Privacy Policy

Introduction

LAST UPDATED: MAR 26, 2024

While you use our website (www.sodalessolutions.com) or products, we are processing your Personal Information. You, therefore, have the right to know what we do with it and the choices you have over your Personal Information. Based in Ontario, Canada, out privacy practices comply with Freedom of Information and Protection of Privacy Act (FIPPA) and the Personal Health Information Protection Act (PHIPA) – in addition, our practices also comply with other provincial, national and international standards and follow the ten internationally recognized privacy principles.

In this Privacy Policy (or “Policy”)., when we say “we”, “us” and “our”, we are referring to Sodales Solutions Inc (“Sodales”). When we say “you”, “user” or “individual(s)”, we are referring to the person accessing our website and using our services.

In this Privacy Policy, we will tell you:

  • What Personal Information we are collecting;
  • How and when we ask for your consent to collect, use and disclose your Personal Information;
  • The purposes for which we collect and use your Personal Information;
  • The organizations with whom we may disclose your Personal Information and the purpose of such disclosure;
  • How long we retain your Personal Information;
  • How we secure your Personal Information;
  • Who to contact and how to request access, correction or erasure of your Personal Information;
  • How you can challenge our compliance to this Privacy Policy;
  • How Sodales uses Artificial Intelligence to streamline and optimize various features of the Sodales platform;
  • What happens if we make any change to this Privacy Policy.

Guiding Principles

  • We only collect, use and disclose your Personal Information for purposes that a reasonable person would consider appropriate;
  • We only collect, use and disclose the data that is strictly necessary for the services being provided;
  • Your data is collected, used and disclosed in a transparent, confidential and secure manner.

1. What Personal Information do we collect and in what circumstances do we collect it?

Personal Information means:

  • Any type of information that allow us to identify you, either directly (e.g., name, image, home phone number) or in combination with other information (e.g., license plate number, IP address);
  • This does not include:
    • anonymous or aggregate information that cannot be tracked back to you personally
    • Business contact information; that is, any information that enables you to be contacted in your place of business (for example your name, business telephone number, business address, business email or business fax number)

We collect your Personal Information under the following circumstances:

  • You provide it to us directly;
  • We collect it from external sources, or
  • We collect it by using automated means.

1.1. The Personal Information you provide us directly

In short: During the various interactions we have with you, you may be required to provide us with Personal Information. For example, we collect Personal Information when you connect with us for services. The Personal Information we collect may vary whether you are a customer or a simple user of our website.

In detail: The Personal Information you provide to us directly includes:

  • Profile information, such as names, first names;
  • Demographic information, such as postal address, province, country of residence; e-mail address, telephone number;
  • Transaction information, such as information on billing, invoices, payment details, information necessary for the delivery or porting of an ordered product;
  • User content information, such as Username and encrypted password used to identify you on our sites or applications;
  • Engagement information, such as information on products and services that you purchase, information relating to your purchase history or your commercial relationship with us.

1.2. The Personal Information we collect automatically when you use our services

In short: During each of your visits to our sites and mobile applications, we collect information about your connection and your browsing activity.

In detail: Different technologies can be used to collect this data, for example through cookies. Cookies are small text files that are placed on your computer or mobile applications by websites that you visit. When we talk about “cookies” we are also talking about technologies similar to cookies, such as scripts, pixels, fingerprinting and redirects. Scripts (sometimes called tags) are programs that run in your browser or mobile application and perform various actions, such as sending information to our servers.

Cookies can be implemented by us and also by third-party organizations that are service providers or business partners. Cookies allow us to collect Personal Information on you, and to transmit technical information about the devices you use, the clicks you make, and the content you view.

1.3. Data relating to children

In short: We recognize children’s privacy should be treated differently and we value the involvement of parents and/or guardians in the protection of children’s Personal Information and privacy rights online. As such, our website/mobile applications are not intended for children under the age of 16, and we do not target our services to them.

In detail: We do not provide services directly to children or proactively collect their Personal Information. If we ever decide otherwise, we will update this Privacy Policy to adapt it specifically to children and put into place age verification process.

2. For what purposes do we collect, use or disclose your Personal Information?

In short: We collect Personal Information for specific purposes, and we limit the collection, use and disclosure of your Personal Information to what is necessary. Unless required by law or for exceptions set out in applicable legislation, we will not use or disclose for any new (not previously-identified) purpose without your consent.

In detail: We collect, use or disclose your Personal Information for the following purposes:

  • to verify your identity,
  • to provide you with our products and services,
  • to establish a relationship with you,
  • to meet our legal obligations,
  • to ensure a high standard of service to our members and prospective customers;
  • to understand the product and service needs of our members and prospective customers;

In addition, we are implementing cookies for the following purposes:

  • Some cookies are necessary for our site to function. Without them, your user experience would be degraded. For example, we use them to remember your choice of language, to adapt our content to your device, and for ensuring the security of our authentication mechanisms.
  • We use other cookies to measure our audience engagement (“web analytics”), which includes establishing statistics of volumes and visits, for targeted advertisement on our site, for personalizing your activity on our website, and for allowing you to share your Personal Information on social media platforms.

3. How do we obtain your consent?

In short: We will obtain your consent, whether express or implied, to collect, use or disclose Personal Information. There are also some situations where we are authorized by law to do so without your consent. In determining the appropriate form of consent, we will take into account the sensitivity of the Personal Information and your reasonable expectations.

In detail:

3.1. When do we collect your express consent?

Express consent occurs when you provide us Personal Information voluntarily after we have presented you with the purpose of the collection of our information. It can be given in writing or verbally.

When we rely on your express consent, you will always be prompted to take a clear affirmative action so that we can ensure that you agree with the collection of your Personal Information.

Before obtaining your consent, we will systematically inform you of the purposes of the collection, use and disclosure.

3.2. When do we collect your implied consent?

Implied consent occurs when you voluntarily provide us Personal Information for a reasonable purpose that you consider appropriate (for example, when you provide us with your home address so that we may deliver products for you, or when you provide us with your email address so that we may send you a verification code).

Your consent may also be implied if we give you notice and a reasonable opportunity to opt-out, and that you do not opt-out (for example, if you call us on the phone, we may inform you that your conversation may be recorded for improving our customer management services. If you do not opt-out, this will be considered as implied consent).

3.3. The limited situations where we do not collect your consent.

There are limited situations as permitted under legislation where we will not collect your consent, including the following:

  • When the collection, use or disclosure of Personal Information is permitted or required by law;
  • In an emergency that threatens your life, health, or personal security;
  • When your Personal Information is available from a public source (e.g., a telephone directory);
  • When we require legal advice from a lawyer;
  • For the purposes of collecting a debt;
  • To protect ourselves from fraud;
  • When the disclosure is carried out in the context of a business transaction, prospective party, for the purpose of deciding whether to proceed with a business transaction or not;
  • To investigate an anticipated breach of an agreement or a contravention of the law.

3.4. How to withdraw your consent or to refuse cookies?

Subject to certain exceptions (e.g., the Personal Information is necessary to provide the service or product, or the withdrawal of consent would impede the performance of a legal obligation), you can withdraw your consent to use your Personal Information.

If you withdraw your consent it may restrict our ability to provide a particular service or product. If this is the case, we will inform you beforehand of the implications of withdrawing your consent.

If you no longer wish to receive marketing or commercial communications from us, you may withdraw your consent at any time; all you need to do is to send us an email at privacy@sodalessolutions.com or click on the “unsubscribe link” at the bottom of our email to you.

At any time, you can also refuse or choose to delete any cookies already on your computer or disable certain types of cookies. However, please note that your experience on our website may be impacted. To delete cookies or initiate “Do Not Track” signals on your browser, you can refer to your internet browser’s “Help” guide in the browser menu to walk through the specific requirements.

4. To whom do we disclose your Personal Information?

4.1. Disclosure to employees within our organization

In short: Disclosure happens if we make Personal Information available within or outside of our organization. We commit to disclose your Personal Information to a limited number of individuals within our organization.

In detail: The following individuals within our organization may have access to some of your data: Employees of subscription services, key relations clients, administrative, accounting and management control, IT and marketing & sales. Access to your data is based on individual and limited access permissions. Staff who can access Personal Information are subject to an obligation of confidentiality and are specifically trained in privacy regulations.

4.2. Disclosure of your Personal Information to external organizations

In short: In certain circumstances, we may disclose your Personal Information to external organizations or public authorities. We do not and will not sell any Personal Information to third parties for marketing or any other parties for commercial purpose.

In detail: The following entities may have access to your Personal Information

  • Service providers that collect, use or disclose your Personal Information on our behalf

These service providers (such as SAP) have access to your Personal Information for uses consistent with the reasons for which we collected it initially. Your information will be treated with the same level of privacy and security as we are committed to providing and will not be used for other purposes than that which we authorize.

  • Police authorities, judicial or administrative authorities

We may disclose your Personal Information when we are required or authorized by law to cooperate with local, national or international law enforcement or other authorities for the reporting of and/or investigation of improper or unlawful activities, or if we need to comply with court orders.

5. Do we transfer your Personal Information outside Canada?

In short: Our business partners as well as third party service providers that process or store your Personal Information on our behalf may be located outside of Canada.

In detail: Unless there is a legal or regulatory requirement to store, access and/or use Personal Information in Canada, we may use third party platforms located outside of Canada to process and/or store Personal Information for us. Please note that Personal Information in the custody of these third-party platforms may be subject to access by the law enforcement authorities of those jurisdictions in which the third parties are located.

6. How do we safeguard your Personal Information?

In short: Your Personal Information is important to us, and we take all reasonable precautions with regards to the risks created by the processing that we carry out to preserve the security of your Personal Information and to prevent their alteration and damage, or any access by non-authorized third parties.

In detail: As we are responsible for your Personal Information, we implement appropriate technical and organizational measures in accordance with applicable legal provisions to protect your Personal Information against alteration, accidental or unlawful loss, use, disclosure or unauthorized access. Safeguards include physical, organizational and technical measures including, but not limited, to:

  • The creation of a unit dedicated to the security of information systems;
  • Raising awareness of the confidentiality requirements of our employees who have access to your Personal Information;
  • Securing access to our premises and to our IT platforms;
  • The implementation of a general IT security policy for the company;
  • Firewalls, anti-virus, strong passwords and software solutions for technical security

7. How do we ensure that the Personal Information we hold on you is accurate?

In short: We will ensure that the Personal Information we hold on you is as complete and up to date as is necessary for the purposes for which it is to be used. You may request that we correct any errors or omissions by writing to privacy@sodalessolutions.com.

In detail: We have established internal procedures to preserve the accuracy of the Personal Information that we receive. If you believe that the Personal Information we collect, use and disclose is not accurate, you can send us a request to correct Personal Information. This request must be made in writing and to privacy@sodalessolutions.com. You should provide sufficient detail to identify the Personal Information and the correction being sought.

We will update Personal Information as and when necessary to fulfill the identified purposes, or upon your notification.

We will note in your file any unresolved differences as to accuracy or completeness. Where appropriate, we will transmit to third parties having access to the Personal Information in question, any amended information or request for amendment.

8. How can you request access to your Personal Information?

In short: You have the right to access to your Personal Information. Your request for access must be made in writing at the following address privacy@sodalessolutions.com.

In detail: You have the right to access to your Personal Information, to information about the ways in which your Personal Information is or has been used, and to the names of the individuals and organizations to which your Personal Information has been disclosed. If your Personal Information is stored in electronic form, you will have the option to receive a copy of the information in electronic or paper form.

Your request for access must be made in writing. You may be required to prove your identity before we give you access to your Personal Information.

We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request.

A minimal fee may be charged for providing access to Personal Information. Where a fee may apply, we will inform you of the cost and request further direction from you on whether or not we should proceed with the request.

9. How can you request that we erase your Personal Information?

In short: You may ask us to erase Personal Information we have on you, or choose to close your account.

In detail: At any time and without penalty, you can close your account or ask us to remove pieces of information by sending an e-mail to privacy@sodalessolutions.com.

If you wish to have any of your information removed from our databases, or if you no longer want us to send any further communications to you, you can send an e-mail to privacy@sodalessolutions.com. Where your information is stored with our third parties, we will proceed as necessary to remove your information as requested.

If you decide you no longer want us to send you further communications, we may still contact you for administrative purposes (for example, to notify you of a change to our website, change to this Privacy Policy, if there is a service interruption or if there is a product recall for a purchase you have made).

Kindly note that we may be required by law to maintain some of your Personal Information.

10. AI Disclaimer

10.1 Introduction

Sodales leverages artificial intelligence (“AI”) to streamline and optimize various features of the Sodales platform. This AI disclaimer (“Disclaimer”) explains how Sodales uses AI within its platform and provides our customers information about the benefits and risks of AI technology.

10.2 AI Capabilities

Certain features of our platform utilize AI to automate various tasks related to health, safety, employee, and labor relations management. These AI-driven features are powered by SAP Business AI and are designed to streamline processes and improve the accuracy and applicability of our platform. It’s important to note that while AI plays a role in these features, our platform and algorithms are developed and maintained with a focus on fairness, transparency, and ethical considerations. Sodales is committed to upholding the highest standards of compliance and accountability. We regularly review and update our AI practices to align with evolving laws, regulations, and industry best practices.

10.3 Accuracy of Information

AI uses machine learning models that generate outputs based on patterns in data. Sodales is constantly working to make our platform’s outputs more accurate, reliable, and beneficial. While we strive to provide accurate and up-to-date information, Sodales cannot guarantee the accuracy, completeness, or reliability of any feature of our platform that utilizes AI. Given the probabilistic nature of AI technology, customers are advised to verify the accuracy of information provided via platform features that use AI, including by manually reviewing an output for their use case.

10.4 Customer Data Privacy

At Sodales, we are committed to protecting the privacy and security of our customers’ data. Our privacy practices comply with applicable Canadian federal and provincial privacy laws. Please refer to sections 1 through 6 to see how we process customer data. We do not, under any circumstances, use customer data for purposes other than those explicitly outlined in our customer agreements and our privacy policy. For clarity, unless expressly authorized in customer agreements, Sodales does not use customer data to train or improve AI that is incorporated in our platform.

10.5 Decision Making

Sodales itself does not use automated decision-making technologies to make automated decisions about customers or individuals within a customer’s organization. However, our platform does provide AI-powered features to help our customers enhance their decision-making with respect to individuals within their organization. Certain jurisdictions impose legal obligations on organizations using automated decision-making technologies. We are happy to answer any questions you may have about how Sodales uses AI but please note that this Disclaimer is not intended to serve as legal advice regarding your organization’s obligations with respect to use of automated decision-making technologies.

By using Sodales, you acknowledge that you have read, understood, and agreed to this disclaimer. If you do not agree with any part of this disclaimer, you should refrain from using our software. Sodales reserves the right to update or modify this disclaimer at any time without prior notice.

NOTE: Please note that this Disclaimer is provided to customers for informational purposes only and is not intended to be a replacement for qualified legal advice.

11. How do we remain accountable and how can you challenge our compliance?

In short: Our Privacy Officer is responsible for the creation, oversight and implementation of our privacy management program and procedures to protect your Personal Information. We have established procedures for addressing and responding to all inquiries and complaints you may have regarding our handling of your Personal Information. You may contact us at privacy@sodalessolutions.com.

In detail: We will investigate all complaints concerning compliance with this Policy in a timely manner. If a complaint is found to be justified, we shall take appropriate measures within 72 hours of the receipt of the inquiry to resolve the complaint including, if necessary, amending policies and procedures.

If we are unable to resolve the concern, you may write to:

Information and Privacy Commissioner of Ontario

2 Bloor Street East

Suite 1400 Toronto, ON M4W 1A8

12. What happens if we make changes to this Policy?

In short: We may update this Policy to reflect changes to our information practices but we will not reduce your rights under this Privacy Policy without your express consent.

In detail: We will post any changes to this page and, if the changes are significant, we will provide a more prominent notice. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to periodically review our Privacy Policy for the latest information on our privacy practices and to contact us if you have any questions or concerns.

If you have any questions or concerns about this Policy, please feel free to contact us at privacy@sodalessolutions.com.