UPDATED DECEMBER 23, 2016
At GuideLoom Inc., privacy and security are extremely important to us. We are committed to complying with the Personal Information Protection and Electronic Documents Act Canada (“PIPEDA”), and with any other privacy laws applicable to our business.
We do this not simply because we have to; we do this because we want to.
“Us”, “We”, “Our”, “Ours”, and/or “GuideLoom”: refer to GuideLoom Inc., an incorporated company in Calgary, Alberta, Canada. These words are meant to include any of GuideLoom Inc.’s subsidiary companies, any related companies, heirs, agents, affiliates, and/or assigns. Our registered office address is: 1701 Centre Street North, Unit 407, Calgary, Alberta, CANADA, T2E 7Y2. We can also be reached at email@example.com, and on our website at guideloom.com.
“Our Service(s)”, and/or “Service(s)”: means our “GuideLoom(TM)”, “SpeedyLoom(TM)” and/or “eMarketLoom(TM)” and/or other online and professional services we may offer from time to time.
“Website”, “Software”, “Application”, and/or “App”: These words each and/or all refer to Our computer source code and/or binary code that we have assembled and/or developed, which are the basis of Our Services, that You as Customer, and/or You as Merchant use.
“You as Merchant”, and/or “Merchant”, (and/or “You”, and/or “Your” in context): means someone who uses Our Software and/or Service(s) to publish, distribute, sell, market, advertise, promote, and/or offer their good(s) and/or service(s) to a Customer.
“You as Customer”, and/or “Customer”, (and/or “You”, and/or “Your” in context): means someone who uses Our Software and/or Service(s) to use a given Merchant’s content (including documents, media, and/or information) and/or purchase, view, order, consume, and/or receive a Merchant’s good(s) and/or service(s).
“Governing Jurisdiction”: means the Province of Alberta, Canada.
“Meta Data”: means data about Your data that is generated by Your use of Our Software and/or Service(s), which by itself does not contain personally identifiable information about You.
“Aggregate Data”: means information derived from combining/grouping/collating and/or analyzing Your Personal Information data among other users’ Personal Information data and other data that is generated by Your use of Our Software and/or Service(s). Aggregate Data does not itself contain personally identifiable information about you.
“Cookies”: mean small data used by Our Software to enable information sharing and tracking between Your computing device and Our servers. Some Cookies are short term, others can be persistent for use of remembering Your login details for You as a convenience. Not all Cookies used by Our Software originate from Us, some come from 3rd party software and services We use in the functioning of Our Software and/or Service(s).
CONSENT TO COLLECT AND USE DATA AND PERSONAL INFORMATION
We usually ask you to provide explicit consent to collect and use your Personal Information, however sometimes your consent may be reasonably implied, such as when you make public postings or messages regarding Us, our Service(s) and/or our Software.
We, of course, must use your Personal Information as is reasonably required to fulfill the functions of Our Service(s) and/or Our Software. For example, we must provide your chosen contact information to a merchant in transmitting an order to them, so that they may contact you by your chosen means so they can notify you of order processing status.
We will also use your Personal Information so that we can contact you as is reasonably necessary in the fulfillment of the functions of Our Service(s) and/or our Software. For example to inform you if there is an error in processing an order. We will also use your Personal Information to contact you to provide you information from us, including marketing/promotional information, and/or solicit information and feedback, about Our Service(s) and/or Software; unless you inform us otherwise using our opt-out capabilities for your account.
We use your Personal Information to create and analyze Meta Data and/or Aggregate Data to improve our business, Our Software and/or Our Service(s). We may distribute and use the Meta Data and/or Aggregate Data, both publicly and/or for commercial gain.
We will comply with any legally enforceable court-ordered release of your Personal Information, pursuant to the laws of the Governing Jurisdiction or relevant jurisdiction in the circumstances.
Your Personal Information will be moved into/out-of the Governing Jurisdiction, for use by Us in other jurisdictions. For example, credit card processing, or order transmission to a merchant in another jurisdiction, or e-mail receipt sending may not occur within the Governing Jurisdiction. You consent to the transmission, use, and distribution of Your Personal Information to the extent that it is reasonably necessary to effect the function of our Software and/or Service(s). This includes, for example, use of servers outside the Governing Jurisdiction, to use/store Your Personal Information for backup and/or fail-over functionality.
We limit access to your Personal Information, within Our Company, to that which is reasonably necessary for Our employees and/or contractors to fulfill their duties.
You have the right to see the Personal Information we hold about you (“Access Request”) and to ask us to make any changes to ensure that it is accurate. We will undertake reasonable effort to deal with all requests for access and modifications in a timely manner. We will charge You a fee for Our administrative costs in providing this information to You.
DATA SECURITY AND RETENTION POLICY
As part of Our everyday ongoing operation of Our Software and/or Services, We create data (which can include Your Personal Information), Meta Data, and Aggregate Data. This policy describes how We handle and store such data.
We also apply these same Data Security Policy elements to the vendors We use in the ongoing operation of Our Software and/or Services.
Note that we can neither guarantee nor warrant 100% security, nor 100% availability.
We do, however, work very diligently, to the degree reasonably possible, to employ and maintain:
Payment Card Industry Data Security Standard (PCI DSS) compliance: Wherever applicable, We ensure ongoing compliance with PCI DSS requirements.
Redundancy, Security Systems, Firewalls, and Anti-Virus: We employ continuously-evolving and multiple best-practices to manage the availability and security of Our systems: including (but not limited to) redundant systems, continuously-updated firewalls, anti-virus software, intrusion detection systems, regular security penetration testing, denial of service (DoS) mitigation, strong passwords and password management.
Encryption: Wherever practical, We employ standard commercial-grade encryption to the data created by use of Our Software and/or Services; both when data is “at rest” and “in motion.” Data transmission between Our systems is done via encrypted channels wherever practical. Similarly, human and machine access to Our Software and/or Services are also through commercial-grade-encrypted channels wherever practical. Notable and necessary exceptions to this encryption policy are plain-text e-mail or SMS notifications which We may send to You, as a result of You using Our Software and/or Services.
Backups, Storage, Deletion of Data: We employ data backups, and redundant data storage systems on a commercially-reasonable frequency. Our data security and encryption methods apply equally to backup data and backup systems. Subject to the laws of the Governing Jurisdiction, we retain data for a commercially-reasonable period of time, but we do not retain data indefinitely.
For any questions, please contact us firstname.lastname@example.org