Privacy and Accessibility Policies
Privacy Policy
We are committed to safeguarding the privacy of our website visitors and clients and maintain compliance with relevant Canadian and International privacy protection laws including PIPEDA and GDPR.
This privacy policy has been compiled to better serve those who are concerned with how their personal data is being collected and used. Personal data is information that can be used on its own or with other data to identify, contact, or locate a single person, or to identify an individual in context.
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors, app users and clients. In other words, where we determine the purposes and means of the processing of that personal data. Please read this policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your personal data.
What personal data do we collect?
The general categories of data we collect from people that visit our websites and blogs or who use our products are:
- Usage data
- Account data
- Profile data
- Enquiry data
- Customer relationship data
- Transaction data
- Notification data
- Correspondence data
When do we collect personal data?
We collect data from you when you register on our sites or in the apps, place an order, subscribe to a newsletter, fill out a form, register for an event, or enter other requested information on our site. We also collect product usage data when you use our products.
How do we use your personal data?
Usage data
We may process data about your use of our websites, apps and products (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, pages viewed and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics which is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the websites, app and products. The legal basis for this processing is monitoring and improving our websites, apps and products.
Account data
We may process your account data (“account data”) when you register on the websites or in the products. The account data may include your name and email address. The account data may be processed for the purposes of ensuring the security of our websites and products, and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of licenses and subscriptions, maintenance of your product preferences, products you own or sell, and the ability to communicate important website, and product information to you.
Profile data
We may process your information included in your personal profile on our websites, in our apps, and in our products (“profile data”). The profile data may include your name, address, telephone number, email address, educational details and employment details and other preferences related to product use. The profile data may be processed for the purposes of enabling and monitoring your use of our websites, and products. The legal basis for this processing is our legitimate interests, namely the proper administration of our websites, apps and products, the performance of a contract between you and us and/or taking steps, at you request, to enter into such a contract.
Enquiry data
We may process information contained in any enquiry you submit to us regarding our products (“enquiry data”). The enquiry data may be processed for the purposes of providing support or assistance, or marketing and selling relevant products to you. The legal basis for this processing is your consent.
Customer Relationship data
We may process information relating to our customer relationships, including customer contact information (“customer relationship data”). The customer relationship data may include your name, your employer, your job title or role, your contact details, and information contained in communications between us and you or your employer. The source of the customer relationship data is you or your employer. The customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with customers, keeping records of those communications and promoting our products and services to customers. The legal basis for this processing is our legitimate interests, namely the proper management of our customer relationships.
Transaction data
We may process information relating to transactions, including purchases of products, or products that you sell, through our websites and products (“transaction data”). The transaction data may include your contact details, your credit card or banking details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased products to you or your customers, and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely the proper administration of our websites and businesses.
Notification data
We may process information that you provide to us for the purpose of subscribing to our email notifications, blogs, newsletters or events (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or content]. The legal basis for this processing is your consent.
Correspondence data
We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the content of your feedback, or comment and any meta data included in the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely addressing your feedback or concerns and the continuing improvement of websites and products.
We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
Please do not supply any other person’s personal data to us unless we prompt you to do so.
How do we protect your personal data?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We perform regular malware scanning.
Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all personal and credit card information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information in order to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not processed or stored on our servers.
Do we provide your personal data to others?
We do not sell, trade, or otherwise transfer to outside parties your personal data unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating and marketing our websites, products, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
We may disclose your enquiry data to one or more of our authorized resellers (identified on our website https://avenza.com/about/resellers/) for the purpose of enabling them to contact you so that they can offer, market and sell to you relevant goods and/or services. Each such third party will act as a data controller in relation to the enquiry data that we supply to it; and upon contacting you, each such third party will supply to you a copy of its own privacy policy, which will govern that third party’s use of your personal data.
In addition to the specific disclosures of personal data set out in this policy, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
How long do we retain your personal data?
We will only keep your personal data for a period that is deemed to be necessary in accordance with the purpose for which it was collected or as required by any applicable laws.
Amendments to this policy
We may update this policy from time to time by publishing a new version on our website.
You should check this page occasionally to ensure that you are aware of any changes to this policy and how they may affect you.
We may notify you of significant changes to this policy through email or in-product messages.
What are your rights relating to the processing and storage of your personal data?
Your principle rights under data protection law are:
- The right to access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to object to processing
- The right to complain to a supervisory authority
- The right to withdraw consent
You have the right to obtain confirmation as to whether or not we process your personal data and, where we do, to have access to the personal data, together with additional information. The additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data.
You have the right to have any inaccurate or incomplete personal data about your rectified.
In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include situations in which the personal data is no longer necessary in relation to the purposes for which it was collected, or you have withdrawn your consent to consent-based processing.
However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary including for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To the extent that the legal basis for our processing of your personal data is:
(a) consent; or
(b) that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract,
and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
You have the right to withdraw your consent at any time where the legal basis for processing your data is you consent. Withdrawal will not affect the lawfulness of processing before the withdrawal.
You may exercise any of your rights in relation to your personal data by written notice to us by email to our [privacy owner]. You may withdraw consent by changing your preferences using the links at the bottom of all of our email communications.
Do we use ‘cookies’?
We use cookies on our website. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Insofar as those cookies are not strictly necessary for the provision of our blogs, websites and products, we will ask you to consent to our use of cookies when you first visit, and in the event that you have cleared cookies from your browser.
We use cookies for the following purposes:
- Authentication – to identify you when you visit our websites, use our products, and as you navigate our websites.
- Security – as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our websites.
- Status – to help us determine if you are logged into our websites
- Personalization – to store information about your preferences and to personalize the websites for you
- Analysis – to help us analyze the use and performance of our websites, products.
- Cookie consent – to store your preferences in relation to the use of cookies more generally.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since every browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, it will not affect your use of our websites, or products.
Third-Party Cookies
Our service providers use cookies and those cookies may also be stored on your computer when you visit our websites.
Third-party cookies are used for the following purposes:
- Analysis – to help us analyze the use and performance of our websites, apps and products.
- Personalization – to store information about your preferences and to personalize the websites for you.
What if a data breach occurs?
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- We will notify you via email within 30 days
- We will notify the users via in-site notification (where applicable) within 30 days
Who are we?
Our websites, apps and products are owned and operated by:
Avenza Systems, Inc.
84 Merton Street
Toronto, ON M4S 1A1
Canada
You can contact us by any of the methods available on our corporate website https://avenza.com/about/contact/
Our Privacy Protection Lead may be contacted at privacy@avenza.com
Accessibility Policy
Statement of Commitment
Avenza strives at all times to provide its services in a way that respects the dignity and independence of people with disabilities. We believe in integration and equal opportunity. We are committed to meeting the needs of people with disabilities in a timely manner, and will do so by preventing and removing barriers to accessibility and meeting accessibility requirements under the Accessibility for Ontarians with Disabilities Act.
For More Information
For more information on this accessibility plan or any questions on the policy, please contact our Accessibility team at:
Phone: 1-416-487-5116
Email: accessibility@avenza.com
Accessible formats of this document are available at no charge upon request from accessibility@avenza.com