Privacy policy 2022-09-01

/ Privacy policy / By
Effective date: September 01, 2022

This privacy policy (“Agreement“) constitute a legally binding agreement made between you, whether personally or on behalf of an entity (“you”) and Metacis Inc., headquartered in Saint-Hubert, QC, Canada (hereon referred to as “Metacis”, “we”, “our” or “us”), concerning your access to and use of the website, mobile and desktop applications or during other interactions such as customer service inquiries (collectively, the “Services”). If you are accepting on behalf of your employer or another entity, you represent and warrant that:

  • (a) you have full legal authority to bind your employer or such entity to this Agreement;
  • (b) you have read and understand this Agreement and
  • (c) you agree to this Agreement on behalf of the party that you represent.

You agree that by accessing the Services, you have read, understood, and agree to be bound by all of this Agreement. If you suffer any prejudice whatsoever or disagree in any way with the provisions in the present Agreement, your only recourse is to not use the Services.

TABLE OF CONTENT

  1. Changes or modifications
  2. User types
  3. Applicability
  4. What data do we collect?
  5. How will we use your data?
  6. How do we store your data?
  7. When do we share your data?
  8. How long do we keep your data?
  9. Marketing
  10. What are your data protection rights?
  11. Cookies
  12. Privacy policies of other websites
  13. Children
  14. How to contact us?
  15. English Version Controls
  16. Definitions

1. CHANGES AND MODIFICATIONS

We reserve the right, in our sole discretion, to make changes or modifications to this Agreement at any time and for any reason. We will alert you about any changes by updating the “Effective Date” date of this Agreement, and you waive any right to receive specific notice of each such change. It is your responsibility to periodically review this Agreement to stay informed of updates. You will be subject to, and will be deemed to have been made aware of and to have accepted, the changes in this Agreement by your continued use of the Services after the date such revised Agreement is posted.

2. User Types

Within this Agreement, we will differentiate between three types of people, companies and organizations (collectively referred to as “Users” or individually referred to as “User”):

  • (a)Administrator” means the User who created a Group (the “Owner“) or other Users that have been granted the role of Administrator within a Group, by the Owner of the Group or by another Administrator.
  • (b)Developers” means Users that have modification rights in a Group to create or modify templates with the purpose of gathering or requesting Personal Data or other information from other Users. For clarity, this also includes Administrators.
  • (c)Contributors” means Users that provide, share Personal Data or other information according to the Group predefined templates. For clarity, this also includes Developers.

3. APPLICABILITY

Users that qualify as Developers are Controllers for their Group and any associated Personal Data or other information. If you have any questions about specific Group settings and privacy practices, please contact the Developers whose Group you interact with. The email associated with a Group is available under the group name in the group selection interface.

For the avoidance of doubt, this Agreement does not apply to the extent we process Personal Data in the role of a Processor on behalf of Developers, including where we offer to our Developers our Services through which our Developers(and/or their affiliates):

  • (a) Create their own Group running on our Services.
  • (b) Sell or offer their own products and services.
  • (c) Send electronic communications to other individuals.
  • (d) Collect, use, share, import, export or process Personal Data via our Services.

4. WHAT DATA DO WE COLLECT?

4.1 Account and profile Information

We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. You provide your contact information and, in some cases, billing information, when you register for the Services. We keep track of your preferences when you select settings within the Services.

4.2 Intentionally shared content

We collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include. Some examples of this content would be the name of a control you made or the answers you provided to controls made by other Developers. It could also be the content of a support request or any feedback you provide to us.

4.3 Usage information

We sometimes keep track of certain information about your interaction with any of our Services. This information includes the type of interaction; the amount and type of database transaction required; the features you use; the buttons and links you click on and when; the type, size and filenames of attachments you upload to the Services. We can also compile a report when the Services crash or when they are detected to not behave as intended.

Most interactions made with our Services include timestamps such as when an instance was created, modified or added to. This is, not exclusively, to help us try and deduce the progression of those instances as well as try and inform Users when they should pay more attention to it. Such timestamps are also commonly used for usage statistics and taking archiving decisions.

4.4 Device information

We collect information from the device you use to access our services, such as your IP address, operating system version, device manufacturer and model, device IDs, and browser type. We may also infer your geographic location based on your IP address.

4.5 Website referral

If you arrive at our website from an external source (such as a link on another website or in an email), we record information about the source that referred you to us. This is to measure and reward the performance of our marketing campaigns. We may use third-party tracking services that employ cookies and page tags (also known as web beacons) to collect this information.

4.6 Location information

We receive information from you, Developers and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer, or an IP address received from your browser or device to determine approximate location. We may also collect location information from devices in accordance with the consent process provided by your device.

4.7 Information we collect from other sources

We may receive information about you from other sources, including from other Users and third parties, and combine that information with the other information we have about you. For example, we may receive demographic or interest information about you from third parties, including advertisers, and combine it with our own data using a common account identifier such as a hash of an email address or a mobile-device ID.

4.8 Contact information

In accordance with the consent process provided by your device, any contact information that Users chooses to import (such as an address book from a device) is collected when using the Services.

4.9 Comments on our website

When visitors leave comments on our website we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

4.10 Media

If you upload images to the Services, you should avoid uploading images with embedded location data (EXIF GPS) included. Other Users can download and extract any location data from images.

4.11 Embedded content from other websites

Articles on our website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

5. HOW WILL WE USE YOUR DATA?

5.1 Performing our Services

We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate, maintain, and improve the Services. Technical support is the most common reason for us accessing your data, since often we will need to view your account and information in order to provide training, advice and troubleshooting.

5.2 Maintaining our Services

We perform internal statistical and other analyses on information we collect to appropriately provision our cloud provider, keep our services secure and operational as well as to evaluate, plan and test new features.

5.3 Communicating with you

We can use your contact information to send you communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We can also communicate with you for marketing purposes.

5.4 For research and development

We always want to innovate, looking for ways to make our Services smarter, faster, more secure, integrated, and useful. We use information collected about how people use our Services to troubleshoot, to identify trends, usage, activity patterns, and areas for integration and to improve our Services and to develop new functionalities that benefit our Users. We also do AB testing of certain features with some users before offering it to all Users.

5.5 To investigate and prevent security issues and abuse

We use information about you and how you interact with our Services to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies. We may need to review information in your account in order to determine whether there is a breach to our contractual terms of service. If we receive a subpoena or other legal request, we may need to inspect the information in our possession to respond appropriately.

6. HOW DO WE STORE YOUR DATA?

6.1 Sub-processors

To support delivery of our Services we currently use third party Sub-processors to provide infrastructure services, and to help us provide customer support and email notifications. Prior to engaging any third party Sub-processor, we perform diligence to evaluate their privacy, security and confidentiality practices. We may use the following Sub-processors to host Customer Data or provide other infrastructure that helps with delivery of our Services:

  • (a) Amazon Web Services, Inc. (AWS)
  • (b) Google LLC (Cloud Platform)
  • (c) Microsoft (Azure)
  • (d) 1&1 Ionos (Web hosting)
  • (e) WordPress (Content management system)

6.2 Security

Metacis takes security of data very seriously. We work very hard to protect information you provide from loss, misuse, and unauthorized access or disclosure. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.

As Contributors you will most likely put some of your information in the hands of Developers. You always have to keep in mind that, once provided, this information is under the responsibility of the Developers who can use our Services export functionalities to store the information you provided in storage that is less secure than the ones provided by us.

6.3 Storage locations

To provide our services worldwide in a timely manner. We may transfer information between various data centers across the globe. Prior to using a new location we perform diligence to evaluate their privacy, security and confidentiality practices and exposure to government intervention. The data centers we currently use are the following:

  • (a) AWS US East (N. Virginia) (us-east-1)

7. WHEN DO WE SHARE YOUR DATA?

We recognize that you have entrusted us with safeguarding the privacy of your information and we do take it very seriously. Developers determine their own policies and practices for the sharing and disclosure of Information, and we do not control how they share or disclose Information.

7.1 Collaborating with Others

When Contributors submits information, it may be displayed to others in the same Group. An example of this would be if you schedule an instance, the scheduled date will be visible by others who have access to this instance within the group as defined by the Developers.
When Users create a group, the name of the group and the email address of the owner of the group will be displayed.

7.2 Third Party Service Providers and Partners

We may engage third party companies or individuals as service providers or business partners to process information and support our business. These third parties may, for example, provide virtual computing and storage services, or we may share business information to develop strategic partnerships with Third Party Service providers to support our common customers.

7.3 Cookies

We contract with third-party advertising networks in order to deliver relevant advertisements to our Users across the Internet and to manage our communications with you. We may share with partners or service providers a hashed identifier to serve you relevant Metacis ads when you visit partner’s websites, applications or platforms. We may, for instance, participate in the Google Adwords Remarketing, Google analytics, Twitter Tailored Audience, and Facebook Custom Audience services.

7.4 For compliance with applicable law

If we receive a subpoena or other legal request, we may need to inspect the information we hold to determine the appropriate response. We may disclose information if we believe disclosure is in accordance with or required by any applicable law, regulation, or legal process. If possible, we will notify you if we believe we are compelled to comply with a third party’s legal demand for your information.

7.5 Protecting against security threats, abuse, and illegal activity

We may analyze the information you send to and from our Services to detect illegal activity, spam, malware, or other potential security concerns. If we determine that such material constitutes a Terms of Service violation, we may block delivery or quarantine the problematic material.

After you’ve given your express consent, such as through an opt-in checkbox or a communication. This includes if you connect our Services to third-party software.

8. HOW LONG DO WE KEEP YOUR DATA?

We may retain information pertaining to you for as long as necessary for the purposes described in this Agreement. This may include keeping your information after you have deactivated your account for the period of time needed for us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes, and enforce our agreements.

9. MARKETING

We will send you promotional emails only if you consent to us contacting you for this purpose. You can opt-out of these communications at any time by clicking on the “unsubscribe” link in these emails.

10. WHAT ARE YOUR DATA PROTECTION RIGHTS?

You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws and, in particular, if you are located in the European Economic Area, these rights may include:

  • (a) To access your Personal Data held by us (right to access). We may charge you a small fee for this service to cover for infrastructure usage;
  • (b) To rectify inaccurate Personal Data and, taking into account the purpose of Processing the Personal Data, ensure it is complete (right to rectification);
  • (c) To erase/delete your Personal Data, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten);
  • (d) To restrict our Processing of your Personal Data, to the extent permitted by law (right to restriction of Processing);
  • (e) To transfer your Personal Data to another Controller, to the extent possible (right to data portability). We may charge you a small fee for this service to cover for infrastructure usage;
  • (f) To object to any Processing of your Personal Data carried out on the basis of our legitimate interests (right to object). Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such Processing without having to provide any specific reason for such objection;
  • (g) To the extent we base the collection, Processing and sharing of your Personal Data on your consent, to withdraw your consent at any time, without affecting the lawfulness of the Processing based on such consent before its withdrawal.
  • (h) If you are a resident of California, under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our Services. Please note that your request does not ensure complete or comprehensive removal of the content or information, because, for example, some of your content may have been extracted by Developers.

You can usually exercise those rights by using the settings and tools provided in our Services. If you cannot use the settings and tools, please contact us by using the information in the “How to contact us?” section below. Also contact the Developers of any Group to which you provided information. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive.

11. COOKIES

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

There are a number of different types of cookies, however, our Services uses:

  • (a) We may use Functionality cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and the location you are in. A mix of first-party and third-party cookies are used.
  • (b) We may use Advertising cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. We sometimes share some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.

You can set your browser not to accept cookies. However, in a few cases, some of our website features may not function as a result.

12. PRIVACY POLICIES OF OTHER WEBSITES

The Services contain links to other websites. Our Agreement applies only to our Services, so if you click on a link to another website, you should read their privacy policy.

13. CHILDREN

We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us by using the information in the “How to contact us?” section, below, and we will take steps to delete such Personal Data from our systems.

14. HOW TO CONTACT US?

If you have any questions about this Agreement, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

We have an officer responsible for data protection which can be contacted at:

Data Protection Officer
Metacis inc.
CP30540
Brossard, QC, J4Z 3R6
privacy@metacis.com

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the European Economic Area. you have the right to lodge a complaint with the competent supervisory authority.

15. ENGLISH VERSION CONTROLS

Non-English translations of this Agreement are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.

16. Definitions

  • (a)Group” means the portion of the Services that is created by a single User (the “Owner“) and has an access that is limited to Users that have been invited.
  • (b)Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • (c)Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • (d)Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data; where the purposes and means of such Processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • (e)Processor” means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller;