Privacy Statement and Policy
Invero identifies the purposes for which the information is being collected before or at the time of collection. The access to or collection of Personal data will be limited to that which is needed for the purposes identified by Invero. Unless you consent, or we are required by law, we will only use the personal data for the purposes for which it was collected. If Invero is processing your personal data for another purpose, later on, Invero will seek your further legal permission or consent, except where the other purpose is compatible with the original purpose. We will keep your personal data only as long as required to serve those purposes. We will also retain and use your personal data for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
1. Our Collection of your Information
1.1 Personal information from you as our customer
As our customer, the information we collect may include your personal information, such as your name, contact information, IP addresses, interactions that may occur from email or online communications in the day to day process of working with you. We collect personal information from you at several different points, including but not limited to the following:
- when we correspond with you as a customer or prospective customer;
- when you visit our website or use any platforms we have developed or are hosting for you;
- when you contact us for help;
- when you attend our customer conferences or webinars;
1.2 Personal information from you as it relates to your customers/citizens/stakeholders in the day to day operations of our business relationship
As our customer, we may access or be exposed to Personal Information on your systems that are considered private at several different points, including but not limited to:
- when analyzing, migrating, supporting or upgrading your systems;
- when managing, updating or supporting your systems’ infrastructure;
- when reviewing or developing analytics or business reporting based on data contained within your systems.
Our Use of your Personal information
2.1 Use of information that we collect about you
Invero may use the information collected about you as listed in item 1.1 in the following ways:
- to deliver the products and services that you have requested;
- manage our customer relationship with you and provide you with customer support;
- perform research and analysis about your use of, or interest in products or services that may be of value to your organization;
- enforce our terms and conditions;
- manage our business, and
- perform functions as otherwise described to you at the time of collection.
2.2 Use of information that we access about your customers / citizens / stakeholders
Invero will never use any information accessed in your systems for any purposes other than the support management and maintenance of your systems. Unless specifically asked to do so by you, Invero will not store or maintain copies of any Personal data from your systems, outside of your systems and infrastructure. Any data that you request Invero to store will remain resident in Canada and encrypted as per the Government of British Columbia core information technology storage practices
2.3 Information from your systems may be used in the following ways when accessed
- to securely assess and troubleshoot any system issues;
- to facilitate test data for your or our teams during system development;
- to develop and present analytics or business intelligence data for your business purposes;
2.4 Our Disclosure of your Personal Information to Third Parties
- We may provide information or access to vendors or third-party contractors who perform functions on our behalf, including but not limited to:
- hosting and maintenance services,
- virtual infrastructure,
- payment processing,
- as required by law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to Invero; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss; to report suspected illegal activity or to investigate violations of our agreements or company policies; to enforce our terms and conditions, to protect the security or integrity of our products and services, and
3. Our Security Measures to Protect your Personal information
3.1 Data Security
Invero will take reasonable steps to protect the Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Invero has put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the Personal Data from loss, misuse, unauthorized access or disclosure, alteration, or destruction. However, Invero cannot guarantee the security of Personal Data on or transmitted via the Internet.
3.2 Data Integrity and Purpose Limitation
We shall only process Personal Data in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, Invero shall take reasonable steps to ensure that Personal Data is accurate, complete, current, and reliable for its intended use.
We acknowledge the individual’s right to access their Personal Data. We shall allow an individual access to their Personal Data and will enable the individual the opportunity to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. Individuals may contact our Privacy Officer via email at firstname.lastname@example.org to request to access, correct, amend, or delete the personal information Invero holds about you.
In cases where Invero is accessing or managing Personal information on behalf of a client, individuals must contact the client to arrange access.
4. Accuracy of Personal Data
We do our best to ensure that the personal data we hold and use is accurate. We rely on the customers we do business with to disclose to us all relevant information and to inform us of any changes.
5. Notice to End Users
FOIPPA requires that anytime an organization collects Personal information, notice must be given to the person providing the information. If Invero is collecting private information from a customer for our own use, we will provide the following notice:
Where systems Invero supports collects personal information on behalf of our clients, but are owned by our clients, our client organization is responsible for the processes and policies related to the collection by those systems. We are not responsible for the privacy practices of our clients, which may be different than this policy.
7. Contacting Us
“Personal Data” means:
any recorded information about an identifiable individual other than their business contact information. Personal information includes information that can be used to identify an individual through association or inference.
Personal information includes, but is not limited to:
- Name, age, sex, weight, height
- Home address and phone number
- Race, ethnic origin, sexual orientation
- Medical information
- Health care history, including physical or mental disability
- Number or symbol assigned to the individual
- Income, purchases and spending habits
- Blood type, DNA code, fingerprints
- Marital or family status
- Financial information
- Criminal information
- Employment information
- Personal views or opinions, except if they are about someone else