This Policy was last updated on April 23, 2019. We may amend this Policy from time to time and, as such, you should review its terms each time that you visit our Site. Any changes to this Policy will be communicated through the Site and/or by email, but will not go into effect until at least five (5) days after they are posted. By continuing to use the Site and/or Services after any such changes are posted, you agree to such changes.
Please read this Policy carefully and contact us if you have any questions. If you do not agree with this Policy, as revised from time to time, you should not access or use the Site or our Services.
Meaning of “Personal Information”
“Personal information” as used in this Policy means information about an identified or identifiable individual.
Accountability and Openness / Privacy Officer
BC’s Personal Information Protection Act sets out rules for how organizations collect, use and disclose personal information. Audette is responsible for personal information under our control, and we are accountable to you for its collection, use and disclosure. We have established policies and procedures to safeguard any confidential personal information that we have on file or which we collect, and to deal with complaints and inquiries. We will only collect personally identifiable data as described in this Policy, and are committed to maintaining the accuracy, confidentiality and security of your personal information.
In this Policy, we have attempted to provide you with manageable, comprehensive and easily understandable information regarding the policies and procedures that we use to manage your personal information. Should you require further information, we invite you to contact us directly as set out below.
Audette has designated a privacy officer (“Privacy Officer”) who is accountable for the protection of data containing personal information and for our compliance with this Policy generally, as well as for ensuring that information about our practices relating to the management of personal information is easily accessible and understood by all individuals from whom we seek consent.
All questions or concerns regarding this Policy, our compliance with it, as well as any of our processes and procedures relating to the collection, use and disclosure of your personal information, should be directed to the Privacy Officer in writing, and sent by email to email@example.com or by post to:
Chief Privacy Officer, Audette Analytics Inc.
1400-128 West Pender Street, Vancouver, British Columbia, V6B 1R8 Purposes - Why We Collect, Use and Disclose Information
Unless the purposes for collecting personal information are obvious and you voluntarily provide your information for those purposes, we will identify the purposes for which we collect personal information before or when we request the information so as to enable you to provide consent to its collection and use.
Furthermore, unless we receive additional consent, or the collection, use and/or disclosure of personal information without consent is authorized by applicable law, we will only collect, use and/or disclose personal information which is necessary for business purposes, which include without limitation:
• to operate and maintain the Site and our web-based services, and to respond to your requests, questions and concerns;
• to enable you to use our products and services, and to enable us to deliver those products and services to you;
• to provide high quality customer service;
• to support our marketing activities, which may include the use of anonymized data to demonstrate our products and services to potential customers;
• to verify that any information submitted by you is accurate and complete; • to communicate with you for other reasons related to our business, and to create a record of your involvement with us;
• for legal purposes, which may include the handling and resolution of claims and legal disputes, or for regulatory investigations and compliance;
• to detect and prevent error, fraud, theft and other illegal or unwanted activities; • internal business purposes, including research and data analysis, to administer or improve our products and services, to enhance the user experience, and to improve the functionality and quality of our products and services;
• to comply with any legal, accounting and regulatory requirements, including reporting requirements;
• any other reasonable purpose for which you provide consent, or for which consent may be implied in accordance with this Policy and applicable law.
Where personal information that has been collected is to be used for a purpose not previously identified, and for which consent cannot be reasonably implied, the new purpose will be identified and consent obtained prior to the use of that information for the new purpose unless otherwise permitted by law.
We comply with Canadian “anti-spam” legislation, and will only send you electronic communications as permitted by law. Note that you may always unsubscribe from our electronic communications by following the “unsubscribe” link clearly included in each communication, or by notifying the Privacy Officer at the address set out above (see: Accountability and Openness / Privacy Officer).
Collection of Information
We collect personal information only to the extent that it is necessary for the purposes set out above (see: Purpose - Why We Collect, Use and Disclose Information). In most cases, we will collect personal information directly from you when you interact with us or use our products and services.
Examples of personal information that we may collect, use and disclose include your name and email address, telephone number; employer/organization name and address(es); location; Internet Protocol (IP) address; utility portal log-in information; network access information; in-app history; associated account information and any other information that you may provide to us in conjunction with your use of our products and services.
If you provide comments or other feedback to us, you agree that such comments or other feedback become the property of Audette, and we may use and disclose them for any purpose provided that we do not associate them with your personally identifiable information without your express consent.
Information Collected Through Automated Means
Like many organizations’ websites, our web server automatically logs certain information related to a user’s visit to the Site, including the IP address of the user’s computer, the user’s Internet service provider (ISP), the type and version of the browser that the user is using, the date and time the user accessed the Site, the Internet address of the website from which the user linked directly to the Site, the operating system that the user is using, and the pages of the Site that the user has visited. We will not attempt to link this information with the identity of individuals visiting our Site unless we have permission to do so. We may, however, review server logs and anonymous traffic for system administration and security purposes, for example to detect intrusions into our network, for planning and improving web applications, and to monitor and compile statistics about website usage. The possibility therefore exists that server log data, which contains users’ IP addresses, could in instances of criminal malfeasance be used to trace and identify individuals. In such instances, we may share raw data logs with the appropriate authorities for the purpose of investigating security breaches.
Cookies: “Cookies” are small text files that are placed on your computer by websites that you visit. They are used to identify you to the web server, and will tell the server who you are when you return to a page on the same website. Your browser will only send a cookie back to the domain that originally sent it to you. A cookie cannot run any programs, deliver any viruses, or send back information about your system. There are different types of cookies: Session cookies expire when you close your browser. Persistent cookies remain on your device until they are deleted or expire.
● to optimize your user experience and to facilitate browsing;
● to determine, facilitate and authenticate your access privileges on the Site; ● to complete and support a current activity, to track website usage;
● to implement security features;
● to remember your preferences;
● to allow you to access your personal pages more efficiently, by storing log-in details and other information that you have previously provided;
● for advertising purposes, to offer you relevant targeted offers and other content that may be of interest to you; and
● to generally improve your experience.
system, you should adjust your browser settings to decline them or to alert you when cookies are being sent. The management of cookies varies for each browner, and you should consult the “Help” menu of your browser.
If you decline cookies, you will still be able to use the Site and our web-based applications but your ability to access certain pages, features and functions may be affected. To find out more about cookies, including how to see what cookies have been set and how to manage and remove them, please visit AboutCookies.org or All_About_Cookies.org.
Except as expressly set out in this Policy or as otherwise permitted by law, consent is required for the collection of personal information and the subsequent use or disclosure of that information. Audette will not collect, use or disclose personal information without the consent of the individual(s) concerned unless we are permitted or required to do so by applicable law. Consent may be express or implied. Express consent occurs when an individual knows what personal information is being collected and for what purposes, and such individual willingly agrees (e.g., orally, in writing, electronically) to his or her personal information being collected, used and disclosed as notified. Consent may be implied when: (a) the individual does not expressly give consent, but rather volunteers information for obvious purposes that a reasonable person would consider appropriate in the circumstances; or (b) the individual is given notice and a reasonable opportunity to opt-out of his or her personal information being collected, used and/or disclosed for specified purposes, and the individual does not opt-out.
By submitting your personal information or using our products and services, you signify your agreement to the terms and conditions of this Policy and to our use of your personal information in accordance with this Policy and as permitted or required by law. You may always choose not to disclose personal information. You may make inquiries, or change or withdraw your consent to the collection, use and/or disclosure of your personal information at any time by contacting the Privacy Officer in writing using one of the addresses listed above (See: Accountability and Openness / Privacy Officer). In some circumstances, particularly where our use of your information is integral to the provision or use of a product or service, your refusal to provide consent, or a change or withdrawal of consent, may affect your transactions and/or our ability to provide you with products or services.
Disclosure to Third Parties
Except as specifically provided in this Policy, or as required or permitted by law, your personally identifiable information will not be shared with third parties. We may, however, disclose anonymized information for the purposes of research, academic pursuit, and marketing and other business reasons, at our discretion.
You acknowledge that, in the course of our supply of products and services to you, we may delegate our authority to collect, access, use, and disseminate your information to third party subcontractors. If you do not agree to our disclosure of your information to these third parties, we may not be able to provide you with the products, or services or programs that we engage them to provide, and this may impact your ability to access or use our services generally.
Third party subcontractors to which we disclose your personal information may include payment processors, web hosts, parties that we engage with to service or install hardware, and parties that we engage to send out marketing materials. If we transfer any personal information to a third party subcontractor, we will provide the subcontractors only with the information needed to perform the subcontracted service, and will use appropriate contractual means to provide a comparable level of protection while the information is being used by them. Without limitation, we will ensure that our third party subcontractors are bound to adhere to our instructions, this Policy, and applicable laws; have in place appropriate confidentiality provisions with persons processing the information; do not engage sub-processors without our prior consent and without requiring such sub processors to be bound by written agreements; and that they return or delete all personal information in their possession when the subcontract ends. Details regarding the personal information that we make available to our third party contractors, and how it is used, is available by contacting the Privacy Officer at the address set out above (see: Accountability and Openness / Privacy Officer). Any request made by you to correct, change or erase your personal information will be promptly communicated to any third party subcontractors in possession of that information (see: Accuracy / Individual Access).
We may collect, use or disclose your personal information without your knowledge or consent where we are permitted or required to do so by applicable law, government request, request of a law enforcement agency, search warrant, subpoena or court order, or based upon our good faith belief that it is necessary to do so in order to comply with such law, request, warrant, subpoena or court order, or enforce our rights or to protect our assets, the users of our website, products or services, or the public.
Retention of Personal Information
Subject to any legal or accounting requirements, we will retain personal information only as long as necessary to fulfill the purposes for which it was collected. Personal information that is no longer required will be destroyed, erased or made anonymous. We may retain anonymized information indefinitely. You may request the erasure of your personal information at any time, which we will endeavor to do without undue delay as required by applicable law. Written requests should be sent to the Privacy Officer at the address set out above (see: Accountability and Openness / Privacy Officer). Any third party subcontractors to which we disclose your personal information (see: Disclosure to Third Parties) must return or destroy the information when it is no longer required for the purpose of the subcontracted services.
Safeguards – How Information is Protected
We have implemented reasonable physical, organizational, contractual and technological security measures to protect personal information in our possession or under our control from loss or theft, and from unauthorized access, disclosure, copying, use or modification, regardless of the format in which the information is held. The safeguards applied will depend on the sensitivity of the personal information, with the highest level of protection given to the most sensitive information. Staff permission to access personal information is role-based, and is determined in accordance with the purpose for which the information has been disclosed (see: Purpose - Why We Collect, Use and Disclose Information), and the staff member’s role in fulfilling that purpose. We store data on remote servers hosted by reputable companies. Staff and contractors who have access to personal information are bound by confidentiality obligations in order to ensure that information is handled and stored in a confidential and secure manner. Any credit card information that you submit will not be stored on our servers, but rather will be sent to a PCI Level 1-compliant payment processor for storage. When destroying personal information, we delete electronically stored personal information and shred any tangible materials containing personal information. While we will endeavour to destroy all copies of personal information, you acknowledge that deleted information may continue to exist on back-up media but will not be used unless permitted by law.
We will continually review and update our security policies and controls as technology evolves. However, no security technology can be guaranteed to be failsafe. Using the Internet or other public means of communication to collect and process personal data may involve the transmission of data on an international basis and across networks not owned and/or operated by us. Therefore, by downloading and using our information and services, and/or communicating electronically with us, you acknowledge and agree to our processing of personal information in this way and agree that we are not responsible for any personal information which is lost, or which is altered, intercepted or stored by a third party without authorization.
Accuracy / Individual Access
Audette has a responsibility to make reasonable efforts to ensure that all personal information contained in our records or which is disclosed to third parties for the purposes described above is accurate, complete and up-to-date. You may make a request in writing for access to your personal information at any time by contacting the Privacy Officer at the address set out above (see: Accountability and Openness / Privacy Officer). Including “Request personal information” in the subject line of your email or letter will facilitate compliance with your request. We may require you to prove your identity before we grant you access to your personal information. Within thirty (30) business days of your written request, we will inform you of your personal information held by us, and provide an account of the use that has been made of the information, as well as identify any third parties to whom the information has been disclosed. In certain circumstances, Audette may not be able to provide you with access to all or some of your personal information, in which case you will be advised in writing of the reasons for our inability to provide you with the information.
If you demonstrate the inaccuracy or incompleteness of your personal information, unless unnecessary or impractical to do so, the information will be amended as appropriate. If we are not satisfied that the request for correction is reasonable, we will annotate the applicable personal information under our control with the correction that was requested but not made. You should advise us immediately if you discover inaccuracies in our data or if your personal information changes. Except as provided by applicable law, you have the right to request that we erase any of your personal information without undue delay, particularly in cases where the information is no longer required by us, you no longer consent to our use of your personal information, or if our use was in violation of this Policy or applicable law. All notices and requests regarding inaccuracies, changes or erasure should be in writing and sent to the Privacy Officer at the address set out above (see: Accountability and Openness / Privacy Officer).
International Transfer and Storage of Information
You acknowledge and agree that your personal information may be transmitted, transferred, processed, backed-up and/or stored outside of Canada, including in the United States. In particular, certain of our third party subcontractors to which we disclose your personal information (see: Disclosure to Third Parties), may use and store that information at their facilities outside of Canada. We will use reasonable means to ensure that your information is protected, including written agreements with our third party subcontractors, but cannot guarantee that the laws of any foreign jurisdiction will accord the same degree of protection as the laws of Canada. By submitting your personal information to us, you consent to the transmission, transfer, processing and/or storage of your personal information outside of Canada.
Inquiries, requests and complaints regarding our compliance with this Policy should be directed to the Privacy Officer (see: Accountability and Openness / Privacy Officer).
Every complaint or challenge regarding our compliance with this Policy will be investigated, and where a deficiency is found to exist, we will take appropriate measures to address it. This may include amending our policies and procedures as necessary. We will also cooperate with regulatory authorities to resolve any complaints that cannot be resolved between us and an individual user.
In the event of a security breach concerning personal information, we will endeavour to notify affected individuals without undue delay.