Privacy Policy

imMail Privacy Policy

Document Control Information

Version

2.6

Author

Paulo Martins

Reviewer

Rafael Menezes

Review Date

October 25, 2024

Review Frequency

Each 6 months

Next Review Date

March 2025

The current version of this document is up to date. Any future versions or changes to this document must also be approved by the author and the Executive Team and issued on a version-controlled basis under their signature. This document has been stored at Safe Storage.

Effective Date: October 25, 2024

Table of Contents

  • Introduction

  • Data Protection Officer

  • How we collect and use (process) your personal information

  • Use of the immail.ca website

  • Cookies and tracking technologies

  • Use of the imMail services

  • Sharing information with third parties

  • Transferring personal data to the U.S.

  • Data Subject rights

  • EU – Ireland Representative

  • Data Storage and Retention

  • Security

  • Obligations as Data Controller/Processor

  • Children’s data

  • Questions, concerns and complaints

  • Keep Privacy Policy updated

Introduction

This Privacy Notice helps you to understand which information we collect, how we use this information and in what particularly situations we share them.

The term imMail means instant messaging Mail, the company imMail, the app imMail available at both platforms iOS and Android, and the Web application accessed through browsers.

imMail Technology LTD is a Canadian startup specialized in messaging and collaboration for companies. imMail is SaaS company that develops a communication and collaboration tool designed to enhance productivity and streamline communication within organizations. It offers a secure and private environment for teams to connect, share information, and collaborate effectively.

We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Notice describes the imMail’s policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.

Data Protection Officer

imMail is headquartered in First Edmonton Place, 10665 Jasper Ave 14th Floor, Edmonton, Alberta, in Canada. imMail has appointed an internal data protection officer for you to contact if you have any questions or concerns about imMail’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to imMail’s data protection officer. imMail’s data protection officer’s name and contact information are as follows:

Leonardo Valença

imMail Technology LTD

First Edmonton Place, 10665 Jasper Ave 14th Floor, Edmonton, Alberta, CA

leonardo@immail.ca

How we collect and use (process) your personal information

It’s important to notice that you, as a first user from a specific domain, will be the primary manager of your account, identified by your email address.

All documents, files and messages that you send or receive using imMail services are under your responsibility. Creating and belonging to groups are under your responsibility as well.

A Company may have more than one Domain Administrator. Because the Domain Administrator have access to the log, he has access to all messages and files of all talks and groups related to a specific domain.

All administrators are users.

imMail collects personal information about its website visitors and customers. With a few exceptions, this information is generally limited to:

  • name 

  • email address

  • password

  • IP

Any other information is optional such as::

  • phone number,

  • department position,

  • business phone number,

  • birthday 

If the user decides to a paid plan information concerning to credit card to be charged are required.

Any information or document posted on imMail is private to the receiver, so no one else can access or read that information except Domain Administrators. Such rule is also valid to groups: only group members can access and read messages and documents attached to it.

imMail is a custodian of the data that are exchanged between corporations and users. imMail do not assume any jurisdiction over that data.

imMail primary concern is about security, confidentiality and compliance of your data.

imMail collects information only to operate, maintain, and configure all functionalities necessary to imMail’s services. imMail analyses how the services are being used to identify technical problems, keep the security, customize content, retrieve information that helps you to operate in a more effective way, and aggregate monitoring metrics such as number of operating uses, message traffic, demographic patterns, tracking content to assure conformance with international copyrights.

imMail only collects the email address of the administrators and users belonging the group or corporation and passwords.

If the corporation has a AD/LDAP integration some information to configure this integration may be needed.

We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.

Your email is collected for the purpose of identifying you. It will be associated to an internal ID, so the administrator may change your email and keep all messages associated with you.

Your name is collected only as an accessory in helping to identify you on messages and videoconferences

Your password is collected and encrypted in an non reversal mode to allow you access the system, for your own security.

Your IP (on the first access) is collected just to identify your preferred language.

All other information are collected in an optional way and to help other people (usually from your company/domain) know who you are.


All Personal Data had been collected using imMail’s website, API or through mobile applications : imMail or imMail Meet, available at Apple’s Appstore or Google’s Playstore.


That data have been collected because you or your company (the domain that your email refers) created an account on imMail’s cloud, and you have sent or received messages, tasks, attended to videoconferences or sent files to imMail’s drive, depending on which plan your account is subscribed.

Use of the imMail.ca Website

As is true of most other websites, imMail’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of imMail’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

imMail has a legitimate interest in understanding how members, customers and potential customers use its website. This assists imMail with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.

Cookies and tracking technologies
imMail makes available a comprehensive Cookies Overview that describes the cookies and tracking technologies used on imMail website and provides information on how users can accept or reject them.

To view the notice, just click on https://immail.ca/cookie-policy

Sharing information with third parties

The personal information imMail collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval.

A list of our third party sub processors can be found here:

AWS

MongoDB

We do not otherwise reveal your personal data to non-imMail persons or businesses for their independent use unless:

  1. you request or authorize it;
  2. the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others;
  3. to address emergencies or acts of God; or
  4. to address disputes, claims, or to persons demonstrating legal authority to act on your behalf.

We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.

Transferring personal data to the U.S.

imMail has its headquarters in Canada, but have a Datawarehouse located in United States. Information we collect about you may be processed in the United States. By using imMail’s services, you acknowledge that your personal information may be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, imMail is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.

Depending on the circumstance, imMail also collects and transfers to the U.S. personal data with consent to perform a contract with you; or to fulfill a compelling legitimate interest of imMail in a manner that does not outweigh your rights and freedoms. imMail endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with imMail and the practices described in this Privacy Statement imMail also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, imMail has received zero government requests for information.

For more information or if you have any questions, please contact us at privacy@immail.ca

Data Subject rights

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restrict processing

  • Right of data portability

  • Right to object

  • Rights related to automated decision making including profiling

This Privacy Notice is intended to provide you with information about what personal data imMail collects about you and how it is used. 

If you wish to confirm that imMail is processing your personal data, or to have access to the personal data imMail may have about you, please contact us.

You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside imMail might have received the data from imMail; what the source of the information was (if you didn’t provide it directly to imMail); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by imMail if it is inaccurate. You may request that imMail erase that data or cease processing it, subject to certain exceptions. You may also request that imMail cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how imMail processes your personal data. When technically feasible, imMail will—at your request—provide your personal data to you.

Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, imMail will provide you with a date when the information will be provided. If for some reason access is denied, imMail will provide an explanation as to why access has been denied.

For questions or complaints concerning the processing of your personal data, you can email us at privacy@immail.ca. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.

EU – Ireland Representative

Company Name

Instant EU GDPR Representative Ltd

Name

Adam Brogden

Email

contact@gdprlocal.com

Tel+ 353 15 549 700

Your Reporting Link

https://immailtechnologyltd.gdprlocal.com/eu

EU Dublin Address

INSTANT EU GDPR REPRESENTATIVE LIMITED Office 2 12A Lower Main Street, Lucan Co. Dublin K78 X5P8 Ireland

Data storage and retention

Your personal data is stored by the imMail on its servers, and on the servers of the cloud-based database management services the imMail engages, located in the United States. The imMail retains service data for the duration of the customer’s business relationship with the imMail and for a period of time thereafter, to analyze the data for imMail’s own operations, and for historical and archiving purposes associated with imMail’s services. imMail retains prospect data until such time as it no longer has business value and is purged from imMail systems. All personal data that imMail controls may be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at: privacy@immail.ca or make a request at https://immail.atlassian.net/servicedesk/customer/portal/22


When you ask for erasure or rectification it must be clear that:


a – you or the domain administrator may ask to delete the messages, directly through our site or mobile applications;
b – when you send a message its content or attached files will not be erased. The messages belong to private chat or group chat and its deletion may impact directly in the chat understanding;
c – your image that is visible on videoconference recordings will not be erased;
d – when a domain has been inactive (not sending or receiving messages, videoconferences, tasks or drive uploading or downloading files) for more than 6 (six) months after subscription expiration, that domain will be erased and its accounts will not available anymore;
e – after you request of modification or erasure, by filling this form you may receive, by email, some more requests for information, eventually imMail will notify the domain administrator. After the erasure or modification have been done you will be notified by email.

Security

We prioritize the security and safe storage of your personal information. Our robust measures include physical, administrative, and technical safeguards to prevent unauthorized access, theft, loss, or misuse of your data. Your information is securely and encrypted stored on restricted-access servers and transmitted with encryption for enhanced protection. Our security practices undergo regular review to align with the latest standards. It’s important to note that while we make every effort to safeguard your data, no method of transmission or storage over the internet can guarantee absolute security.

Obligations as a Data Controller/Processor

As a company, we are dedicated to safeguarding the personal data of our customers and employees. In accordance with this commitment, we comply with the principles of the General Data Protection Regulation (GDPR) when collecting, utilizing, and handling personal data. This includes adherence to principles of legality, fairness, and transparency; limiting data collection to specific purposes; minimizing the amount of data collected; ensuring accuracy; limiting data storage; maintaining integrity and confidentiality; and being

Children’s data

We do not knowingly attempt to solicit or receive information from children.

Questions, concerns or complaints

If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at:

imMail Technology LTD

C/O Leonardo Valença

First Edmonton Place, 10665 Jasper Ave 14th Floor, Edmonton, Alberta, Canada

https://immail.ca/contact/

Keep this Privacy Policy Updated

We keep our privacy notice under regular review to make sure it is up to date and accurate