(last updated 2018 May 5)
SUMMARY OF OUR PRIVACY MEASURES
Privacy is important to Jostle. The services (applications) Jostle provides embody the ‘trust network’ between all the contributors to an organization. Jostle is committed to maintaining the security, confidentiality and privacy of your personal information that it has obtained or been provided with.
- We do not collect any personal information, other than what you or your organization provide directly to us, for example in an e-mail or via an entry in your Jostle User Profile, or which you have authorized third parties to disclose to us.
- At the broadest level, only Jostle services Users that have been authorized by a Jostle system administrator for your organization, or that are part of a “Jostle Team” you contribute to, can access and view your Jostle User Profile.
- Jostle provides additional access and viewing controls, by empowering individual Jostle services Users such as you to further control and limit which types of other users are able to see certain pieces of personal information contained in your Jostle User Profile.
- We will not sell or rent your personally identifiable information to third parties.
- Although we record where our Jostle services users come from and their browsers by using cookies to improve our site’s functionality, we never associate your personal information with such aggregated data about how people use Jostle services.
- We may provide your personal information to others if: you specifically asked us to; or we have to by law; or we have to in order to deal with fraud, security or technical problems; or it is necessary to protect Jostle, its users, or the public from imminent harm.
- We use third party service providers: to conduct site analytics to determine how to improve our web site’s usability; to track user requests and bug reports to help us resolve Jostle services user issues; and to host the Jostle services.
SCOPE OF POLICY
This Policy does not apply to:
- information about corporate or commercial entities or information that is otherwise not of a personal nature; and
- certain publicly available information as stipulated by applicable laws.
PERSONAL INFORMATION COLLECTED
Jostle collects personal information in its business operations as follows:
- from Jostle employees, officers, directors, advisors, shareholders, consultants and suppliers who are individuals (“Jostle Partners”); one or more of — home or personal contact information, financial information, resumes, qualifications, academic histories, biographies, references, employment histories, family information, and similar information;
- from individuals reviewing Jostle products and services on its web site or otherwise (“Guests”); personal information provided by the Guests such as home or personal contact information, interests, biography, skills, qualifications, and similar information as determined by the Guests;
- from individuals who are part of or associated with a corporate or other organization that has subscribed to a Jostle service (“Subscriber”) that have been authorized by the Subscriber to access and use the Jostle services, or individuals that have themselves subscribed to a Jostle service, (collectively and individually called “Users”): one or more of —home or personal contact information, interests, biography, skills, qualifications, and similar information as determined by each Subscriber and by Users.
This personal information about an individual is collected by Jostle in one or more of the following ways:
- directly from the individual in person;
- by correspondence with the individual through such means as email, fax or the Jostle web site;
- from the Subscriber which the individual is associated with; and
- from web sites or applications that the individual has directed or linked Jostle to.
Jostle collects, uses and discloses personal information for the following purposes:
- with respect to information about a Jostle Partner; to manage and administer its relationship in the normal course of business with the Jostle Partner in the Jostle Partner’s capacity as an employee, officer, director, advisor, shareholder, consultant or supplier of Jostle, as the case may be;
- with respect to information about a Guest; to provide a demonstration of Jostle services and to provide information about Jostle to such Guest, and to answer any questions that such Guest may submit; and
- with respect to information about a User; to provide Jostle services to the User, including access to such services by other Users to the extent determined by the User and subject to any limitations imposed by any Subscriber that the User is associated with.
In particular, such purposes may include any one or more of the following specific goals or objectives:
- authenticating identity and evaluating qualifications;
- describing, supplying, administering and maintaining Jostle’s products and services;
- establishing and maintaining communications relating to Jostle’s existing and new products and services;
- responding to inquiries and resolving complaints;
- establishing, maintaining and expanding Jostle’s web site;
- establishing and maintaining Subscriber and User accounts and records;
- processing and collecting payments and debts, and making payments;
- tracking use of Jostle’s systems, services and web site;
- protecting Jostle’s systems and web site from unauthorized access;
- protecting Jostle, its suppliers, customers and others, from fraud and error;
- identifying and resolving technical problems concerning Jostle’s services and web site;
- as part of any due diligence required for, and to facilitate and complete, a Jostle financing, grant of security interest, merger, amalgamation, acquisition or sale of assets; and
- complying with legal requirements and acting pursuant to applicable laws and legal authorizations.
BASIS FOR PROCESSING PERSONAL INFORMATION
Jostle will always ensure that it has a legitimate and legal basis to collect, use and disclose an individual’s personal information. The basis depends on the services that you use and how you use them, and may be one of:
- consent provided by the individual directly to Jostle for a specific purpose;
- the processing is necessary for the performance of a contract to which the individual is a party;
- the processing is necessary to take steps at the request of an individual prior to entering a contract; or
- compliance with a legal obligation.
An individual may withdraw consent at any time (subject to legal, contractual and other restrictions as provided by law) upon reasonable notice in writing to Jostle. A consequence of such notice is that Jostle may be unable to provide certain of its services or carry out the purposes or objectives for which the personal information was collected.
LIMITS ON COLLECTION OF PERSONAL INFORMATION
Jostle will not collect personal information indiscriminately and will limit its collection of personal information to what is reasonably necessary for the stipulated purposes. Jostle may also collect personal information as authorized by law.
LIMITS FOR USING AND DISCLOSING PERSONAL INFORMATION
Jostle will only use and disclose personal information for the stipulated purposes, for other purposes for which Jostle has received the individual’s consent, and as otherwise authorized or required by law. Jostle will destroy or make anonymous each record containing personal information as soon as it is reasonable to assume that (a) the original purpose is no longer being served by retention of such information, and (b) retention of such information is no longer necessary for legal or business purposes such as resolving disputes or enforcing our agreements. Jostle will take reasonable care when destroying personal information to prevent unauthorized access to such information during its destruction process.
Jostle will disclose personal information when required by law, or upon its good-faith belief that such action is necessary to cooperate with the investigations of purported unlawful activities, or to comply with legal process.
Jostle does not share any personal information with the Web sites to which Jostle links, although Jostle may share aggregate, non-personally identifiable data with such web sites. However, when authorized by you, Jostle will share your personal information with a third party to facilitate the implementation or use of a third party application in association with the Jostle Team Profile of teams you contribute to.
You will be notified, by a posting on the Jostle Web Site and/or by email to your system administrator, of any material change in the uses of your personal information, as well as any choices you may have regarding your personal information.
Jostle will make reasonable efforts to ensure that the personal information Jostle is using is accurate and complete. In most cases, Jostle will rely on the individuals to ensure that their personal information, such as street address, e-mail address or telephone number, is current, complete and accurate. If any individuals demonstrate the inaccuracy or incompleteness of their personal information, Jostle will correct the information as required. If appropriate, Jostle will send the corrected information to third parties to whom the information had previously been disclosed. When a challenge by an individual regarding the accuracy of the personal information is not satisfactorily resolved, Jostle will annotate the personal information under its control with a note that a correction was requested but not made.
SAFEGUARDING PERSONAL INFORMATION
Jostle protects the personal information in its custody or control by making reasonable security arrangements to prevent its unauthorized access, collection, use, disclosure or disposal, in a manner appropriate for the sensitivity of the information. Upon prior arrangement, Jostle will provide your system administrator with the opportunity to visit Jostle facilities and review the ways Jostle manages and secures your personal information. Confidentiality and security are not guaranteed when information is transmitted by e-mail, or electronic or wireless means. Jostle tries to ensure that a comparable level of personal information protection is implemented by its suppliers, agents, and representatives who are given access to such personal information, although absolute security cannot be guaranteed. Jostle will always attempt to deal with reputable companies who agree to respect user privacy and applicable privacy laws.
Within 72 hours of Jostle determining that a breach of security safeguards involving your personal information under Jostle's control has occurred, creating a real risk of significant harm to you, Jostle will:
- notify the Privacy Commissioner of Canada;
- notify the appropriate regulatory office in your country or jurisdiction;
- notify you directly of the breach and its significance; and
- notify any third party organization that Jostle believes may be able to reduce the risk of harm that could result from the breach or mitigate that harm.
Each individual has the right to access and receive a copy of the individual’s own personal information held by Jostle. Upon written request and authentication of identity by an individual, Jostle will advise which personal information is under Jostle’s control, the ways in which that information is being used, and the persons to whom such information may have been disclosed. Jostle will try to make such information available within 45 days of the request, or provide written notice where additional time is required to fulfil the request.
In some situations, Jostle may not be able to provide the individual with access to certain personal information. This may be the case where, for example, disclosure would reveal personal information about another individual, the personal information is protected by solicitor or attorney – client privilege, the information was collected for the purpose of an investigation, or where disclosure of the information would reveal confidential commercial information that could harm Jostle’s competitive position. Jostle may also be prevented by law from providing access to certain personal information. Where an access request is refused, Jostle will provide notice in writing, giving the reason for refusal and outlining further steps which are available to challenge such a decision.
RIGHT TO BE FORGOTTEN
Jostle respects the right of an individual to have their personal information removed from Jostle systems should there no longer be a need to retain that data, or should you withdraw your consent. Individuals who are affiliated with a Subscriber to Jostle services may request that their personal information be removed from those Jostle services by contacting the system administrator for their organization. All other requests should be made in writing to the Jostle Compliance Officer.
Any inquiries, complaints or questions regarding this policy or Jostle’s compliance with privacy legislation, should be directed in writing to the Jostle Privacy Officer as follows:
ATTN: Privacy Officer
1090 West Georgia Street, Suite 1200
Vancouver, BC V6E 3V7
If you are not satisfied with the response you receive, you should contact the Information and Privacy Commissioner for British Columbia, Canada:
PO Box 9038, Stn. Prov. Govt.
Victoria, BC V8W 9A4
3rd Floor, 756 Fort Street
Victoria, BC V8W 1H2