Introduction

At Midex Enterprises Ltd. (“Midex Software”, “we”, “our”, or “us” and terms of similar meaning) we are committed to your privacy.  This means we do not transfer, distribute, disclose, rent or sell any of your personal information to third parties except as provided for in this policy (the “Privacy Policy”) or as specifically consented by you.

Midex Software has developed policies and procedures consistent with the Personal Information Protection and Electronic Documents Act (“PIPEDA”), and other relevant privacy laws.  By accepting this Privacy Policy in registration or by visiting and using our website (the “Site”) or our online time and attendance software and associated services, including Midex Time Control, TimeClock Service, TimeClock Admin, TimeClock Attendance Manager, HandPunch Service, HandPunch Admin, HandPunch Attendance Manager and Midex Web Time Clock, (the “Services”), you expressly consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy.  This Privacy Policy is incorporated into and subject to our Terms of Service.

Scope

This Privacy Policy applies to all personal information (“Personal Information”) collected, used or disclosed by Midex Software from our customers and their representatives whom they give user access to their account, as well as customers’ employees who may access the Services to enter their attendance and work time (collectively “Users”).

Accountability

Midex Software is responsible for the Personal Information under our possession and control. We have designated a Privacy Officer to be responsible for our compliance with this Privacy Policy and privacy legislation.

Information We Collect

a. Personal Information

Personal information is any information recorded in any form that identifies or can identify an individual and includes any information provided to us by you or your Users in using our Site and Services. This may include certain registration information and user profile information that you provide to us in creating your account to use our Services, your employee information (including name, address, SIN and hourly wages), billing information, and time and attendance entries made by you and your Users through using the Services .

b. Non-Personally Identifiable Information

Personal information does not include information that is aggregated or anonymized in such a manner that it cannot be connected to you or any User. This may include time and attendance data that is aggregated among many Users.  Such information by itself or together cannot be tracked to a specific individual’s personally identifiable information.

How do we use Personal Information?

Midex Software collects Personal Information for the following purposes:

  • to provide Services to you and your Users;
  • to establish and maintain responsible commercial relations and to communicate with you in order to provide service. This includes, but is not limited to, communications relating to billing, advertising, promotion and account verification;
  • to respond to any correspondence you may direct to us;
  • to understand our customers needs and preferences;
  • to direct advertisements to you about goods and services of interest to you;
  • to enforce our Terms of Service;
  • to provide you with system or administrative messages;
  • to meet legal and regulatory requirements; and
  • for any other reasonable purposes for which you may have provided your express consent or in which your consent can be reasonably implied.

How do we use Non-Personally Identifiable Information?

In an ongoing effort to better understand and serve the users of our Services, we conduct research on our customer and User demographics and behavior based on Personal Information and other information that we have collected. This research can be used to provide our customers with statistics and metrics that may be of interest to them (for example, attendance absence and late statistics).  This reseach will be compiled and analyzed on an aggregate basis and this aggregate does not identify any individual and therefore is considered and treated as Non-Personally Identifiable Information under this Privacy Policy.

Consent

We respect your privacy and, unless otherwise required by law, we will not collect, use or disclose your Personal Information without your prior consent. Your consent may be expressed or implied. You may expressly give your consent in writing, verbally or through any electronic means. In certain circumstances, your consent may be implied by your actions.  For example, providing us Personal Information to register for our Services is implied consent to use such information to provide you the associated services.

Where appropriate, Midex Software will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when Midex wants to use information for a purpose other than those identified above). In obtaining consent, Midex will use reasonable efforts to ensure that a customer is advised of the identified purposes for which Personal Information collected will be used or disclosed.

The form of consent sought by Midex may vary, depending upon the circumstances and type of information disclosed. In determining the appropriate form of consent, Midex shall take into account the sensitivity of the Personal Information and the reasonable expectations of our Members. Midex will seek express consent when the information is likely to be considered sensitive. Implied consent will generally be appropriate where the information is less sensitive.

You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. In order to withdraw consent, you must provide notice to Midex in writing.

Limiting Use, Disclosure and Retention

Unless required by law, or in connection with a business transaction, Midex shall not use or disclose or transfer Personal Information for any purpose other than those described above without first identifying and documenting the new purpose and obtaining your consent, where such consent may not reasonably be implied.

As noted above, Midex does not disclose your Personal Information to third parties. Notwithstanding, your Personal Information may be transferred to third party suppliers, contractors and agents (“Affiliates”) who are contracted by Midex to assist it in providing and developing products and services. Such Affiliates will only use your Personal Information for the purposes identified in this Privacy Policy.  In the event your Personal Information is disclosed to a third party pursuant to a business transaction, Midex will ensure that it has entered into an agreement under which the collection, use and disclosure of the information is related to those purposes that relate to the transaction.

Subject to the foregoing, only Midex’s and our Affiliates’ employees with a business need to know, or whose duties reasonably so require, are granted access to Personal Information about our Members.   All such employees will be required as a condition of employment to contractually respect the confidentiality of Members’ Personal Information.

Midex will retain Personal Information for only as long as required to fulfill the identified purposes or as required by law. Personal Information that is no longer required to fulfill the identified purposes will be destroyed, erased or made anonymous according to the guidelines and procedures established by Midex.

Using the Site

Each time a user access our Site, Midex automatically receives and stores certain types of non-personally identifiable information about users including IP address, web pages viewed, and date and time. The non-personally identifiable information collected through your use of Site is used to do monitor website traffic and conduct internal research on our users’ demographics, interests and behavior to better understand and serve our customers. For example, we may collect information such as the length of time a user visited the site, the pages he or she visited, the type of browser used to access our site as well as to track the number of visitors to the site.

How can I Access my Personal Information?

Upon request, Midex will provide information to a User regarding the existence, use and disclosure of his or her Personal Information. Midex will respond to an application for individual access to Personal Information within a reasonable time and at minimal or no cost to the individual. 
A User may challenge the accuracy and completeness of the information and have it amended as appropriate.

NOTE: In certain circumstances, Midex may not be able to provide access to all the Personal Information it holds about a User. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation privilege. Midex will provide the reasons for denying access upon request.

Safeguards

Midex protects your Personal Information by security safeguards appropriate to the sensitivity of the information. Midex will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.

Our methods of protection include:

  • Physical measures, such as filing cabinets which are kept locked when not in use and restricted access, both to Midex’s place of business in general and to internal offices as well;
  • Organization measures, such as security clearances and limited access on a need to know basis; and
  • Technological measures, such as the use of passwords, firewalls and encryption.

Challenging Compliance

An individual will be able to address a challenge concerning compliance with this Privacy Policy to Midex’s Privacy Officer.

Midex will maintain procedures for addressing and responding to all inquiries or complaints from Users about Midex’s handling of Personal Information. Midex shall investigate all complaints. All inquiries or complaints involving Midex’s handling of Personal Information or compliance with this policy or with PIPEDA shall be directed to Midex’s Privacy Officer.

The Privacy Officer will respond to all such inquiries or complaints within 14 business days of receipt. The Privacy Officer will make reasonable efforts to resolve all such complaints within 30 days of receipt of the initial complaint. If Midex finds a complaint to be justified, it will take appropriate measures, including, if necessary, amending its policies and procedures.

For more information, please contact our Privacy Office as follows:

Email: info@midexsoftware.com

Mail:
Midex Enterprises Ltd.
110 Konrad Cres. Unit 10
Second Floor
Markham, Ontario, L3R 9X2

General

Midex reserves the right to modify and amend this privacy policy from time to time in its sole discretion without prior notice. Any such amendment(s) will be posted on our Site and will be effective as of the date of posting.