Who we are
Alternatively, you may mail your request to: Privacy Officer, Geogram Corporation, 1735 Kipling Avenue Suite A2 Toronto ON M9R 2Y8
What personal data we collect and why we collect it
Certain venues and certain events and certain of our customers may require user verification to access their content at certain venues or events. In these circumstances we will collect the verification information that those customers require to verify against information you have supplied to them.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Our Services are content driven. If you supply content to our Services or receive content on our Services we will collect that content. We may also collect records of those content transactions for analytics purposes and legal protections,
Our Services are location specific. We collect location and user based information in order to supply content to you, for analytics purposes, service improvement purposes, and for cooperation and sharing with the location hosts, event organizers, and third party suppliers supporting the venue and the events held at that location.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish any content, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
In order to learn more about how our Services are is used, we aggregate and analyze the data that we collect. We may use this information, for example, to monitor and analyze use of our Services, to increase our Services’ functionality, and to better tailor our content and design to suit our visitors’ needs.
We may combine anonymous information and/or aggregate information we collect with additional anonymous information collected from other sources. We may share anonymous information (including aggregate information) we collect regarding our users with third parties (such as advisors, advertisers and investors) for various business purposes including developing and delivering targeted advertising on our websites and on websites of third parties, conducting general business analysis, and developing website content and services.
Who we share your data with
Subject to what is indicated in this personal data protection policy or unless we have previously obtained your consent, we may communicate your personal data with people employed by our company or our service providers (for example, our Web agencies which manage certain online operations on our behalf) and / or business partners for the purposes mentioned in this policy, your end user license agreement or our Terms of Service, and only to the extent necessary for the performance of the tasks entrusted to them. These people may have to contact you directly using the contact details you have given us.
Please note that we strictly require our service providers to use your personal data only to manage the services we ask them to provide. We also ask these providers to always act in accordance with applicable laws regarding the protection of personal data and to pay particular attention to the confidentiality of this data.
We only share your information with third parties when we believe the sharing is permitted by you, reasonably necessary to offer our services, or when legally required to do so.
- We may share aggregated information or information that does not directly identify you with third parties to help us develop content, services, and advertising that we hope you will find of interest. Please note that we do not share contact information with third parties that advertise on the Services unless you have an agreement with those third parties to permit such sharing.
- We may share your personal information with our authorized service providers that perform certain services on our behalf. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes. We require all of our service providers to comply with the safeguards described in this policy.
- We may employ third parties to perform Services-related services, including database management, maintenance services, analytics, marketing, data processing, and email and text message distribution. These third parties have access to your information only to perform these tasks on our behalf.
- We may share information about you to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety or other rights and interests of any person, violations of our EULA and Terms of Service, or as otherwise required by law.
- We may share information about you to respond to court orders, search warrants, judicial proceedings, subpoenas, legal process, or other law enforcement measures, to establish or exercise our legal rights, or to defend against legal claims.
- In addition to the scenarios identified above, we may share information about you for any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
Our business partners. With your consent, we may also share your personal information with businesses with which we partner to offer you products, services, promotions, contests and/or sweepstakes through our Services, such as discounted hotel stays or special dining offers. If you are interested in these offers, the business partners will be identified to you at the time you purchase or decide to participate in an offer or program being offered through them. When you elect to engage in a particular merchant’s offer or program, you authorize us to provide your email address, billing and other information relevant to the offer or program to that merchant. These businesses may use your personal information in accordance with their own privacy policies. If you want to learn about a particular merchant’s privacy policies, or you do not want to receive communications from a particular merchant, then you must contact that merchant directly. Your personal information is only provided to those businesses whose offers you elect to participate in and not to other businesses advertising on our Services.
To help improve or promote our services. Sometimes we share aggregated information with third parties to help improve or promote our services. But we only do so in such a way that no individual user can be identified or linked to any specific action or information.
To provide you with services. We may provide information to service providers that help us bring you the services we offer. For example, we may use third parties to help host our website, send out email updates about our Services, remove repetitive information from our user lists, process payments, or provide search results or links (including sponsored links). These service providers may have access to your personal information for use for a limited time, but when this occurs we implement reasonable contractual and technical protections to limit their use of that information to helping us provide the service.
To advertise our services. We may ask advertisers outside of our Services to display ads promoting our services. We may ask them to deliver those ads based on the presence of a cookie, but in doing so will not share any other information with the advertiser.
To respond to legal requests and prevent harm. We may disclose information pursuant to subpoenas, court orders, or other requests (including criminal and civil matters) if we have a good faith belief that the response is required by law, or to establish or exercise our legal rights, or to defend against legal claims. This may include respecting requests from jurisdictions outside of the Canada where we have a good faith belief that the response is required by law under the local laws in that jurisdiction, apply to users from that jurisdiction, and are consistent with generally accepted international standards. We may also share information when we have a good faith belief it is necessary to prevent fraud or other illegal activity, to prevent imminent bodily harm, or to protect ourselves and you from people violating our Policies, Terms and Conditions, and to protect us and other users of our Services or event Providers. This may include sharing information with other companies, lawyers, courts or other government entities.
Please note that third parties may independently collect data about you, including your IP address and information about the websites you visit and the links you click, through cookies, clicks on links, or other means when you visit or view ads on our Services. For more information, see our section on cookies and other technologies and third party advertising. We recommend that you consult the privacy statements of all third-party websites you visit by clicking on the “privacy” link typically located at the bottom of the webpage you are visiting.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username and except as we may require for our compliance with applicable law). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. If you identify any error in this data or if you consider it to be incomplete or ambiguous, you can also ask us to correct, complete, or clarify it. You can also request that we erase any personal data we hold about you. However, please note that we may keep a record of your data for archival purposes (especially when required by law).
Where we send your data
Your personal data is stored either in our databases or in those of our service providers. In certain cases, and mainly for technical reasons, these databases may be stored on servers located outside the country (including outside the European Union) from which you initially entered the data.
Visitor comments may be checked through an automated spam detection service.
How we protect your data
We aim to always keep your personal data in the safest and most secure way, and only for the time necessary to achieve the purpose pursued by the processing. In this perspective, we and our service providers take the appropriate physical, technical and organizational measures to prevent as far as possible any alteration or loss of your data or any unauthorized access to it.
What data breach procedures we have in place
Our service providers maintain and continue to invest in advanced threat detection and avoidance technologies and implement incident response programs with their customers.
If a breach is identified, we aim to help you identify and respond to security or privacy events without delay and with available information in appropriate damage mitigation. We will promptly inform you of incidents involving your customer data in line with the data incident terms in our agreements with you.
What third parties we receive data from
Our Services are reliant on third party content for access to locations and development and implementation of spatial experiences. Our customers will supply location specific data. Our customers and users and any advertisers will supply data used within each location.
What automated decision making and/or profiling we do with user data
Users of our Services are persons who have chosen to attend a specific location or event at a specific time. Our Services are intended to automatically serve location-based content and or event based content to end users in those circumstances.
Industry regulatory disclosure requirements
The General Data Protection Regulation (GDPR) lays out specific requirements for businesses and organizations who are established in the European Economic Area (“EEA”) or who serve users in the EEA. It regulates how businesses can collect, use, and store personal data.
Where we act as a processor of personal data, we make available data processing terms, reflecting the controller-processor relationship, where required.
The European Commission has approved the use of model contract clauses as a means of ensuring adequate protection when transferring data outside of the EEA [see: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en]. By incorporating model contract clauses into a contract established between the parties transferring data, personal data can be protected when transferred outside the EEA to countries which have not been deemed by the European Commission to adequately protect personal data. Canada and the United States of America have been recognized as providing adequate protection.
We have incorporated standard contractual clauses referenced for use for compliance with 2010/87/EU where applicable (ie. outside of countries recognized by the European Commission as providing adequate protection) as found at: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087
The California Consumer Privacy Act (CCPA) is a new data privacy law which applies to certain businesses that collect personal information from California residents. The new law went into effect on January 1, 2020. The law includes a provision that gives California residents the right to opt out of the “sale” of their “personal information” through a prominent link that says “Do Not Sell My Personal Information” on the “selling” party’s homepage. The CCPA includes certain exceptions to the definition of “sale”, including transfers to “service providers”. This information is subject to change from time to time as regulations are updated.
If you are concerned that we are not complying with the principles set out in this policy, please contact our Chief Privacy Officer at the contact address set out above. We maintain procedures for addressing and responding to all inquiries and complaints by users with regards to our handling of personal information. We will ensure that inquiries, concerns, and complaints regarding personal information receive prompt attention and are resolved in a timely manner, in compliance with applicable laws. We shall have the right to request additional time under the applicable legislation to respond. For disputes in Canada, if the Privacy Officer is unable to satisfy the customer’s concerns, the customer may then refer to the relevant privacy commissioner (Privacy Commissioner of Canada where no provincial personal information protection statute exists, or to the provincial Information and Privacy Commissioner where a provincial personal information protection statute does exist). However, the customer is encouraged to use our internal information and complaint procedures first. Appropriate contact information for such privacy commissioner will be provided upon request.
Copyright © 2017-2020 Geogram Corporation
Last Updated: June 3, 2020