BEACON | PRIVACY POLICY

Last Updated: June 14, 2021
1.     Overview

This Privacy Policy (the “Privacy Policy”) explains how we handle information (“Information”) that you provide to us or which we otherwise collect through your access and use of our Beacon mobile application (the “Services”). This Information will include Personal Information (defined below).

THIS PRIVACY POLICY FORMS A BINDING CONTRACT BETWEEN YOURSELF AND US. BY ACCESSING AND USING THE SERVICES, YOU AGREE TO BE BOUND BY THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, DO NOT ACCESS AND USE THE SERVICES. 

2.     Some Defined Terms

Client” means the organization agreeing to our Client Terms of Service (the “Client Terms”) for access and use of the Services, and will include individuals entering the Client Terms on behalf of proprietorships, partnerships or other organizations.

Personal Information” means information that can be used to identify an individual. 

Process” or “Processing” means any action that a person can take with respect to Information, including collecting, using, sharing, and altering Information.

We”, “our” and “us” refers to Path and Focus Technologies Inc. 

User” means any individual authorized by the Client to access or use the Services.

3.     Collection and Use

Here we describe what Information we collect, and why and how we collect it.

(a)    What?  Information that we may collect includes:

      (i)     Account Information. Information required to create an account and to make payments for certain features relating to our Services. For               Clients, this may consist of: (A) organization name; (B) business name; (C) mailing address; (D) Email address; (E) phone number; and                 (F) payment information (as applicable, for our payment processors). For Users, this may consist of: (I) first and last name; and (II) Email                     address.

        (ii)    Usage Information.  Information about how you use the Services, the areas of the Services that you visit, as well as information about your                 mobile device, such as your Internet protocol (IP) address, device ID, browser, operating system type, resolution of your screen, language           settings in your browser, referring URLs, and other technical information. This information is necessary for providing location-based             services, as well as for troubleshooting problems and improving the Services. You may enable or disable location-based collection by                    configuring the settings on your mobile device.

         (iii)   Third Party Data.  We may obtain data from third parties. We protect data obtained from third parties according to the practices described in               this Privacy Policy, plus any additional restrictions imposed by the source of the data and applicable laws. These third-party data sources               vary over time, but may include service providers that help us determine your location based on your IP address. This is used in order to                   provide you with location-based services.
      

(b)    Why?  In addition to the reasons mentioned in Section 3(a) above, and more generally, we may collect Information for the following purposes (the       “Purposes”): (i) to provide our Services to you; (ii) to maintain, improve and protect: (A) our Services; and (B) your experience in using our          Services; (iii) to communicate with you and respond to requests; (iv) to carry out any purpose which is disclosed to you and for which you consent;          and (v) to carry out any other purpose which is otherwise required or permitted by applicable law. 

(c)    How?  We may collect Information from you, and any devices you use, through: (i) your access and use of the Services; (ii) our use of cookies and         similar technologies to track and analyze user activity; and (iii) our use of web analytics services. We only collect and use Information to the extent         necessary to fulfill the Purposes.

4.     Disclosure

Here we describe when and how we may disclose Personal Information.

(a)    When? We may disclose Personal Information as follows:

     (i)   Service Providers. To third-party service providers in order to help us fulfill the Purposes. This may include payment processors, web            analytics services, and customer support and marketing tools. You will have the ability to “opt-in” to receive marketing communications                   and updates with respect to the Services.

       (ii)    Sale of Business.  To our affiliates or any third parties in the event of a proposed reorganization, merger, transfer or sale of all or any portion                   of our business, assets or equity, subject in each case to customary confidentiality agreements. 
           
        (iii)   Legal Disclosure. To comply with applicable laws, to comply with legal process and court orders, to respond to requests from public                           authorities and law enforcement officials, and to enforce this Privacy Policy, the Client Terms and the User Terms of Service (the “User                   Terms”).

(b)    How?  We only disclose Personal Information to the extent necessary to fulfill the Purposes. We take reasonable measures to ensure that the       rules set forth in this Privacy Policy are complied with when we disclose Personal Information to third parties. This may include obtaining        contractual guarantees from third parties to implement appropriate technical and organizational measures in accordance with applicable law.          Personal Information may be stored and processed in any country where we have facilities or in which we engage third party service providers.         By using our Services, you consent to the transfer of your Personal Information to countries outside of your country of residence. While such        information is outside of Canada it is subject to the laws of the country in which it is held, which may have different Personal Information          protection laws, and may be subject to disclosure to the governments, courts, law enforcement or regulatory agencies of such other country. If            applicable, we will comply with the GDPR requirements providing adequate protection for the transfer of Personal Information from the European            Economic Area to third country.

5.     Grounds for Processing Personal Information.  


(a)   General.  We will not process your Personal Information without your consent, unless we are permitted or required to do so by applicable law. Your       consent may be express or implied, depending on the nature and sensitivity of the Personal Information, your reasonable expectations, and the        circumstances surrounding the collection of the Personal Information. Express consent is when you willingly agree (e.g., orally or in writing) to the        processing of your Personal Information for particular purposes. Implied consent is when: (i) you do not expressly give consent, but you volunteer        Personal Information for obvious purposes that a reasonable person would consider appropriate in the circumstances; or (ii) you are given notice         and a reasonable opportunity to opt-out of your Personal Information being processed for specified purposes, and you do not opt-out.

(a)   European Union.   For individuals to whom the General Data Protection Regulation (“GDPR”) applies, we may process your Personal information         on the following grounds, in addition to any other grounds that may be available pursuant to applicable law:

      (i)   Consent.   Where you have given us consent through a statement or clear affirmative action agreeing to the processing of your Personal                 Information. For instance, by submitting your Personal Information on a form on our website for a specified purpose.  

       (ii)    Contract.  Where processing of Personal Information is necessary to perform a contract to which you are a party with us, or which you have                 agreed to enter with us.

        (iii)    Legal Obligation.   To comply with a legal obligation to which we are subject.

       (iv)   Legitimate Interests.   Where the processing of Personal Information is based on our legitimate interests, provided that these do not override                 your own interests and fundamental rights. We have legitimate interests in the following: 

                (A)    to properly operate and deliver our Services to you;

                (B)    to understand how users engage with our Services;

                (C)    to improve our services;

                (D)    to market our Services; and

                (E)    to provide customer service, including but not limited to, responding to inquiries and feedback.

6.     Retention

         We will retain your Personal Information as long as necessary to: (a) fulfill the Purposes; (b) protect our legal rights; and (c) comply with applicable          law. We will securely delete or anonymize the Personal Information once it is no longer necessary for us to hold it. We are not responsible for any          liability or loss you experience as a result of any such disposal of Personal Information.

7.     Security

       We utilize commercially reasonable security procedures and practices appropriate to the nature of the Information we collect, use and store. We       do this to minimize the risks of loss, misuse, unauthorized access, disclosure and alteration of Information. However, no method of storage or          transmission over the Internet is 100% secure. Therefore, we cannot guarantee its absolute security.

8.     Rights Relating to Personal Information  

(a)    General.   You have certain rights relating to your Personal Information, subject to applicable law in each instance:

       (i)   Right to be Informed.   To know how your Personal Information is collected, how it is used, and how it is disclosed and stored. This further                 includes:

            (A)    Right to Withdraw Consent. To withdraw your consent to the processing of your Personal Information at any time. Please be advised                           that withdrawing your consent to the processing of Personal Information may impact the provision of Services. For further information                             on this, please contact our Privacy Officer as provided in the “Contact Us” section below.

                (B)    Right to Make a Complaint. To make a complaint about the processing of your Personal Information.

         (ii)     Right to Access. To receive a copy of your Personal Information.

         (iii)    Right to Rectification. To request correction of your Personal Information.

(b)   European Union. If you are an individual to whom the GDPR applies, then you have the following additional rights relating to your Personal          Information, subject to applicable law in each instance:

         (i)     Right to Erasure.   To request the deletion of Personal Information when: (A) you believe it is no longer necessary for the purposes collected;             (B) you withdraw your consent or object to the processing of your Personal Information; or (C) your Personal Information was unlawfully                   processed. 

          (ii)    Right to Restriction of Processing.   To restrict the processing of Personal Information if you dispute its accuracy or object to its processing.

          (iii)    Right to Portability. To request that your Personal Information be transferred to another organization.

       (iv)   Right to Information about Automated Decision Making. To receive information about the basis of any automatic decision making (e.g.,                     algorithms).

          (v)   Right not to be Subject to Automated Decision Making. To not be subject to decisions based solely on automated processing, unless this is                    necessary pursuant to a contract between you and us.

           (vi)   Right to Object to Processing Activities. To object to the processing of your Personal Information based on our legitimate interests. 

    If you want to learn more about any rights under the GDPR, you can visit the European Commission’s page on Data Protection at         https://ec.europa.eu/info/law/law-topic/data-protection_en.

(c)    Exercising Your Rights.  If you would like to exercise your any of your Personal Information rights, please refer to our “Contact Us” section below.         When doing so, please tell us which right you are exercising and provide us with contact information to direct our response. Response procedures          may vary depending on the laws applicable to you.

     Subject to applicable law: (i) we may verify your identity before fulfilling requests to exercise any rights; and (ii) we may request additional       information if we cannot initially verify your identity, or if we require such additional information in order to properly assess your request. Any        Personal Information you disclose to us for purposes of verifying your identity and/or exercising your rights will solely be used for the purpose of          verification and processing of your request.


9.      Communications with Us

        To opt-out of receiving certain communications from us through your use of the Services (the “Communications”), you may either contact us as         provided in the “Contact Us” section below or, if applicable, click “Unsubscribe”. Please note that certain Communications may be necessary for           the proper functioning and use of the Services, and opting out of those Communications may prevent the proper use of the Services.


10.    Contact Us

         If you have any questions about this Privacy Policy, please contact us at privacy@twostoryrobot.com.