Personal Information and Data Management Policy (“Privacy Policy”)

1. PURPOSE AND SCOPE OF THIS POLICY 

‍

At Global Vision, your privacy and data protection rights are important to us and we are committed to protecting your personal information that we collect and use. This Privacy Policy explains how GVE Global Vision Inc. (“GlobalVision”, or “we”, “us”, or “our”) uses, shares, processes and stores personal information we collect from various sources, including our website, products and services distributed or sold by us or our resellers and other partners, events, webinars, surveys, and other marketing activities. 

‍

This Privacy Policy applies to all website visitors, users of our products and services (including our GVD, GVW, and Verify software solutions), and our customers. Job applicants can consult the Privacy Notice for Job Candidates. 

‍

This Privacy Policy applies to circumstances in which GlobalVision processes personal information for its own purposes. GlobalVision may also process personal information on behalf of our customers in accordance with the terms of a written agreement, however the respective customer’s data processing or protection practices may be different than our practices outlined herein. 

‍

This Privacy Policy is modeled after the principles set out in the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and substantially similar applicable provincial legislation in Canada, and takes into account provisions of the General Data Protection Regulation of the European Union (“GDPR”).

‍

Nothing in this Privacy Policy has the effect of creating obligations for GlobalVision beyond those imposed by applicable laws and regulations pertaining to the management of personal information.

‍

For the purposes of this Privacy Policy, “personal data” and “personal information” have the same meaning and are used interchangeably. “Personal data” is information that identifies, or can reasonably be linked directly or indirectly to, an identifiable person. Personal data does not include information that is anonymous, de-identified, or aggregated, as those terms may be defined under applicable laws.

Please note that in connection with GDPR, GVE Global Vision Inc. acts in different capacities depending on the nature of the processing. When we collect and process personal information for our own purposes as described in this Privacy Policy, we act as a data controller. When we process personal information on behalf of our customers through the use of our software solutions in accordance with their instructions and our contractual agreements with them, we act as a data processor, and our customers act as the data controllers.

‍

2. SOURCES OF PERSONAL INFORMATION WE COLLECT

‍

We obtain personal information in different ways, as further outlined below. Some personal information is provided by you. Other personal information is automatically collected by us through our products and services. We may also obtain personal information about you from third parties.

‍

Information you provide to us. We collect information directly from you, such as when you purchase and use a product or service, register a product, register for an online demonstration of a product, download content from our website, sign up for our newsletter or for one of our events, complete any surveys, chat with us via our website or offerings, or otherwise contact us. The types of information we may collect from you include, without limitation:
‍

• Contact information, such as your full name, professional title, telephone number, business mailing/shipping address, and email addresses.
• Other identifiers, such as internet protocol (IP) address, account username, and account password.
• Commercial information, such as details about the products and services that you have purchased, used and/or expressed interest in, and events you have attended.
• Communications, such as information you provide when you respond to surveys, engage with our representatives, or otherwise communicate with us.
• Payment and billing information, such as credit card or other payment information which we collect via a secure payment processing service, as well as billing contact information. For more information you can contact our payment processor as set forth in their privacy notices. 
• Marketing information, such as your preferences for receiving marketing communications and details about how you engage with them.
• Support information, such as records of our interactions, including correspondences and details of the problems you are experiencing and any documents or information that would be helpful in resolving the issues.
• Content, such as the documents or other materials you upload into our products or provide in connection with our services.
• Other information that you choose to provide but is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

‍

Website data. We automatically collect information about you when you browse our website. For more information, including on how to control or opt-out of cookies on our website, please consult our Cookies Policy.

‍

Social networking data. We may include tags, buttons, or other tools on our website that link to another company’s platform (“Plugins”). If you use any Plugins on our website, information can be transferred directly from your device to the respective third party platform. We may not control the data collected by Plugins. If you are logged in to a social network, the social network may be able to link your use of our website to their platform. 

‍

Product usage data. We collect Product Usage Data through automated data collection mechanisms embedded in our software solutions and through our Usage-Analytics Tools.

• “Product Usage Data” means any telemetry, log, analytic, diagnostic, or other technical or behavioural information generated through a user’s interaction with our software solutions. 
• “Usage-Analytics Tools” means the third-party systems that receive or process Product Usage Data on our behalf. 
• “Messaging Tools” means the third-party systems we use to generate or transmit service or support communications. 

‍

Product Usage Data may include the following: first and last name, email address, phone number, licence serial number; MAC & IP address; country, region, city, designated market area; computer name; device type; Windows login username; user ID; browser details; OS version; OS language; software version; CPU architecture; total & available RAM; timestamp of data event; dates of activation/creation/expiry; password-reset status & expiry; last-login timestamp; account status & reset date; failed-login count; inspection metrics (number, type, maximum comparisons); modules purchased; account role; filenames & file types uploaded; and other event-specific metadata. 

‍

The Usage-Analytics Tools also register click-streams, navigation paths, feature utilisation counts, error codes, and other in-product events that enable us to understand performance and user behaviour. 

‍

Information from third party sources. We may receive information about you from third party sources, such as other users of the products and services, business partners, channel partners (i.e. resellers), and social networking services and platforms. The types of information we may collect about you include, without limitation:

‍

• Contact information, such as your full name, title, telephone number, business mailing/shipping address, email addresses, and social media profiles.
• Commercial information, such as details about the products and services that you have purchased, used and/or expressed interest in.
• Billing information, such as billing contact information.

‍

In accordance with applicable laws, we may combine your personal information with information we collect from other parties to help keep our databases current and accurate, and to provide you with more relevant content, experiences, applications, and other offerings.

‍

Sensitive personal information. We kindly request that you do not provide to us any sensitive personal information, including special categories of personal information, such as social security numbers, information related to racial or ethnic origin, political views, religious beliefs, or health information, via our website, products and services. In the event that such sensitive personal information is provided to us, to the extent we become aware of its existence, such information will be deleted and not processed. 

‍

Changes to your personal information. Please advise us if your personal information changes during your relationship with us, by contacting us at privacy@globalvision.co.
‍

3. HOW WE USE PERSONAL INFORMATION

‍

We collect, use and process your personal information for the following purposes, and if you are from the European Economic Area (“EEA”), the UK or Switzerland, on the following legal bases:

‍

• Delivering our products and providing our services: We collect, use and process your personal information to fulfill our contractual obligations towards you, such as to issue licenses to our software, or to create, administer and manage your user accounts. In the event that we have not entered into a contractual agreement with you, we process your personal information in furtherance of our legitimate interests to make our products and services available to you.
• Communicating with you about our products and services: We collect, use and process your personal information to send you important information regarding our products and services in reliance on our legitimate interests. This may include communication of technical notices, updates, security alerts, support and administrative messages, as well as responses to your questions, comments and requests.
• Providing customer support: We collect, use and process your personal information to provide our support services in reliance on our legitimate interests, which include troubleshooting and resolving technical issues, responding to your requests for assistance, and reproducing, isolating and remediating performance issues or user-reported incidents.  
• Improving our products and services: We collect, use and process your personal information to improve our products and services and to understand how you use our products and services in furtherance of our legitimate interests or, where needed, with consent. To that end, we monitor your usage and we analyze trends in order to measure uptake of existing functionality, improve the overall user experience, inform our product development priorities, and develop new products, features, functionality and other services.
• User Adoption Analysis: We collect, use and process your personal information to understand how frequently and in what manner our licence holders engage with the software, benchmarked against purchased licence volumes, in reliance on our legitimate interests. 
• Over-Usage Monitoring: We collect, use and process your personal information to detect use in excess of licensed entitlements and, where appropriate, to engage with customers regarding additional capacity needs, in reliance on our legitimate interests.
• Sending marketing communications: We collect, use and process your personal information to send you advertising and marketing communications about our products, services and events, in reliance on our legitimate interests or, where needed, with consent. 
• Organizing events: We collect, use and process your personal information upon your registration to events organized by us or following your attendance at such events.
• Maintaining security of our products and services: We collect, use and process your personal information in reliance on our legitimate interests to protect our business, including preventing the unauthorized use or misuse of our products and services; identifying, investigating or deterring against harmful or fraudulent activities violating our policies or applicable laws; and detecting, preventing, and responding to potential or actual security incidents.
• Fulfilling other legitimate business purposes: We may collect, use and process your personal information for other legitimate business purposes such as invoicing and audits.
• Complying with our legal obligations: We collect, use and process your personal information to fulfill our legal obligations under applicable laws. If required by law or upon the lawful request of government authorities, courts or regulators, we may use and disclose your personal information to such authorities to cooperate with them and to comply with our legal obligations. As such, your personal information may be used, as required or permitted by law, to protect our, your and third parties’ rights, property, safety and privacy.
• Other purposes: Where you give us your consent to do so, we may collect, use, process or share your personal information for other specific purposes that are not listed in this Privacy Policy. 

‍

Legal Bases for Processing. The legal bases on which we process your personal information depend on the type of personal information and the context in which we process it. We may collect, process and use your personal information on a different legal basis than the bases specified above. In such event, where we are legally required to do so, we shall provide you with a notice detailing how and why we use your personal information before or at the time we collect such information, and obtain your consent.

‍

Withdrawal of Consent. In the event that you provide your consent for the collection, use and processing of your personal information, your consent may be withdrawn at any time by contacting us. However, any collection, use, and processing of your personal information prior to such withdrawal shall not be affected. 

‍

Legitimate Interests. In the event that we collect, use and process your personal information in furtherance of our legitimate interests, your rights are balanced against ours in order to ensure that your interests to the protection of your personal information take precedence over our interests. Although you retain the right to object to the collection, use and processing of your personal information, this may result in your inability to use our products and services or our inability to fulfill our contractual obligations towards you. 

‍

For all inquiries regarding our legal bases for processing your personal information, please contact us at privacy@globalvision.co.
‍

4. HOW WE SHARE PERSONAL INFORMATION

‍

We do not share the personal information that you provide to us with other third parties without your express consent, except as described in this Privacy Policy. We may disclose your personal information with the following categories of persons or as otherwise described in this Privacy Policy or at the time of collection:
‍

• Other service users:
  
  • Administrators, such as your employer or another organization who may require your personal information for the management of the accounts.  
  • Community forums, such as publicly accessible blogs and forums accessible on our website, which may be read, collected and used by any member of the public who accesses our website.
    ‍

• Third parties:
  
  • Service providers, such as consultants, vendors, third party hosting providers, or other subcontractors engaged by us to support the provision of our products and services or help us operate our business.
  • Usage-Analytics Tools, which process Product Usage Data in order to host dashboards, visualise metrics, and facilitate debugging activities on our behalf.
  • Messaging Tools, which send password-reset emails, account-setup invitations, and other transactional or support communications.
  • Payment processors, which collect and process credit card or other payment information on our behalf.
  • Business partners, such as channel partners (i.e. resellers), integration partners, and event sponsors and partners with whom you interact in connection with our products and services.  
  • Professional advisors, such as lawyers, accountants, insurers, or auditors, where necessary in the course of the professional services they render to us.  
  • Third party websites, such as those for which links have been included on our website. Your personal information shared on such third party websites shall be subject to their respective data privacy policies. 
  • With your consent, such as with other third parties not specified herein. For example, in the event you provide us with a testimonial regarding our products and services, we will display your name alongside such testimonial on our website.
  • For compliance purposes, such as (a) to protect, our, your or others’ rights, privacy, security or property; (b) to comply with applicable laws, lawful requests or legal process, including to respond to subpoenas or requests from government authorities; (c) to cooperate with any legal investigation, where permitted by law; (d) to prosecute or defend legal claims; (e) to enforce our agreements, policies and terms of service; and (f) to prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
  • For business transfers, such as in connection with a business deal or potential business deal, namely a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business, assets, or equity interests of GlobalVision (including, as part of a bankruptcy or similar proceeding).
    ‍

5. HOW WE STORE AND SAFEGUARD PERSONAL INFORMATION

Your personal information may be held in our offices, stored on our servers or stored on the servers of our service providers, such as but not limited to NetSuite and SalesForce. 

‍

Protecting your personal information is very important to us. We have reasonable and appropriate physical, organizational and technological security measures in place to ensure the protection of your personal information that we collect, use, process and store. However, given that no security system is perfectly impenetrable, we cannot guarantee the security of your personal information. 

‍

Access to your personal information is limited to those of our employees, service providers, subcontractors and agents that require such access for the purpose of carrying out their duties.

‍

Security measures. Our security measures protect your personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the measures will vary depending on different factors, such as the sensitivity of your personal information that has been collected, the purposes for which it is to be used, the risks associated to the processing of your personal information, and the medium on which it is stored. 

‍

Our security measures, which are reviewed and updated as necessary, include:

• physical measures (such as restricted access to our offices);
• organizational measures (such as security clearances); and
• technological measures (such as the use of passwords and the encryption of your personal information).

‍

We make our employees aware of the necessity of maintaining the confidentiality of your personal information and ensure that care is used in the return or destruction of your personal information to prevent third parties from gaining unauthorized access to the same.

‍

Our security measures ensure that your personal information is collected, used, processed and stored only for the specific purposes outlined hereinabove.

‍

Third Parties. Where processing is to be carried out on our behalf by a third party, such third party shall provide us with sufficient guarantees that appropriate physical, organizational and technological measures are in place to meet the requirements of the applicable laws and to ensure the protection of your rights. 
‍

6. RETENTION OF PERSONAL INFORMATION

‍

We only retain your personal information for as long as necessary to fulfill the purposes for which it was collected. Some of your personal information is also retained for the purposes of complying with our legal obligations, resolving potential disputes, enforcing our agreements, supporting our business operations, and for the ongoing development and improvement of our products and services. Where we retain your personal information for ongoing development and improvement of our products and services, we will only use such information to gain general insights about the use of our products and services. 

Your personal information may be retained in copies made for backup and business continuity purposes for additional time. If you have opted to receive marketing communications from us, information related to your marketing preferences will be retained for a reasonable period of time. Information that we derive from cookies and other tracking technologies is also retained for a reasonable period of time.

If our products and services are made available to you through your employer or another organization, and such organization acts as the administrator of the accounts, we retain your information for as long as they may require.

For more information about specific retention periods, you can contact us at privacy@globalvision.co.

‍

7. YOUR PRIVACY RIGHTS AND CHOICES

Depending on where you live or to the extent permitted by law, you may have the right to:
‍

• Access, correct, update, delete, receive a copy of, or restrict use of your personal information.
• Withdraw your consent at any time, in the event that we have collected, used and processed your personal information with your consent. However, any collection, use, and processing of your personal information prior to such withdrawal shall not be affected.

• Object to the processing of your personal information.
• Request that we block or anonymize your personal information, as appropriate.
• Request a copy of your personal information in a machine-readable copy to transfer it to you or a third party.
• Opt-out of marketing communications we send you at any time, by clicking on the “unsubscribe” or “opt-out” link in the communications. It may, however, not be possible to opt-out of certain service-related and other non-marketing communications.
• Opt-out of certain disclosures of your personal information to third parties.
• Complain to the relevant data protection authority in the jurisdiction in which you are located about our collection and use of your personal information.

In accordance with applicable laws, in order for you to exercise any of your rights above, we may ask for proof of your identity and additional forms of verification depending on the nature of the personal information in question. 

Subject to applicable laws, some of these rights may be limited in certain circumstances. For example, we may not be able to fulfill your request to delete your personal information if we need to retain this information in order to comply with our legal obligations, or for other limited business purposes as required or permitted by law. We may also not be able to fulfill your request if by doing so, we would be required to disclose information about another person.

In the circumstances where we process your personal information on behalf of a customer, your request may be referred to such customer, subject to the terms of the applicable contractual agreement we have in place with them.

If you do not provide information indicated by us as required for the use of our products and services, or that is otherwise necessary in order for us to provide our products and services, that portion or all of the products and services may be unavailable to you or you may be provided a different level of service.  

‍

You may opt-out of certain cookie-based tracking activities on our website by consulting our Cookies Policy.

‍

Some browsers have incorporated “Do Not Track” features that can send a signal to the online services that you visit indicating that you do not wish to be tracked. We currently do not respond to “Do Not Track” or similar signals on some of the pages of our website. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

‍

You may exercise any of your rights herein by submitting a request to privacy@globalvision.co.
 

8. TRANSFER OF YOUR PERSONAL INFORMATION
   ‍

GlobalVision is headquartered in Canada and has services providers located in Canada as well in other countries, such as the United States, and your personal information may be transferred, processed and stored in Canada, the United States or other locations outside of your country or region as we deem appropriate from time to time. Your personal information may become subject to the laws of such other jurisdictions, which may not be as protective as the privacy laws in your home country or region. Where required by applicable laws, measures have been put in place to protect your personal information that we transfer across borders.

‍

If you are from the European Economic Area (EEA), the UK or Switzerland, we will protect your personal information when it is transferred outside your home country or region by putting in place appropriate measures as required by applicable data protection laws and regulations. We will transfer your personal information to a territory deemed by the European Commission to provide an adequate level of protection for personal information, put in place technical and organizational measures, or, where appropriate to do so, put in place EU-standard contractual clauses (“SCCs”), to protect your personal information. The SCCs apply automatically to the extent required to legitimize the relevant transfer and are incorporated by reference into the legal terms governing the applicable relationship or interaction. The full text of the SCCs, including the applicable modules and annexes, is available here.
‍

All inquiries regarding transfer of your personal information may be submitted to privacy@globalvision.co.
 

9. CHILDREN’S PRIVACY
   

‍

Our products and services are not intended to be used by individuals under the age of 18 and we do not knowingly collect or use personal information from such individuals. If we become aware that any such individual’s personal information has come into our possession without verification of parental consent, we will delete such information promptly. If you become aware that an individual under the age of 18 has shared their personal information with us, please contact us at privacy@globalvision.co.

‍

10. ORGANIZATION-ADMINISTERED ACCOUNTS

If our products and services are made available to you through your employer or another organization, and such organization acts as the administrator of the accounts, in order to adequately manage the accounts, it will be permitted to do the following:
‍

• require you to reset your account password;
• restrict, suspend or terminate your access to the products and services;
• access and retain information in and about your account;
• access or retain information stored as part of your account;
• change your information, including profile information; and
• restrict your ability to edit, restrict, modify or delete information.

Please contact your organization or refer to your administrator’s organizational policies for more information. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this Privacy Policy.
‍

11. CHANGES TO THIS POLICY
    ‍

We may change this Privacy Policy from time to time based on changes in the laws, our personal information management practices and new business developments. If we make material changes to this Privacy Policy, we will notify you of such changes by email or through a notice posted on our website. All other changes will only be posted on our website. The date of the last update of the Privacy Policy will be indicated to allow you to know when it was changed. In all cases, your continued use of our products and services after the effective date of any changes to this Privacy Policy indicates your acceptance of such changes. We will also archive prior versions of this Privacy Policy for your future reference or review.
 

12. CONTACT US

For all inquiries about your personal information and how it is handled by GlobalVision, you can reach us at:
‍

• Via email:     privacy@globalvision.co

• Via postal mail:   GVE Global Vision Inc.

Attn: Compliance Department

16800 Route Trans-Canada

Kirkland, Quebec, H9H 4M7

Canada
‍

Our Data Protection Officer, or Privacy Officer, who is the Director of Governance, Risk and Compliance, may be contacted at the email or postal address provided above.
‍