Unifocus Privacy Notice

Table of Content

Your Information We Collect

  • Personal details
  • Account information
  • Financial information
  • Device and automatic information
  • Views and opinions
  • Employee and job applicant information
  • Communications

How We Collect Your Information

  • Information collected directly from you
  • Information collected automatically
    • Cookies
    • Google Analytics
  • Information from other sources

How We Use Your Information

  • Purpose of collecting Personal Information

With Whom Do We Disclose Your Information

  • Disclosure details
  • Data processing and de-identification

How We Protect Your Information

  • Security measures

Children

  • Collection policies for children under 13

Links

  • External website disclaimer

Changes to This Notice

  • Effective date and change policy

How to Contact Us

  • Contact details for inquiries

Other Choices

  • Promotional emails
  • Marketing calls/texts
  • Push notifications

Additional Information for Residents of California

  • Collection, use, and disclosure of Personal Information
  • California privacy rights

Additional Information for Residents of Other States

  • Privacy rights for Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia residents

Canadian Privacy Rights

  • Information on Canadian privacy laws
  • Rights under Canadian privacy laws

Additional Information for Residents of the European Economic Area (EEA) and the United Kingdom (UK)

  • GDPR rights
  • Legal basis for data processing
  • Data transfer and retention policies

Last Updated: November 8, 2024

Our Privacy Notice Has Recently Changed.

Your privacy is important to Unifocus (“our,” “us,” or “we”) and our subsidiaries and affiliates, together with Unifocus. This Privacy Notice (the “Notice”) explains the types of information we may collect from you or that you may provide when you visit the website https://www.unifocus.com/ (our “Website”) and/or any Unifocus products, services, and applications that are made available to you through the Website and other platforms (collectively with Website, “Services”) and our practices for collecting, using, maintaining, protecting, and disclosing that information. This Notice does not apply to any products, services, websites, mobile applications, or content (including advertising) offered by third parties or that may be linked to or from the Services. Data collected by these third parties is covered by their own privacy notices.

Please read this Notice carefully. If any term in this Notice is unacceptable to you, please do not use our Services or provide us with any personal information.

In this Notice, when we talk about “Personal Information,” we mean any information that is related to an identified or identifiable natural person.

Unifocus is the data controller, as the term is defined by applicable data protection laws, of the Personal Information that we collect from you when you use our Services, such as survey data, support requests, personal data within our mobile application, or information in a contact form. This Privacy Notice only applies to Personal Information that is collected by Unifocus when you use the Services.

If you engage with our Services as part of your employment, and your employer or another third party uses Unifocus’s Services (“Unifocus Client”), the Unifocus Client acts as the data controller for any of your Personal Information it provides to us. In this scenario, we act as a data processor under applicable data protection laws, using your Personal Information solely to deliver the service to the Unifocus Client as required. Unifocus Clients are responsible for maintaining their own privacy policies and for ensuring that they have obtained the necessary authorizations and consents for any collection, use, and disclosure of Personal Information, including by Unifocus. Any Personal Information that is provided to us by a Unifocus Client is governed by the Unifocus Client’s own privacy policy, as that Unifocus Client is the data controller of that information.

1. Your Information We Collect

Depending on your relationship with us, we may collect the following categories of Personal Information from you:

● Personal details: Name, email address, telephone number, company name, job title, and other professional and employment information;

● Account information: Account login credentials such as username and password;

● Financial information: Billing and payment information (e.g., credit card or ACH account information);

● Device and other automatic information: IP address, browsing history, search history, and information regarding your interactions with a website, application, or advertisement. For more information, see “Information We Collect Automatically About You” below;

● Views and opinions: Feedback, survey responses, and other information included within your interactions with us or otherwise provided via the Services; and

● Employee and Job Applicant Information: If you are an employee or have applied for a job or other position with us, we may also collect employment information such as your name, resume/CV, educational background, language and other skills, work experiences, and job references.

● Communications: We may record our communications including chat messages, phone, or video calls, such as when you utilize our chat-bot or provide us with feedback.

2. How We Collect Your Information

Information We Collect Directly From You

We may collect Personal Information that you provide to us when you use our Services or interact with us. For example, we may collect information when you browse through the Website, register or create an account, make an information request, or when you otherwise interact with us and provide your information via our Services.

Information We Automatically Collect About You

As with many websites, when you interact with our Website, we may use automatic data collection technologies to collect and log certain information about your equipment, browsing actions, and patterns, including details of your visits to our Website (e.g., traffic data, logs, other communication data, and resources that you access and use on our Website), information about your computer, mobile device, and internet connection (including your IP address, operating system, and browser type), and location data, which we collect to ensure you reside in a jurisdiction in which you are eligible for using our Website, to comply with relevant laws, and for fraud prevention purposes.

Cookies

The technologies we use for automatic data collection include cookies (i.e., browser cookies), flash cookies, and web beacons. We may store cookies (e.g., locally stored objects) on your device when you use our Website. These technologies help us speed up your future activities and improve your experience by remembering the information that you have already provided to us. Third parties operating on our behalf may also use these technologies to provide us with anonymous data and information regarding the use of our Website. You may block or delete these technologies from your device. However, by disabling such technologies, you may not have access to the entire set of features of our Website. For more information about cookies, including links to web browser instructions for disabling and managing such technologies, visit https://optout.networkadvertising.org/.

We use Google Analytics to collect information on your use of our Website. Google Analytics collects information such as how often users visit our Website, what pages they visit, and other websites visited prior to or after coming to this Website. The data collected through these tools is not tied to other Personal Information that we collect about you. To know more about data collected by Google Analytics, visit https://www.google.com/policies/privacy/.

You may prevent the use of Google Analytics by disabling cookies as described above. You may also prevent Google Analytics from recording the data generated by the cookie and pertaining to your use of our Website (including your IP address), or processing this data, by downloading and installing the following browser plug-in available through Google at the following link: https://tools.google.com/dlpage/gaoptout.

Information We Collect From Other Sources.

We may collect Personal Information about you from our affiliates and our partners and their service providers and contractors. For example, this may include your current job position, business address, company name, and position title provided by your employer. We also may obtain information you have made publicly available, including from websites and online services you use, consumer research platforms, and/or business contact databases.

3. How We Use Your Information

We may collect Personal Information for the following purposes:

● Provide our Services and its contents to you;

● Provide or improve the Services requested by you, including in the context of your business relationship with us, and perform our contractual obligations;

● Fulfill or meet the reason you provided the information (e.g., to respond to your email or request for information);

● Communicate with you about our Services or to provide you with information or marketing materials, including promotional offers, that may be of interest to you;

● Send you transactional or relationship messages, such as receipts, account notifications, customer service responses, and other administrative messages;

● Monitor and analyze trends, usage, and activities in connection with the Services;

● Comply with the law, protect or defend our interests or the interests of our customers or users of our Services if permitted by law or required to do so by law, court order, or government regulations or where we believe such action is necessary;

● Help maintain the safety, security, and integrity of our Services, products and services, databases, other technology assets, and business;

● System administration and to monitor the use of our Services;

● Any other purpose disclosed by us when you provide the information or with your consent; and

● Disclose to third parties for the performance of services provided to us, including third-party providers of services related to the operation and management of our Services, or in connection with the administration and support of the activities noted above.

4. With Whom Do We Disclose Your Information

We may disclose information about you as follows and as otherwise described in this Notice or at the time of collection:

● With companies and vendors that perform services for us, including email service providers, payment processors, fraud prevention vendors, analytics providers, advertising partners, and other service providers;

● To accountants, auditors, lawyers, and other outside professional advisors to the Company, subject to appropriate contractual obligations of confidentiality;

● Where required by law, court order, or subpoena if we believe disclosure is in accordance with, or required by, applicable law or legal process or where necessary to prevent, detect, or prosecute criminal offenses or to protect the rights, property, and safety of the Company or others;

● In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company;

● Between and among the Company and our current and future parents, affiliates, subsidiaries, and other companies under common control and ownership; and

● With your consent or at your direction.

We may also process and disclose information to third parties if the information has been de-identified or aggregated in a way so it cannot be used to identify you.

5. How We Protect Your Information

We use reasonable security measures to protect your Personal Information. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to and from us over the Internet.

6. Children

The Services are not directed towards children. We do not knowingly collect Personal Information from children under the age of 13 (or 16 where applicable by law) through the Services. If you are under 13, please do not give us any Personal Information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Notice by instructing their children to never provide Personal Information through the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Information to us, please contact us using the methods described in Section 9 “How to Contact Us,” and we will endeavor to delete that information from our databases.

7. Links

The Services may contain content, services, advertising, and other materials that link to external websites. We do not endorse and are not responsible for the content of any such external website. Please refer to the terms of use and privacy notices of the external website for more information.

8. Changes to This Notice

This Notice is effective as of the date stated at the top of this Notice. We may change this Notice from time to time. Your access of the Services after such change will be deemed acceptance of the new Notice.

9. How to Contact Us

If you have any questions or concerns about our privacy practices or about exercising your rights, you may send an email to privacy@unifocus.com or call us at (972) 512-5000. You may also write to us at: 511 E. John Carpenter Freeway, Suite 410 Irving, TX 75061.

As described at the beginning of this Privacy Notice, we may process Personal Information for our Unifocus Clients or other third parties. To this end, if not stated otherwise in this Privacy Notice, we process such Personal Information as a data processor on behalf of our Unifocus Clients (and their affiliates) or other third parties who are the data controller of the Personal Information. We are not responsible for and have no control over the privacy and data security practices of our Unifocus Clients or other third parties, which may differ from those explained in this Privacy Notice. Individuals whose Personal Information has been submitted to us in our role as a data processor by or on behalf of an Unifocus Client and wish to exercise any rights they may have under applicable data protection laws will be directed to the Unifocus Client.

10. Other Choices

Promotional Emails. You may opt out of receiving promotional emails from us by following the instructions in those emails or by logging into your account and managing your contact preferences. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.

Marketing Phone Calls/Text Messages. With your consent, we may engage in marketing and other automated communications, which may include phone calls and text messages made using an automatic telephone dialing system or artificial prerecorded voice. You are not required to consent to such communications as a condition of purchasing products or services, and you may revoke consent at any time by contacting us via the methods in Section 9 “How to Contact Us.”

Push Notifications to Mobile Devices. With your consent, we may send promotional and other push notifications to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.

11.Additional Information for Residents Of California

The California Consumer Privacy Act, as amended by the California Privacy Rights Act (Civil Code Section 1798.100, et seq.) (“California Law”), provides eligible California residents with specific rights with respect to our collection, retention, disclosing, selling, sharing, and use of Personal Information. This section on Additional Information for Residents of California supplements this Notice and applies solely to eligible residents of the State of California. Any terms used but not defined in this section have the same meaning as defined in California Law.

Collection of Personal Information

In the preceding twelve (12) months, we have collected categories of Personal Information as discussed in Section 1 “Your Information We Collect” from the sources of Personal Information as discussed in Section 2 “How We Collect Your Information.” The business or commercial purpose for collecting that information is disclosed in Section 3 “How We Use Your Information.”

Disclosure of Personal Information

In the preceding twelve (12) months, we may have disclosed your Personal Information for a business or commercial purpose described in Section 3 “How We Use Your Information” to the categories of third parties described in Section 4 “With Whom Do We Disclose Your Information.”

Sales and Shares of Personal Information

We do not sell your Personal Information for monetary profit. However, we engage in certain information disclosure activities that may be considered “sales” or “sharing” under California Law. In the last twelve (12) months, we have sold or shared the following Personal Information:

 
Category Business or Commercial Purpose Categories of Third Parties to Whom Personal Information was Disclosed That May be Considered a “Sale/Sharing” Under California Law
Identifiers ● To provide you with personal advertising and content ● Advertisers and advertising networks

Internet or other similar network activity.

 ● To provide you with personal advertising and content ● Advertisers and advertising networks

We do not knowingly sell or share the Personal Information of consumers under 16 years of age.

California Privacy Rights

California Law provides consumers with specific rights regarding their Personal Information. The following section describes your California Law rights and explains how to exercise those rights. Your California Law rights include the:

Right to Know or Access: Request that we disclose to you your Personal Information that we collected, used, disclosed, shared, and sold.

Right to Delete: Request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see “Identity Verification”), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

Right to Correct Inaccurate Personal Information: Request that we correct any of your Personal Information that we maintain about you that is inaccurate.

Right to Opt Out of Sales or Sharing of Personal Information: We do not sell your Personal Information for monetary profit. However, we may engage in certain information disclosure activities that may be considered “sales” or “sharing” under California Law. If we sell your Personal Information to or share such information with third parties, you may have the right to opt-out of the sale or sharing of such information. To exercise the right to opt out, you (or your authorized representative) may submit a request to us by visiting the Do Not Sell or Share My Personal Information link on the homepage.

If you have an opt out preference signal enabled (e.g., the Global Privacy Control), you will automatically be opted out of the sale or sharing of your information, but we may ask you to confirm your preference if you have previously consented to the sale or sharing of your Personal Information. To download and use a browser supporting the opt-out preference signal, please visit https://globalprivacycontrol.org/orgs. If you choose the opt-out preference signal, you will need to enable it for each supported browser or browser extension you use.

Right to Limit the Use and Disclosure of Sensitive Personal Information: Limit how we use and disclose your Sensitive Personal Information. To exercise the right to limit, you (or your authorized representative) may submit a request to us by visiting the Limit the Use and Disclosure of My Sensitive Personal Information link on the homepage.

If a transaction requires the use or disclosure of your Sensitive Personal Information in order to complete the transaction, we will notify you and provide instructions on how you can reauthorize such use or disclosure.

Right to Non-Discrimination: We will not discriminate against you for choosing to exercise any of your rights. If you exercise certain rights, understand that you may be unable to use or access certain features of the Services.

Exercising Your Rights

To exercise your California privacy rights, please submit a request by contacting us via the methods in Section 9 “How to Contact Us.”

Identify Verification

We may require you to prove your identity to exercise certain rights. Depending on your request, we will ask for information such as your name, your telephone number, email address, and/or date of last communication with us. We may also ask you to provide a signed declaration confirming your identity. We will only use Personal Information provided in your consumer request to verify your identity or authority to make the request.

Only you, your parent, guardian (if you are under 13 years or age), conservator, a person to whom you have given power of attorney, or an authorized agent may make a verifiable consumer request related to your Personal Information. You may, however, make a verifiable consumer request on behalf of your minor child if necessary. Your verifiable consumer request must provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Information or an authorized representative. We cannot respond to your request if we cannot verify your identity or authority to make the request. You may only make a verifiable consumer request for your right to access twice within a 12-month period.

Data Retention

We retain your Personal Information so long as necessary for the purposes for which it was collected or otherwise processed. When determining the retention period, we take into account criteria, such as the type of services requested by or provided to you, the nature and length of our relationship with you, use of our Services, and the impact on the Services functionality if we delete your Personal Information.

Notice of Financial Incentive

We may offer you various incentives, including special offers, discounts, rewards, and coupons pursuant to certain rewards and loyalty programs (each, a “Rewards Program”), throughout the year for providing us with your Personal Information. Categories of Personal Information that may be collected pursuant to a Rewards Program, include, but are not limited to the categories of Personal Information described in Section 1 “Your Information We Collect.”

We do not assign a monetary value to the data we collect, but based on a good-faith estimate, we believe the value received from your Personal Information is reasonably equal to the value of the benefit we offer you pursuant to a Rewards Program. This estimate is not specific to any specific individual who participates in a Rewards Program (a “Member”) and may vary by Member. We have calculated such value by taking into consideration, without limitation, relevant factors related to the estimated value of such information to us, as set forth under California Law.

If eligible, you may opt into a Rewards Program by following the instructions set forth in a Rewards Program’s terms and conditions and, if applicable, by creating a member account on the Rewards Program’s website. Material terms of participating in a Rewards Program, including all terms and conditions concerning the collection, use and retention of a Member’s Personal Information, are set forth in the applicable terms and conditions, this Notice, and/or our Terms of Service and should be carefully reviewed prior to participation in a Rewards Program.

You have the right to cancel your membership and participation in a Rewards Program at any time. To opt out of a Rewards Program, including the receipt of marketing emails provided pursuant to your status as a Member of a Rewards Program, please contact us via the methods in Section 9 “How to Contact Us.”

Your Rights Under “Shine the Light”

In addition to your rights under California Law, California Civil Code Section 1798.83 permits California residents to request information regarding our disclosure, if any, of their Personal Information to third parties for their direct marketing purposes. If this applies, you may obtain the categories of Personal Information disclosed and the names and addresses of all third parties that received Personal Information for their direct marketing purposes during the immediately prior calendar year (e.g., requests made in 2024 will receive information about 2023 sharing activities). To make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a California resident and provide a current California address for our response. You may make this request in writing by contacting us via the methods in Section 9 “How to Contact Us.”

12. Additional Information for Residents of Other States

For eligible residents of Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia, you also have rights with respect to the Personal Information, also known as personal data, that we collect about you. This section supplements this Notice and applies solely to eligible residents of Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia. Any terms not defined in this section have the same meaning as defined under applicable Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia privacy law, including the Colorado Privacy Act, Connecticut Data Privacy Act, Montana Consumer Data Privacy Act, Oregon Consumer Privacy Act, Texas Data Privacy and Security Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act. Subject to certain exceptions, if you are an eligible resident of one of these states, you have certain privacy rights which may include, depending on your state of residency:

Right to Know/Access: You have the right to confirm whether we process your Personal Information and access such Personal Information. You also have the right to obtain your Personal Information in a portable, and to the extent reasonably feasible, readily usable format that you can transmit without hindrance. In addition, eligible Oregon residents have the right to confirm the categories of Personal Information we process or have processed, as well as a list of specific third parties to which we have disclosed any Personal Information.

Right to Delete: You have the right to request that we delete the Personal Information you have provided to us or that we have otherwise obtained about you.

Right to Correct: You have the right to request that we correct inaccuracies in your Personal Information, taking into account the nature of the Personal Information and the purposes of the processing of your Personal Information.

Right to Opt Out: You have the right to opt out of the processing of your Personal Information for the purposes of (i) targeted advertising, (ii) the sale of your Personal Information and (iii) profiling in furtherance of decisions that produce legal or similarly significant effects. [Please note that we do not engage in such profiling as defined under applicable law.]

NOTICE TO TEXAS CONSUMERS: We may sell your sensitive personal data.

Right to Appeal: You have the right to appeal our decision with regard to your request to exercise any rights described herein.

You do not need to create an account with us to exercise your Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia privacy law rights. To exercise the rights described in this section, including your opt-out rights, please submit a consumer request to us by contacting us via the methods in Section 9 “How to Contact Us.”

13. Canadian Privacy Rights

If you are located in Canada, the Personal Information Protection and Electronic Documents Act and applicable provincial privacy legislation (collectively, “Canadian Privacy Laws”) govern the collection, use and disclosure of personal information by organizations in the course of commercial activities. If you are located in Canada, this Canadian Privacy Rights section applies to you. Additionally, in certain Canadian provinces, provincial privacy legislation will apply to you, namely, for the Province of Alberta – the Personal Information Protection Act (Alberta), for the Province of British Columbia – the Personal Information Protection Act (British Columbia) and for the Province of Quebec – the Act respecting the protection of personal information in the private sector also applies to you and the expression “Canadian Privacy Laws” therefore also includes reference to these provincial laws. If you live in Canada and any part of our general Privacy Notice conflicts with this Canadian Privacy Rights section, this Canadian Privacy Rights section governs to the extent of the conflict. 

Personal Information 

Under Canadian Privacy Laws, personal information means any information about an identifiable individual, which may, in certain circumstances, include information gathered from your use of the Services. 

Consent

In Canada, express or implied consent is the legal basis upon which organizations may collect, use and disclose personal Information. Accordingly, personal information will only be collected, used, and disclosed by us for the purposes described above in this Privacy Notice under the heading “How We Use Your Personal Information”, with your express or implied consent. We will collect your express consent for any sensitive personal information that we may collect, use, or disclose. Otherwise, your continued use of the Services signifies your consent to our collection, use, and disclosure of your personal information as described in this Privacy Notice, as it may be amended from time to time after you have been informed of any such amendment. Your continued use of the Services after having been informed of any amendment to this Privacy Notice will be deemed a consent by you to any such amendment; if you do not agree with this Privacy Notice or any amendment, do not access the Services. If you provide personal information of a third party to us, you represent that you have complied with the requirements of Canadian Privacy Laws with regards to its collection before providing it to us and for us its use and disclosure as set out in this Privacy Notice.

Online Behavioural Advertising

With respect to the information that we collect using cookies or similar technologies that we have described above, you can opt-out of several third party ad servers’ and networks’ cookies simultaneously by using an opt-out tool created by the Digital Advertising Alliance of Canada and an opt-out tool created by the Network Advertising Initiative. Opting out of a network does not mean you will no longer receive online advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.

Right to be informed

You have the right to be information about the personal information that we collect, use, process, disclose, retain and have deleted about you. You may request additional information to clarify the extent of your consent.

Right to an Accounting

You have the right to receive an accounting of the categories of third parties to whom we have disclosed your personal information.

Rights of Access, Correction

You have the right to access the personal information we maintain about you and you have the right to correct or supplement your personal information if it is inaccurate or misleading and to have it completed if it is incomplete. Where appropriate, to have personal information that you have corrected or supplemented transmitted to third parties who have had access to your personal information.

Right to be notified of a Data Breach

If you are in Quebec, you have the right to be informed of a confidentiality breach involving your personal information that may cause you a serious harm. If you are in the rest of Canada you have the right to be informed of a breach of security safeguards affecting your personal information where there is a real risk of significant harm to you.

Right to Lodge Complaints

You have the right to lodge a complaint about our collection, use or disclosure of your personal information with the Office of the Privacy Commissioner of Canada and any applicable provincial privacy commissioner’s office having jurisdiction.

Additional Rights in Quebec

If you are in the province of Quebec, you have the following additional rights:

Right of Deletion

You may request under certain circumstances the deletion of your personal information.

Right to Data Portability

As of September 22, 2024 you will have the right to be provided, in a structured, commonly used and machine-readable format, with a copy of your personal information or to have it transferred directly to another entity or person.

To exercise the above rights, please get in touch with us using the contact information provided below under the heading “Contact Us”. We will consider and process your request within a reasonable period of time and in any event within thirty days of receipt of your request or such longer time as we may be permitted under Canadian Privacy Laws. Please be aware that under certain circumstances, Canadian Privacy Laws may limit your exercise of these rights.

If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

If we refuse to rectify your personal information, we will attach a statement to the record that sets out the reason why we have refused to make the rectification.

We will also retain the personal information that has been the subject of an access request or a rectification request for as long as necessary to allow you to exhaust any recourse provided by law.

International Transfers

As noted above in this Privacy Notice, your personal information may be transferred to and stored at a location outside of your jurisdiction of residence. Please note that local data protection laws where your personal information is stored or processed may not provide as much protection as the data protection laws in force in your jurisdiction of residence, but we nevertheless ensure that we take reasonable steps to ensure that your personal information will not be used by such persons storing or processing the information for any purpose other than assisting us for the purposes described in this Privacy Notice. If you would like to receive more information about our policies and practices with respect to our use of service providers outside of Canada who handle your personal information or if you have any questions about our collection, use, disclosure or storage by any service providers outside of Canada on our behalf, please contact us at the address below under the heading “Contact Us”.

If you provide personal information of a third party to us, you represent that you have complied all the obligations imposed by Canadian Privacy Laws regarding the transfer of personal information outside the jurisdiction of residence.

Business Transfers

Where we disclose your personal information in the event of a business transfer described in our Privacy Notice above, we will ensure that the information is treated confidentially by the parties to the transaction and that the information will be protected by security safeguards appropriate to its sensitivity. If the transfer is completed we will require that the parties to the transaction continue to treat your personal information in accordance with Canadian Privacy Laws.

Service Providers

Where we disclose personal information to services providers, we ensure that they are bound by contractual obligations to:

● Use personal information only for providing the service;

● Refrain from disclosing or communicating personal information without our consent;

● Implement rigorous security measures;

● Allow us to audit these measures;

● Notify us immediately of a confidentiality breach; and

● Destroy personal information at the end of the contract.

Electronic Marketing Messages

We send electronic marketing messages for the purposes described above in this Policy, however, notwithstanding Our Opt-in/Opt-out Policy described above, Canada’s anti-spam legislation contains special rules that regulate the way in which we may send these electronic messages to you. If you are located in Canada we will only send electronic marketing messages to you if we have your prior opt-in consent, unless an exception or a specific form of implied consent applies.

Information Security and Governance

Our internal policies and practices provide for:

● framework applicable to the use, communication, retention and destruction of personal information;

● the roles and responsibilities of our employees throughout the life cycle of the personal information; and

● a process for handling complaints concerning the protection of personal information.

Each employee who uses personal information is bound by confidentiality obligations and has received appropriate training. In addition, each employee may only access personal information that is necessary for the performance of his or her duties. In the event of a breach, our governance policies and practices provide for sanctions.

14. Additional Information for Residents of the European Economic Area (EEA) and the United Kingdom (UK)

The General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and the UK GDPR (as defined in the Data Protection Act 2018) provide eligible residents of the EEA and the UK with specific rights regarding their Personal Information. This section supplements this Notice and applies solely to eligible residents of the EEA and the UK. Any terms used but not defined in this section have the same meaning as defined in the GDPR.

Legal Basis for Processing Personal Information

We process your Personal Information on the following legal bases:

  • Consent: Where you have given us explicit consent to process your Personal Information for specific purposes.

  • Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.

  • Legal Obligation: Where we need to process your Personal Information to comply with a legal obligation.

  • Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your rights and interests.

Your GDPR Rights

The GDPR provides you with the following rights:

  • Right of Access: You have the right to request access to the Personal Information we hold about you.

  • Right to Rectification: You have the right to request that we correct any inaccuracies in the Personal Information we hold about you.

  • Right to Erasure: You have the right to request that we delete your Personal Information in certain circumstances.

  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your Personal Information in certain circumstances.

  • Right to Data Portability: You have the right to receive your Personal Information in a structured, commonly used, and machine-readable format and to have that information transmitted to another controller, where technically feasible.

  • Right to Object: You have the right to object to the processing of your Personal Information based on our legitimate interests. You also have the right to object to the processing of your Personal Information for direct marketing purposes.

  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.

  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your Personal Information violates the GDPR.

Exercising Your GDPR Rights

To exercise your GDPR rights, please submit a request by contacting us via the methods described in Section 9 “How to Contact Us.” We may require you to prove your identity to ensure that your Personal Information is not disclosed to unauthorized individuals. Depending on your request, we may ask for information such as your name, email address, and/or date of last communication with us. We will only use Personal Information provided in your request to verify your identity and to process your request.

International Data Transfers

Your Personal Information may be transferred to and processed in countries outside of the EEA and the UK, including the United States. We will take appropriate measures to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it, in accordance with applicable data protection laws.

Data Retention

We retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected or otherwise processed, including for the purposes of satisfying any legal, accounting, or reporting requirements. When determining the retention period, we consider the nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your Personal Information, and applicable legal requirements.

By including this section, we aim to provide greater transparency about our data processing practices and to comply with our obligations under the GDPR.

If you have any questions or concerns about this section or our privacy practices, please contact us using the methods described in Section 9 “How to Contact Us.