Privacy Policy

1. Introduction

Cape Inc. (“Cape”, “we”, “us”) has created this Privacy Policy (“Privacy Policy”) in order to set out how we collect, use, and disclose personal information through our cryptograph and machine learning Cape Privacy Platform (the “Cape Privacy Cape Privacy Platform”). The Cape Privacy Cape Privacy Platform enables secure & trusted data privacy for Collaborative Data Science by our customers (“Customers”).

The privacy of our Customers and visitors to our website, www.capeprivacy.com (the “Website”), is important to us. By visiting the Website or using the Cape Privacy Platform in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy and you hereby consent to the collection, use and disclosure of your Personal Information in accordance with this Privacy Policy.

2. What does this privacy policy cover?

This Privacy Policy covers our collection, use and disclosure of information about identifiable individuals and information which can be used to identify an individual (“Personal Information”). Personal Information may be collected about our Customers, prospective Customers, visitors to the Website, and end users of the Cape Privacy Platform.

This Privacy Policy does not apply to the practices of companies that we do not own or control. The Cape Privacy Platform is intended for use by businesses. Our Customers are responsible for maintaining their own privacy policies governing the collection, use and disclosure of Personal Information. You are responsible for ensuring that you have obtained the necessary authorizations and consents for any Personal Information you make available to us for use in accordance with this Privacy Policy.

3. Collection and use of personal information and other data

3.1 Prospective Customers

We collect names, email addresses and other business contact information about individuals who we consider to be prospective customers and business partners (“Prospects”). Cape uses third-party service providers such as MailChimp to assist in the collection, storage and processing of Personal Information (for example, if you sign up to our mailing list or to receive information and materials from us_. We also use third-party service providers to identify Prospects and locate contact information to contact Prospects about our products and services.

3.2 Website Visitors

As you visit or browse the Website, we collect information about the device and browser you use, your network connection, your IP address, and information about the cookies installed on your device. This information is logged to help diagnose technical problems for analytics and for quality control purposes. We also collect Personal Information submitted by any visitor to our Website through messaging features we make available on our Website and use such information for the purpose of responding to your requests. Information about website visitors may be collated and analyzed by third party services (eg. Google Analytics, BambooHR) however we respect Do Not Track and site users can opt out of cookies and the use of analytics services like Google Analytics, BambooHR. For more about cookies, please see section 3.3 below.

3.3 Cookies

Cape uses cookies for analytics on site use, user engagement and other business analysis. A cookie is a small amount of data, which may include a unique identifier. Cookies are sent to your browser from a website and stored on your device. We assign a different cookie to each device that accesses our Website. You will have the option to click to opt out of or to accept cookies when you first arrive on the landing page of the Website.

4. Storage location and transfer of personal information

Cape processes and stores its data, including Personal Information, on the servers of Cape’s sub- processors. Cape also transfers data to the third-party service providers described in Section 5.1. By submitting Personal Information or otherwise using the Cape Privacy Platform, you agree to this transfer, storing or processing of your Personal Information outside of Canada (and the EU if you are based in the EEA) either in the United States, on cloud servers or in other jurisdictions used for hosting and data storage by our sub-processors. You acknowledge and agree that your Personal Information may be accessible to law enforcement and governmental agencies in the U.S. or other applicable countries under lawful access regimes or court order. For further information, please see our list of subprocessors available at www.capeprivacy.com/subprocessors.

Enforcement

Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at conduct@capeprivacy.com. All complaints will be reviewed and investigated promptly and fairly.

All community leaders are obligated to respect the privacy and security of the reporter of any incident.

5. Disclosure of personal information with third parties

5.1 Service Providers and Business Partners

We may from time to time employ third parties to perform tasks on our behalf and we may need to share Personal Information with them to provide certain services. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary for them to provide the tasks and services on our behalf. The third parties we currently engage includes third party companies and individuals employed by us to facilitate our services, including the provision of maintenance services, database management, Web analytics and general improvement of the Cape Privacy Platform, and businesses who engage our Cape Privacy Platform. Please see our list of subprocessors for more information about who Cape engages: www.capeprivacy.com/subprocessors.

5.2 Business Transfers

If our business (or substantially all of our assets) are acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be made available or otherwise transferred to the new controlling entity, unless prohibited by applicable law.

5.3 With Your Consent

If we need to use or disclose any Personal Information in a way not identified in this Privacy Policy, we will notify you and/or obtain consent as required under applicable privacy laws.

5.4 As required by law

We may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other End Users, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. Further, we may disclose Personal Information when we believe in good faith that such disclosure is required by and in accordance with the law. We also reserve the right to access, read, preserve, and disclose any information as we reasonably believe is necessary to:

  • satisfy any applicable law, regulation, legal process or governmental request;
  • enforce our contracts or user agreement, including investigation of potential violations hereof; and
  • detect, prevent, or otherwise address fraud, security or technical issues

The above may include exchanging information with other companies and organizations for fraud protection and spam/malware prevention. Notwithstanding the general terms of this Privacy Policy, the collection, use, and disclosure of Personal Information may be made outside of the terms herein to the extent provided for in any applicable privacy or other legislation in effect from time to time, or pursuant to court orders.

6. Retention

We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally identifiable data, or if required by law. All retained Personal Information will remain subject to the terms of this Privacy Policy.

7. Access, correction and accuracy

You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected in respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances, and as permitted under law, we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner. We will make every reasonable effort to keep your Personal Information accurate and up to date, and we will provide you with mechanisms to update, correct, delete or add to your Personal Information as appropriate. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you the best possible service.

8. Security

The security of your Personal Information is important to us. We use commercially reasonable efforts to store and maintain your Personal Information in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Personal Information that you provide to us. We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.

9. Residents of the european economic area (“EEA”)

Cape generally processes Personal Information in order to fulfill contracts we have with our Customers and to pursue our legitimate business interests listed above. Otherwise, Cape will obtain consent from an individual in respect of processing of Personal Information if required by law to do so. Further, individuals located in the EEA have certain rights under European law (including under the General Data Protection Regulation) with respect to Personal Information, including the right to request access to, obtain, correct, amend, delete, or limit the use of your personal data. Customers or prospective Customers and site users located in the EEA should review the Cape GDPR Statement.

10. Changes to this privacy policy

We may amend this Privacy Policy from time to time. Use of Personal Information we collect is subject to the Privacy Policy in effect at the time such information is collected, used or disclosed. If we make material changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or Cape Privacy Platform or sending you an email prior to the change becoming effective. You are bound by any changes to the Privacy Policy when you use the Website and/or Cape Privacy Platform after such changes have been first posted. The date this policy was last updated is set out at the top of this document.

11. Additional information

Questions regarding this Privacy Policy or Cape’s privacy practices should be directed to our Privacy Officer by email to privacy@capeprivacy.com or by post addressed to: Privacy Officer, Cape Inc. PO Box 33081 Quinpool Central, Halifax, NS B3L 4P6 Canada.

1332621.v2