- Visit invixium.com (including any subdomains of this website or other websites owned by us or operated on our behalf) (the “Website”);
- Download our application IXM Mobile (the “Application”);
- Use any part of our services via the Website or the Application (the “Services”);
- Download or otherwise use any part of our software (the “Software”, and collectively with the Website, the Application, the Services, and any other product or service we provide, the “Solution”).
- Our registered office is 111 Gordon Baker Road, Suite 300, Toronto, ON M2H 3R1.
It is clarified that this Policy refers to PII we receive from any of our Services, thus not all of the Policy’s provisions necessary apply to both Website and Application.
Your privacy is important to Invixium.
We wish to make sure you know how we collect, use, share and store your personal data when you use our solutions.
By using the Application, the Services, or the Software, you consent to the privacy practices described in this Policy.
Our Services are for general audience and are neither designed nor intended to collect PII from children or minors. We do not knowingly collect personally identifiable information of persons below the age of 18. If you become aware that someone under the age of 18 has provided us with PII, please contact us.
This Policy covers our collection, use and disclosure of your information through the Solutions and the Website. It does not cover any collection, use or disclosure by third parties through any applications, websites, solutions or services that we do not control or own.
Please note: if your use of the Solution or any of the Services is pursuant to an invitation from, or subject to a license purchased by, a customer of ours which is an organization with which you are affiliated or connected (an “Organizational User”), the Organizational User is the Controller or Owner of your personally identifiable information. In such case, we are merely a processor of the personally identifiable information on behalf of the Organizational User. Your data as an end-user will still be collected and processed as described hereunder. However, in those cases, your information is under the responsibility of the Organizational User, and any inquiry or complaint regarding your personally identifiable information should be addressed directly to it.
A Summary of The Policy
1. Information That We Collect
As part of using any of our Services, the following information may be collected and processed by us:
- your personally identifiable information, including contact and registration information such as your name, your organization’s name, email address, phone number, etc.
- payment details in order to process payments if you make any purchases.
- contact info per any “Contact Us” form or “Newsletter Subscription” on the Website.
- technical information related to you, such as IP addresses, browser information, mobile device information etc.
- certain marketing or analytics or usage data, such as Cookies, Pixels, Web beacons, etc.
- aggregated information such as statistical or usage data for any purpose. Such aggregated and statistical data may be derived from your personally identifiable information but does not reveal your identity.
2. How We Use Personally Identifiable Information
We use personally identifiable information to provide the Solution, improve and develop it, provide better support, improve your user experience, contact you or provide with information regarding our services, and protect us and the Solution from misuse and law violations.
3. Information Sharing and Disclosure
We share information when we use service providers, for example, to process payments or host the services. We may transfer information when we change our corporate structure, and we will also share information when required to do so by law enforcement or compliance requests. When your use of the Solution is under an Organizational User, your personally identifiable information is shared with such organization.
4. Your California Privacy Rights
If you are a California resident, you may have certain rights. You can also request information about the third parties that we have disclosed your personally identifiable information to during the preceding year for their direct marketing purposes, and the types of categories of such personally identifiable information.
5. Your Choice
You may opt-out of our mailing lists (except for operational emails) and terminate your use of the Services via the Website, or the application by applying the Organizational User. Our Services does not respond to Do Not Track (DNT) signals.
6. Accessing Your Personally Identifiable Information
At any time you can request to receive your personally identifiable information collected by us while using the Services via the Application.
7. Your EU Data Subject Rights
If we process your personal data when you are in the EU, further terms apply to our processing in relation to your rights as a data subject under EU data protection laws.
8. Data Retention
We retain data to provide the Services and for legitimate and lawful purposes.
9. Information Security
We implement systems, applications and procedures to secure your personally identifiable information, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information.
10. Our Policy Towards Children
If you are under the age of 18, you do not have permission to use the Application.
11. Dispute Resolution
Contact us at: email@example.com or write to us for any request or complaint. We will make good-faith efforts to resolve any existing or potential dispute with you, but reserve all rights to handle disputes through courts and authorities of competent jurisdiction to which this Policy is subject.
We may update our Policy from time to time and give you notice once it is completed.
- Contact Us– Please contact our Privacy team at: firstname.lastname@example.org for further information.
1. Controller and Processor
Where you are a browser or visitor of our Services, or contacting us directly, we process your personally identifiable information as the controller, meaning that legally, we deem as the owner of you personally identifiable information. In those cases, and for GDPR purposes, we assume the role of Data Controller, and any of our external supplier shall be deemed as Data Processor.
Where you use the Solution or any of the Services under an Organizational User, we merely process your personally identifiable information on behalf of the Organizational User which is the owner of your personally identifiable information. In those cases, and for GDPR purposes, the Organizational User is the Data Controller, and we assume the role of Data Processor. That means, that in those cases your personally identifiable information is being managed under the control and instructions of the Organizational User, which is responsible for the lawful basis for processing (the legal justification allowing the processing), including any consent or disclosure relevant. Therefore, any inquiry or complaint regarding your personally identifiable information should be addressed directly to the Organizational User. With no prejudice to any of our legal obligations as a Processor, we are not responsible for the actions nor use of the Organizational User pertaining to your personally identifiable information.
2. Information That We Collect
“Personally identifiable information” or “Personal Data” means any information about an individual from which that person can be identified.
As a condition to your use of the Solution, we will ask you to provide us with certain personally identifiable information that we can use to contact or identify you and administer your account.
Personally identifiable information may include your name, organization’s name, email address, telephone number, contact person details.
When you contact us, or when we contact you, we will receive and process any personally identifiable information that you provide us.
When you use the Solution, we may collect the following, as applicable:
- Information regarding your use of the Solution and all information provided by you or recorded while you use the Solution, including your preferences and other data relevant for customizing the Services for you;
- Information on your usage of the Solution and download errors, as well as information related to your use of the Website that your browser sends whenever you visit the Website or use the Solution (collectively “Log Data”). This Log Data could include, for example, your computer’s Internet Protocol address, browser type, login information, the web page you were visiting before you came to the Website and information you search for on the Website;
- Aggregated Data, allowing us, inter alia, to analyze and better understand your use of the Services including the full website (uniform resource locators (URL)) clickstream (history) to, through and from our Website (including date and time) etc.;
- Solutions you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), and methods used to browse away from the page.
When you use a widget or any other tool that may be offered by us, whether on the Website or on a third party website, including a website owned or operated by you, we may record data related to that activity, the deployment of the widget or tool and any other account related data.
Like other websites, our Website also uses “cookies” to collect information. A cookie is a small data file that is being implemented in your computer’s hard disk for record-keeping purposes.
We use “persistent cookies” to save your username and login credentials for future logins to the Website. We use “session ID cookies” to better understand how you interact with the Website and to monitor web traffic routing on the Website. We also use “Analytics Cookies” or “Targeting Cookies” for better understanding yours, and other users’, needs and preferences to improve our Services and/or serve you with targeted advertisements that we believe will be relevant to you.
You can instruct your browser, by changing its options, or use the Cookies bar installed on the Website, to stop accepting cookies or to prompt you before accepting a cookie from the website you visit. If you do not accept cookies, however, you may not be able to use all portions of the Website.
Links to Other Websites
Links to other websites are presented in a format that enables us to keep track of whether these links have been followed.
Third Party Sites
These other sites may place their own cookies or other files on your machines, collect data or solicit personally identifiable information from you. Other websites follow different rules regarding the use or disclosure of the personally identifiable information that you submit. We encourage you to read the privacy policies and other terms of the other websites.
If you are voluntarily making a job application or inquiry through the Website, you may provide us with a copy of your CV or other relevant information that contains your personally identifiable information.
We will ask for your consent to use and save the information that you provide in your job application and will use this information for the purpose of considering your application or inquiry. Except when you explicitly request otherwise, we may keep this information for future reference.
If you participate in surveys through the Website, we may use your personally identifiable information to carry out market research. This research is conducted for our internal business and training purposes and will improve our understanding of our users’ demographics, interests and behavior.
This research is compiled and analyzed on an aggregated basis and therefore does not individually identify any user.
We use subsets of information collected through the Solution and the Website in aggregated non identifying information (“Aggregated Data”) to compile statistical information and insights related to performance or use of the Solution and Website, and use such statistical information and insights for improving and developing solutions, generating reports, customizing Solutions and other uses specified in Section 2 (including without limitation for research purposes or public use in aggregated non identifying form). For further information on how we transfer and use such Aggregated Data, see the Transfer of Aggregated Data section in this Policy.
3. The Purposes of processing PII and Non-PII
Personally identifiable information may be used for the following purposes:
- to provide you with any of our Services, including the Solutions and the Application,
- to administer your use of the Solution and any accounts you may have with us, to personalize your experience,
- to monitor and analyze your use of the Solution or any of the Services,
- to improve your user experience and help you track your wellness,
- to provide to you product announcements,
- to provide you with further information and offers from us or third parties that we believe you may find useful or interesting, such as newsletters, marketing or promotional materials,
- to comply with court orders and warrants, and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of the Service, and to take any action in any legal dispute or proceeding.
- to improve the Website, the Solution and their accuracy,
- to contact you as per your request, manage our correspondence with you and provide you with customer service,
- as described in Section 4: Information Sharing and Disclosure.
We use information that is not personally identifiable for the above purposes and for:
- the technical administration of the Website,
- collecting and analyzing the use of the Website,
- improving the Website, the Solution, and any of the Services,
- generating and deriving useful data and information concerning the interests, characteristic use behavior of our users,
- verifying that users of the Solution meet the criteria required to process their requests, and
- Using the Aggregated Data as described herein.
Purchase of Solutions and Services
If you purchase or use our Solutions or Services via the Website, we may use your personally identifiable information, as applicable, and (where applicable) payment information for purposes which include but are not limited to:
- verifying your credentials;
- verifying your usage of the Solutions and/or Services in accordance with the terms and conditions of your agreement with us;
- providing training sessions for which you have registered;
- providing maintenance and technical support;
- providing information about solution upgrades, updates and renewals;
- generating logs, statistics and reports on service usage and service performance;
- developing and enhancing solutions and services;
- processing orders and generating billing information.
We will use collected information in order to contact you if necessary, including, but not limited to, sending you reminders and notices about the Solution, sending commercial and marketing information about our Service, contacting you when you are using wrong paths to access the Website or are breaching restrictions on the use of the Website. If you decide at any time that you no longer wish to receive such announcements, information or offers, please follow the unsubscribe instructions provided in the communication. We may also use this information to block IP addresses where there is misuse of the Website.
4. The Legal Basis for the processing of your information under GDPR
We will only process and use your Personally identifiable information when the law allows us to, i.e., when we have a lawful basis for such usage (in terms of the GDPR). Such lawful and legal basis can be any of the following:
- Processing actions related to your requests or to carry out our obligations arising from any contracts entered between you and us. For example, providing you with our Services per your demand or purchase, or contacting you per “Contact” form filled by you;
- Our use of your information is necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal obligations;
- Our use of your information is in our legitimate interest as a commercial organization. For example, to operate and improve our Services and keep people informed about our Solutions and Services. In these cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights, making sure our legitimate interest is not overridden by your interests or fundamental rights and freedoms.
As detailed above, we do not rely on consent as a legal basis for processing your personally identifiable information. Yet, in any case, in which you have provided your consent to our processing of your information, you can withdraw this consent at any time by contacting us through the contact details provided above.
5. Information Sharing and Disclosure
We do not sell, rent or lease your personally identifiable information. We may disclose your personally identifiable information to third parties in a variety of circumstances in the ordinary course of operating our business, such as:
We may employ third party companies and individuals to facilitate the Solution, to provide the Solution on our behalf and to perform services related to administration of the Solution or the Website. These third parties have access to your personally identifiable information only to perform the tasks for which we are retained. In addition, in any such case we will take steps to ensure the security and privacy of your personally identifiable information, and it will be subject to contractual terms ensuring the security and protection of any personally identifiable information under any such sub-processor, under applicable law provisions;
When your use of the Solution is pursuant to the invitation from, or subject to a license purchased by an Organizational User, the Organizational User will have access to all or parts of the information related to you (including without limitation personal identifying information) provided by you or collected through the applicable Solution. When you use a Solution pursuant to such license or invitation, we understand that you have provided the Organizational User with your consent for sharing of your information with the Organizational User. While we require of our Organizational Users to abide by requirements substantially similar to these terms and by applicable law we cannot (and do not) ensure such compliance, and under no circumstances we will be held responsible for the Organizational User actions.
Compliance with Laws and Law Enforcement
We cooperate with government and law enforcement officials and private parties in response to lawful requests and to comply with the law. We will disclose any information about you to government or law enforcement officials or private parties if we believe it necessary:
- to respond to lawful requests by public authorities, including to meet law enforcement or national security requirements, claims or legal processes (including but not limited to subpoenas);
- to protect our or a third party’s property rights;
- to protect the safety of the public or any person;
- to prevent or stop any activity we may consider to be posing a risk of being illegal, unethical, inappropriate or legally actionable.
We may sell, transfer or otherwise share some or all of our assets, including among others your personally identifiable information and Log Data, in connection with a merger, acquisition, reorganization or sale of all or substantially all of our applicable assets, or in the event of our bankruptcy.
Transfer of Aggregated Data
We may share Aggregated Data generated as a result of your use of the Solution, that includes non-personally identifiable information, anonymized aggregated personal information and/or Log Data, with third parties for industry analysis, demographic profiling, other commercial purposes and to deliver targeted advertising about other solutions and services.
We use the standard, commonly use analytics tools such as Google Analytics and we will use additional or other analytics tools, from time to time, to learn about how you and other users use the Services, in support of our Services-related activities and operations. The privacy practices of these tools are subject to their own privacy policies.
It is clarified that any Aggregated Date shared in these contexts is based on anonymous, statistical or aggregated information and we share it with our partners only for legitimate business purposes. It does not contain personally identifiable information and it has no effect on your privacy, because there is no reasonable way to extract data from the aggregated information that we or others can associate specifically to your personally identifiable information.
6. Your California Privacy Rights
We may collect the following categories of personal information from and about you: (a) Identifiers such as a name, telephone number, postal address, email address, account name, login information, IP address, or other similar identifiers; (b) financial information such as your credit/debit card details and your bank account details; (c) commercial information such as your payment transaction details from the payment service provider that processed your payments; (d) Internet or other electronic network activity information, including your browser type, the web page you visited before you came to the Website, and information you search for on the Website; (e) professional or employment-related information, such as your company name.
California law requires that a business provide in its privacy notice a list of the categories of personal information it has in the preceding 12 months (1) disclosed for a business purpose, and (2) disclosed in exchange for valuable consideration (considered a “sale” under California law, even if no money is exchanged), as well as the categories of third parties to whom each category of personal information was disclosed or sold.
California law also grants its residents certain rights regarding the collection and use of their personal information. Subject to certain limitations, California residents have the following rights:
- Right to know. You have the right to know and request information about the categories and specific pieces of personal information we have collected about you within the last 12 months, as well as the categories of sources from which such information is collected, the purpose for collecting such information, and the categories of third parties with whom we share such information. You also have the right to know if we have sold or disclosed your personal information.
- Right to delete. You have the right to request the deletion of your personal information, subject to certain exceptions.
- Right to non-discrimination. You have the right to not be discriminated against for exercising any of the above-listed rights. We may, however, provide a different level of service or charge a different rate reasonably relating to the value of your personal information. If you are a California resident and would like to exercise any of the above rights, please submit your request via email at: email@example.com.
Please note that we may require additional information from you in order to honor your request, and there may be circumstances where we will not be able to honor your request. For example, if you request deletion, we may need to retain certain personal information to comply with our legal obligations or other permitted purposes. We will only use personal information provided in a verifiable consumer request to verify your identity or authority to make the request. If you are submitting a request through an authorized agent, the authorized agent must provide us with your signed written permission stating that the agent is authorized to make the request on your behalf. We may also request that any authorized agents verify their identity and may reach out to you directly to confirm that you have provided the agent with your permission to submit the request on your behalf.
Finally, if you are a California resident, California Civil Code Section 1798.83 permits you to request in writing a list of the categories of personal information relating to third parties to which we have disclosed personal information during the preceding year, for the third parties’ direct marketing purposes.
To make such a request, please contact us at: firstname.lastname@example.org.
7. Your Choice
At any time, you can unsubscribe from our mailing lists (except for operational emails) by sending us an opt-out request to: email@example.com or by clicking on the “Unsubscribe” link at the bottom of all our emails.
Note that if one of our customers uploaded content to our Services with your personally identifiable information, then you can contact our customer who uploaded that content and request to remove your personally identifiable information.
At any time, you can exercise your following opt-out options:
- object to the disclosure of your personally identifiable information to a third party, other than (a) to third parties who act as our agents to perform tasks on our behalf and under our instructions, (b) when your use of the Solution pursuant to the invitation from, or subject to a license purchased by, an Organizational User, in which case your information will be shared with the Organizational User so long as you use the Solution as aforementioned; or
- object to the use by us of your personally identifiable information for a purpose that is materially different from the purposes for which we originally collected such information, pursuant to this Policy, or you subsequently authorized such use.
You can exercise your choice by contacting us at: firstname.lastname@example.org.
We request and collect minimal personally identifiable information that we need for the purposes that we describe in this Policy. Following the termination or expiration of the Services, we will stop collecting any personally identifiable information from or about you.
However, we will store and continue using or making available your personally identifiable information according with our data retention section in this Policy.
8. Accessing Your Personally Identifiable Information
If you find that the information on your account is not accurate, complete or up-to-date, please provide us the necessary information to correct it. At any time, you can contact us at: email@example.com and request to access the personally identifiable information that we keep about you. We will ask you to provide us certain credentials to make sure that you are who you claim to be and to the extent required under the applicable law, will make good-faith efforts to locate your personally identifiable information that you request to access. If you are eligible for the right of access under the applicable law, you can obtain confirmation from us of whether we are processing personally identifiable information about you, and receive a copy of that data, so that you can –
- verify its accuracy and the lawfulness of its processing;
- request the correction, amendment or deletion of your personally identifiable information if it is inaccurate or if you believe that the processing of your personally identifiable information is in violation of the applicable law.
We will use judgement and due care to redact from the data which we will make available to you, personally identifiable information related to others.
9. Your EU Data Subject Rights
If EU data protection laws apply to the processing of your personal data by Invixium, then the following terms apply: for the purposes of the Services provided through the Application pursuant to an invitation from an Organizational User, we are a data processor and our customers are data controllers, or data processors as well. Where you are a direct user of the Solution, we process your personal data as a data controller, the processing is based on the following lawful grounds:
- All processing of your personal data which are not based on the lawful grounds indicated below, are based on your consent;
- We process your account and payment details to perform the contract with you.
- We will process your personal data to comply with a legal obligation and to protect your and others’ vital interests;
- We will further rely on our legitimate interests, which we believe are not overridden by your fundamental rights and freedoms, for the following purposes:
- Communications with you, including direct marketing where you are our client or a user of our client or Organizational User, or where you make contact with us through our website and other digital assets;
- Cyber security;
- Support, customer relations, service operations;
- Enhancements and improvements to yours and other users’ experience with our services;
- Fraud detection and misuse of the Service.
Where Invixium processes your personal data as a data processor, then in addition to your rights under other sections in this Policy, you have the following rights:
AT ANY TIME, CONTACT US AT EXPERIENCE@INVIXIUM.COM IF YOU WANT TO WITHDRAW YOUR CONSENT TO THE PROCESSING OF YOUR PERSONAL DATA. EXERCISING THIS RIGHT WILL NOT AFFECT THE LAWFULNESS OF PROCESSING BASED ON CONSENT BEFORE ITS WITHDRAWAL.
- Request to delete or restrict access to your personal data. We will review your request and use our judgment, pursuant to the provisions of the applicable law, to reach a decision about your request.
- If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you may request to be informed that third parties that hold your personal data, in accordance with this Policy, will act accordingly.
- You may ask to transfer your personal data in accordance with your right to data portability.
- You may object to the processing of your personal data for direct marketing purposes. Additional information about this right is available under the Choice section in this Policy.
- You have a right to lodge a complaint with a data protection supervisory authority of your habitual residence, place of work. However, we will appreciate the chance to deal with your concerns before you approach the authorities, so please feel free to contact us in the first instance.
A summary and further details about your rights under EU data protection laws, is available on the EU Commission’s website at:
Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us credentials to make sure that you are who you claim to be and will further ask you questions to understand the nature and scope of your request.
If we need to delete your personal data following your request, it may take some time until we completely delete residual copies of your personal data from our active servers and from our backup systems.
If you have any concerns about the way we process your personal data, you are welcome to contact our team at: firstname.lastname@example.org. We will look into your inquiry and make good-faith efforts to respond promptly.
10. Data Retention
We retain different types of information for different periods, depending on the purposes for processing the information, our legitimate business purposes as well as pursuant to legal requirements under the applicable law.
We retain personally identifiable information as part of our Services, to provide our customers with the Services, the Solution and as needed to perform our business activities.
We may maintain contact details, to help us stay in contact with you.
We may need to keep the information about the payment transactions that you made for several years due to tax related requirements, for accounts settling, record keeping, archiving and legal issues.
We may keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable information, when we no longer need to process the information.
In any case, as long as you use the Services or the Solution, we will keep information about you, unless we are required by law to delete it, or if we decide to remove it at our discretion.
11. Information Security
We are concerned with safeguarding your information. We employ a variety of measures designed to protect your information from unauthorized access and disclosure. We implement systems, applications and procedures to secure your personally identifiable information, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information.
We take reasonable steps to maintain the security of the personally identifiable information that we collect, including limiting the number of people who have physical access to our database servers, as well as installing electronic security systems that guard against unauthorized access.
However, no one can guarantee a completely secured data transmission over the Internet. Accordingly, we cannot ensure or warrant the security of any information that you transmit to us, so you do so at your own risk. If you have been given log-in details to provide you with access to certain parts of our Website (for example our Customer Portal), you are responsible for keeping those details confidential.
If you receive an email asking you to update your personally identifiable information, do not reply and please contact us at email@example.com.
12. Our Policy Towards Children
If you are under the age of 18, you do not have permission to use our solution. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us at firstname.lastname@example.org. If we become aware that a minor has provided us with personally identifiable information, we will delete such information from our files.
13. Dispute Resolution; Governing Law and Venue
We do periodic assessments of our data processing and privacy practices, to make sure that we comply with this Policy, to update the Policy when we believe that we need to, and to verify that we display the Policy properly and in an accessible manner. If you have any concerns about the way we process your personally identifiable information, you are welcome to contact our privacy team at: email@example.com, or write to us. Our address is published on our website at: https://www.invixium.com/contact-us/ and, if applicable, is indicated in your subscription agreement with us.
We will look into your query and make good-faith efforts to resolve any existing or potential dispute with you, but reserve all rights to handle disputes through courts and authorities of the competent jurisdiction to which this Policy is subject.
Any disputes or claims arising out of or in connection with this Policy, will be governed by and construed in accordance with the laws of the territory specified in your applicable engagement agreement with us (aside from this Policy), and if none, then this Policy shall be governed by the laws of the Province of Ontario, Canada without regard to its conflict or choice of laws principles and any and all disputes concerning this Policy shall be brought in the federal and provincial courts of the province of Ontario having jurisdiction thereof. You irrevocably waive any and all claims and defenses you might otherwise have in any such action or proceeding in any of such courts based upon any alleged lack of personal jurisdiction, improper venue, forum non conveniens or any similar claim or defense.
We will update this Policy from time to time. Continuing to use the Services after the new policy takes effect means that you agree to the new policy. Note that, despite the foregoing, if we need to adapt the Policy due to legal requirements, the new policy will become effective immediately or as required by law.
16. Contact Us
Please contact our Privacy Compliance Team at: firstname.lastname@example.org for further information.
Last Update: July 20, 2021