1