Privacy Notice

Privacy Notice

Please read the Carbide Privacy Notice carefully to understand what information is collected through Carbide, how this information is used, and when it may be disclosed.

In this Privacy Notice, “Carbide ” refers to our website, our application, and the products and services offered through our website and application. References to “we”, “us” or “our” means Carbide. References to “personal information” includes “personal health information”.

By visiting our website and using Carbide services, you provide your consent and agree to the collection of personal data in a lawful and fair manner. We ensure that the collection and processing of personal data adhere to applicable privacy laws and regulations. If you have any questions or concerns about the data we collect and how it is used, please contact Carbide directly using the contact information provided in this privacy policy. Even if you do not read the entire Carbide Privacy Notice. 

Data Controller and Data Processor

Carbide serves as the data processor for most information entered into the Carbide application, website, and supporting systems, acting on behalf of its business customers who serve as the data controllers. However, Carbide also collects certain information directly from users for security, logging, and application performance purposes, where it acts as the data controller and processor. Carbide may engage third-party sub-processors (as detailed below) to support its operations. If you have any inquiries about the processing of your personal data, please contact us using the contact information provided in this privacy notice.

Types of Data Collected

Carbide strictly limits the collection of personal data to only the information that is necessary to perform and provide services or fulfill a direct business need. We adhere to the principle of data minimization, ensuring that only the minimum amount of personal data required is collected and processed.

When collecting personal data, we strive to be transparent about the purposes for which the data is being collected and how it will be used.

The Carbide application and supporting applications collect the following types of personal data: cookies, usage data, email address, phone number, first name, last name, province, state, country, ZIP/Postal code, city, address, and company name.

Certain data may be mandatory for the use of the Carbide application, while other data may be optional. When data is mandatory, it is clearly indicated throughout the website and application. Users are free to choose not to provide optional data without any impact on the availability or functionality of the service. If you have any questions about which personal data is mandatory, please contact us using the contact information provided in this privacy notice.

Carbide applications may collect personal data that users provide voluntarily or collect usage data while using the website, web application, and supporting applications.

Furthermore, the Carbide website and its supporting applications may use cookies and other tracking technologies to enhance the user experience and provide specific functionalities. Please refer to the Cookie Policy below for more information.

Safeguards

At Carbide, we take the security of your personal data seriously. We implement robust technical and organizational measures to protect your data from unauthorized access, disclosure, alteration, or destruction.

We follow industry best practices and standards to ensure the confidentiality, integrity, and availability of your data. Our security measures include but are not limited to:

Encryption: We employ encryption techniques to safeguard your data during transmission and storage.

Access Control: We restrict access to personal data to authorized personnel only, ensuring that it is accessible on a need-to-know basis.

Regular Audits: We conduct regular security audits and assessments to identify and address any vulnerabilities or risks.

Employee Training: Our employees undergo comprehensive data protection training to ensure they understand the importance of data security and privacy.

We are committed to continuously enhancing our security practices and staying up to date with the latest industry standards to provide a secure environment for your personal data.

While we strive to protect your personal data, no method of transmission or storage is 100% secure. Therefore, we cannot guarantee absolute security. If you have any concerns about the security of your data, please contact us using the contact information provided in this privacy notice.

Mode, Place, and Methods of Processing the Data

Personal data is processed using computers and technology-enabled tools in accordance with organizational policies and procedures related to the stated purposes. In certain cases, personal data may be accessible to Carbide employees involved in the operation of the Carbide website, application, and supporting applications. External parties, such as third-party technical service providers, hosting providers, and IT companies, may also have access to personal data as data processors or sub-processors appointed by Carbide.

Legal Basis of Processing

Carbide may process personal data when one of the following legal bases applies:

  • Consent: Processing is based on the user’s consent for one or more specific purposes.
  • Performance of a Contract: Processing is necessary for the performance of a contract between Carbide and the user.
  • Legal Obligation: Processing is necessary to comply with a legal obligation.
  • Legitimate Interests: Processing is necessary for the legitimate interests pursued by Carbide or a third party.

The specific legal basis for processing personal data will be provided upon request, including whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Place

Data is primarily processed at Carbide’s operating offices and hosting facilities, located in Canada. However, some data may be stored and processed in the United States or the European Union through third-party sub-processors. Data transfers may involve transmitting user data to a country outside their own jurisdiction. 

Retention Time

Personal data is retained for as long as necessary to fulfill the purposes for which it was collected unless a longer retention period is required or permitted by law.

The retention periods are as follows:

Personal data collected for the performance of a contract between Carbide and a business customer is retained until the contract is fully executed, or until the business customer requests deletion of the data.

Personal data collected for Carbide’s legitimate interests is retained as long as necessary to fulfill those purposes. For specific information about Carbide’s legitimate interests, please refer to the relevant sections of this document or contact us using the contact information provided in this privacy notice.

Personal data processed based on user consent may be retained until such consent is withdrawn, provided that it is not otherwise required or permitted by law.

Personal data may be retained for a longer period when necessary to comply with a legal obligation or a lawful order from an authority.

Once the retention period expires, personal data will be securely deleted or anonymized.

The Purposes of Processing

Carbide collects and processes personal data for the following purposes:

  • Providing Services: Personal data is collected to enable Carbide to provide its services.
  • Analytics: Personal data is used for monitoring and analyzing web traffic and user behavior on the Carbide website and application.
  • User Database Management: Personal data is managed to create user profiles, track user activities, and improve the application.
  • Managing Contacts and Sending Messages: Personal data is used to manage contact lists and send communications to users.
  • Handling Payments: Personal data is processed to facilitate payment transactions and related communications.
  • Displaying Content from External Platforms: Personal data is used to display external content and enable interaction with it.
  • Hosting and Back-End Infrastructure: Personal data is processed and stored on hosting and back-end infrastructure to support the operation of the Carbide application.
  • Interaction with Live Chat Platforms: Personal data is used to facilitate communication with users through live chat platforms.
  • Spam Protection: Personal data is analyzed to filter spam traffic and protect against spam.
  • Contacting the User: Personal data is processed to respond to user requests and inquiries.
  • Remarketing and Behavioral Targeting: Personal data is used for remarketing and behavioral targeting purposes to display targeted advertisements.
  • Selling Goods and Services Online: Personal data is processed for the provision of services or goods, including payment processing and delivery.

Processing and Sharing of Personal Data

Carbide engages various services and third-party processors to support its operations. The following provides detailed information on the processing of personal data, the involved services, and the third-party processors:

Analytics:

  • HubSpot Analytics (HubSpot, Inc.)
  • Google Analytics (Google Inc.)
  • FullStory
  • Twitter Ads Conversion Tracking (Twitter, Inc.)
  • Google Ads Conversion Tracking (Google Inc.)
  • Google Tag Manager (Google Inc.)

Contacting the User:

  • Mailing List or Newsletter (The Carbide Web Application)
  • Phone Contact (The Carbide Web Application)
  • Contact Form (The Carbide Web Application)

Displaying Content from External Platforms:

  • Google Fonts (Google Inc.)
  • YouTube Video Widget (Google Inc.)

Handling Payments:

  • Stripe (Stripe Inc)
  • PayPal (PayPal Inc.)
  • Xero (Xero Limited)

Hosting and Back-End Infrastructure:

  • Amazon Web Services (AWS) (Amazon)
  • Managing Contacts and Sending Messages:
  • HubSpot Email (HubSpot, Inc.)

Remarketing and Behavioral Targeting:

  • Twitter Remarketing (Twitter, Inc.)
  • Twitter Tailored Audiences (Twitter, Inc.)
  • AdWords Remarketing (Google Inc.)
  • Remarketing with Google Analytics (Google Inc.)

User Database Management:

  • HubSpot CRM (HubSpot, Inc.)
  • HubSpot Lead Management (HubSpot, Inc.)

Selling Goods and Services Online:

  • E-commerce Platform
  • For detailed information about each service and third-party processor, please refer to the corresponding sections of this privacy notice.

Cookie Policy

The Carbide website and web application use cookies to enhance the user experience and provide specific functionalities. 

The Rights of Users

Users have the following rights regarding their personal data processed by Carbide:

  1. Right to Withdraw Consent: Users have the right to withdraw their consent to the processing of their personal data at any time.
  2. Right to Object: Users can object to the processing of their personal data based on legitimate interests or for direct marketing purposes.
  3. Right of Access: Users can request access to their personal data and obtain information about the processing activities.
  4. Right to Rectification: Users can request the correction or update of inaccurate or incomplete personal data.
  5. Right to Restrict Processing: Users have the right to restrict the processing of their personal data under certain circumstances.
  6. Right to Erasure: Users can request the erasure of their personal data, subject to legal obligations or overriding legitimate grounds.
  7. Right to Data Portability: Users can request to receive their personal data in a structured, commonly used, and machine-readable format, and transmit it to another data controller.
  8. Right to Lodge a Complaint: Users have the right to lodge a complaint with a data protection authority regarding the processing of their personal data.

To exercise these rights or obtain further information, users can contact Carbide using the contact details provided in this document.

Changes to This Privacy Notice

Carbide reserves the right to modify or update this privacy notice at any time. Changes will be communicated through the Carbide website, application, or other appropriate means. It is recommended to regularly review this privacy notice for the latest information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Notice or our privacy practices, please contact us at:

Carbide Secure Inc., 92 Hillcrest Ave, Sydney, NS B1R 1V2, info@carbidesecure.com 

Privacy Officer: Jay Smith, jay@carbidesecure.com 

Last updated: October 2023