Privacy Notice

Your privacy is of paramount importance to us.

Privacy Notice

This Privacy Notice explains the practices that TraceSafe Technologies Inc. (“TraceSafe”, “we”, “us”, “our”) follows in connection with the personal data that we collect through the use of our applications, visits to our website, or when you contact us directly.

What is Personal Data?

For the purposes of the work that TraceSafe performs and the regulations that TraceSafe needs to comply with, personal data refers to any information that relates to an identified or identifiable individual such as a name, email, mailing address, phone number, or any information related to an individual’s health for the purpose of contact tracing.


Privacy Regulations Compliance

Because TraceSafe is a technology organization that provides products and services worldwide, we are expected to comply with different Privacy and Data Protection Regulations such as the General Data Protection Regulation (“GDPR”). We respect your privacy rights at all times, and we commit to protecting the personal data to the highest standard regardless of where you are located.  


Data Controller and Data Processor

A Data Controller is an organization that determines how to collect and process personal data.

A Data Processor is an organization that processes personal data on behalf of a Data Controller.

TraceSafe is considered a Data Controller when collecting and processing personal data from visitors to our website or from prospective and active clients who are interested in using or use our products and services.

TraceSafe is considered a Data Processor when we process personal data from the end users of our active clients as per our clients’ requirements. 

Both as a Data Controller or as a Data Processor, TraceSafe protects personal data to the highest level of care by following a strict privacy framework.


Personal Data Collection and Purpose of Processing

Requests for contact

We collect personal data provided directly by you during direct communication with any of our representatives either through email or through a form on our website. We collect your name, email address, phone number and the reason for your communication.

We use your personal data to acknowledge and respond to your request.


Website

We collect information about your visit such as your IP address, what pages you visited and what sections of our website were of most interest to you.

We use cookies and Google Analytics to gain insights into how our visitors navigate the website in order to provide you with a better web experience. 

We also use third-party cookies for you to receive relevant ads that are of interest to you.

If you want to learn more about cookies, refer to our Cookie Notice.


AllSafe 

AllSafe is our contact tracing platform. We’ve built AllSafe to allow employers and event and venue operators to safely reopen and maintain the risk of infection for everyone’s safety and wellbeing. We collect different pieces of data for the AllSafe application that include:

  • Your name or another unique, pseudonymous identifier such as your employee ID to link it to one of our bluetooth wearables.
  • The date and duration of the interactions you have had with other users that wear a bluetooth wearable provided by us, if your contact was close and long enough to be considered an “event” in our system.
  • Your health status, provided directly by you, which determines whether you have had a positive or negative test result.

Our contact tracing application requires this data about you to be able to track interactions and be able to isolate any individuals at risk of infection.

iMSafe 

iMSafe is our quarantine management platform. This application is used to ensure that individuals that undergo a quarantine remain at the location they are expected to during the entire defined period. We collect different types of data for the iMSafe application that differ depending on the way the solution is deployed:

When our solution is deployed with a mobile application:

  • Your name or a unique, pseudonymous identifier to link it to one of our bluetooth wearables.
  • The location (latitude and longitude) of where you are expected to quarantine (for example, a hotel).
  • Your location (latitude and longitude) at regular intervals of time to check if you are in your quarantine location.
  • Your confirmation through the iMSafe application that you are at the location you are expected to quarantine at.

When our solution is deployed with our iMSafe Gateway device:

  • Your name or a unique, pseudonymous identifier to link it to one of our bluetooth wearables.
  • Your proximity to the iMSafe Gateway device at regular intervals of time to check if you are in your quarantine location.

The iMSafe Gateway is a device, engineered by TraceSafe, that plugs into a power outlet and provides GPS and LTE functionality. When the iMSafe solution is deployed with the iMSafe Gateway, an individual does not need to use a smartphone or install an application. Instead, the gateway connects directly to the internet and monitors the proximity between itself and the wearable, ensuring that the individual remains in the location of their quarantine.

Whether the solution is deployed with the iMSafe Gateway or a smartphone, this information is required to track your location or proximity during the period you are expected to remain in quarantine. 


Candidates for employment

We collect your contact information, details related to your professional qualifications including your resume and cover letter if you apply for a job at TraceSafe.

We use this data to determine if your expertise aligns to the role you are applying for and to contact you if we believe you are a viable candidate.


Legal Basis for Processing

In order to comply with different privacy and data protection regulations around the world and specifically to comply with the General Data Protection Regulation (“GDPR”) in the EU, we require to provide a legal basis for the processing of your personal data.

TraceSafe will not process your personal data unless we have a legal justification to do so. We will only process your personal data if:

  • We have obtained your explicit consent prior to the processing of your personal data, or
  • if we need your personal data to perform a contractual obligation, or
  • if we need to process your personal data to fulfill our legal and regulatory obligations, or
  • if we have a legitimate interest that will not put your rights and freedoms at risk.


Personal Data Disclosure

TraceSafe will only disclose your personal data to the following parties under specific circumstances:

  • To TraceSafe personnel, if required, to fulfill your request, or 
  • to service providers that support our systems and applications, or
  • to organizations that we provide our applications to who wish to load the data we collect into their systems, as part of our relationship with them as their Data Processor, or
  • to law enforcement, regulatory bodies or courts, when we are required to do so under applicable laws and regulations, or 
  • in connection with the sale or reorganization of all or part of our business, as permitted by applicable law.


Personal Data Security

TraceSafe is committed to protecting the personal data we collect, process and disclose about you. We maintain appropriate safeguards and take reasonable steps to protect your personal data, ensure that we limit its use and that we disclose it only to the parties that have a legitimate reason to have access to it. 

We ensure that all the parties that we disclose your personal data to, internal and external to TraceSafe, have contractual obligations to protect the security and the confidentiality of your personal data.


Personal Data Transfers

The personal data that we collect from you for the purpose of our applications will reside in your local region and will not be transferred to an international location.

In instances outside of our applications, your personal data will be transferred to systems that reside in the US. We ensure that your data is safeguarded and work with our partners to ensure that the risks to your privacy are minimized.

For personal data transferred out of the EU we have implemented Standard Contractual Clauses to ensure that we have a valid data transfer mechanism in place that ensures the protection of your personal data once it is stored in the US.


Rights You Can Exercise About Your Personal Data 

Subject to any exceptions provided by law, you have the right to request access to, update or deletion of your personal data. 

You also have the right to request restriction of or object to the processing of your personal data. And you have the right to request to have your data transferred to another organization in a commonly used format.

On each particular case we will inform you of the consequences of your request and if there are any exemptions to honouring your requests based on legal or contractual requirements.

To submit any request about your personal data you may contact us via email at privacy@tracesafe.io


Contact Us

If you have any further questions regarding the personal data that TraceSafe or any of our partners collect and process or if you have feedback regarding this Privacy Notice, you may contact us at privacy@tracesafe.io


EU Individuals – Right to Lodge a Complaint with a Supervisory Authority

If you reside in the EU and want to lodge a complaint with a Supervisory Authority (Data Protection Authority) you may do so in the Member State where you reside, where you work or where you may have experienced an issue with the processing of your personal data. However, we would appreciate it if you gave us the opportunity to handle your complaint internally before contacting a Data Protection Authority.