Information We Collect
a. Personal Information
Personal information is any information recorded in any form that identifies or can identify an individual and includes any information provided to us by you or your Users in using our Site and Services. This may include certain registration information and user profile information that you provide to us in creating your account to use our Services, your employee information (including name, address, SIN and hourly wages), billing information, and time and attendance entries made by you and your Users through using the Services .
b. Non-Personally Identifiable Information
Personal information does not include information that is aggregated or anonymized in such a manner that it cannot be connected to you or any User. This may include time and attendance data that is aggregated among many Users. Such information by itself or together cannot be tracked to a specific individual’s personally identifiable information.
How do we use Personal Information?
Midex Software collects Personal Information for the following purposes:
- to provide Services to you and your Users;
- to establish and maintain responsible commercial relations and to communicate with you in order to provide service. This includes, but is not limited to, communications relating to billing, advertising, promotion and account verification;
- to respond to any correspondence you may direct to us;
- to understand our customers needs and preferences;
- to direct advertisements to you about goods and services of interest to you;
- to enforce our Terms of Service;
- to provide you with system or administrative messages;
- to meet legal and regulatory requirements; and
- for any other reasonable purposes for which you may have provided your express consent or in which your consent can be reasonably implied.
How do we use Non-Personally Identifiable Information?
We respect your privacy and, unless otherwise required by law, we will not collect, use or disclose your Personal Information without your prior consent. Your consent may be expressed or implied. You may expressly give your consent in writing, verbally or through any electronic means. In certain circumstances, your consent may be implied by your actions. For example, providing us Personal Information to register for our Services is implied consent to use such information to provide you the associated services.
Where appropriate, Midex Software will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when Midex wants to use information for a purpose other than those identified above). In obtaining consent, Midex will use reasonable efforts to ensure that a customer is advised of the identified purposes for which Personal Information collected will be used or disclosed.
The form of consent sought by Midex may vary, depending upon the circumstances and type of information disclosed. In determining the appropriate form of consent, Midex shall take into account the sensitivity of the Personal Information and the reasonable expectations of our Members. Midex will seek express consent when the information is likely to be considered sensitive. Implied consent will generally be appropriate where the information is less sensitive.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. In order to withdraw consent, you must provide notice to Midex in writing.
Limiting Use, Disclosure and Retention
Unless required by law, or in connection with a business transaction, Midex shall not use or disclose or transfer Personal Information for any purpose other than those described above without first identifying and documenting the new purpose and obtaining your consent, where such consent may not reasonably be implied.
Subject to the foregoing, only Midex’s and our Affiliates’ employees with a business need to know, or whose duties reasonably so require, are granted access to Personal Information about our Members. All such employees will be required as a condition of employment to contractually respect the confidentiality of Members’ Personal Information.
Midex will retain Personal Information for only as long as required to fulfill the identified purposes or as required by law. Personal Information that is no longer required to fulfill the identified purposes will be destroyed, erased or made anonymous according to the guidelines and procedures established by Midex.
Using the Site
Each time a user access our Site, Midex automatically receives and stores certain types of non-personally identifiable information about users including IP address, web pages viewed, and date and time. The non-personally identifiable information collected through your use of Site is used to do monitor website traffic and conduct internal research on our users’ demographics, interests and behavior to better understand and serve our customers. For example, we may collect information such as the length of time a user visited the site, the pages he or she visited, the type of browser used to access our site as well as to track the number of visitors to the site.
How can I Access my Personal Information?
Upon request, Midex will provide information to a User regarding the existence, use and disclosure of his or her Personal Information. Midex will respond to an application for individual access to Personal Information within a reasonable time and at minimal or no cost to the individual. A User may challenge the accuracy and completeness of the information and have it amended as appropriate.
NOTE: In certain circumstances, Midex may not be able to provide access to all the Personal Information it holds about a User. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation privilege. Midex will provide the reasons for denying access upon request.
Midex protects your Personal Information by security safeguards appropriate to the sensitivity of the information. Midex will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
Our methods of protection include:
- Physical measures, such as filing cabinets which are kept locked when not in use and restricted access, both to Midex’s place of business in general and to internal offices as well;
- Organization measures, such as security clearances and limited access on a need to know basis; and
- Technological measures, such as the use of passwords, firewalls and encryption.
Midex will maintain procedures for addressing and responding to all inquiries or complaints from Users about Midex’s handling of Personal Information. Midex shall investigate all complaints. All inquiries or complaints involving Midex’s handling of Personal Information or compliance with this policy or with PIPEDA shall be directed to Midex’s Privacy Officer.
The Privacy Officer will respond to all such inquiries or complaints within 14 business days of receipt. The Privacy Officer will make reasonable efforts to resolve all such complaints within 30 days of receipt of the initial complaint. If Midex finds a complaint to be justified, it will take appropriate measures, including, if necessary, amending its policies and procedures.
For more information, please contact our Privacy Office as follows:
Midex Enterprises Ltd.
10 Konrad Cres. Unit 10
Markham, Ontario, L3R 9X2