3. COLLECTION AND USE OF PERSONAL INFORMATION AND OTHER DATA
3.1 Prospective Customers
We collect names, email addresses and other business contact information about individuals who we consider to be prospective customers and business partners (“Prospects”). Cape uses third-party service providers such as MailChimp to assist in the collection, storage and processing of Personal Information (for example, if you sign up to our mailing list or to receive information and materials from us_. We also use third-party service providers to identify Prospects and locate contact information to contact Prospects about our products and services.
3.2 Website Visitors
As you visit or browse the Website, we collect information about the device and browser you use, your network connection, your IP address, and information about the cookies installed on your device. This information is logged to help diagnose technical problems for analytics and for quality control purposes. We also collect Personal Information submitted by any visitor to our Website through messaging features we make available on our Website and use such information for the purpose of responding to your requests. Information about website visitors may be collated and analyzed by third party services (eg. Google Analytics, BambooHR) however we respect Do Not Track and site users can opt out of cookies and the use of analytics services like Google Analytics, BambooHR. For more about cookies, please see section 3.3 below.
4. STORAGE LOCATION AND TRANSFER OF PERSONAL INFORMATION
Cape processes and stores its data, including Personal Information, on the servers of Cape’s sub- processors. Cape also transfers data to the third-party service providers described in Section 5.1. By submitting Personal Information or otherwise using the Cape Privacy Platform, you agree to this transfer, storing or processing of your Personal Information outside of Canada (and the EU if you are based in the EEA) either in the United States, on cloud servers or in other jurisdictions used for hosting and data storage by our sub-processors. You acknowledge and agree that your Personal Information may be accessible to law enforcement and governmental agencies in the U.S. or other applicable countries under lawful access regimes or court order. For further information, please see our list of subprocessors available at www.capeprivacy.com/subprocessors.
5. DISCLOSURE OF PERSONAL INFORMATION WITH THIRD PARTIES
5.1 Service Providers and Business Partners
We may from time to time employ third parties to perform tasks on our behalf and we may need to share Personal Information with them to provide certain services. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary for them to provide the tasks and services on our behalf. The third parties we currently engage includes third party companies and individuals employed by us to facilitate our services, including the provision of maintenance services, database management, Web analytics and general improvement of the Cape Privacy Platform, and businesses who engage our Cape Privacy Platform. Please see our list of subprocessors for more information about who Cape engages: www.capeprivacy.com/subprocessors.
5.2 Business Transfers
If our business (or substantially all of our assets) are acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be made available or otherwise transferred to the new controlling entity, unless prohibited by applicable law.
5.3 With Your Consent
5.4 As required by law
We may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other End Users, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. Further, we may disclose Personal Information when we believe in good faith that such disclosure is required by and in accordance with the law. We also reserve the right to access, read, preserve, and disclose any information as we reasonably believe is necessary to:
- satisfy any applicable law, regulation, legal process or governmental request;
- enforce our contracts or user agreement, including investigation of potential violations hereof; and
- detect, prevent, or otherwise address fraud, security or technical issues
7. ACCESS, CORRECTION AND ACCURACY
You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected in respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances, and as permitted under law, we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner. We will make every reasonable effort to keep your Personal Information accurate and up to date, and we will provide you with mechanisms to update, correct, delete or add to your Personal Information as appropriate. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you the best possible service.
The security of your Personal Information is important to us. We use commercially reasonable efforts to store and maintain your Personal Information in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Personal Information that you provide to us. We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
9. RESIDENTS OF THE EUROPEAN ECONOMIC AREA (“EEA”)
Cape generally processes Personal Information in order to fulfill contracts we have with our Customers and to pursue our legitimate business interests listed above. Otherwise, Cape will obtain consent from an individual in respect of processing of Personal Information if required by law to do so. Further, individuals located in the EEA have certain rights under European law (including under the General Data Protection Regulation) with respect to Personal Information, including the right to request access to, obtain, correct, amend, delete, or limit the use of your personal data. Customers or prospective Customers and site users located in the EEA should review the Cape GDPR Statement.
11. ADDITIONAL INFORMATION