Wylie Systems Inc. Privacy Policy

Last Updated: October 18, 2023

This Privacy Policy describes our practices and your rights in connection with information that we collect, use, or disclose through:

    our consumer-facing mobile application (“Wylie Client Portal”),
    our consumer-facing website, currently located at https://www.wyliesystems.ca
    our online business management software products (“Software Service”),
    our social media pages,
    our applications through which Wylie Systems Inc. makes its Software Service available and any other products and services offered through any other venues, websites and mobile applications that direct you to this Privacy Policy.
    Collectively the “Wylie Systems Inc. Services”.
    When you access or use the Wylie Systems Inc. Services, you agree to the terms and conditions of this Privacy Policy and that the information contained in this Privacy Policy serves as notice at or before the point of collection for all information collected as described below.

1. Categories of Personal Information

    While the personal information we collect varies depending upon the nature of the Wylie Systems Inc. services provided or used and our interactions with individuals, personal information we may collect or obtain includes:

      Contact details (e.g., name, address, email, telephone number, which may include third party emergency contact information),
      Personal details (e.g., date of birth, education, nationality),
      Financial and transaction data (e.g., purchase history, account information, shipping and billing information, including credit card information etc.),
      Health data,
      Other Wylie Systems Inc. services related data (e.g., customer requests, statistics, etc.),
      Geolocation data with your permission (e.g. geolocation data sent via a mobile device),
      Images you upload to the Wylie Systems Inc. services,
      Online identifiers (e.g. IP address, Device IDs, etc.), and
      Cookie-related data as described below and as detailed in our Cookie Policy.

2. How We Collect Information

    We collect information about you whenever you use the Wylie Systems Inc. services, for example:

      If you are an End User, when you create an account on the Wylie Systems Inc. App and/or Client Portal or through the Wylie Systems Inc. consumer site(s), we may ask for personal information such as your name, email and postal address, social media account ID, and Other Information you may provide with your account.
      If you are an End User interacting with the Wylie Systems Inc. services through a Subscriber, we also collect personal information that you provide to the Wylie Systems Inc. services when you initiate a transaction or otherwise engage with the Subscriber, such as to book an appointment, make a purchase, or respond to a marketing campaign.
      If you are a Subscriber, when you sign up for our Software Service, we ask for your company name, address, phone number, email, credit card information, tax identification number, and other information about your business, as well as names and email addresses of authorized individuals on your account. If you attend one of our events (e.g., a tradeshow, webinar, or training), we may ask for your feedback, contact details or other information to follow-up with you, such as send you marketing communications consistent with your choices.

    We collect information about you when you interact with the Wylie Systems Inc. Services. For example:

      If you initiate a transaction through the Wylie Systems Inc. Services, such as a purchase, we may collect information about you, such as your name, email, phone number, address, credit card information, as well as any other information you provide in order to process the transaction. This information may be shared with others for the same purposes. We encrypt credit card numbers using industry standard technology. We may also collect other Personal Information at the request of the Subscriber you are transacting with or through. We may also store information that your computer or mobile device provides to us in connection with your use of the Wylie Systems Inc. Services, such as IP address, operating system, device ID, and device type.

    We may collect information about others from you, including your emergency contacts, and only use this information for the reason it was provided.

3. How Personal Information May Be Used

    We may use your personal information for legitimate business purposes, including:

      To provide the functionality of Wylie Systems Inc. services and related support.
      To create, and administer accounts, fulfill and record transactions, and provide you with related assistance (e.g., technical help, answer inquiries relating to personal information, etc.).
      To send administrative information to you, for example, information regarding our services and changes to our terms, conditions, and policies.
      We will engage in these activities to manage our contractual relationship with you, with your consent, and/or to comply with a legal obligation.
      To provide you with marketing and promotional materials and opportunities and facilitate social sharing.
      To send you marketing communications and offer other materials that we believe may be of interest to you, such as to send you newsletters or other direct communications.
      To facilitate social sharing functionality if you choose to do so.
      For reporting and trending.
      To better understand you and our other users, so that we can tune and personalize our offering.
      For trending and statistics, and to improve our products and services.
      We will engage in this activity because we have a legitimate interest.
      To accomplish our business purposes.
      For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
      For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
      For responding to legal duties, such as requests from public and government authorities.
      To defend our legal rights or those of others.
      We will engage in these activities to comply with a legal obligation or because we have a legitimate interest.
      To the extent that we process your personal information based on your consent, you may withdraw your consent at any time.

4. What and How Personal Information May Be Disclosed

    Certain privacy laws require that we disclose certain information about the categories of personal information (as defined by applicable law) that we have disclosed for a business purpose as well as the categories that we have “sold” as defined under applicable law.
    Disclosed for a business purpose. In general, we may disclose the following categories of personal information (as described above in more detail) to our Partners and Service Providers to provide the Wylie Systems Inc. services:

      Contact details,
      Personal details,
      Financial and transaction data,
      Health and fitness data collected,
      Other Wylie Systems Inc. services related data,
      Online identifiers, and Cookie-related data.
      We do not sell your data.

    We may disclose your personal information:

      To our affiliates for the purposes described in this Privacy Policy. WYLIE SYSTEMS INC., Inc. is the party responsible for the management of the jointly-used personal information.
      To our integrated partners and service providers who provide services to us or to our Subscribers, such as website hosting, data analysis, payment processing services, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, credit card processing, auditing and other similar services.
      To you, through message boards, dashboards, challenges, chat, profile pages and blogs and other services to which you are able to post information and materials, including as described in the sections below titled “Testimonials, Ratings and Reviews” and “Public Forum.”
      In the context of a corporate transaction. If Wylie Systems Inc. is involved in a sale or business transaction (e.g., merger or acquisition), Wylie Systems Inc. will retain a legitimate interest in disclosing or transferring your personal information to other parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), including in any negotiations leading to such. Such parties may include, for example, an acquiring or target entity and its advisors.

    Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as personal information under applicable law, then we may use it for all the purposes for which we use and disclose personal information. In some instances, we may combine Other Information with personal information. If we combine any Other Information with personal information, we will treat the combined information as personal information.

5. Privacy Rights regarding your Personal Information

    Explanation of Individual Rights

      Right to a Copy/Access or Portability: You may have the right to request, free of charge, a copy of the specific pieces of personal information that we have collected about you in a readily useable format that allows you to transmit this information to another entity without hindrance.
      Right to Know: You may have the right to request, free of charge, that we provide certain information about how we have handled your personal information, including the categories of personal information collected; categories of sources of personal information; business and/or commercial purposes for collecting your personal information; categories of third parties/with whom we have shared your personal information; and whether we sell any categories of personal information to third parties (however, we do not sell your personal information).
      Right to Deletion: You may have the right to request deletion of your personal information that we have collected, subject to certain exemptions. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion). We may also retain residual information, such as records to document that your request has been fulfilled.
      Right to Non-Discrimination: You may have the right not to receive discriminatory treatment on the basis of exercising your privacy rights under applicable law.
      Right to Correct/Rectify: You may have the right to rectify any incorrect personal information we may hold about you.
      Right to Object/Restrict: You may have the right to object to a specific use of your personal information as it is laid out in this Privacy Policy subject to our legitimate business interests.

6. Your choices regarding our use and disclosure of information

    Information we collect may be used by Wylie Systems Inc. for marketing purposes such as one-off promotional emailing, mobile text messages, direct mail, and sales contacts. We give you many choices regarding our use and disclosure of your personal information for marketing purposes. You may:

      Opt-in or opt-out from receiving electronic communications from us: If you are a user of the Wylie Systems Inc. App and/or Client Portal or the Wylie Systems Inc. consumer site(s) and no longer want to receive marketing-related emails or mobile text messages from us on a going-forward basis, you may opt-out of receiving these marketing-related emails or mobile text messages by changing your preferences in your account settings or following the unsubscribe prompts from within the messages themselves. If you have provided your information to Wylie Systems Inc., and opt-out, Wylie Systems Inc. will put in place processes to honor your request. This may entail keeping some information for the purpose of remembering that you have opted-out.
      Consent to sharing of your personal information with unaffiliated third parties for their (or their customers’) direct marketing purposes: We only share your personal information with unaffiliated third-parties for their marketing purposes when you have consented to the sharing. We do not share data with unaffiliated third-parties in the absence of your consent and such consent will only be valid for a single data transfer. To address what these unaffiliated third-parties do with your data once you have consented to the sharing, please contact the third-party to learn more about your choices.
      We will try to comply with your request(s) as soon as reasonably practicable. Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative, transactional or other purposes directly relating to your use of the Wylie Systems Inc. Services, and you cannot opt-out from receiving those messages.
      Our mobile applications may also send push notifications to your mobile device, provided you consented to this. If you have previously consented to receiving push notifications and no longer wish to receive them, you can also turn push notifications off at the device level. The applications may also request access to your device’s calendar application, storage, Bluetooth, camera, and microphone. If you have previously allowed access to your device’s calendar and no longer wish to allow access, you may edit the application settings at the device level.

7. Public Forum

    Our websites may offer publicly accessible message boards, blogs, and community forums. Please keep in mind that if you disclose personal information through Wylie Systems Inc. public message boards, blogs, or forums, as offered through the Wylie Systems Inc. Services, this information may be viewed, collected and used by others. To request removal of your personal information from our blog or community forum, please submit a Support Request. In some cases, we may not be able to remove your personal information or some content (if, for example, it is reposted by another user), in which case we will let you know if we are unable to do so and why.

8. Testimonials, Ratings and Reviews

    If you submit testimonials, ratings or reviews to the Wylie Systems Inc. Services, any personal information you include may be displayed in the Wylie Systems Inc. Services. If you want your testimonial removed, please submit a Support Request.

9. Payment Processors

    We currently use payment processors as a Third Party Offering for internet-based payment services. If you wish to make a payment through Wylie Systems Inc. Services, your personal information may be collected by such third parties directly and not by us, and will be subject to the third party’s privacy policy. We have no control over, and are not responsible for, third parties’ collection, use and disclosure of your Personal Information.

10. Links to Other Websites

    This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including our Subscribers and any third party operating any Third Party Offering, site or other products and services used in connection with the Wylie Systems Inc. Services. The inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.
    Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, such as Facebook, Apple, Google, Microsoft, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any personal information you disclose to other organizations through or in connection with the Wylie Systems Inc. Services, including our social media pages.

11. Data Retention

    We will retain your personal information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:
    The length of time we have an ongoing relationship with you and provide the Wylie Systems Inc. services to you (for example, for as long as you have an account with us or keep using the Wylie Systems Inc. Services);
    Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
    Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

12. Security of Your Information

    The security of personal information is a high priority at Wylie Systems Inc. We use all reasonable technical, administrative and physical safeguards designed to protect personal information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have any questions about the security of your interaction with us, please refer to our Security Policy.

13. Use of Service by Minors

    The Wylie Systems Inc. services are not directed or targeted at children under the age of 16, and we request that they do not provide personal information through the Wylie Systems Inc. Services.

14. International Transfers

    The Wylie Systems Inc. services are controlled and operated by us from Canada and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of Canada. Your personal information may be stored and processed in any country where we have facilities, or in which we engage service providers, and by using the Wylie Systems Inc. services you understand that your information will be transferred to countries outside of your country of residence, including Canada.

15. Protection of Patient Health Information

    Wylie System Inc. holds the protection of patient health information in the highest regard. Wylie Systems Inc. software has been designed to ensure users can easily comply with HIPAA and PHIPA regulations and standards. Wylie Systems Inc. compliance measures are as follows:
    Our Data Hosting Company is subject to the following Audits and Certifications: GDPR, HIPAA, SOC1, SOC2 and SOC3.

      Employees are subject to signed agreements that outline the proper use of data; including non-disclosure, confidentiality, acceptable use and code of conduct.
      Employees undergo mandatory training with respect to PHI, upon hire and annually.
      Wylie Systems Inc. does not outsource or delegate any of Wylie Systems Inc. PHI, HIPAA or PHIPA duties, responsibilities or obligations to any third-party organizations.
      Patient data is not shared with external entities, unless required by law.
      A policy is in place that includes disciplinary action for violations of policies regarding PHI.
      Data retention policies are in place to ensure the appropriate handling of client information.
      A policy is in place for handling security incidents.
      Responding to security incidents, is the responsibility of the company owner, this responsibility cannot be delegated. The report form/process is reviewed annually.
      Wylie Systems Inc. does not outsource security management responsibility.
      A formal process is in place to handle data breaches.
      Wylie Systems Inc. policy is to notify client contacts via email within 24 hours of any data breach.
      A process is in place to ensure violations and/or unauthorized access is logged, monitored, reviewed and addressed in a timely manner.
      Only the following business leaders have access to Wylie Systems Inc. client data; the President, VP of IT and Software Development, Director of Customer Support Services and Director of Business Operations.
      The equipment holding Wylie Systems Inc.’s software applications is in a physically secure facility, with secure, restricted access.
      Each customer has a unique database and file-set to enhance PHI security.
      All information transmission is encrypted via SSL.
      The hosting server includes intrusion detection.
      Wylie Systems Inc. maintains a formal change-control process.
      Wylie Systems Inc. utilizes a code migration methodology that encompasses industry best practice, this includes source version control.
      There is a plan in place for business continuity, this plan is the responsibility of the President.
      Wylie Systems Inc. policy is to maintain communication with clients and vendors during crisis events that could impact them.
      A VPN is used to ensure only those that need access to Wylie Systems Inc. client data have access.
      Wylie Systems Inc. servers are hosted by a third-party. No Wylie Systems Inc. employees or third-party entities have access to these servers.
      Audits of Wylie Systems Inc. policies and procedures for the protection of customer and Patient data are done annually.
      Wylie System Inc.’s hosting company provides a multi-layered security system starting with the outermost layer: 1) Anti-DOS 2) IP Reputation 3) Standard Firewall 4) Web Application Firewall 5) Software (local) firewall.
      Wylie Systems Inc.’s third-party server hosting company uses intrusion-detection (Threat Stack).
      Wylie Systems Inc. uses MD-5 and 256 Bit AES encryption.
      Secure Socket Layers is the cryptographic technology used to protect internet data transmission.
      Wylie Systems Inc. scans for vulnerabilities via its third-party hosting company - Liquid Web.
      Wylie Systems Inc. client data is encrypted at rest using 256 Bit AES.
      Wylie Systems Inc. does not allow the use of production data/information or allow the use of copied production data/information for use in any other environment beyond the Production environment.
      There are no conditions where developers and/or contractors (including vendor hardware service personnel) are permitted access to production systems for trouble shooting and/or maintenance.16. Data Privacy Framework
      Wylie Systems Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

16. Contact Us

    If you have any questions regarding this Privacy Policy you can contact us via email at [email protected].

17. Sub-Processors

    The following is a list of current third-party vendors that may either directly or indirectly collect information from you in their capacity as a Sub-Processor. Please review the relevant privacy policies (links current as of the date of publication of this Privacy Policy) for further information on how each third-party handles your personal information:

      SocketLabs - https://www.socketlabs.com/legal/
      PDF.js.express – https://pdfjs.express/privacy
      InfoBip - https://www.infobip.com/privacy-documents
      Constant Contact - https://www.constantcontact.com/legal/privacy-center
      EasyPost - https://www.easypost.com/privacy
      Zoom: - https://explore.zoom.us/en/privacy