Thank you for trusting us with your information. We respect your privacy and its protection is of the utmost importance to us. Accordingly, Engage People Inc. (“Engage”) is committed to protecting your information while you conduct business on the Internet, telephone or in person.

This privacy policy (the “Policy”) will explain to you the kinds of information we collect from you, why we collect such information and how we utilize it. Specific questions we address include:

• What kind of data does Engage collect from you?
• Why do we collect this data?
• How do we obtain your data?
• How long is your personal information retained?
• How is your personal information secured?
• Do we share your personal information with third parties? If so, why?
• What are cookies and how do we use cookies?

Our commitment to you includes our compliance with and adherence to applicable laws and policies governing our collection and use of your personal information including PIPEDA (the Personal Information Protection and Electronic Document Act) (Canada) and the General Data Protection Regulation (GDPR) (European Union).

Accordingly, this Policy also explains your principal rights under such data protection laws with respect to the collection of your personal information, including your rights:

• to access your personal information;
• to rectify your personal information;
• to erase your personal information;
• to restrict processing of your personal information;
• to object to processing of your personal information;
• to portability of your personal information;
• to complain to a supervisory authority about our collection and use of your personal information; and
• to withdraw consent to the collection of your personal information.

What is Personally Identifiable Information (“PII”)?

• Personally Identifiable Information (“PII”), also known as “personal information” or “personal data”, means any information relating to an “identified or identifiable natural person”. An “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Why Do We Collect PII from You?

We collect your PII for program registration, purchases of goods and services and transfer of necessary information to our third party merchants, and to:

1. Verify your identity;
2. Deliver requested products and services;
3. Contact employees, consumers, customers, partners and investors utilizing newsletters or other methods;
4. Enhance your user experience; and,
5. Improve our internal processes.

We also may utilize your PII to contact you for the purpose of:

1. Order confirmations;
2. Important updates about your order; and,
3. Troubleshooting and query resolution.

How Do We Collect PII?

We collect your PII through telephone calls, by utilizing web forms and through third party applications that may transfer the information to us. We also may use cookies or similar technologies to collect PII, or generate snapshots of the browser tab to assist in error resolution.

If you choose to participate in any programs managed and/or administered by Engage, we will collect, utilize and disclose your PII as described in this Policy.

Engage’s principles for handling personal information:

• Engage will regularly maintain, monitor, test and upgrade our information security policies, practices, and systems to assist in protecting the information that it collects. Engage personnel will receive training from time to time to implement this Policy effectively.
  Engage will regularly review and, where appropriate, revise its processes and procedures for training employees in respect of Engage’s compliance with PIPEDA and GDPR and the appropriate handling of personal and private data.
  Engage will inform customers and clients of our commitment to PIPEDA and GDPR and advise them where they can obtain additional information in respect thereto, including a copy of this Policy.
  Engage will ensure that it keeps this Policy compliant with PIPEDA and GDPR principles and practices and on an annual basis (or more frequently, if appropriate) will conduct an internal verification of all Engage policies and practices relevant to privacy.

Data Integrity and Security

Engage has implemented physical and technical safeguards to protect PII from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. For example, electronically maintained PII is stored on a secure network with firewall protection; access to such secure networks requires user authentication via password or similar means. Engage also implements access restrictions and thus limits the number of employees who have access to customers’ PII.

Further, Engage uses secure encryption technology to protect certain categories of PII.

Despite these precautions, which Engage monitors on a regular basis and updates as appropriate, no data security safeguards guarantee 100% security all of the time.

Right to Access

Individual customers have the right to know whether their PII is included in Engage’s databases and, if so, to confirm that such PII is accurate and relevant for the purposes for which Engage collected it. Upon reasonable request by email, to Engage (privacy@engagepeople.com), customers may review their PII stored in Engage’s databases and, as permitted by applicable law and Engage policies, correct, erase, or block any data that is incorrect. Customers also may edit their PII by logging into their account profile. In making modifications to your PII, you must provide only truthful, complete and accurate information. To request deletion of PII, you must submit a written request to Engage at privacy@engagepeople.com.

Requests for PII

Unless prohibited by law or regulatory order, Engage will provide notice to the appropriate parties when either of the following circumstances arise: (a) a legally binding request for disclosure of PII is made by a government authority (unless Engage is prohibited by law or regulation from providing such notice); or (b) requests received from you (i.e., the owner of the PII). If Engage receives a request by a customer to access his/her PII, Engage, unless prohibited by law, will provide such access to the customer.

Satisfying Requests for Access, Modifications, and Corrections

Engage will endeavor to respond in a timely manner to all reasonable written requests by customers to view, modify, or delete PII.

Notifications

Engage notifies customers about governing privacy legislation and policies, and any changes thereto, through its website and this publicly posted Policy. We also require an acknowledgement from each customer who must provide us with PII during a transaction that they have read, understood and agree to the contents of this Policy.

Accessing Personal Data 

Engage personnel may access PII only if authorized to do so and only for the purpose authorized.

Changes to the Policy

This Policy may be amended from time to time, consistent with PIPEDA and/or GDPR principles and other applicable data protection and privacy laws and principles. We will provide notice of any such amendments by posting such changes to our website, intranet, through email and/or by other means, including through any programs in which you participate that are managed and/or administered by Engage. We will notify customers if we make changes that materially affect the way we handle previously collected PII, and we will enable customers to choose whether their PII may be used in any materially different manner.

Registration

When you register with Engage or any programs managed and/or administered by Engage we may share PII about you and your registration with authorized partners, who in turn may use such information in accordance with the privacy policies provided on their sites. Please be aware that the privacy policies of our authorized partners may differ from this Policy.

Purchasing

When you utilize any rewards program managed or administered by Engage, we may share PII about you and your transactions with our suppliers, if necessary, for you to access goods and services offered by such suppliers through your program. If you purchase goods or services through any of our solutions we will share the least amount of PII necessary to ensure your item is shipped to the correct address.

Choice and Consent

Before collecting PII, we will clearly identify the purpose for collecting the information and its intended use and disclosure. If you choose to provide PII after being advised of the foregoing, your consent to Engage’s use of such PII for the identified purposes is implied.

You have the right to withdraw your consent to the collection and use of your PII at any time by contacting us at privacy@engagepeople.com. You will also have the right to activate an “opt out” feature to the collection and use of your PII.

Please contact us at the email address provided above with any questions you may have about your choice and means of limiting the use and disclosure of your PII.

We will inform you and ask your consent if we intend to collect your PII for a purpose other than as stated in this Policy.

Engage may disclose PII if required to do so by law or to protect and defend the rights or property of Engage or its affiliates.

Protection of PII

Physical, technical and procedural safeguards are utilized by Engage to protect PII from loss, theft, unauthorized access, disclosure, use, modification or destruction.

Engage will only allow access to PII on a “need to know” basis.

While Engage endeavors to protect and secure the PII provided to it through its website, data transmissions over the Internet are always subject to some risk of unauthorized access or disclosure. As a result, Engage does not warrant the security of PII provided to it through its website or through its clients’ websites and visitors assume all risks associated with the transmission of that PII.

Limited Collection, Use, Disclosure and Retention 

We limit the collection, use and disclosure of PII to those purposes we have identified in this Policy.

In addition, all Engage employees are obligated to sign non-disclosure agreements prohibiting use or disclosure of PII except as required to perform their employment duties.

Engage retains PII as required under applicable laws. If no statutorily prescribed retention period applies, Engage will retain PII only for as long as necessary to meet its intended purposes. Once any prescribed retention period expires, or if Engage otherwise no longer is required to retain PII to fulfill its intended purpose, such PII is either destroyed or rendered anonymous, in a manner intended to prevent disclosure.

Accuracy

We make every effort to ensure the PII we collect, use and disclose is as accurate and up-to-date as is required to fulfill the purposes for which we intend to collect, use and disclose it. If your PII requires modification, just contact us at privacy@engagepeople.com  to ensure that the correction is made. You are encouraged to update your personal information as often as it changes. However, in order to provide you with our greatest level of service and to maintain appropriate contact preferences, we may take the initiative and ask you from time to time to update your PII.

Openness

We are committed to the protection of your privacy. It is important to us that our policies are clear and easily available. The most up-to-date version of our Policy will always be posted on this website and a copy may be obtained by contacting us directly.

How do We Maintain Compliance with Our Policy?

Engage has taken appropriate steps to protect your PII from loss, misuse and unauthorized access, disclosure, alteration and destruction. In that regard, Engage has implemented appropriate physical, electronic and managerial procedures to safeguard and secure your PII.

We use a self-assessment approach to assure compliance with our Policy, which includes periodic verification of the accuracy, completeness, accessibility and implementation of the Policy.

Onward Transfer (Sharing with Third Parties)

When you elect to access third party applications through any programs managed or administered by Engage, we may share information about you with the third party, including your address, the number of rewards program points that you have and the number of program points that you earned and/or redeemed (if applicable).

In connection with the above, financial transactions relating to our website and/or services are handled by our payment services providers. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your transactions, providing refunds where appropriate and dealing with complaints and queries relating to such transactions and refunds.

For transfers to its Agents, Engage will obtain assurances from such Agents that they will safeguard PII in accordance with this Policy. An example of appropriate assurances that may be provided by Agents include representations in a contract with Engage obligating the Agent to provide at least the same level of protection as is required by this Policy. Where Engage has knowledge that an Agent is using or disclosing PII in a manner contrary to this Policy, Engage will take reasonable steps to prevent or stop such use or disclosure.

(For purposes of this Policy, “Agent” means any third party that collects or uses personal information under the instructions of Engage, and solely for Engage’s use, or to which Engage discloses personal information for use on Engage’s behalf.)

In addition to the specific disclosures of PII set out above, we may disclose your PII where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your PII where such disclosure is necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Third-Party Sites

Engage will not disclose or sell any of your PII, including your name, address, credit-card number, shopping or transaction history to any unauthorized third party without your permission. Please be aware that our site may contain links to other sites and that the privacy practices of other sites may differ from ours. In certain situations, you may link to another site within an Engage frame that shows an Engage URL. In such circumstances Engage does not share any PII with such third party sites.

Use of Cookies 

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide web services and functionalities for the users.

Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Don’t Want to Accept Cookies?  

If you do not want to accept cookies you should end your browsing on this site or change the cookie setting in your browser. Most web browsers allow control of the cookies identified above through the browser settings.

To find out more about cookies, including how to see the cookies that have been set and how to manage and delete them, and to opt out of being tracked by Google Analytics, visit https://tools.google.com/dlpage/gaoptout.

How Do We Handle Do Not Track Signals?

We do not honor Do Not Track signals.

Do We Allow Third-Party Behavioral Tracking?

It is important to note that we do not allow third-party behavioral tracking.

Complaints and Questions

We will respond to complaints or questions about our compliance with this Policy and with governing legislation. We will investigate and attempt to resolve all issues.

If you have any questions or concerns about your privacy and our role in protecting it, or any other questions about this Policy, please direct your inquiries and comments to our Chief Privacy Officer, Sam Hill, by email at privacy@engagepeople.com.

Enforcement and Dispute Resolution 

Engage is committed to resolve your concerns about your privacy and our collection or use of your PII.

If your question or concern cannot be satisfied through interaction with Engage via email, Engage has further committed to refer unresolved privacy complaints to an independent dispute resolution mechanism administered by the Council of Better Business Bureaus.

If you do not receive timely acknowledgement by Engage of your complaint, or if your complaint is not satisfactorily addressed by Engage, individuals residing in Canada may register a complaint through the Office of the Privacy Commissioner of Canada at this link: https://www.priv.gc.ca/en/report-a-concern/. In the United States, issues can be raised to the Federal Trade Commission: https://reportfraud.ftc.gov/#/.

Alternatively, under the GDPR, if you reside in any EU Member State and are concerned that Engage is mishandling your personal data, or that any other of your rights under the GDPR have been violated, you may lodge a complaint with the lead supervisory authority of the Member State in which you live (i.e., the independent public authority established by your Member State further to GDPR Article 51).

We hope you find this Policy helpful and informative.