Privacy Policy
This Privacy Policy (the “Privacy Policy”) explains how Aliro Technologies Inc. (“we”, “us”, “our”, “Aliro”, or the “Platform”), collects, uses, discloses and retains information (the “Information”) that you (“you”, “your”, “user[s]” ) provide to us or which we otherwise collect when you access and use our website, platform and or services (collectively, the “Services”). To the extent of any conflict between this Privacy Policy and our Terms of Service, the Terms of Service will apply.
PLEASE READ THIS PRIVACY POLICY CAREFULLY. THIS PRIVACY POLICY CONSTITUTES A LEGALLY BINDING AGREEEMENT BETWEEN YOU AND ALIRO AND IS DEEMED ACCEPTED BY YOU UPON YOUR FIRST ACCESS, USE OR DOWNLOAD ANY OF THE SERVICES. FOR CERTAINTY, BY ACCESSING, USING OR DOWNLOADING ANY PART OR WHOLE OF THE SERVICES, YOU EXPRESSLY CONSENT TO OUR COLLECTION, USE, SHARING AND STORING OF YOUR PERSONAL INFORMATION ACCORDING TO THIS PRIVACY POLICY. IF YOU DO NOT ACCEPT THIS PRIVACY POLICY, DO NOT ACCESS, USE OR DOWNLOAD ANY OF THE SERVICES.
For the purposes of this Privacy Policy, “Personal Data” (also “personal data” or “personal information”) is information that can be associated with a specific person and could be used to identify that specific person whether from that data or other information that Aliro has or is likely to have access to.
1. Introduction:
-
Data Controller Information:
- Aliro is the data controller of your personal information.
- Our contact information is as follows:
Aliro Technologies Inc. #201 – 888 Arthur Erickson Pl, West Vancouver, BC V7T 0B1.
1.2 Changes to Privacy Policy:
- We reserve the right to modify this Privacy Policy at any time.
- If we make material changes to this Privacy Policy, we will notify you by email or through a prominent notice on the Aliro platform.
- We encourage you to periodically review this Privacy Policy for the latest information on our privacy practices.
- By continuing to access or use the Aliro Platform after those changes become effective, you acknowledge that you agree to be bound by the revised Privacy Policy.
-
2. Data Collection
2.1 Types of Personal Data Collected:
Our Platform collects the following non-exhaustive list of types of personal data from our users:
- Contact information, such as name, email address, postal address, and phone number.
- Payment information, such as credit/debit card numbers and billing information.
- Visa information, such as languages spoken, career industries, and schooling subjects.
- Account login information, such as username and password.
- Profile information, such as job title, industry, and location.
- Service-related information, such as service requests and other information submitted through our Platform.
2.2 Data Collection Methods:
We collect personal data from the following sources:
- Directly from users when they create an account, submit a service request, or provide information through our marketplace.
- Automatically through the use of cookies and other tracking technologies.
- From third-party sources, such as payment processors, for verification purposes.
2.3 Legal Basis for Collection:
We collect personal data from users on the following legal bases:
- With the user’s consent, such as when they agree to our Privacy Policy and terms of use.
- To perform a contract with the user, such as when they use our marketplace to request services.
- To comply with legal obligations, such as anti-money laundering, data privacy, and tax reporting requirements.
- To pursue our legitimate interests, such as improving our Platform and preventing fraud.
2.4 Purpose of Collection:
We collect personal data for the following purposes:
- To provide and manage our Services.
- To process payments and prevent fraud.
- To communicate with users, such as responding to service requests and providing updates.
- To comply with legal obligations.
- To provide targeted advertising to you, such as with immigration service providers.
- For internal statistical, marketing or operational purposes, including without limitation generating sales reports and measuring and understanding demographic, user interest, purchasing and other trends among our customers.
- To improve and personalize our marketplace, Platform and related Services.
2.5 Data Retention: We will retain personal data for as long as necessary to fulfill the purposes outlined in section 2.4, unless a longer retention period is required or permitted by law. Upon written request to our Data Privacy Officer, we will delete or anonymize a user’s personal data within a reasonable amount of time, unless we are required to retain it for legal or compliance purposes.
After it is no longer necessary for us to retain your Personal Information, we dispose of it in a secure manner according to our data retention and deletion policies. We are not responsible for any liability or loss you experience as a result of our disposal of Personal Information.
-
3. Data Usage
3.1 Purpose of Processing Personal Data
- The purpose of collecting and processing personal data from the users of our Platform is to provide them with a personalized and efficient service. This includes creating user accounts, managing payment and billing, providing support and customer service, and improving the services offered by the marketplace.
- Personal data may also be used for internal analysis, research, and marketing purposes, and to comply with legal and regulatory requirements.
3.2 Legal Basis for Processing Personal Data
- The legal basis for processing personal data is based on the user’s consent and the performance of a contract between the user and the marketplace.
- In some cases, processing personal data may be necessary to comply with legal obligations or to protect the vital interests of the user.
3.3 Third-Party Data Sharing
- We may share personal data with third-party service providers who provide essential services such as payment processing, customer support, and marketing. These third-party service providers are bound by strict confidentiality obligations and are only authorized to use the personal data for the specific purpose of providing the service.
- Personal data may also be disclosed to government and law enforcement agencies, as required by law, or in response to a legal request.
- We will not sell, rent, or otherwise share personal data with third parties for commercial purposes without obtaining explicit consent from the user.
- d. Your Personal Data may cross international borders in order to facilitate the Services. In some cases, your Personal Information may be disclosed, processed, and stored outside Canada and outside of the European Union (EU), and therefore may be available to government authorities under lawful orders and laws applicable therein. We will share your Personal Information with third parties only in the ways that are described in this Privacy Policy. In any event, any third party that receives your Personal Information in accordance with this Privacy Policy will be required to follow the privacy practices set forth herein. We minimize the amount of Personal Information we disclose to what is directly relevant and necessary to accomplish the specified purpose.
-
4. Data Security
4.1 Technical and Organizational Measures
- The company implements appropriate technical and organizational measures to ensure the security of Personal Data, including but not limited to, encryption of Personal Data, secure servers, and restricted access to Personal Data.
- The company continuously reviews and updates these measures to ensure the security of Personal Data.
4.2 Data Breach Notification
- In the event of a data breach that may result in high risk to the rights and freedoms of data subjects, the company will promptly notify the relevant supervisory authority, as well as affected data subjects, without undue delay.
- The company will provide all relevant information to the supervisory authority, including the nature of the breach, the categories and number of data subjects affected, and the measures taken to address the breach.
5. Data Subject Rights
5.1 Right of Access
- Our Platform provides users with the right to access their personal data.
- Users can request a copy of their personal data at any time.
- The request can be made by contacting our Data Protection Officer or through the designated request form on our website.
5.2 Right to Rectification
- Our Platform provides users with the right to rectify any inaccuracies in their personal data.
- Users can request the rectification of their personal data by contacting our Data Protection Officer or through the designated request form on our website.
- Our Platform will take reasonable steps to ensure that any rectified data is accurate and up-to-date.
5.3 Right to Erasure
- Our Platform provides users with the right to request the erasure of their personal data.
- Users can request the erasure of their personal data by contacting our Data Protection Officer or through the designated request form on our website.
- Our Platform will erase the personal data unless there are legitimate grounds for retaining it.
5.4 Right to Restrict Processing
- Our Platform provides users with the right to request the restriction of processing their personal data.
- Users can request the restriction of processing their personal data by contacting our Data Protection Officer or through the designated request form on our website.
- Our Platform will restrict the processing of personal data unless there are legitimate grounds for continuing the processing.
5.5 Right to Object to Processing
- Our Platform provides users with the right to object to the processing of their personal data.
- Users can object to the processing of their personal data by contacting our Data Protection Officer or through the designated request form on our website.
- Our Platform will stop processing personal data unless there are compelling legitimate grounds for continuing the processing.
5.6 Right to Data Portability
- Our Platform provides users with the right to request the transfer of their personal data to another organization.
- Users can request the transfer of their personal data by contacting our Data Protection Officer or through the designated request form on our website.
- Our Platform will transfer the personal data in a structured, commonly used and machine-readable format.
5.7 Right to Lodge a Complaint with a Supervisory Authority
- Our Platform informs users that they have the right to lodge a complaint with a supervisory authority or the DPO if they believe that their rights under the GDPR have been violated.
- The supervisory authority in the EU is the data protection authority in the member state where the user resides. c. The supervisory authority in the UK is the Information Commissioner’s Office.
-
-
-
6. Data Transfers
- Transfers within the European Union: In accordance with GDPR, personal data will not be transferred outside the European Union unless adequate protection measures are in place.
- Transfers to Third Countries: In the event that personal data is transferred to a third country, the Platform will ensure that the recipient country has an adequate level of protection for personal data in accordance with GDPR. The Platform may also enter into standard contractual clauses with the recipient country to ensure the protection of personal data.
- Transfers within Canada, USA, Australia, England, New Zealand: The Platform may transfer personal data within Canada, the USA, Australia, England, and New Zealand as long as the data protection laws in those countries provide an adequate level of protection for personal data. The Platform will regularly review the data protection laws in these countries to ensure they remain adequate.
-
7. Children’s Data
This Platform does not knowingly collect or process personal data from children under the age of 13, unless the visa requirements in question need such data in each instance. In instances where the age of the child falls below the age of consent in the respective jurisdiction, we require that a parent or legal guardian provide their consent for the collection and processing of the child’s personal data. If we become aware that personal data from a child under the age of consent has been collected without parental consent, we will take steps to delete the information as soon as possible.
8. Cookies and Other Tracking Technologies
8.1 Introduction: Our online Platform may use cookies and other tracking technologies to personalize and improve your experience on our website. Cookies are small text files that are stored on your device when you visit a website. Tracking technologies, such as pixels and web beacons, can collect data about your use of the website, such as your IP address, browser type, and information about your device.
8.2 Types of Cookies: We use the following types of cookies on our website:
- a. Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off. They are typically set only in response to actions made by you, such as setting your privacy preferences, logging in, or filling in forms.
- Performance Cookies: These cookies collect information about how you use our website, such as which pages you visit and if you experience any errors. The information collected is used to improve the functionality of our website.
- Functionality Cookies: These cookies remember your preferences and provide enhanced, more personalized features. For example, they can be used to remember your language preferences and to show you more relevant content.
8.3 Consent to Cookies:
By using our online Platform, you consent to our use of cookies in accordance with this Privacy Policy. If you do not consent to the use of cookies, you can modify your browser settings to reject or block cookies. Please be aware that some parts of our website may not function as intended if cookies are disabled.
8.4 Third-Party Cookies:
Our online Platform may use third-party cookies for certain functions, such as analytics or advertisements. These cookies are set by a domain other than our own and are subject to the privacy policies of the third party.
8.5 Data Retention:
Cookies and other tracking technologies used by our online Platform will be retained for as long as neecssary for the purpose for which they were collected, in accordance with our data retention policy.
8.6 Changes to This Policy:
We reserve the right to modify this Privacy Policy at any time, so please review it frequently. If we make material changes to this policy, we will notify you by placing a prominent notice on our website or by sending you an email. We will retain and archive all previous Privacy Policies and provide access to them upon reasonable request by any User.
9. Contact Information
9.1 Data Protection Officer Contact Information:
Our Data Protection Officer (DPO) is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO at: [email protected]
9.2 Complaint Resolution:
If you have a complaint about our processing of your personal data, please contact us at the email address provided in section 9.1 and we will do our best to resolve the issue. If you are not satisfied with the response provided, you have the right to lodge a complaint with the relevant supervisory authority, as outlined in section 5.7. The supervisory authority in the European Union is the Information Commissioner’s Office (ICO). Contact information for the ICO can be found on their website at https://ico.org.uk/.
In Canada, the privacy commission for each province or territory enforces privacy laws. Contact information for each of these privacy commissions can be found on their respective websites.
In Australia, the Office of the Australian Information Commissioner (OAIC) enforces privacy laws. Contact information for the OAIC can be found on their website at https://oaic.gov.au/.
In the United States, the Federal Trade Commission (FTC) enforces privacy laws. Contact information for the FTC can be found on their website at https://www.ftc.gov/.
In New Zealand, the Privacy Commissioner enforces privacy laws. Contact information for the Privacy Commissioner can be found on their website at https://privacy.org.nz/.
10. Data Breaches and Notifications
10.1 Introduction:
This section outlines the company’s approach to managing data breaches and notifications in accordance with the General Data Protection Regulation (GDPR).
10.2 Data Breach Notification:
The company will notify the relevant supervisory authority and affected individuals without undue delay in the event of a data breach. The notification will include details of the breach, its cause, and the measures taken or proposed to be taken to address the breach.
10.3 Data Breach Assessment and Management:
The company has implemented appropriate technical and organizational measures to prevent data breaches from occurring. In the event of a breach, the company will assess the potential impact on individuals and take appropriate measures to mitigate any adverse effects.
10.4 Record Keeping:
The company will keep records of all data breaches, including details of the breach, its cause, and the measures taken to address it. These records will be kept for a period of two years in accordance with GDPR regulations.
10.5 Cooperation with Supervisory Authorities:
The company will cooperate with supervisory authorities in the investigation and resolution of data breaches, and will take all necessary steps to ensure that the rights of affected individuals are protected.
11. Data Processing Agreement
11.1 Data Processing Agreement (DPA): Our company enters into a Data Processing Agreement (DPA) with all third-party data processors engaged by us to process personal data on our behalf. The DPA sets out the specific responsibilities and obligations of both our company and the data processor with respect to the processing of personal data in accordance with the GDPR.
11.2 Documentation
Our company will maintain a written record of all data processing activities carried out on our behalf, including a description of the categories of data processed, the categories of data subjects, the data protection impact assessments carried out and any transfer of personal data to third countries.
-
12. Dispute Resolution
12.1 In the event of a dispute arising between you and the Company regarding the processing of your Personal Data, the Company will take all reasonable steps to resolve the dispute.
12.2 If a dispute cannot be resolved through internal means, the Company agrees to submit to the exclusive jurisdiction of the courts of the country in which it is headquartered for resolution.
12.3 You acknowledge and agree that you may only bring claims against the Company in your individual capacity and not as a plaintiff or class member in any purported class or representative proceeding.
12.4 The Company reserves the right to participate in any alternative dispute resolution proceedings that may be available, including without limitation, mediation and arbitration.
12.5 The Company may also seek injunctive or other equitable relief from a court of competent jurisdiction.
12.6 This Section 12 sets out the exclusive means of resolving any dispute arising from or relating to this Privacy Policy and your use of the Service.
-
General
We may modify this Privacy Policy at any time, so please review it periodically. In the event that we modify or otherwise update this Privacy Policy, we will provide our Users with reasonable notice in advance via the contact information on file, or, in lieu of such personal notice, we will notify Users by updating our homepage of the website. You may withdraw your consent to this Privacy Policy at any time. If you wish to withdraw your consent, please contact us. This will affect your ability to access, use and download the Services. Your access to the Services will be revoked if you withdraw consent, and if you continue to use the Services thereafter, your consent to this Privacy Policy is deemed unconditionally renewed. By continuing to use the Services in any capacity, including after any modification of the Privacy Policy, you consent to be bound by the modified Privacy Policy. This Privacy Policy is governed by the laws of British Columbia. If you have any questions about this Privacy Policy, please contact us at: [email protected]
************
Last Updated on 14 March, 2023.
All rights reserved, Aliro Technologies Inc.