Privacy Policy

 

Last Updated: June 11, 2020

Loopio Inc. (“Loopio,””we,” “us,” or “our“) takes the privacy of personal information seriously, we have prepared this Privacy Policy to describe the manner in which we collect, use, share and store personal information in compliance with applicable laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR“).

Loopio is a software as a service platform (“Platform“) to assist companies in curating, reviewing, maintaining and accessing a library of content for responding to Requests forProposals (RFPs), Request for information (RFIs), Due Diligence Questionnaires(DDQs), and Security Questionnaires (the “Services“). A company would become our customer when they contract with Loopio to use our Services. The customer would be the data controller who control the personal information when using our Services and Loopio would be the data processor acting on behalf of the customer. To the extent the California Consumer Privacy Act (“CCPA”) applies to such information, the customer would be the “business” and Loopio would be the “service provider” acting on behalf of the customer.

This Privacy Policy applies to personal information we process in the course of providing the Platform and Services to our customers and to the personal information we collect, such as through our website, www.loopio.com (the “Website“).

COLLECTION AND USE OF PERSONAL INFORMATION

Information we Process on behalf of our Clients:

In the course of providing the Platform and Services to our customers, we may process personal information about our (current, past, present and prospective) customers’ employees or other authorized users of the Services provided by the customer asset out below:

Platform: In order to provide the Platform and Services, we collect business contact information of authorized users or other individuals, as well as personal information that may be contained in RFPs, RFIs, security questionnaires or similar documents which uploaded to and processed on our Platform by our customers. We obtain this information from you or your employer, where they area customer of ours or are otherwise a corporate user of our service.

Support Services: We may collect certain information from you (such as name, email address, your phone number and query) when we provide user support services by phone, email or within the Platform.

Use of the Services: We may monitor use of the Platform by our customers’ employees or other authorized users in order to detect, investigate or prevent any actual or potential violation of our terms and conditions. This information is automatically collected from you when you use the Platform.

We may also generate aggregated, non-identifiable data and use such information to monitor the performance, use and stability of the Platform and to improve the Services.

We require our customers to ensure that they have obtained all authority to provide personal information to us in accordance with applicable privacy laws and to not provide us with any sensitive personal information. Except as set out herein, we do not collect or use personal information from our customers for any purpose other than to provide Services on behalf of our customers.

Information we Collect from you through our Website and other interactions:

Inquiries: If you contact us with an inquiry, you maybe asked for information that identifies you, such as your name, address and a telephone number, along with additional information we need to help us promptly answer your inquiry. We may retain this information to assist you in the future and to improve our customer service and service offerings.

Communications/Publications: We may offer you the ability to sign-up to receive Loopio marketing and promotional communications or download a report, publication or other resources, in which case we collect certain information (such as first and last name, company name, email address or phone number). We use this information to send you the communications you have requested to receive. You can opt-out of receiving promotional email from us by following the opt-out or”unsubscribe” instructions provided in your email or other message, or by contacting privacy@loopio.com. Please note that you will continue to receive transactional and account-related electronic messages from us.

Job Applications: If you apply for a job at Loopio, you may provide us with certain personal information about yourself, such as information contained in a resume/CV, cover letter, or similar employment-related materials. We may also collect personal information from third-party social networking websites including but not limited to, your LinkedIn profile, blog, website or similar portfolio. We may use this information when considering and responding to your application and assessing your suitability for current and future career opportunities.

Feedback & Reviews: We may collect and use customer feedback and/or reviews about our Services to better understand our customers and enhance our product and service offerings. With your consent, we may publish your feedback and/or reviews on our Website or other promotional materials.

Surveys and Customer Research: From time to time, we may offer individuals an opportunity to participate in one of our surveys or other customer research. The information obtained is used in an aggregated, non-personally identifiable form. We use this information to help us understand our customers and to enhance our product and service offerings.

DISCLOSURE OF PERSONAL INFORMATION

As a matter of practice, Loopio does not disclose, trade, rent, sell or otherwise transfer our customers’ personal information, except as set out in this policy. For clarity, in CCPA terms, we do not “sell” the personal information we handle on behalf of our customers.

We may transfer or disclose personal information as follows:

Service Providers: In connection with our Website, Platform or Services, we may transfer(or otherwise make available) personal information to third parties (including cloud-based service providers) who provide services on our behalf. For example, we may use service providers to host our website, store data and provide back-up services, provide customer support software as a service, process customer payments, provide data analytics services, conduct surveys or obtain customer feedback.

Our list of trusted Service Providers (also known as sub-processors) is available upon written request, please contact us at privacy@loopio.com.

Sale of Business: Loopio may transfer personal information as an asset in connection with a prospective or completed merger or sale (including transfers made as part of insolvency or bankruptcy proceeding) involving all or part of Loopio or as part of a corporate reorganization or other change in corporate control.

Legal: Loopio and our Canadian, US (as defined below) and other service providers and affiliates may disclose your personal information in response to a search warrant or other legally valid inquiry or order (which may include lawful access by Canadian, US (as defined below), EEA (as defined below), United Kingdom or other foreign governmental authorities, courts or law enforcement agencies), to other organizations in the case of investigating a breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise required or permitted by applicable Canadian, US or other law. Where a disclosure of our customers’ information is required by applicable law, we promptly notify our customer prior to complying with such requirements (to the extent we are not prohibited from doing so) and fully co-operate with our customer’s instructions with respect to our response.

INTERNATIONAL TRANSFERS

Personal information may be maintained and processed by Loopio or its third-party service providers at a destination outside the European Economic Area (“EEA“)or outside the jurisdiction in which you reside, including the United States of America (“US”) and Canada.

Where personal information is transferred (including information transferred outside the EEA), we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognised legal adequacy mechanism, and that it is treated securely and in accordance with this privacy policy and applicable law.

We may transfer your personal information outside the EEA:

· to store it.

· to enable us to provide our Services, or to fulfil our contract with you or your employer. This includes the provision of the Platform, and of support services.

· Where we are legally required to do so.

· In order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.

INFORMATION ABOUT OUR WEBSITE

Visiting our Website: We collect the IP (Internet protocol) addresses of all visitors to our Website and other related information such as page requests, browser type, operating system and average time spent on our Website. We use this information to help us understand our Website activity, and to monitor and improve our Website.

Cookies: Our Website uses technology called “cookies” (and/or other similar technologies such as device-IDs, in-App codes, pixel tags and web beacons). A cookie is a tiny element of data that our Website sends to a user’s browser, which may then be stored on the user’s hard drive so that we can recognize the user’s computer or device when they return. Cookies may provide us and our service providers with information that we will use to personalize our Website in accordance with a user’s preferences. You may set your browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies from our Website, you may not be able to take advantage of all of the Website features. We may also use a third party to help us gather and analyze information about the areas that users visit on the Website to evaluate and improve the customer experience and the convenience of the Website.

Analytics: We may use a third party such as Google Analytics to help us gather and analyze information about the areas visited on the Website (such as the pages most read, time spent, search terms and other engagement data) in order to evaluate and improve the user experience and the Website. These third parties may use cookies and other tracking technologies. For more information about Google Analytics or to prevent the storage and processing of this data (including your IP address) by Google, you can download and install the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

You can also obtain additional information on Google Analytics’ data privacy and security at the following links: https://policies.google.com/technologies/partner-sites and https://support.google.com/analytics/topic/2919631.

INTEREST-BASED ADVERTISING

We may use third parties such as ad networks and other advertising companies to serve advertisements on our Website and on other websites (including social media sites). These companies may use cookies, tracer tags or web beacons to report certain information about your activity on our Website and other websites and apps (such as web pages you visit and your interaction with our ads and other communications) in order to make predictions about your preferences and deliver ads that are more relevant to you, both on and off our Website (including on social media sites). This information may also be used to evaluate the effectiveness of our online advertising campaigns or to tailor marketing messages to you.

To learn more about interest-based advertising practice and to understand your options, including how you can opt-out of having your information used for online behavioural advertising purposes by participating companies, please visit the Digital Advertising Alliance of Canada (DAAC) at http://youradchoices.ca/choices.

Please note that if you opt-out, you may still receive online advertising from us, but it will not be tailored to your interests based on online behavioural information about you. To successfully opt-out, you must have cookies enabled in your web browser (see your browser’s instructions for information on cookies and how to enable them). Your opt-out only applies to the web browser you use so you must opt-out of each web browser on each device you use. Once you opt-out, if you delete your browser’s saved cookies, you will need to opt-out again.

Third Party Links: Our Website may contain links to other websites that Loopio does not own or operate. We provide links to third party websites as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy policies, notices and terms of use. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat personal information. We encourage you to read the privacy policy of every website you visit.

Social Media: When you engage with Loopio’s content on or through third-party social networking websites, plug-ins and applications, we may have access to certain information associated with your social media account (e.g., name, username, email address, profile picture, gender). We may use this information to personalize your experience on the Website and on the third-party social networking websites, plug-ins and applications, and to provide you with other information you may request.

SECURITY OF PERSONAL INFORMATION

We understand that data security is a critical issue for our customers, and we are committed to safeguarding the personal information in our custody and under our control. We have implemented reasonable administrative, technical and physical safeguards in an effort to protect against unauthorized access, use, modification and disclosure of personal information in our custody and control. Our service providers are given the information they need to perform their designated functions, and we do not authorize them to use or disclose personal information for their own marketing or other purposes.

RETENTION OF PERSONAL INFORMATION

We have personal information retention processes designed to retain personal information for no longer than necessary for the purposes of providing Services to our customers or, with respect to the Website, for the purposes set out in this Privacy Policy or to otherwise meet legal requirements. Generally, this will be until 60 days from the date of termination of the contractual agreement we have with you or the company you work for, or such period as is necessary in the event we need to resolve any legal proceedings.

We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.

ACCESS TO PERSONAL INFORMATION

If we receive a request from an individual to access, update or delete personal information we have collected on behalf of a particular customer in the course of providing the Services, we will direct that individual to the relevant customer. We will assist our customers wherever possible in responding to individual access requests.

If you submit personal information via our Website or otherwise provide us with your personal information, you have the right under certain circumstances to request access, deletion or correction of your personal information, as well as to object to further processing, or request your data be moved to a third party (subject to limited exceptions prescribed by law) by submitting a written request to our Privacy Officer at privacy@loopio.com. We may request certain personal information for the purposes of verifying your identity.

Where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at anytime by contacting us. You can also change your marketing preferences at any time as described in the Communications/Publications section.

If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority, (for example, see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html), who can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.

CHANGES

This Privacy Policy may be updated periodically to reflect changes to our personal information practices. The revised Privacy Policy will be posted on the Website. We strongly encourage you to refer to this Privacy Policy often for the latest information about our privacy practices.

This policy was last updated on June 11, 2020.

CONTACT US

Please contact us at privacy@loopio.com if you have any questions or comments about this Privacy Policy or the way in which we or our service providers treat your personal information.