This privacy policy (“Policy”) is part of the Zafin privacy program. It describes how we collect, use, and disclose your personal information and how your personal information can be reviewed and corrected when necessary.
Zafin and its group of companies (“Zafin”, “we”, “us” or “our”) are committed to protecting the privacy and security of personal information. Zafin fulfils several roles as it collects, uses, discloses, retains, and disposes of personal information. Zafin’s primary business is to act as a service provider to other businesses. In this role, Zafin is responsible for processing information provided to it by its business customers. These customers are accountable to the individuals whose personal information they collect. In some cases, Zafin may be accountable to individuals for processing their information, such as those data that may be collected by this Website (e.g., resume submissions for employment).
Zafin has a privacy program that includes policies, processes, procedures, training, and controls to ensure that personal information from Zafin’s commercial customers, our Website visitors, employees, job applicants, or individuals with a business relationship with Zafin is processed in a privacy-protective manner. This Privacy Policy is part of that program.
When our customers provide us data for processing, we do so under the terms of our contract with that customer. Please see the “Use and Disclosure of Personal Information” section for more information. We may also process your personal information upon your consent, obtained either implicitly when you voluntarily provide information or when provided explicitly as appropriate, such as explicitly accepting cookies on our website. We only process personal information for purposes for which we have a legal basis for processing.
Zafin’s primary source of information for processing is de-identified personal information provided to us by our customers. They remove direct identifying attributes from data sets by excluding them or replacing them with random data ‘tokens’. Zafin delivers data analytics and related services on this de-identified data. Zafin does not attempt to re-identify individuals in these data sets.
Notwithstanding this, Zafin’s policy protects these data as personal information.
Personal Information means information about an identifiable individual. In other words, personal information is data about you that a person may use to identify you. We may collect your personal information in several ways, including when you fill out and submit a form on the website, contact us by telephone or by email, post on our social media accounts, or provide information to Zafin through third party integration such as our human resource service provider. The personal information that we may collect includes, but is not limited to:
* Name
* Mailing address
* Email address
* Telephone number
* Resumés
* Public social network profiles (such as LinkedIn), including company name and job title
If you choose to withhold any personal information requested by us for the purpose of providing a service, it may not be possible for you to gain access to certain parts of the Website or use the requested service.
We also collect data relating to your visit to our Website. This information does not reveal your identity and is not directly about you. This other information includes, but is not limited to:
* IP Address
* Browser and device information
* Browser History
* Usage data
* Information collected through cookies and similar technologies
* Aggregated information
Our Website, like most other commercial websites, also use cookies and similar technologies. These are files installed on your computer hard drive or web browser to collect information such as your language of preference, browsing history and browser type and version for the primary purpose of optimizing your experience on our Website. We also use cookies to compile aggregate data about site traffic and site interactions to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf (See “Third Parties” below). When you first visit our Website, and on subsequent visits, you may manage your cookie preferences and accept or reject our use of cookies, except for those cookies that are strictly necessary for the Website’s operation. You can choose to have your computer warn you each time a cookie is used, or you can choose to disable all cookies in your browser. Disabling cookies on your browser could adversely affect your browsing experience on our Website.
We take steps designed to ensure that only those who need access to your personal information to fulfill their employment duties can access it. We use and disclose your personal information mainly:
In some cases, we may transfer personal information to service providers for processing. We remain accountable for that personal information’s privacy and security and use contractual or other means to ensure that service providers meet our privacy and security requirements.
We may finally make certain automatically-collected, aggregated, or otherwise non-personally identifiable information available to third parties for various purposes, including
Zafin has implemented various physical, administrative, and technical safeguards designed to protect personal information confidentiality and security under our control. These safeguards include security reviews and controls. However, no security measures are absolute or wholly guaranteed. You agree to be responsible for all activities conducted on the Website.
We will only keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Policy and to comply with our legal and regulatory obligations.
On written request and subject to proof of identity, you may
To ensure that the personal information we maintain about you is accurate and up to date, please inform us immediately of any change to your personal information. Note that this applies if we have a direct relationship with you and you have supplied us with your information, such as in an application for employment. With respect to de-identified personal data that we process for our customers, we can not re-identify individuals and cannot prove the requestor’s identity.
The Website is not directed to children under the age of 16, and we do not knowingly collect personal information from children under the age of 16 without obtaining parental consent. If you are under 16 years of age, please do not use or access the Website at any time or in any manner. If we learn that personal information has been collected via the Website from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age has provided personal information, then you may alert us as set forth in the “Contact” section and request that we delete that child’s personal information from our systems.
This website and Zafin are based in Canada and are governed by the applicable privacy and data protection laws in Canada. Your personal information may be stored or processed in any country in which Zafin or its service providers have facilities, and by using this website or applicable Zafin services, you agree to the transfer of your information to countries outside your country of residence, which may have different data protection rules than in your country. While such information is outside of Canada, it is subject to the laws of the country in which it is held. It may be subject to disclosure to the governments, courts, law enforcement, or regulatory agencies of such another country, pursuant to such a country’s laws.
If you are a resident in the European Union, see the Addendum. If you are a resident in California, see the California Consumer Privacy Act Notice.
We may change this Privacy Policy. Please note the “Last Updated” date at the top of this Policy. Updates to this Policy become effective when posted on our Website. Your continued use of the Website after the revised Policy has become effective indicates that you have read, understood, and agreed to the current version of the Policy.
If you have any questions or comments about this Policy or your personal information, to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain information about our policies and practices, our Privacy Office can be reached using the following information:
| 401 W. Georgia St., Suite 1701 Vancouver, British Columbia | |
| privacy@zafin.comcreate new email |
Addendum for users in the European Union
Please note that the term personal information used in this Policy is equivalent to the term “personal data” under the GDPR and other applicable European data protection laws. Canada’s laws have been determined to be ‘adequate’ by the Commission of the European Union, which means that we are providing equivalent protection to you by complying with Canadian law. Notwithstanding that, under the GDPR, you may be entitled to make certain requests to us, including:
You may contact us using the contact information above if you have any concerns or wish to make a request.
California Consumer Privacy Act Notice
This California Consumer Privacy Act Notice (“CCPA Notice”) is provided by us and provides specific notice in respect of specific provisions of the CCPA that are not already provided by this Policy or that need to be clarified in respect of the CCPA.
The Policy above explains how we collect, use, and disclose personal information, including the personal information of California residents. The rights for individuals to request information about what personal information about them has been collected, as well as the right to request the deletion of personal information about them are also set out above and include California residents.
The CCPA only applies to information about residents of California. If you are not a resident of California, you may submit a request and we will process it, as described above.
Under the CCPA, “personal information” is information that identifies, relates to, or could reasonably be linked with a particular California resident or household.
Categories of Personal Information that we may collect, use, or disclose.
The following table is categorized according to the classifications of the CCPA, and does not indicate a difference in the personal data identified in the Policy above:
| Category | Description | Third Parties that may receive |
| Personal Identifiers | Personal unique identifiers, such as full name and federal or state issued identification numbers and Social Security Number | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Personal Information | Personal information, including contact details such as telephone number and address, financial information such as account number and balance, as well as medical and health insurance information | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Purchase Information | Purchase information, such as products and services obtained and transaction histories | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Internet or Online Information | Internet or online information such as browsing history, and information regarding interaction with our websites, applications, or advertisements | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Geolocation Data | Geolocation data, such as device location | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Audio and Visual Information | Audio, electronic, visual, thermal, olfactory, or similar information, such as call and video recordings | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Employment Information | Professional or employment-related information, such as work history and prior employer | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Education Information | Education information, such as school and related information; and | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
| Inferences | Inferences based on information about an individual to create a summary about, for example, an individual’s preferences and characteristics | ● Organizations required for providing products and services ● Government agencies ● Organizations required for employment or HR services ● Organizations required for external reporting |
Third Parties
The following list sets out the categories of third parties that Zafin may share personal information with, either as a ‘transfer for processing’ where Zafin retains accountability for processing and holds the service provider responsible by contract or agreement, or as a ‘disclosure’ where the third party becomes accountable for the processing of the disclosed personal information. A detailed list of third parties may be provided upon request as required by law or regulation.
| Category | Type of Information | Type of Sharing | Note |
| HR Provider | Employee Personal Data | Transfer for Processing | Zafin may use different providers in different regions. |
| Hosting Service Provider | All | Transfer for Processing | Cloud Service Provider on which Zafin provisions and operates its own systems |
| Sales and Marketing | Customer service and incident management | Transfer for Processing | Cloud service providers for sales and marketing support |
| Product Engineering and Design Tools | Software issue tracking | Transfer for Processing | Hosted by various servers in various regions |
| Identity Service | Identity federation for single sign on and authentication | Transfer for Processing | Does not collect login information to provide redirection and validation |
