Privacy Policy

Updated: June 27, 2023

1. Introduction

Your privacy is important to Cape. So, we've developed a Privacy Statement that covers how we collect, use, disclose, transfer, and store your personal data.

This Privacy Statement applies to Cape Inc., a Canadian corporation, and to any affiliated companies (together, “Cape”), and to the websites available under the domain www.capeprivacy.com (together, the “Site”).

This Privacy Statement relates to Cape and the use of Cape services available through the Site, including, without limitation, the Cape Services, as defined in the Terms of Service (collectively, the “Services”).

2. Personal data we collect

Personal data means information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular individual or household.

Cape collects data from you, through our interactions with you and through our Services for a variety of purposes described below, including to operate effectively and provide you with the best experiences with our Services. You provide some of this data directly, such as when you create an account, administer your organization’s account, upload documents to the Services, or contact us for support. We get some of it by collecting data about your interactions, use, and experience with our Services and related communications.

We rely on a variety of legal reasons and permissions (sometimes called “legal bases”) to process data, including with your consent, a balancing of legitimate interests, necessity to enter into and perform contracts, and compliance with legal obligations, for a variety of purposes described below.

We may also obtain data from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time and include sources such as marketing partners.

When you are asked to provide personal data, you can decline. However, our Services may require some personal data to operate and provide you with a service. If you choose not to provide data required to operate and provide you with a product or feature, you cannot use that product or feature. Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract.

The data we collect depends on the context of your interactions with Cape and the choices you make (including your privacy settings), the products and features you use, your location, and applicable law.

The personal data we collect may include information such as the following:

• Name and contact data. First and last name, email address, postal address, phone number, and other similar contact data.
• Credentials. Passwords, password hints, and similar security information used for authentication and account access.
• Financial information. Data to process payments, when necessary, such as your payment instrument number (bank account number, for example).
• Services licensing data. Information about your Services licenses and other entitlements.
• Content you provide. Content of the files you input, upload, receive, create, and control. For example, if you transmit a file for processing as part of the Services, we need to collect the content of that file to process it as part of the Services.

3. How we use personal data

We collect and process personal data from you only when:

• We have your permission to do so,
• We need the personal data to perform a contract with you or provide a service to you,
• Necessary to provide you with the benefits of our Services and to operate our business,
• The processing is in our legitimate business interests, and
• Necessary to comply with legal requirements, including applicable laws and regulations.

As particular examples, we may use your personal data as follows:

• We may use your personal data to send important notices, such as communications about purchases and changes to our terms, conditions, and policies. Because this information is important to your interaction with Cape, you may not opt out of receiving these communications.
• The personal data we collect allows us to keep you posted on Cape's latest product announcements, Services updates, and upcoming events. If you don't want to be on our mailing list, you can opt out any time by updating your preferences or, for marketing communications, by clicking on the applicable unsubscribe buttons in each email.
• We also use personal data to help us create, develop, operate, deliver, and improve our Services, and content, and for anti-fraud purposes.
• We may use your personal data to verify identity, assist with identification of users, and to determine appropriate services.
• We may also use personal data for internal purposes such as auditing, data analysis, and research to improve Cape's Services, and customer communications.
• If we combine non-personal data with personal data, the combined information will be treated as personal data for as long as it remains combined and includes personal data.

We may compile aggregated data and other statistical information related to your use of the Services, including personal data, and may use such information to improve the Services, provided, however, that such use does not reveal your personal data to third parties except as provided in this Privacy Statement.

Sharing of personal data

We share your personal data with your consent or as necessary to complete any transaction or provide any Services you have requested or authorized. If you use a Cape product provided by an organization you are affiliated with, such as an employer or school, or use an email address provided by such organization to access Cape Services, we share certain data, such as interaction data and diagnostic data to enable your organization to manage the products. When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.

In addition, we share personal data among Cape-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we've hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.

Finally, we will retain, access, transfer, disclose, and preserve personal data, including your content, when we have a good faith belief that doing so is necessary to do any of the following:

• Operate and maintain the security of our Services, including to prevent or stop an attack on our computer systems or networks.
• Protect our customers, for example, to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life or serious injury of anyone.
• Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
• Protect the rights or property of Cape, including enforcing the terms governing the use of the Services.

For more detail about third parties with whom we may share data, please see our our list of subprocessors available at www.capeprivacy.com/subprocessors.

5. Data transfers

All the information you provide may be transferred or accessed by entities around the world as described in this Privacy Statement. In particular, Cape uses servers and service providers located in the United States and Canada. If you do not want your personal data transferred to the United States, do not use the Services.

We may transfer the personal data we collect about you to recipients in countries other than the country in which the information was originally collected. If you are based in the UK, the EU, or another country which imposes data transfer restrictions outside of its territory, this includes transfers outside of the UK and the European Economic Area (“EEA“) or that geographical area, including to those countries in which our affiliates, group members, service providers and business partners operate. Those countries may not have the same data protection laws as the country in which you initially provided the information.

6. Retention and deletion of your information

We will delete the information that we hold about you when we no longer need it. We retain your personal data for as long as it is required by us for our legitimate purposes, to perform our contractual obligations, or where longer, such longer period as is required or permitted by law or regulatory obligations which apply to us.

7. Your rights and choices

We offer you certain choices in connection with the personal data we collect from you. To update your preferences or submit a request, please contact Cape (see Section 12, below). To the extent provided by the law of your jurisdiction or otherwise applicable to our processing of your information, you may request access to the personal data we maintain about you or request that we correct, amend, delete or block the information by contacting us as indicated below. Where provided by law, you may withdraw any consent you previously provided to us or object at any time on legitimate grounds to the processing of your personal data, and we will apply your preferences going forward.

We review and verify requests to protect your personal data, and will take action on data protection requests fairly and in accordance with applicable data protection laws and principles.

If you wish to exercise any of these rights, please contact Cape (see Section 12, below).

You can also lodge a complaint about our processing of your personal data with the body regulating data protection in your country.

8. How we protect personal data

We maintain administrative, technical, and physical safeguards designed to protect personal data we obtain through the Services against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.

9. Links to other websites or services

Our Services may include links to or otherwise enable you to access products of third parties whose privacy practices differ from those of Cape. If you provide personal data to any of those products, your data is governed by their privacy policies.

Our Site may provide links to other websites for your convenience and information. These websites may operate independently from us. Linked websites may have their own privacy notices or policies, which we strongly suggest you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for their content, any use of the websites, or the privacy practices of the websites.

10. Children

Cape Services are not intended for use by anyone under 18 years of age (or the age of majority in your home jurisdiction, if older).

We do not knowingly collect, use or disclose personal data from children under 13, or equivalent minimum age in the relevant jurisdiction, without verifiable parental consent. If we learn that we have collected the personal data of a child under 13, or equivalent minimum age depending on jurisdiction, without first receiving verifiable parental consent, we will take steps to delete the information as soon as possible.

11. Updates to this privacy statement

This Privacy Statement may be updated periodically and without prior notice to you to reflect changes in our personal data practices. We will post the updated version on the Site and indicate at the top of the Privacy Statement when it was most recently updated. Please check for any updates regularly.

12. Contact cape

Contact Cape regarding this Privacy Statement at: