Effective Upon: January 1, 2022
Last Updated: January 17, 2022

PRIVACY POLICY (CANADA)

At Nimble Elephant Navigation Inc. (“ us”, “ our”, “ we”), the respect and privacy of your private life is of the utmost importance. We want you understand how we collect, use, disclose and protect your personal information, as well as how you can manage the personal information we collect from you. This Privacy Policy applies to your use of our website, products, services, programs, and features, either online or offline (collectively, the “ Services”).

By using our Services, you are accepting the terms of this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use our Services. If you do not understand, or if you have questions about, this Privacy Policy, please contact us before using, or continuing to use, our Services.

This Privacy Policy complements our Terms of Use, which are accessible here.

PERSONAL INFORMATION

Personal information means information about an identifiable individual (“ personal information”), and does not include information that cannot be attributed to an identifiable individual, such as information of an aggregate or anonymous nature (collectively, “ non-personal information”).

CONSENT

We will obtain your express consent prior to or when collecting, using, or disclosing your personal information for any purpose not described in this Privacy Policy, or for a purpose that was not identified to you nor reasonably expected at the time of collection, unless we are required or permitted by law not to obtain your consent.

We may rely on your implied consent in certain circumstances, after taking into account factors such as the sensitivity of the personal information and your reasonable expectations.

We will limit the collection, use, and disclosure of your personal information to only that which is necessary for the purposes identified, unless you have otherwise consented, or when such collection, use, and/or disclosure is permitted or required by law.

You can always refuse to provide your personal information, except that it may prevent you from using our Services or receiving responses to your inquiries or other information of interest.

COLLECTION

General

We collect two basic types of information from you when you provide it to us or when you use or interact with our Services: personal information and non-personal information.

The personal information we collect from you directly includes the following:

• first and last name;
• mailing address, email address, phone and/or fax number;
• credit card number, banking information, and billing and shipping address;
• gender;
• date of birth/age;
• self-reported information about your wellness in the form of caregiver surveys; and
• information about the person living with dementia to whom you are providing care, including their first and last name, date of birth/age, gender, mailing address, their progression/symptoms.

We need to collect personal information from you in order to provide you with our Services, as well as to improve your experience using our Services. We will only collect, use, and disclose the personal information that we need in order to provide you with our Services.

You may also provide us with personal information in several other ways, including, for example when you:

• use our Services, including visiting our website, posting on our online forum, or purchasing our goods/services (i.e. via an order form);
• create an account or membership (i.e. via our website’s registration form);
• correspond with us, including through surveys and contests;
• sign up to receive our newsletter or promotional information;
• ask for customer service, support or other assistance; or
• interact with us in any other way, online or offline, including through our Services.

Technologies

Like many websites, we may use cookies, web beacons, and/or similar log files. These are small text files that are stored on your computer browser or device when you visit certain online pages, images on web pages that track user activity on the website, or similar. We use these technologies to collect certain information in order to better your online experience.

You can set your browser or device to refuse all cookies or to indicate when a cookie is being sent. Setting your browser or device to decline cookies will prevent web beacons from tracking your activity. If you delete your cookies or if you set your browser or device to decline these technologies, some of our Services may not function properly. Our Services do not currently change the way they operate upon detection of a “do not track” or similar signal.

We also use various types of online analytics, including Google Analytics, a web analytics service provided by Google, Inc. (“ Google”), on our Services. Google Analytics uses cookies or other tracking technologies to help us analyze how users interact with and use our Services, compile reports on the related activities, and provide other services related to website activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a return visitor, and any referring website or app. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google click here.

Other Sources

We may also collect personal information from other sources (such as our third party service providers) or from our offline interactions with you to, among other things, enable us to verify or update information contained in our records and to better customize the Services for you.

Our Services may, from time to time, contain links to and from social media platforms. You may choose to connect to us through a social media platform, such as Facebook or Twitter, and when you do, we may collect additional information from you (including personal information), such as your screen names, profile picture, contact information, contact list, and the profile pictures of your contacts, through the social media platform. Please be advised that social media platforms may also collect personal information from you. When you click on a social plug-in, such as Facebook’s “like” button or Twitter’s “tweet” button, that particular social network’s plug-in will be activated and your browser will directly connect to that provider’s servers. We do not have control over the collection, use and disclosure practices of social media platforms and encourage you to review their privacy policies and practices, including their data security practices, before using these social media platforms.

USE

Unless otherwise consented by you in advance, or as may be permitted or required by law, or if you have provided implied consent for the use of less sensitive personal information, we will only use your personal information to fulfill the purposes for which it was collected (and in accordance with this Privacy Policy).

We use personal information to:

• provide you with our Services;
• respond to your requests and communications;
• maintain and improve our Services;
• track your orders;
• measure performance (such as our customer care interactions with you);
• develop new products and services;
• conduct surveys (and when conducting surveys we ensure that samples are representative of the general population) and research to better understand the preferences of our customers like you;
• provide personalized Services, including content and ads;
• provide you with, and improve, relevant marketing offers or information from us or third parties;
• provide you with other special offers and promotional items;
• respond to legally binding demands from law enforcement, regulatory authorities or other third parties;
• defend, protect or enforce our rights or Terms of Use;
• to prevent fraud or the recurrence of fraud;
• assist in the event of an emergency; and
• comply with applicable law.

We may use non-personal information for any legitimate business purpose.

DISCLOSURE

Except as set forth in this Privacy Policy, or as required or permitted by law, we do not disclose your personal information to any parties other than our service providers and our affiliates, and their respective directors, officers, employees, agents, consultants, advisors or other representatives who or that have a need to use your personal information to provide (or improve) our Services, to legal or regulatory authorities, or for other purposes for which you have provided your consent. In no event will we sell or rent your personal information.

We may disclose personal information:

• to our third party service providers to help us with the uses described in the Use section, above;
• to comply with your directions or any additional consent you have provided us;
• to other parties where we are under a duty to disclose your personal information in order to comply with any applicable legal obligation including a regulatory process, or an order of a government institution, investigative body, regulatory body or judicial authority of competent jurisdiction;
• where we transfer or are considering transferring control of any or all of our assets, operations or services to a third party acquirer of all or substantially all of our assets, including our rights and obligations relating to our Services, to a third party. The third party may continue to retain and use the personal information that you provided to us. We will act in a reasonable manner, including by contractual or other means, to ensure that the third party agrees to similarly be bound by this Privacy Policy or a privacy policy that provides substantially similar measures to those employed by us to protect the privacy and security of your personal information and to similarly comply with applicable privacy legislation with respect to your personal information, but we cannot guarantee such latter compliance by the third party acquirer; and
• where we merge, consolidate, or amalgamate with a third party, the merged, consolidated, or amalgamated entity may continue to use and disclose your personal information. We will use our best efforts to ensure that the merged, consolidated, or amalgamated entity agrees to similarly be bound by this Privacy Policy or a privacy policy that provides substantially similar measures to those employed by us to protect the privacy of your personal information and to similarly comply with applicable privacy legislation with respect to your personal information, but we cannot guarantee such compliance.

We disclose non-personal information to third parties as reasonably necessary to meet our business needs. We do not disclose your personal information to third parties for their own direct marketing purposes without your consent.

SECURITY

We are concerned about ensuring the security of your personal information, and we have taken appropriate measures to ensure its security and confidentiality. We exercise great care in providing secure transmission of your information from your browser or device to our servers. We store personal information that we have collected in secure operating environments and utilize security protocols such as passwords and firewalls. We will only retain your personal information for the period reasonably required to fulfill the purposes for which it was collected. We may retain non-personal information for as long as we have a business need to do so.

Once we receive your personal information, it may be transferred to and maintained on or in computing systems or cloud-based servers located outside of your province or country, and in jurisdictions (in Canada and/or the U.S. only) where the data protection laws may differ than those of your jurisdiction. Your consent to this Privacy Policy followed by your disclosure of your personal information represents your agreement to such transfer and maintenance.

All of our service providers are contractually obligated to employ appropriate data security measures with respect to your personal information and to collect/use/disclose/retain it only within the scope required for the provision of our Services. The service providers we contract with will use your personal information only if required to perform their respective services. These include, for example, IT service providers that we retain to operate and safeguard our IT system that stores your personal information.

We try our best to safeguard personal information once we receive it, but please understand that no transmission of data over the Internet or any other public network can be guaranteed to be 100% secure. If you suspect an unauthorized use or security breach of your information, please contact us as soon as possible.

ACCESS, UPDATES, AND REMOVAL

On your reasonable written request, we will provide you, not later than thirty (30) days from our receipt of your request, or such additional time as required by law, with access to or information about your personal information (if any) under our custody or control, and the names of persons to whom, and any circumstances in which, your personal information has been and is being disclosed by us. You must provide sufficient information in your request to allow us to verify your identity and identify the information you are seeking.

If you request a copy of your personal information and the personal information can reasonably be reproduced, we will provide you with a copy of the personal information, or, if applicable, we will give you reasons for any delay in providing a copy of the requested personal information. All requests may be subject to minimal costs, in accordance with applicable privacy legislation.

We reserve all rights not to disclose personal information, in whole or in part, in certain circumstances permitted or required by law, including but not limited to where:

• the personal information is protected by any legal privilege;
• the disclosure of the personal information would reveal confidential commercial information;
• the disclosure could reasonably be expected to threaten the safety or physical or mental health of an individual;
• the personal information was generated in the course of a formal dispute resolution process; or
• the personal information was collected by us without your knowledge and consent for reasonable purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province.

If access to your personal information is refused, in whole or in part, we will provide you with the reasons for the refusal, the provision of applicable privacy legislation on which the refusal is based, and the contact information of the Privacy Officer who can answer your questions about the refusal, and will inform you that you may ask for a review of the refusal in accordance with applicable privacy legislation.

To submit a request to access your personal information or designate an authorized agent to make a request to access your personal information, please contact us. Our security procedures mean that we may request proof of identity before we disclose your personal information to you.

The accuracy of the information we have about you is very important. To submit a request that we update your personal information, please contact us.

On your request, we will make every reasonable effort to correct outdated personal information, or errors or omissions in your personal information where that personal information is in our custody or control. Such request must be in writing, signed by you, and include sufficient detail to enable us to identify any personal information in our custody or control in relation to the request.

We will, as soon as reasonably practical and not later than thirty (30) days from our receipt of your request, or within such additional time as permitted or required by law, either correct the personal information and, if applicable and reasonable to do so, send correction notifications to any third party to whom we disclosed the incorrect personal information, or decide not to correct the personal information, but we will annotate the personal information under our control to indicate that a correction was requested but not made.

We will inform you of the action that we have taken in response to your request for correction, the contact information of the Privacy Officer who can answer your questions about your request for correction, and that you may ask for a review of the action taken in accordance with applicable privacy legislation.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to change our Privacy Policy from time to time by posting the changes here. If we make any changes to this Privacy Policy that materially affect your rights, we will provide you with notice by prominently posting those changes on our website, or via email, or both. Your use of our Services after we have made changes to our Privacy Policy will mean that you have accepted those changes.

CONTACT US

If you have questions, concerns, or would like to update/change your personal information, you can always contact our Privacy Officer in the following ways:

Email heather@nimbleelephantnavigation.com, attention: Privacy Officer; or

Nimble Elephant Navigation Inc.
2500, 10220-103 Ave NW Edmonton, Alberta T5J 0K4 Canada
Attention: Privacy Officer