PRIVACY HORIZON INC.
EFFECTIVE DATE: January 31st, 2022.
By interacting with the website at privacyhorizon.com and (the “Site”), the web application at app.privacyhorizon.com (the “Platform”), as User of the Site, Platform, or the Services, you agree to be bound by this Privacy Notice and by the Terms and Conditions of Service (the “Terms”) of which this Privacy Notice is a part.
This Privacy Notice helps Users of Site, the Platform and our Services who are individuals (not businesses or representatives of businesses) better understand how we collect, use, disclose, and store Personally-Identifiable Information.
The Site and the Platform are owned and operated by Privacy Horizon Inc.
Below are highlights of our Personally-Identifiable Information handling practices.
All capitalized words not defined in the Privacy Notice Highlights or the Detailed Privacy Notice have the meaning assigned to them in the Terms.
Privacy Notice Highlights
The terms “we“, “our“, and “us” mean Privacy Horizon Inc. (“PHI”) and the terms “you” and “your” mean the visitors to the Site and Users of the Platform and the Services.
- Information We Collect
We will collect your Personally-Identifiable Information(“PII”) from the following sources:
- information you give us when you contact us through the Contact Us Page on our Site, open an Account or purchase Services, when you submit customer service inquiries, or when you submit customer feedback or reviews;
- the information you provide to us when you open your Account on the Platform;
- information we collect automatically when you visit our Site, your Account, and the Platform, such as information about your browser settings, operating system, and other information collected through cookies; and
- information that you provide in the course of purchasing or receiving the Services or that we collect from third parties that you authorized to share your information with us;
- How We Use and Disclose Your Information
- We use your PII that we or our Agents collect from you to provide the Services and to manage our business operations, such as to authenticate you when you sign into your Account, to prevent loss of data and fraud, process your payments for Services and monitor and improve the performance of our Site, the Platform, and our Services;
- We may share with or transfer your PII to Agents who help us run our business and who may be outside of Canada, and that information may be subject to privacy laws that differ from Canadian laws. Those Agents can only use the PII we transfer to them to help us provide the Services. If an Agent’s privacy and data security practices are inferior to ours, we may enter into a Data Protection Agreement to protect your information.
- We may also disclose your PII if a court order or warrant requires us to do so.
- With your consent, we may use your PII to contact you for marketing, promotional, or other purposes.
- We may disclose, transfer, and sell your PII without your consent in certain circumstances. If we merge or sell our business to another entity, or in the event of our insolvency or bankruptcy, your PII and Account Record may be transferred to the new owner without your consent. Please refer to Sections 6 and 7 of the Detailed Terms for further details.
- Your Choices and Consent
- You can change your communication preferences for marketing and advertising e-mails, and provide or withdraw consent for other specific requests that we or our Agents may make to collect and use your information.
- You may withdraw your consent from our further use of your PII, and you may close your Account. If you do so, we may still use your PII for the purposes to which you consented before you withdrew consent. We may keep information about you and your previous transactions with us for audit purposes, ensure the integrity of our data, and fulfill legal requirements.
- How to Contact Us
- If you have a privacy question or concern, please get in touch with us at: email@example.com.
By interacting with Privacy Horizon Inc. and Using the website at privacyhorizon.com and (the “Site”) and the web application at app.privacyhorizon.com (“Platform”) you agree to be bound by this Privacy Notice and by the Terms and Conditions of Service (the “Terms”) of which this Privacy Notice is a part.
The Site and the Platform are owned and operated by Privacy Horizon Inc.
All capitalized words not defined in this Privacy Notice have the meaning assigned to them in the Terms.
“Personally-Identifiable Information” or “PII” means information that identifies you and that we or our Agents could combine with other information to identify you. This information includes your government-issued identification documents, date of birth, personal e-mail address, home mailing address, home telephone number, personal cellphone number, your internet provider (IP) address and other similar information when associated with you. PII may also include information about how you use the Site and the Platform and the Services if we can associate that PII with you. PII does not include your business title, your business e-mail and mailing address, or your business telephone number when we use that information to contact you in your business capacity.
“we“, “us” or “our” mean Privacy Horizon Inc. (“PHI”) and our Agents.
“you” or “your” means Users of the Site, the Platform, and the Services.
Scope and Services
This Privacy Notice is part of our Terms and it helps Users of the Site, the Platform, and the Services better understand how we collect, use, and store Personally Identifiable Information.
We take the privacy of your PII seriously and are committed to safeguarding it. We developed and implemented policies, practices, and procedures to protect PII, and we trained our staff in our PII handling practices.
We comply with privacy and data security legislation, including the Personal Information Protection and Electronic Documents Act (“PIPEDA”).
We have appointed a Chief Privacy and Security Officer (“CPSO”) who is responsible for enforcing compliance with our privacy program. If you have a question or complaint about our information handling practices, please contact us at firstname.lastname@example.org, attention Chief Privacy and Security Officer.
Limiting Collection: What Information Do We Collect?
Our policy is to collect only PII necessary to allow Users of the Site and Platform to interact with us and receive Services.
The ways we collect PII can be broadly categorized into:
- Information you provide to us directly: When you visit or use parts of our Site or the Platform, we might ask you to provide PII to us. For example, we may ask for your first and last name, email address and phone number on our Contact Us page so we can reply to a message you post there or to contact you by phone. We may also receive your contact information when you contact us directly at the contact email provided on the Site.
We collect your PII when you open an Account and Use the Services. For example, we will collect identification and contact information, such as your name, phone number, e-mail address, and mailing address to correctly identify you, contact you, and process a credit card payment for the Services you purchase.
If you do not wish to provide us with all or some of the PII required to open an Account and receive the Services, you do not have to, but it might mean you cannot receive some of our Services.
- Information from other Sources: We may receive PII about you from other sources. For example, we will receive PII from credit card processors regarding whether the credit card details you entered for your Services payment have been accepted or declined. We may also receive PII from sources you authorized to provide such information to us.
- Information we collect automatically: We may automatically collect some technical information when you visit our Site, the Platform, and your Account that platforms like Google Analytics may collect about your interaction with those platforms. This includes the geographic location of your IP address, the IP address itself, device type, what pages you looked at, what links you clicked on, number of messages sent or received, your browser type and configuration, the date and time of use, language preferences, and cookie data. We use this information to detect problems, improve the navigation of our Site, the Platform, and your Account so they are easier to use and determine which of our Services may interest you. If you consented to receive these types of communications from us, we might track whether you opened certain types of promotional e-mails, whether you looked for information about a particular topic or service to make inferences about other products and services, you might be interested in.
Limiting Use: How Do We Use Your PII?
We use PII and non-personal information for the following purposes:
- To provide Services. We use your PII to provide the Services you purchased and manage our business operations, such as registering your Account and authenticating you when you log into your Account.
- To improve our Site, Platform, and Services and develop new ones: We monitor how you Use the Site, the Platform, the Account, and the Services so we can improve our offerings, user experience, and design new features.
- To detect and prevent any fraudulent or malicious activity and make sure that our Site, Platform, Content, Account, and Services are used according to our Terms and to protect the security or integrity of the Site, Platform, Account, Content, Services, and our business.
- With your consent, to send you targeted advertisements such as general or personalized notices and promotional messages, or to send news about us;
- To monitor trends – we may use non-personal information to monitor trends, administer, troubleshoot, and improve our Services, including the information we collect automatically (specified in Section 5).
- To comply with any laws and regulations.
Disclosure: When Do We Disclose Your PII to Others?
We do not disclose or share your PII except as allowed by law and as outlined in this Privacy Notice.
We run our business with the assistance of Agents who help us offer the Services and conduct other business operations such as marketing and promotional services. We may engage our Agents on separate terms, either their terms of service or separate agreements, as further detailed in Section 9. Those terms ensure the security of your PII and only allow our Agents to use and disclose that information in the course of assisting us in providing the Services or assisting us with other aspects of our business, unless they or we obtain your explicit consent to use it for any other purpose.
If you consented to receive marketing and promotional emails from us, we might share select PII with Agents who help us with marketing and promotional services.
We will not rent your PII we collect directly from you or as part of our Services.
Other than as identified in this Privacy Notice, we will not disclose, transfer, or sell your PII; however, you acknowledge and agree that we may disclose, transfer or sell (as applicable) your PII and your Account Record without your explicit consent under the following limited circumstances:
- Transfer and/or disclose PII to our Agents who assist us in providing the Services and running our business.
- Disclose PII to collect a debt from you or prevent or investigate fraudulent or illegal activity on your Account.
- Disclose PII to comply with an order, subpoena, warrant or other legal requirement issued by a court, tribunal, regulator or government body with competent jurisdiction to compel disclosure of your PII, including to meet national security or law enforcement requirements, to prevent, investigate, or take action against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms, this Privacy Notice, to protect the security of the Site, Platform, your Account, our Services, and our business, or as otherwise required by law.
- Disclose PII to establish or defend our legal rights. Where possible and appropriate, we will notify you.
- Disclose and transfer PII to an actual or potential buyer of PHI (and its Representatives who have a need to know) in connection with an actual or proposed corporate reorganization, assignment, merger, or sale of any part of our business, including as part of insolvency or bankruptcy proceedings. In such case, your PII will be disclosed solely for the purposes related to the transaction, including during due diligence or to fulfill any audit requirements, and will be protected by security safeguards appropriate to the sensitivity of the information and contractual confidentiality obligations, including the return or destruction of confidential information (including PII) if the transaction fails to close. Your Account Record may be transferred upon a change of corporate control.
If you do not wish to continue to receive services through the entity that acquires or with whom we may merge our business, you may close your Account and stop purchasing or subscribing to Services.
When you provide PII to open an Account and receive Services or provide PII to complete a transaction by credit card, you consent to our collecting your PII required to complete these activities only.
You acknowledge and agree that by opening an Account, we may contact you by email without your explicit consent for any purpose directly related to our legal rights, our obligations, and our ability to provide the Services you purchase or to which you subscribe, such as (i) providing you with information you requested from us or information we must send to you; (ii) operational communications about your Account or the Services you purchased or to which you subscribe; (iii) changes to our Site, Platform, this Privacy Notice or the Terms; (iv) any questions, reminders, notifications related to your account or your use of your Account or addressing customer service issues and troubleshooting problems with your account; (v) to notify and alert you about data breaches, and other fraud or security-related activities; and (vi) legal disclosures, communications about and arising from any manner of legal action; and any other reason notifications and alerts may be required by law.
We comply with Canada’s Anti-Spam Legislation (“CASL”). We will ask for your explicit consent before we send you any marketing or promotional emails, newsletters, invitations to participate in surveys, or other reasons not central to providing the Services. You may unsubscribe from any of our email communications by using the “Unsubscribe” link available in any of our emails to you, or by contacting us at email@example.com.
YOU CAN WITHDRAW CONSENT FOR OUR USE OF YOUR PII IN FUTURE USES WITHIN THE SCOPE OF YOUR CONSENT, BUT YOU CANNOT WITHDRAW YOUR CONSENT FOR OUR USE OF YOUR PII FOR USES THAT BEGAN BEFORE THE DATE ON WHICH YOU WITHDREW YOUR CONSENT. YOU WILL ALSO NOT BE ABLE TO WITHDRAW YOUR CONSENT WHERE OUR USE OR DISCLOSURE OF YOUR PII IS AUTHORIZED OR REQUIRED BY LAW.
Safeguards: How Do We Protect Your PII?
We are committed to protecting your PII. Our staff understand the importance of keeping your information confidential and are expected to maintain the confidentiality of your information.
We take administrative, technical, and physical measures to safeguard your PII against unauthorized access, unauthorized disclosure, theft and misuse. This includes limiting staff access to your PII with passwords and graduated levels of clearance. We do not publish all our security measures online because this may reduce their effectiveness. We take reasonable precautions against breaches of our security systems; however, no company can eliminate the risks of unauthorized access to your information, and no website or platform is entirely secure.
Although we cannot guarantee that unauthorized access, hacking, data loss or breaches of our security systems will never occur, we try to minimize these risks by: (1) active monitoring: monitoring access to your PII through activity logs and regular audits to ensure that no unauthorized access attempts have been made, (2) secure storage: we store your PII over which we have custody and control in Canada in reputable data centers that are ISO 27001 and ISO Standard 27018:2019 (Code of Practice for personal identifiable information (PII) protection in public clouds acting as PII processors) certified and adhere to global privacy and data protection best practices, (3) network security: we implemented controls to protect against unauthorized access, including segregating our internal systems from our publicly-accessible systems, (4) end-to-end encryption: we encrypt all data transmissions and communications on the Site, Platform, and Account from end-to-end using industry-standard transport layer security (“TLS”) or secure socket layer (“SSL”) encryption technology, and (4) training: we implemented policies and procedures that address handling of PII and train our staff on the handling of PII . All our staff members and Agents are legally bound to confidentiality.
We do not store your credit card information. Payments are handled by Stripe, a reputable direct payment gateway provider. The data they collect is encrypted according to the Payment Card Industry Data Security Standard (PCI-DSS) and they implement additional generally accepted industry standards.
We take precautions against breaches of our security systems, but you acknowledge and agree that no company can eliminate the risks of unauthorized access to your PII, and no transmission over the internet is 100% secure. Therefore, you provide your PII to our Agents and us at your own risk.
Despite our rigorous precautions against data breaches, the risk of a data breach remains. In a data breach, we will comply with the breach notification requirements outlined in PIPEDA.
IN THE EVENT OF A BREACH OF YOUR PII THAT IS IN THE CUSTODY OR CONTROL OF ONE OF OUR AGENTS, THEN THAT SERVICE PROVIDER’S BREACH POLICIES APPLY.
Data Storage and Transfer
While, as custodians, we remain responsible for the security and privacy of your PII at all times, our Agents may use or store that information outside of Canada. In that case, your PII will be subject to the laws of the country in which they are used or stored. The rigour of those laws may differ from Canadian laws.
We expect our Agents who are not bound by the same laws we are to provide comparable levels of data protection and security. We may enter into Data Protection Agreements with Agents whose data protection and security practices are inferior to those outlined in this Privacy Notice.
Data Retention: How Long Do We Keep your PII?
We collect only PII for which we have a legitimate business need to provide the Services.
We maintain a records retention and destruction policy to destroy the information when we no longer have a business need for it and are not required by law to keep it. PII collected with your consent by our Agents that is under their custody and control is subject to their data destruction policies and the data retention laws applicable in that provider’s jurisdiction. PII collected by our direct payment gateway provider to process a transaction is stored only as long as it is necessary to complete your transaction, then it is deleted. We do not collect or store any information related to your payment transactions.
We retain your Account Record in active use until you close your Account. We employ an automatic data backup and archiving system and a data retention and destruction schedule to ensure data security.
Once you close your Account, your PHI in active use will be deleted within 30 days, but PHI in rolling automatic backups will be stored until it is overwritten in accordance with our data retention and destruction schedule. We will keep limited PII for as long as we have a legal or legitimate business need to keep it, such as complying with data retention laws, enforcing our Terms, complying with audit requirements, and taking other actions permitted by law.
We or our Agents and may continue to store and use aggregated de-identified non-personal information to improve our respective products and services.
Accounts and Credentials
The security of your Account depends on you keeping your Account login credentials safe and not sharing them with anyone else. If you believe that your log-in credentials have been compromised or misused, you must contact us immediately.
Accuracy: How Do You Modify Your Information?
We want to ensure that the PII we collect from you and that it is in our custody and control is accurate, complete, and up-to-date to provide the Services and we will destroy any out-of-date information.
We use reasonable means to ensure that the information in your Account record is accurate. You may update certain PII directly in your Account. If you have questions or identify any errors in your Account Record, please contact us at firstname.lastname@example.org. We will strive to address any correction requests promptly. If we dispute a correction request, we will log the reason for the disagreement.
Access: Right to your data
You may access your Account Record and port the information from us for your own use or another entity. If you request a copy of your Account Record, we will provide it at no charge. You can request access to your Account Record by contacting us at email@example.com.
Before granting you access to your Account Record, we will first authenticate you to confirm your identity. We will handle all access requests promptly, subject to applicable privacy laws. We will provide you with the legends for any special codes, acronyms or other similar information in the disclosed material, so your right of access is meaningful.
Account Closure: Data Deletion
To close your Account or request that the PII we have about you be deleted, please email us at firstname.lastname@example.org. Once we receive your request and authenticate your identity, we will remove your Account from active use and delete your Account Record within 30 days, but we will keep some PII as described in Section 12.
Third-Party Services and Links
We may provide links to third-party websites on our Site or Platform, such as the Resource Library. These links are provided for convenience only. We do not have control over those third-party websites, and they are not subject to this Privacy Notice or to our Terms.
Your use of hyperlinked websites is at your own risk and subject to the privacy notices of those websites. You acknowledge that these links may lead you to third parties operating in a different jurisdiction than yours or ours. If you provide your PII to these entities, then your information may become subject to the laws of the jurisdiction(s) in which that site operates or where its facilities are located.
If you believe that we have not adhered to this Privacy Notice, you may challenge our compliance with this Privacy Notice and our compliance with applicable privacy laws.
We are not responsible for the PII handling practices of third-party Agents to whom you consented to access your information, whether on our behalf or otherwise. If your complaint concerns the privacy practice of those providers, we will direct you to them.
Please notify our Chief Privacy and Security Officer of your complaint by email.
You can also reach us at:
Chief Privacy and Security Officer
Privacy Horizon Inc.
We pledge to address your complaint promptly. If you are unsatisfied with the response you receive from us, we hope you will contact us to resolve the issue. If we cannot resolve your complaint to your satisfaction, you can file a complaint with the Office of the Privacy Commissioner of Canada or the Office of the Privacy Commissioner of Ontario.
Changes to This Privacy Notice
We reserve the right to update or change this Privacy Notice. All updates to this Privacy Notice will be highlighted in the Change Log below. A banner on the Site will notify Visitors of updates or changes to the Privacy Notice. Accountholders will be notified by e-mail, using the email associated with their Account.
Changes to the Privacy Notice take effect on the date they were made or on the effective date indicated in the notice we sent you about such changes.
By continuing to use the Site, the Platform, or purchasing or subscribing to Services after receiving the notice, you IMPLICITLY CONSENT TO BE BOUND BY THE PRIVACY NOTICE TERMS IN EFFECT ON THE DATE ON WHICH YOU VISIT THE SITE OR USE THE SERVICES.
LAST UPDATED on January 5, 2022.