CYDEF is committed to protecting and respecting your privacy. We collect, use, and keep information in compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). For the purpose of the Act, the data controller is Cyber Defence QCD Corporation.
This policy and any other documents referred to set out the basis on which any personal data Cyber Defence Corp. collects from you, or that you provide to us, will be processed by us.
Trust and transparency are foundational to what we do at CYDEF. We are committed to being open about how we approach privacy at CYDEF and aim to communicate with you about privacy in a way that is easy for you to understand. To support these goals, we developed these Privacy Principles to highlight our commitment to responsibly protect and handle your personal information. Our Privacy Principles help guide decisions we make at every level of our organization, every day, so that we can fulfill our mission to provide security in a way that is consistent with our core values as well as our legal obligations.
Our core Privacy Principles are:
- Integrity. We do not sell data.
- Transparency. We are transparent with our customers, partners, and employees about how we collect, use, and share data.
- Security. Security is both our business and highest priority. We use standard best practices and advanced organizational, technical, and behavioral security measures to protect data.
- Minimal Collection. We are not in the business of collecting personally identifiable information. We leverage data to operate and enhance our Services for our customers. Personally Identifiable Information (PII) that may be associated with the data we use is incidental.
- Accountability. We take the protection of data very seriously.
Information CYDEF may collect from you
** CYDEF may collect and process the following data about you:**
- Information that you provide by filling in forms on our Site, providing details by registration or other means (e.g., giving business cards) at a marketing event, or when setting up administrator accounts in our product or services.
- Information that you provide us to use the CYDEF Customer Portal to include email address and phone number. Phone numbers are used for two factor authentication and support services.
- Information you provide us including inquiries and/or feedback.
- Your Internet Protocol (IP) address, operating system, and web browser use.
- CYDEF may also ask you for information when you report a problem with our site.
- If you contact us, CYDEF may keep a record of that correspondence.
- Details of your visits to our site including, but not limited to, traffic data, location data and other communication data, and the resources that you access.
Cookies and other Tracking Technologies
When you visit our Website or use our Services, we use “cookies” and other tracking technologies.
If you turn cookies off, some of the features that make your site experience more efficient may not function properly. It may negatively affect user’s experience.
Providing products and services
If you purchase or use our products or services, we may use your personal data for purposes which include but are not limited to:
- verifying your credentials,
- carrying out end user compliance checks for export control purposes,
- issuing virus information alerts and other alert messages,
- providing training sessions for which you have registered,
- providing maintenance and technical support,
- providing information about product upgrades, updates, and renewals,
- generating logs, statistics and reports on service usage, service performance and malware infection,
- developing and enhancing products, services, and our infrastructure,
- processing orders and generating billing information.
Certain products and services may include features that collect additional personal data for other purposes, as described in the applicable customer agreement. For detailed information, please also refer to the applicable product or service description.
Who we share your personal information with
We do not sell, trade, or otherwise transfer PII that could identify either a person or a customer to third parties as part of our Services unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. If we leverage data from customers to create derivative works to operate or enhance our Services, we would sanitize those derivative works so that they would not identify any person or customer. As noted above, we may share PII provided by a customer to that customer as part of operating our Services. We may also use and disclose PII as required to comply with a court order or applicable law. Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
How we keep your personal information secure
Security is what we do, and we take the security of the personal information we have about you very seriously. We use appropriate administrative, organizational, technical, and physical safeguards that are designed to protect the personal information we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information and to help ensure that your data is safe, secure, and only available to you and to those with authorized access (as decided by your Organization Administrator or you, as appropriate).
How long we keep your personal information
We only keep your personal information for as long as we have an ongoing legitimate business need to do so (for example, to fulfill the purposes outlined in this Notice, to provide the Services or to comply with legal, tax or accounting requirements, to enforce our agreements or to comply with our legal obligations). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
You have the right to request by contacting firstname.lastname@example.org
- information about how your personal data is processed;
- a copy of your personal data;
- an immediate correction to your personal data. You can also:
- raise an objection about how your personal data is processed;
- request that your personal data is erased if there is no longer a justification for it;
- ask that the processing of your personal data is restricted in certain circumstances;
- opt out of the use of your personal data for any purposes or a specific purpose.
Changes to our Privacy & Data Protection Policy
Cyber Defence Corp reserves the right to amend this Privacy and Data Protection Policy at any time, for any reason, without notice to you, other than the posting of the amended Privacy and Data Protection Policy at this Site. You should check our Site to see the current Privacy and Data Protection Policy that is in effect and any changes that may have been made to it.
This policy was last amended on 01 August 2019.
Data Privacy Officer
Elana Graham, Privacy Officer
#308 – 1505 Laperriere Ave, Ottawa, ON K1Z 7T1 email@example.com