Learn more about cfactor
Privacy Statement
Introduction
cfactor is committed to protecting the privacy of personal information. cfactor’s privacy practices and procedures are covered by service contracts, employment contracts, a Privacy Code, and internal policies and procedures, of which this Privacy Statement is a part. cfactor’s business is dependent upon cfactor maintaining the privacy, security and confidentiality of personal information transferred to it by our clients and partners ("Clients").
The purpose of this Privacy Statement is to provide general information regarding the handling of personal information that is transferred to cfactor by our Clients ("Transferred Information"). In this capacity, cfactor is the transferee of personal information for processing purposes and acts as third party processing agent on behalf of the Client.
In respect of the collection, use, retention and disclosure of personal information for cfactor’s own purposes, cfactor has adopted a Privacy Code that follows the ten privacy principles set out in the National Standards Association of Canada "Model Code for the Protection of Personal Information, CAN/CSA-Q830-96" and PIPEDA. Our Privacy Code contains specific information about cfactor’s management and protection of personal information that is collected, used and disclosed by cfactor.
What is Personal Information?
Personal information is any information about an identifiable individual.
Does cfactor Collect, Use or Disclose Personal Information When Providing Services to Our Clients?
No. cfactor does not collect, use or disclose personal information in the course of providing services to our Clients. However, our Clients may transfer personal information to us in the course of our provision of services to our Clients. cfactor, as an agent, receives only such personal information as is transferred to cfactor by our Clients and then we retain that Transferred Information only for so long as is required by the Client.
The types of information that our Clients collect from individuals (and transfers to cfactor for processing) may include an individual's: name, address, other personal identification numbers, spousal and dependant information, bank account information, other financial and tax information, and such other personal information that an individual may choose to disclose to our Client.
The types of information that our Clients collect from individuals (and transfers to cfactor for processing) may include an individual's: name, address, other personal identification numbers, spousal and dependant information, bank account information, other financial and tax information, and such other personal information that an individual may choose to disclose to our Client.
While cfactor takes steps to verify that our Clients comply with all applicable privacy requirements, cfactor has no control over or responsibility for the privacy practices of our Clients.
As a third party processor of information, cfactor does not independently use or disclose any Transferred Information for any purpose whatsoever other than to process the Transferred Information in accordance with our contractual obligations to our Clients. cfactor does not independently disclose Transferred Information, other than when required to do so by law.
cfactor provides hosting services to our Clients from various locations. Transferred Information retained at these sites is processed by cfactor for the purposes set out in contractual agreements between cfactor and our Clients. Transferred Information is retained and processed only in the course of providing specific, identified services to our Clients.
As a third party processor of information, cfactor does not independently use or disclose any Transferred Information for any purpose whatsoever other than to process the Transferred Information in accordance with our contractual obligations to our Clients. cfactor does not independently disclose Transferred Information, other than when required to do so by law.
cfactor provides hosting services to our Clients from various locations. Transferred Information retained at these sites is processed by cfactor for the purposes set out in contractual agreements between cfactor and our Clients. Transferred Information is retained and processed only in the course of providing specific, identified services to our Clients.
How is Personal Information Transferred to cfactor Protected?
The following material addresses the application of the ten (10) privacy principles set out in PIPEDA to cfactor in the context of cfactor’s provision of services to our Clients:
- Accountability. cfactor has appointed a Chief Privacy Officer (CPO) responsible for Transferred Information. Accountability for privacy compliance rests with the CPO, even though other individuals within cfactor may be responsible for the day-to-day processing of Transferred Information.
- Identifying Purposes. Our Clients are responsible for identifying the purposes for which Transferred Information is collected by them at or before the time of collection. When personal information is collected by a Client through cfactor in the course of cfactor providing a service under contract to the Client, it remains the responsibility of the Client to identify to the individual the purpose for which the individual's personal information is collected.
- Consent. cfactor receives transfers of Transferred Information from our Clients. As a contracted third party processor of Transferred Information, cfactor does not obtain consent from individuals. The Client is responsible for obtaining the consent of each individual to the collection, use and disclosure of Transferred Information by the Client, prior to transfer of the personal information to cfactor.
- Limited Collection. cfactor does not collect personal information other than as agent for a Client. In such cases, cfactor collects only the information required for the purposes identified by the Client and only by lawful means.
- Limiting Use, Disclosure and Retention. cfactor does not independently use or disclose Transferred Information, other than where required by law to do so. cfactor retains Transferred Information only so long as is required under contract with our Client.
- Accuracy. As a third party agent, cfactor makes no decisions about an individual on the basis of the individual's personal information. As such, the accuracy, completeness and currency of Transferred Information the responsibility of our Client.
- Safeguards. cfactor ensures appropriate and adequate safeguards and security measures are continually in place and protecting Transferred Information at all times while it is in cfactor’s possession or control. cfactor ensures all of its employees are aware of the importance of the privacy, confidentiality and security of Transferred Information. Disposal and destruction of Transferred Information is handled very carefully to prevent unauthorized persons from gaining access to or knowledge of Transferred Information.
- Openness. cfactor makes available to Clients and the general public specific information about our privacy policies and procedures.
- Individual Access. cfactor is a third party information processor under contract to a Client. Our Clients have the legal obligation to grant an individual access to his or her personal information, subject to applicable restrictions. Upon receipt of a request from an individual for access to their own Transferred Information, cfactor shall forthwith advise the applicable Client of the request and seek instruction and direction from the Client with respect to the access request.
- Challenging Compliance. Individuals or Clients who feel that Transferred Information has been handled by cfactor in a manner not in compliance with our stated privacy principles or the law should contact cfactor’s CPO with a written description of their concern. After receiving such written concern, the CPO will contact the individual or Client to set up a time and manner to discuss their concern. cfactor will address all legitimate concerns regarding privacy issues and will, in good faith, engage in efforts to resolve all such concerns.
Does cfactor Collect Personal Information Through its Corporate Website?
Any personal information that is voluntarily provided to cfactor through the completion of electronic forms on our web site is collected in compliance with our Privacy Code and the National Standards Association of Canada "Model Code for the Protection of Personal Information, CAN/CSA-Q830-96". Personal information is used only for the purpose(s) for which it was collected, and cfactor does not disclose this information to other organizations or individuals, except as authorized by law.
Web Site
When using cfactor's website, located at the URL www.cfactor.net (the "site") and/or services and/or products provided on the Site, you may provide us with personally identifiable information. cfactor asks for and maintains the personally identifiable information of its visitors and customers to provide a better, more personal experience on the Site and to deliver certain services or information to you.
When using cfactor's website, located at the URL www.cfactor.net (the "site") and/or services and/or products provided on the Site, you may provide us with personally identifiable information. cfactor asks for and maintains the personally identifiable information of its visitors and customers to provide a better, more personal experience on the Site and to deliver certain services or information to you.
Cookies
cfactor employs cookies in order to recognize a return visitor as a unique user. Cookies are small text files placed in the 'Cookies' folder on a visitor's hard disk and allow for cfactor to remember the visitor. The cookies are readable only to cfactor, and cookies cannot access, read or modify any other data on a computer. All web-browsers offer the option to refuse any cookie, and if a visitor refuses the cookie then cfactor does not gather any information on that visitor, but doing so will require you to re-enter certain information at each visit, or prevent us from customizing the site's features according to your preferences. You may also delete a cookie manually from your hard drive. Cookies themselves do not contain any personal information.
cfactor employs cookies in order to recognize a return visitor as a unique user. Cookies are small text files placed in the 'Cookies' folder on a visitor's hard disk and allow for cfactor to remember the visitor. The cookies are readable only to cfactor, and cookies cannot access, read or modify any other data on a computer. All web-browsers offer the option to refuse any cookie, and if a visitor refuses the cookie then cfactor does not gather any information on that visitor, but doing so will require you to re-enter certain information at each visit, or prevent us from customizing the site's features according to your preferences. You may also delete a cookie manually from your hard drive. Cookies themselves do not contain any personal information.
Information Gathered
cfactor gathers information such as what kind of browser a visitor is on, what operating system they are using, their IP address, cookie information, time stamp (time page accessed as well as time spent per web page) and their clickstream information (for example, which pages they have viewed and how long they have been there). Note that information is only gathered while the visitor is on the Site. We monitor how a visitor arrives at the Site, but cannot and will not gather information about other third party sites the user has visited. Such information is automatically received from your browser and recorded.
In certain sections of the Site, cfactor may invite you to contact us to pose questions, request information or complete a registration form. We may ask for Personally Identifiable Information to be entered as a means of registration before accessing a certain part of the Site.
“Personally Identifiable Information” means any information that identifies you personally, including, without limitation, your name, e-mail address, password, login ID and other contact information that you voluntarily transmit with your communication to us. Visitors of the Site can always option not to enter any of their Personally Identifiable Information.
cfactor may also collect Personally Identifiable Information when you use certain cfactor services, through the use of the Site or hypersite web pages, or when you enter promotions or contests offered by cfactor on and through the Site.
cfactor gathers information such as what kind of browser a visitor is on, what operating system they are using, their IP address, cookie information, time stamp (time page accessed as well as time spent per web page) and their clickstream information (for example, which pages they have viewed and how long they have been there). Note that information is only gathered while the visitor is on the Site. We monitor how a visitor arrives at the Site, but cannot and will not gather information about other third party sites the user has visited. Such information is automatically received from your browser and recorded.
In certain sections of the Site, cfactor may invite you to contact us to pose questions, request information or complete a registration form. We may ask for Personally Identifiable Information to be entered as a means of registration before accessing a certain part of the Site.
“Personally Identifiable Information” means any information that identifies you personally, including, without limitation, your name, e-mail address, password, login ID and other contact information that you voluntarily transmit with your communication to us. Visitors of the Site can always option not to enter any of their Personally Identifiable Information.
cfactor may also collect Personally Identifiable Information when you use certain cfactor services, through the use of the Site or hypersite web pages, or when you enter promotions or contests offered by cfactor on and through the Site.
Usage of Personally Identifiable Information
cfactor uses your Personally Identifiable Information to register you to use cfactor 's services, contact you to deliver certain services or information you have requested, verify your authority to enter into certain areas of the Site, improve the content and general administration of the Site and our services, provide you with notices regarding our services and understand our visitors and, with permission, provide visitors with updates on cfactor and its services.
The Site may track information that will be maintained and used and disclosed in aggregate form only and which will not contain your personally identifiable information, for example, without limitation, the total number of visitors to our Site, the number of visitors to each page of our Site, browser type, External Web Sites (as defined below) linked to and IP addresses. cfactor may analyze this data for trends and statistics in the aggregate, and we may use such aggregate information to administer the Site, track users’ movement, and gather broad demographic information for aggregate use.
cfactor uses your Personally Identifiable Information to register you to use cfactor 's services, contact you to deliver certain services or information you have requested, verify your authority to enter into certain areas of the Site, improve the content and general administration of the Site and our services, provide you with notices regarding our services and understand our visitors and, with permission, provide visitors with updates on cfactor and its services.
The Site may track information that will be maintained and used and disclosed in aggregate form only and which will not contain your personally identifiable information, for example, without limitation, the total number of visitors to our Site, the number of visitors to each page of our Site, browser type, External Web Sites (as defined below) linked to and IP addresses. cfactor may analyze this data for trends and statistics in the aggregate, and we may use such aggregate information to administer the Site, track users’ movement, and gather broad demographic information for aggregate use.
Disclosure of Personally Identifiable Information
cfactor may disclose your Personally Identifiable Information without prior notice to you: (a) if we believe we are required to do so by law, regulation or other government authority or otherwise in cooperation with an ongoing investigation of a governmental authority; (b) to enforce any of cfactor’s agreements with you or to protect our rights; or (c) to protect the safety of users of the Site and our services. cfactor will not sell your Personally Identifiable Information to any company or organization.
cfactor may disclose your Personally Identifiable Information without prior notice to you: (a) if we believe we are required to do so by law, regulation or other government authority or otherwise in cooperation with an ongoing investigation of a governmental authority; (b) to enforce any of cfactor’s agreements with you or to protect our rights; or (c) to protect the safety of users of the Site and our services. cfactor will not sell your Personally Identifiable Information to any company or organization.
Usage of Info
cfactor uses your Personally Identifiable Information to register you to use cfactor's services, contact you to deliver certain services or information you have requested, verify your authority to enter into certain areas of the Site, improve the content and general administration of the Site and our services, provide you with notices regarding our services and understand our visitors and, with permission, provide visitors with updates on cfactor and its services.
The Site may track information that will be maintained, used and disclosed in aggregate form only and which will not contain your personally identifiable information, for example, without limitation, the total number of visitors to our Site, the number of visitors to each page of our Site, browser type, External Web Sites (as defined below) linked to and IP addresses. cfactor may analyze this data for trends and statistics in the aggregate, and we may use such aggregate information to administer the Site, track users’ movement, and gather broad demographic information for aggregate use.
cfactor uses your Personally Identifiable Information to register you to use cfactor's services, contact you to deliver certain services or information you have requested, verify your authority to enter into certain areas of the Site, improve the content and general administration of the Site and our services, provide you with notices regarding our services and understand our visitors and, with permission, provide visitors with updates on cfactor and its services.
The Site may track information that will be maintained, used and disclosed in aggregate form only and which will not contain your personally identifiable information, for example, without limitation, the total number of visitors to our Site, the number of visitors to each page of our Site, browser type, External Web Sites (as defined below) linked to and IP addresses. cfactor may analyze this data for trends and statistics in the aggregate, and we may use such aggregate information to administer the Site, track users’ movement, and gather broad demographic information for aggregate use.
Transfer of Assets
As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or all, or substantially all, of our assets, Personally Identifiable Information, non-personal information, and any other information we have collected about the users of our Site may be transferred to such entity as one of the transferred assets. Also, if any insolvency or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.
As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or all, or substantially all, of our assets, Personally Identifiable Information, non-personal information, and any other information we have collected about the users of our Site may be transferred to such entity as one of the transferred assets. Also, if any insolvency or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.
International Issues
Our servers are currently located in Canada, which has been deemed by the European Union to provide an equivalent level of privacy protection as that required under the European Union’s Data Protection Directive. cfactor abides by the Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personally Identifiable Information from the European Union.
Our servers are currently located in Canada, which has been deemed by the European Union to provide an equivalent level of privacy protection as that required under the European Union’s Data Protection Directive. cfactor abides by the Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of Personally Identifiable Information from the European Union.
Data Access and Correction
If you feel that any of your Personally Identifiable Information might be wrong or you would like for us to remove you from our systems, please notify us at the contact address set forth below so that we may correct or delete the information.
If you feel that any of your Personally Identifiable Information might be wrong or you would like for us to remove you from our systems, please notify us at the contact address set forth below so that we may correct or delete the information.
Links to Third Party Sites
The Site may provide links to other websites or resources over which cfactor does not have control ("External Web Sites"). Such links do not constitute an endorsement by cfactor of those External Web Sites. You acknowledge that cfactor is providing these links to you only as a convenience, and further agree that cfactor is not responsible for the content of such External Web Sites. Your use of External Web Sites is subject to the terms of use and privacy policies located on the link to External Web Sites. We encourage you to note when you leave our Site and to read the privacy statements of such other External Web Sites before submitting any personal information.
The Site may provide links to other websites or resources over which cfactor does not have control ("External Web Sites"). Such links do not constitute an endorsement by cfactor of those External Web Sites. You acknowledge that cfactor is providing these links to you only as a convenience, and further agree that cfactor is not responsible for the content of such External Web Sites. Your use of External Web Sites is subject to the terms of use and privacy policies located on the link to External Web Sites. We encourage you to note when you leave our Site and to read the privacy statements of such other External Web Sites before submitting any personal information.
Children’s Privacy
As a business-to-business company, cfactor does not knowingly contact or collect personal information from children under 13. Our Site is not targeted toward children under 13, nor is it designed to solicit information from children under 13. If you believe that we have mistakenly or unintentionally collected such information through our website, please notify us at the contact address below so that we may immediately delete the information from our servers.
As a business-to-business company, cfactor does not knowingly contact or collect personal information from children under 13. Our Site is not targeted toward children under 13, nor is it designed to solicit information from children under 13. If you believe that we have mistakenly or unintentionally collected such information through our website, please notify us at the contact address below so that we may immediately delete the information from our servers.
Security
cfactor employs reasonable procedural and technological measures, consistent with standard industry practices that are designed to help protect your Personally Identifiable Information from loss, unauthorized access, disclosure, alteration or destruction. For example, we store the Personally Identifiable Information you provide on computer systems with limited access, which are located in controlled facilities. When we transmit highly confidential information (such as a username and or password) over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol. Our team of security professionals continually monitors and tests our web interface touch-points and implements technology updates in effort to thwart any attempts for unwanted intrusion.
cfactor employs reasonable procedural and technological measures, consistent with standard industry practices that are designed to help protect your Personally Identifiable Information from loss, unauthorized access, disclosure, alteration or destruction. For example, we store the Personally Identifiable Information you provide on computer systems with limited access, which are located in controlled facilities. When we transmit highly confidential information (such as a username and or password) over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol. Our team of security professionals continually monitors and tests our web interface touch-points and implements technology updates in effort to thwart any attempts for unwanted intrusion.
If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share this information with anyone. If you are sharing a computer with anyone you should always choose to log out before leaving a site or service to protect access to your information from subsequent users.
cfactor’s web sites are public sites and as such are not restricted to only those users with an authorized user ID and password. As a result, any email messages sent to us though email addresses available on our site could potentially be intercepted on their way to intended recipients. cfactor will not be responsible for any damages suffered by organizations or individuals as a result of information that is sent via email to cfactor, or for any errors or changes made to information that is transmitted to cfactor.
Employee’s Responsibilities
The employees of cfactor are responsible for maintaining the security, privacy and confidentially of all personal information to which they have access. As a condition of employment all employees are required to sign a confidentially agreements binding them to this responsibility.
Reservation of Rights
cfactor reserves the right to change the terms of this privacy policy at any time and will post notice of the updated Privacy Policy on our site located here so you are always aware of what Personally Identifiable Information we may collect and how we may use this information. cfactor may also send registered users of the Site e-mail notifications notifying such users of any changes to the Privacy Policy. cfactor encourages you to review this Privacy Policy regularly for any changes. Your continued use of the Site and/or continued provision of Personally Identifiable Information to use will be subject to the terms of the then-current Privacy Policy.
If you have any questions about this privacy statement or the practices of this site, please contact the cfactor Privacy Officer directly, call 1.877.655.5798 or write us directly at 250 2nd Avenue South, Saskatoon, Saskatchewan Canada, S7K 1K9.
If you have any questions about this privacy statement or the practices of this site, please contact the cfactor Privacy Officer directly, call 1.877.655.5798 or write us directly at 250 2nd Avenue South, Saskatoon, Saskatchewan Canada, S7K 1K9.
This Privacy Policy was last updated: March 12, 2009