The protection of your privacy is important to Kaira Technologies Inc. (“Kaira” or “we”) and that is why we are seriously concerned about the confidentiality of our users’ personal information and compliance with applicable laws.
1. Scope of the Policy
The Policy applies to personal information that we hold or is under our control, including information that is collected while using the Kaira mobile application or when browsing Kaira’s website (the “Web Services”). The Policy also applies to information received from third parties about you in the course of our service delivery.
3. Changes to the Policy
We occasionally update this Policy and reserve the right to modify the content of this Policy at any time. Any changes made will appear on our website and in our application. The date of the latest version of this Policy appears at the bottom of the page. We recommend that you print a copy of this Policy for your records and review this section of our Web Services periodically.
Kaira acknowledges that your consent to the collection, use and disclosure of your personal information must be manifest, free and informed. Your consent must be given for specific purposes. Depending on the nature and sensitivity of the personal information, your consent may be express (such consent may be given verbally, in writing or electronically) or implied (for example, when you voluntarily provide us with personal information). As a general rule, Kaira will seek your consent at the time of collection of the information, unless we are required to do so or otherwise authorized by law.
You may withdraw your consent at any time, subject to applicable legal restrictions, and the provision of reasonable notice. Please note that if you choose to withdraw your consent to the collection, use or disclosure of your personal information, our Web Services may no longer be accessible to you and Kaira may no longer be able to provide you with certain services.
5. Collection of personal information
Kaira collects only the personal information about you that is necessary to establish, manage and maintain its relationship with you.
For example, but not limited to, personal information may be collected when you enter information into our Web Services, register to access your online account, register to receive our newsletter or participate in other interactive online activities. The personal information collected may include, but is not limited to, identifying information, such as your first and last name, date of birth, employer, full residential address, telephone number, email address and Internet Protocol address (commonly referred to as “IP address”).
Information that does not identify you personally as information about your professional situation, family situation, dreams and projects may also be collected to enable us to offer you personalized services.
6. Collection of personal information via third parties
Generally, we obtain the information directly from you. However, we may also collect personal information about you from external sources, with your consent or without your consent, if permitted by law.
In order to offer its services related to your financial health, Kaira will also collect financial information directly from your financial institutions for which you have authorized it. This financial information, which may include, but is not limited to, your salary, assets, liabilities, transactions, loan, credit card, mortgage and other obligations information, will be updated automatically to allow us to offer our personalized financial support services (daily or at any other frequency that may be required to offer our services).
7. Use of your personal information
The purposes for which Kaira collects your personal information are determined before or at the time of collection. Kaira may use your personal information for the following purposes:
- identify you as a user of our Web Services and allow you to access your account;
- offer you a personalized financial support service;
- help you maintain good financial health and develop your financial knowledge;
- establish and maintain our business relationship;
- improve our range of services, including the use of the Web Services or any other online service and feed into our research and development work;
- contact you when you submit questions, comments and suggestions;
- provide you with information about our financial services and products that may be of interest to you;
- prevent errors and fraud;
- meet the requirements of the law.
Kaira may also use your personal information to compile statistics. However, these statistics do not identify you and have been depersonalized. Your personal information will not be used for purposes other than those described above, unless you have obtained your consent, or if required or authorized by law.
8. Automated decision-making
Your personal information may be used by Kaira to make automated decisions about services that may be of interest to you or relevance to you. This automated decision-making will have no legal or legal effect on you, but is simply intended to automatically generate recommendations based on your personal and financial information. Upon request, Kaira will provide you with information on the operation of this automated system.
9. Disclosure of your personal information to third parties in Quebec
Kaira acknowledges that, except as and subject to the conditions described below or where authorized by law, the disclosure of your personal information to third parties requires your consent.
Access to your personal information within our company does not require your consent, but is strictly limited to individuals for whom this information is necessary for the performance of their duties and responsibilities.
Kaira may share your personal information, without your consent, with its agents, service providers or consultants who need this information in the course of Kaira’s activities or to help Kaira administer its Web Services. These agents, service providers and consultants will contractually warrant that they will use personal information disclosed to them solely to provide specific services and that they will respect its confidentiality in accordance with this Policy.
If your employer has offered you free access to Kaira, we may provide him with statistics compiled with your personal information. However, these statistics will not identify you and will have been depersonalized. Kaira is committed to depersonalizing your personal information and adopting best practices in accordance with statistical practices in order to put everything in its power so that your employer cannot identify you.
Kaira may also, without your consent, disclose your personal information when authorized or required by law, for example to prevent fraud or a risk of serious physical harm to any individual. Whenever Kaira has to disclose your personal information, it will endeavour not to disclose more information than is required in the circumstances.
10. Disclosure of your personal information outside the province where you ordinarily reside
Kaira may occasionally disclose your information outside the province in which you ordinarily reside (to another province or outside Canada) in the performance of a service contract or business contract, for example for hosting or data processing. Where applicable, we will take all measures to ensure that the third-party service provider will ensure the protection of your personal information with the same standards of protection as those in force at Kaira and that your personal information will not be used for purposes other than those authorized by collection or law. If we disclose sensitive personal information about you outside Canada, we will obtain your express consent. You have the right to know, upon request, to whom your personal information is disclosed and the circumstances that led to its disclosure and you will find in section 15 of the Policy the contact information to make a request.
Your use of the Web Services allows Kaira to automatically compile certain information about your user profile, which may include the Internet Protocol address (or IP address) of your computer, your geolocation area, the operating system you use, the identity of your Internet service provider, the date and time you accessed this website, the previous website you visited and that provided you with a link to our website, and the content viewed and downloaded from our site.
As with most Internet browsers, it is possible to delete cookies from your computer’s hard drive, block the creation of cookies or receive a warning before a cookie is saved. However, in doing so, your use of our Web Services may be affected and you may no longer have access to all its functions. We invite you to consult the Ads Setting and Network Advertising Initiative sites and the instructions or help section of your browser for more information about cookies.
12. Security measures
Kaira has put in place a series of security measures to protect your personal information against loss or theft and against unauthorized access, disclosure, reproduction, use and modification, taking into account, among other things, its sensitivity and the purposes for which it is used.
These security measures include:
- physical measures (for example, office access cards for employees, visitor registration, backup and archiving of data using an external system, etc.) ;
- administrative or organizational measures (for example, restricting access to what is strictly necessary, restricting amendments on the basis of the principle of least privilege); and
- technological measures (such as the depersonalization of your personal information, the use of passwords, the use of a firewall, data encryption, the use of SSL protocol, etc.) that are reasonable given the sensitivity of the information, its use, quantity, distribution and medium.
Kaira also takes the necessary measures to ensure that all its employees are informed about the content of the Policy and informed about privacy practices.
However, since no mechanism offers flawless security, some risk is still present. It is your responsibility, if you create an account on our Web Services, to protect the confidentiality of your password and to change it regularly.
If a privacy security incident occurs, Kaira will disclose, when required by law, to the Access to Information Commission, the Office of the Privacy Commissioner of Canada and the individuals concerned, the occurrence of the incident and will take measures to reduce the impact of this security incident on the individuals concerned. Kaira will also study the security incident and adopt methods to reduce the risk of a similar or similar security incident occurring again. Kaira maintains a record of all security incidents relating to personal information and, upon request and when required by law, will disclose this record to the appropriate privacy bodies.
Kaira recognizes the importance of accurate, complete and up-to-date personal information, and takes reasonable measures to ensure the accuracy and completeness of the information it uses or discloses. However, it is your responsibility to inform Kaira of any significant changes to your personal information that may occur and to ensure that all personal information in your account is accurate.
It is also your responsibility to ensure that your information is up to date with your financial institution considering the daily disclosure of information between your financial institution and Kaira. If you notice that your financial information needs to be corrected, we ask you to make the changes without delay with your financial institution.
Kaira retains your personal information only for the period necessary to achieve the purpose for which it was collected, to meet legal retention requirements and for the period necessary to protect its legitimate business interests.
14. Processing of Personal Information of Persons in the European Economic Area (EEA) and/or the EU
Kaira complies with the provisions of the GDPR, where applicable. Section 14 of the Policy applies exclusively to the processing of personal information in connection with the EEA and the EU, to the extent that such processing takes place while the data subjects are in the EU or EEA and where the processing activities are related to the offer of goods or services or the monitoring of the behaviour of these persons, insofar as it is conduct taking place within the EEA or the EU. In the event of a conflict between this Section 14 and the rest of the Policy, the provisions of this Section shall take precedence, only when the processing takes place while the data subjects are in the EU or EEA and where the processing activities are related to the offer of goods or services or the monitoring of the behaviour of those persons, to the extent that it is conduct taking place within the EEA or the EU.
If your consent is provided in a written statement that deals with other topics, Kaira will ensure that the request for consent to the processing of your personal information is clearly separate.
14.2 Collection, retention and use of personal information
Kaira will not retain personal information for longer than is necessary to implement the purposes for which it was collected and Kaira will take reasonable measures to inform in advance of the period during which such personal information may be retained or the criteria for determining that period.
14.3 Automated individual decision-making
Kaira recognizes that you have the right to know if your personal information is processed by an automated decision-making system. Upon request, Kaira will provide you with information on the operation of this automated system. Unless required or authorized by law, you have the right to refuse to allow a decision based exclusively on an automated system to be made against you, where that decision has legal consequences for you.
14.4 Privacy Impact Assessment
Kaira will conduct a privacy impact assessment before implementing new technologies that are highly likely to infringe your rights and freedoms, including your right to privacy.
14.5 Right to erasure
Where permitted by law, you have the right to require Kaira to remove and delete personal information without unreasonable delay.
14.6 Accuracy and protection
Kaira will implement appropriate technical and organizational measures to ensure the protection of personal information before collecting personal information.
Kaira will only share personal information with agents, agents, consultants, data processors or external service providers when they ensure that appropriate measures have been put in place to protect personal information.
Kaira acknowledges that it is responsible for the protection of personal information and that it is able to demonstrate compliance with the GDPR when processing personal information.
14.8 Complaint procedure, right of access or rectification
Kaira takes all necessary measures to facilitate the exercise of your right to access, rectify or obtain your personal information. You can always obtain confirmation from us that personal information is being processed. Any rectification or erasure of your personal information will be communicated to the third parties to whom this information has been disclosed.
15. Requests for access and rectification
Any questions or concerns about the Policy or about the collection, use or disclosure of your personal information, including requests for access or rectification, should be made in writing and addressed to the following contact person:
KAIRA TECHNOLOGIES INC.
Data Protection Officer
4, Place Ville Marie
Montreal, Quebec H3B 3Y1
You have the right to request access to and access the personal information held about you by Kaira. You also have the right to obtain confirmation that we hold personal information about you. We will disclose your personal information to you, when collected electronically, in a structured and commonly used technological format. You can also request that your personal information be corrected if it is inaccurate, incomplete or ambiguous, or if its collection, disclosure or retention is not authorized by law.
Kaira will respond to any request for access or rectification within 30 days of the date of receipt of the written request. In the event of refusal to provide or correct the information, Kaira will provide you with the reasons for its refusal and the articles of applicable law that support its refusal, subject to the restrictions provided for in the law, and will inform it of its remedies.
If Kaira refuses to correct your personal information, we will allow you to place written comments on your file regarding the personal information that has been the subject of the refusal to be corrected. Kaira will also retain personal information that has been the subject of an access request for as long as necessary to allow you to exhaust legal remedies.
For more information on the protection of your personal information and your rights, you can contact the law enforcement authorities:
- In Canada: Office of the Privacy Commissioner of Canada www.priv.gc.ca
- In the European Union: National Commission for Informatics and Freedoms www.cnil.fr
Policy updated on May 10, 2021.