PRIVACY AND PERSONAL DATA SECURITY POLICY
Diskdaddy Software & Web Development Inc. is committed to protecting and respecting your privacy and personal data. This Privacy and Personal Data Security Policy (“Policy“) describes how Diskdaddy Software & Web Development Inc. (“Diskdaddy“, “we“, “us” or “our“) collects, protects and uses the personally identifiable information (“Personal Data“) you (“User“, “you” or “your“) may provide to us. We are committed to the proper management of the Personal Data of clients that we collect, use, disclose, transfer, share or store (including storage of Personal Data relating to third parties collected by you and provided to us by you) in the course of business.
This Policy also describes the choices and rights available to you regarding our use of your Personal Data and how you can access and update this information. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage. This Policy relates to services provided by us and sets out the basis on which the Personal Data collected from you, or that you provide to Us will be processed by Us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
COLLECTION OF PERSONAL INFORMATION
We may store, collect, and utilize the below mentioned types of personal information:
(a) information such as your device’s IP address, browser type and version, operating system type and version and other information;
(b) information that you provide to us for publication on your website;
(c) information contained in or relating to any communication that you send to us or send through our website (including the communication content and metadata associated with the communication); and
(d) any other personal information that you choose to send to us.
(e) information contained in offsite website backup archives either at our server located at our premises or at a mutually agreed upon third-party file storage utility (ie: Dropbox, One-Drive)
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this Policy.
USE OF PERSONAL INFORMATION
Any of the information we collect from you may be used to improve our Services; improve customer service and respond to queries and emails of our customers; process transactions; run and operate our Services. Statistical information is not otherwise aggregated in such a way that would identify any particular user of the system. We may process Personal Data related to you or to a third party if one of the following applies: (i) you have given consent for one or more specific purposes; (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary for compliance with a legal obligation to which you are subject; (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
INFORMATION SHARING AND STORAGE
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. If you are a European Union user, you are entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your information. As such transfer takes place, you can find out more by checking the relevant sections of this document or inquire with us using the information provided in the contact section. The European Commission has recognised Canada, amongst a few others, as providing adequate data protection. This means that the EU has deemed it suitable for personal data to flow from the EU to the “safe” country, without any further safeguards being necessary. In other words, transfers to Canada will be assimilated to be intra-EU transmissions of data.
THE RIGHT OF USERS
You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following:
(a) The right to withdraw consent where you have previously given your consent to the processing of your information;
(b) The right to object to the processing of your information if the processing is carried out on a legal basis other than consent;
(c) The right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing.
(d) The right to verify the accuracy of your information and ask for it to be updated or corrected;
(e) The right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it;
(f) The right, under certain circumstances, to obtain the erasure of your Personal Data from us; and
(g) The right to receive your information in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.
HOW TO EXERCISE THESE RIGHTS:
Any requests to exercise user rights can be directed to us through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by us as early as possible and always within one month. Users may write to us to request access to Personal Data held about them in any of the manners provided below. However, an individual’s right to access Personal Data under our care or control is not absolute, for example, where the disclosure of Personal Data would cause security, legal or confidentiality concerns. We will deny access when the disclosure could reasonably be expected to threaten the safety or physical or mental health of an individual other than the individual who made the request; the disclosure can reasonably be expected to cause immediate or grave harm to the safety or to the physical or mental health of the individual who made the request; the disclosure would have an unreasonable impact on other individual’s privacy; or the disclosure would reveal the identity of an individual who has provided Personal Data about another individual and the individual providing the Personal Data does not consent to disclosure of his or her identity. In addition, we may deny access when the disclosure would reveal confidential commercial information that, if disclosed, could, in the opinion of a reasonable person, harm our competitive position; or the Personal Data was collected or created by a mediator or arbitrator in the conduct of a mediation or arbitration for which he or she was appointed to act under a collective agreement, under an enactment or by a court.
Access to Personal Data is free of charge. However, a reasonable charge may be required when you request the transcription, reproduction or transmission of such information. We will notify you, following your request for transcription, reproduction or transmission, of the appropriate amount that will be charged. You will then have the opportunity to withdraw your request. We may also request that you provide sufficient identification to permit access to your Personal Data. Any such information shall be used only for this purpose.
BILLING AND PAYMENT
We may use third-party payment processors to assist us in processing your payment information securely. Such third-party processors’ use of your Personal Data is governed by their respective privacy policies which may or may not contain privacy protections as protective as this Policy. We suggest that you review their respective privacy policies, please contact Us for information about which payment processor we use for your Personal Data.
Please be aware that we are not responsible for the privacy practices of websites that are not ours. We encourage you to be aware when are not on our website, that you read the privacy statements of each and every website that may collect your Personal Data.
We secure information you provide on computer servers that are in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Data in its control and custody. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way, for the duration of your use of our Services.
However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Data, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our Website cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite best efforts.
In the event we become aware that the security of Personal Data has been compromised or has been disclosed to unrelated third-parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do we will send an email to you.
UPDATING PERSONAL DATA
It is important that the Personal Data we hold about you is accurate, complete and current. We invite and rely on you to advise us, without delay, of any changes to your Personal Data which may be relevant to the products and services we or any relevant third party provide or may provide. We will amend the Personal Data forthwith provided that you demonstrate the inaccuracy or incompleteness of such information to our satisfaction.
This Policy is governed by and subject to the provisions of Canada’s federal and Ontario’s provincial privacy legislation, including PIPEDA. In the event of conflict between the terms of this Policy and the governing law of any other jurisdiction, the more stringent requirements relating to the jurisdiction in which we will Use the Personal Data apply.
We will disclose any information we collect, use or receive if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
We reserve the right to modify this Policy at any time, effective upon posting of an updated version of this Policy on our website and emailing you a copy of the revised Policy. Continued use of our Services after any such changes shall constitute your consent to such revisions.
You acknowledge that you have read this Policy and agree to its terms and conditions. By using our Services you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to use our Services.
QUESTIONS OR CONCERNS
If you have any questions, comments, or requests about this Policy, please contact us by calling (613) 298-6520 or emailing firstname.lastname@example.org.