Unity Payments Privacy Policy

Effective as of: July 1, 2024 Last updated: July 9, 2024
  1. Introduction
  2. How we collect Personal Information
  3. Types of Personal Information we collect
  4. Purposes for which we collect Personal Information
  5. Persons who will have access to Personal Information
  6. Security measures in place to protect Personal Information
  7. Retention and deletion of Personal Information
  8. Rights relating to Personal Information
  9. Contact us

1. Introduction

Unity Payments (“we”, “us”, “our” or the “Company”) take privacy and the protection of personal information very ‎seriously and are committed to conducting our business in full compliance with applicable laws relating to privacy and the protection of personal information (collectively “Privacy Laws”). This Privacy Policy (the “Policy”) ‎describes our practices in connection with the collection, use, communication, retention, destruction, and any other form of processing of the personal information that we, our affiliates or our service providers may collect ‎when we conduct our business activities. For the purposes of this Policy, the expression “Personal Information” refers to the definition of personal information as contemplated in applicable Privacy Laws, but generally means any information which relates to a natural person and allows that person to be identified, whether directly or indirectly. This includes, for example, names, phone numbers, and e-mail addresses. ‎ We may update this Policy from time to time to ensure continued compliance with ‎applicable Privacy Laws and otherwise when reasonably necessary. We ‎recommend that you review it frequently. We will communicate changes to this Policy on ‎our website or through similar means for a reasonable time before and after any changes take ‎effect. Where required by applicable Privacy Laws, we may ask you to confirm your consent to the ‎processing of your Personal Information per the terms set out in our updated Policy. Otherwise, your continued access to or use of our website or of our services will be deemed to constitute your acceptance of these changes.‎

2. How we collect Personal Information

2.1 We may collect Personal Information directly from you when you voluntarily choose to communicate personal information to us via the use of our website or in any subsequent dealings that we engage in with you. 2.2 We may also receive your Personal Information from third parties in certain situations, including: 2.3 To the extent permitted by applicable Privacy Laws and, where applicable, with your express consent, we may also collect some Personal Information when you visit our website or use our mobile application using cookies or other similar technologies. Please refer to our Privacy Policy, available at unitypayments.ca for more information on how we use such technologies. 2.4 We will obtain your consent to collect, use, communicate, or otherwise process your Personal Information whenever required by applicable Privacy Laws, except where we are authorized or required by law to do so without consent. Your consent can be express or implied, and may be provided verbally, in writing, in-person, electronically, or otherwise. You are not obliged to consent to the collection, use or communication of your Personal Information, however please note that we may be unable to provide you with some of our products or services, or access to certain functionalities on our website. You have the right to withdraw your consent to further use, communication or processing of your Personal Information, as further explained below in the “Rights relating to Personal Information” section of this Policy.‎

3. Types of Personal Information we collect

3.1 As required and as permitted by applicable Privacy Laws, we may collect from you the following types of Personal Information:

4. Purposes for which we collect Personal Information

4.1 We may collect, use, communicate and process Personal Information for the following purposes:‎

5. Persons who will have access to Personal Information

5.1 ‎Within the Company, your Personal Information will only be accessible to those persons who reasonably need to access it for the performance of their duties. 5.2 In order to achieve the purposes described in section 4 of this Policy, we may need to share ‎your Personal Information, as described in section 3 of this Policy with some of our subsidiaries and affiliates that are also subject to this Privacy Policy. 5.3 In addition, we may also retain third party companies to provide certain services to us in order to conduct our business activities. Categories of third party service providers to whom we may need to communicate Personal Information include: When we retain third parties ‎to perform such services for us, we will share with them only that Personal Information which is necessary to allow them to perform their services for us. We will further require them to handle and protect your Personal Information in ‎accordance with this Policy, Company standards for the protection of Personal Information, and applicable Privacy Laws. ‎ 5.4 We may also need to communicate your Personal Information to a third party in the context of a commercial transaction involving the Company (e.g. merger, ‎acquisition, asset sale, financing, restructuring)‎. 5.5 In order to achieve the purposes described in this Policy, we may need to communicate your Personal Information to jurisdictions outside of your province or country of residence, some of which may have different legal standards for privacy and the protection of Personal Information. We will ensure that any transfers of Personal Information outside of your province or country of residence will only be made in full compliance with applicable Privacy Laws (including, where required by applicable Privacy Laws, by performing any necessary data privacy impact assessments), and that your Personal Information will continue to receive an adequate level of protection in the jurisdiction to which it is transferred. In certain situations, governments, courts, law enforcement or regulatory agencies in those foreign jurisdictions may be able ‎to access or obtain communication of your Personal Information, as provided for under the laws applicable in such foreign jurisdictions. 5.6 Our website may contain links to websites or online services ‎operated by third parties. Our ‎products or services may also link to or make use of products, services or functionalities provided by third parties (e.g. a third party app). Once you leave our website, your interactions with such third parties will be governed by the terms of use and ‎privacy policies such third parties, for which we are not responsible and accept no liability. We encourage you to carefully read the terms of use and privacy ‎policies of any third party website and services that you visit or use.‎

6. Security measures in place to protect Personal Information

6.1 We will take reasonable steps to protect any Personal Information we hold from loss, misuse, as well as unauthorized access, disclosure, alteration, or destruction. We use general administrative, technical, and physical safeguards in line with general security standards and industry best practices to protect the Personal Information we collect and handle as part of our business activities. Please note however that no transmission of information via the Internet can be 100% secure. If you use a computer or device that can be accessed by others, other people may be able to access unencrypted Personal Information. please exercise caution when using such computers or devices. Please take all reasonable precautions to protect your Personal Information when using the Internet, including using strong passwords, modifying them regularly, using a secure web browser, and not sharing your access credentials. 6.2 We have set up a secure e-mail address which has been designed with enhanced security features and with respect to which we have adopted restricted internal access controls. When sending us Personal Information or sensitive information, we encourage you to send it through to the following address: securdoc@unitypayments.ca.

7. Retention and deletion of Personal Information

7.1 We will only retain and hold your Personal Information for the duration reasonably necessary to fulfil the purposes listed in this Policy and to comply with applicable laws, including applicable Privacy Laws. As a general rule, we will delete (or, to the extent permitted by applicable Privacy Laws, anonymize) your Personal Information no later than three years after your last interaction with us, unless otherwise required or permitted by applicable Privacy Laws. Notwithstanding the above, we will retain any Personal Information used to render a decision concerning you for a period of at least one year after such decision was rendered. 7.2 All Personal Information we hold will be securely destroyed or anonymized in ‎accordance with applicable legal requirements once the retention period set out above expires.‎

8. Rights relating to Personal Information

8.1 You have certain rights in relation to your Personal Information, including:‎ If you are a resident of the province of Québec, you have the following rights, ‎in addition to those identified above:‎ 8.2 You may exercise any of the rights listed above by contacting our Privacy Officer at privacy@unitypayments.ca. 8.3 We will respond to your request within 30 days of receipt. To the extent permitted by applicable Privacy Laws, if further time is required, we will inform you of ‎this and the reason for the delay, and the timeframe for response. 8.4 You also have the right to file a complaint with ‎the local authority in charge of privacy and the protection of personal information in your jurisdiction of residence. You may raise a concern or file a formal complaint with the Federal Office of the Privacy Commissioner at ‎https://www.priv.gc.ca/en. If you are a resident of the province of British Columbia, you should contact the Office of the Information & Privacy Commissioner for British Columbia at https://www.oipc.bc.ca/. If you are a resident of the province of Alberta, you should contact the Office of the Information and Privacy Commissioner of Alberta at https://oipc.ab.ca/. If you are a resident of the province of Québec, you should contact the Quebec Commission d’accès à l’information at https://www.cai.gouv.qc.ca/.

9. Contact us

9.1 We have designated a Privacy Officer to act as the person responsible for the protection of Personal Information and compliance with Privacy Laws within the Company. If you have any questions, concerns, or complaints about this Policy or our practices concerning privacy and the protection of Personal Information, or require further information or assistance with same, you may contact our Privacy Officer at privacy@unitypayments.ca.