Privacy Statement

Updates

Last updated: 24 April 2023 [What’s New]

Personal Information We Collect

“Personal information” means information about an identifiable individual as described under Canadian privacy laws.

Generally, personal information does not include any business contact information that is solely used to communicate with you in relation to your employment, business or profession, such as your name, position name or title, work address, work telephone number, work fax number or work e-mail address.

This Privacy Statement does not apply to the extent we process personal information in the role of a processor or service provider on behalf of our customers. Where we process personal information in the role of a processor or service provider on behalf of our customers, it is that customer’s privacy practices and policies, including their privacy statement, that applies; we conduct such activities strictly in accordance with our customer’s instructions and pursuant to our contractual arrangements with the customer. If you are an end user or consumer with an existing relationship with one of our customers, you should refer to the customer’s website to understand their privacy practices and policies.

We may collect, use, and disclose different types of personal information, depending on our relationship with you. Generally, we collect the following types of personal information, which you provide to us (not all of which may apply to you):

• User login information. We require that all users have an account and this requires that you provide your name and email address, and create a password. You may also provide a profile photo or select an avatar.
• Transaction and billing information. Our customers provide billing and payment information to purchase our services, such as company name, billing address, payment details, and contact information for an appropriate representative.
• Contact information and other personal information you provide while communicating with us. You may also provide us information when you communicate with our team for support.
• Credentials for Integrations. Depending on the integrations you configure on Flightpath, you may provide us with additional email addresses, phone numbers, credentials or login information for the purpose of connecting Flightpath with third-party services such as: notifications or billing platforms.
• Communicating with Us. You may also provide us information when you communicate with members of our team such as through a support request.

Generally, we collect the following types of personal information automatically as you use our services (not all of which may apply to you):

• Platform usage/user information. Like most online service providers, we collect information that web browsers, mobile devices, and servers typically provide, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access and operating system. We collect log information when you use our services, such as when you create or make changes to your account.
• Time zone. We collect your browser’s reported time zone. We use the collected time zone to correct the times we display from UTC to a more suitable time for each user.

We also collect, use, and share aggregated and anonymized data for any purpose. For example, we may publish aggregate statistics about the use of our services or trends within the larger podcast publishing industry. Aggregated and anonymized data is not considered personal information because it cannot be used to identify you.

How We Use Your Personal Information

We generally use your personal information for the following purposes:

• to provide our services, such as, to set up and maintain your account or charge you for use of our services;
• to further develop and improve our services (i.e., understanding what features are being used, what new features might be needed and/or helping users use our services more effectively);
• to monitor and prevent any problems with our services, including to protect the security of our services, fight spam, and protect the rights and property of Flightpath and other service providers, which may cause us declining the use of our services;
• to communicate with you (e.g., to respond to your inquiries, complaints or requests, provide you with alerts, solicit your feedback, or to keep you up to date on new features);
• to communicate with your through a newsletter or other marketing communications;
• to improve the effectiveness and efficiency of our operations, products, services, and programs;
• to investigate legal claims and protect our rights, operations or property.
• for such other purposes as you may consent to from time to time.
• as otherwise required or permitted by law.

We do not use your personal information to engage in interest-based or behavioral advertising of our services across third-party websites or service offerings.

How We Share Your Personal Information

We generally identify to whom, and for what purposes, we will disclose your personal information (and we obtain your consent to such disclosure) at the time we collect your personal information.

We may disclose your information when we believe such disclosure is required or permitted by law. In addition, we may disclose your personal information to a third party in the event of any significant business transaction, such as a merger or reorganization.

We rely on service providers to perform a variety of services on our behalf, such as payment card processors, SMS and email delivery services, technical support providers, and data storage and processing service providers. If we transfer your personal information to a service provider, we require that they maintain the confidentiality of your personal information and keep it secure. We also require that our service providers comply with applicable privacy laws and only use your personal information for the limited purposes for which it is provided.

Legal Bases for Collecting and Using Information

For those in the European Union a further note about our legal grounds for processing information about you under European Union data protection laws. Our use of your information is based on the grounds that:

• the use is necessary to fulfill our commitments to you under our agreement with you or is necessary to administer your account – for example, to enable access to our website on your device or charge you for a paid plan; or
• the use is necessary for compliance with a legal obligation; or
• the use is necessary to protect your vital interests or those of another person; or
• we have a legitimate interest in using your information–for example, to provide and update our Services, to improve our services so we can offer you an even better user experience, to safeguard our services, to communicate with you, to monitor and prevent any problems with our services, and to personalize your experience.

Your Consent to the Collection, Use and Disclosure of Your Personal Information

We collect, use, and disclose your personal information with your consent or as permitted or required by law. How we obtain your consent, including whether it is express or implied, will depend on the circumstances and the sensitivity of the personal information in question. Generally, we will seek your consent at the time we collect your personal information, either orally, electronically, or in writing.

If you provide personal information about another individual to us, it is your responsibility to obtain the consent of that individual to enable us to collect, use and disclose their information as described in this Privacy Statement.

If you wish to withdraw your consent to our collection, use or disclosure of your personal information, please contact us using the contact information in the “How to Contact Us” section below. We will accommodate your request to withdraw consent, subject to legal or contractual restrictions. Withdrawal of your consent may mean that we will no longer be able to provide you with certain products or services.

If you are located in certain countries or states, including those that fall under the European General Data Protection Regulation (GDPR), data protection laws give you rights regarding your personal information data, subject to any exemptions provided by the law, including the rights to:

• Request access to your personal information data;
• Request correction or deletion of your personal information data;
• Object to our use and processing of your personal information data;
• Request that we limit our use and processing of your personal information data; and
• Request portability of your personal information data.

Usually, you can access, correct, or delete your personal information data using your account settings and tools that we offer, but if you aren’t able to do that, or you would like to contact us about one of the other rights, please see “How to Contact Us” below.

Individuals located in the European Union may also make a complaint to a government supervisory authority. You can look up the contact details of applicable government supervisory authority here.

Opting Out of Marketing Communications

If you no longer want to receive marketing-related e-mails from us, you may opt out of receiving marketing-related e-mails by clicking the “unsubscribe” link at the bottom of any marketing-related e-mail you receive from us. You may also opt out by contacting us directly using the contact information in the “How to Contact Us” section below.

Please note that if you opt out from receiving marketing-related e-mails, we may still need to send you communications about your use of our products or services, or other matters.

Retention, Storage, and International Transfer of Personal Information

We will retain your personal information for as long as necessary to fulfill the purposes for which we collected it, and as permitted or required by law.

We may transfer your personal information outside of Canada to fulfill the purpose for which we collected it, including for processing and storage by service providers. While your personal information is outside of Canada, it is subject to the laws of the country in which it is located, which may have different data protection laws than Canada. Those laws may require disclosure of your personal information to authorities in that country.

Transferring Personal Information Outside Canada

Because our services are offered outside of Canada, the information about you, which we process when you use the services in the European Union (EU), may be used, stored, and/or accessed by third party processors operating outside the European Economic Area (EEA). This is required for the purposes listed in the “How We Use Your Personal Information“ section above. When providing information about you to entities outside the EEA, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with applicable laws and this Privacy Statement.

List of Data Sub-processors

We use these products/services (which have identified themselves as being GDPR and CCPA compliant):

• Digital Ocean: for Tier 1 HA hosting of our applications and storing data.
• Amazon Web Services: for storing encrypted database backups, privacy vaults, and our data lake.
• Healthchecks.io: for worker/task monitoring (no PII data sent)
• Datadog: for log and application monitoring
• Sentry: for application monitoring (no PII data sent)
• Mixpanel: for usage monitoring (no PII data sent)
• Mailjet: for sending transactional email

For more information about our policies and practices regarding service providers outside of Canada, contact us using the contact information in the “How to Contact Us” section below.

Information Security

We have implemented physical, organizational, contractual, and technological security measures in an effort to protect your personal information from loss or theft, unauthorized access, use or disclosure. For example:

• we train our employees and agents on the importance of safeguarding personal information.
• we restrict access to your personal information to those employees or agents who need access for authorized purposes.
• we protect personal information in electronic form using technological means such as firewalls, access controls, and encryption.

Despite these measures, we cannot guarantee that our safeguards will always be effective. A breach of security safeguards can result in risks such as phishing and identity theft. In such cases, we will act promptly to mitigate the risks and to inform you where there is a real risk of significant harm, or as otherwise required by law.

We may also require that you assist us in safeguarding your personal information. For example, if you create an account through our website or applications, you should use a unique and strong passwords and not share your password with others.

If you have reason to believe that your personal information is no longer secure, please contact us immediately using the contact information in the “How to Contact Us” section below.

Accessing and Updating Your Personal Information

You may make a request to review any personal information about you that we have collected, used, or disclosed, and we will provide you with any such personal information to the extent required by applicable laws.

You may also challenge the accuracy or completeness of your personal information in our records. If you demonstrate that your personal information in our records is inaccurate or incomplete, we will amend your personal information as required.

We may require that you provide sufficient identification to fulfill your request to access or correct your personal information. Any such identifying information will be used only for this purpose. We will not charge you any fees to access your personal information in our records without first providing you with an estimate of the approximate fees, if any.

If you object to how we handle your request, you may have the right to make a complaint to the Privacy Commissioner of Canada or the applicable provincial privacy commissioner.

If we are processing your personal information on behalf of our customer, we may refer your access or correction request to that customer.

Third-Party Websites and Services

We may provide links to third-party websites for your convenience and information. We may also make opportunities available to you to purchase, subscribe to, or use other products or services from third parties with different privacy practices. Those other websites, products, or services are governed by the privacy statements and policies of the respective third party. This Privacy Statement does not extend to any websites, products, or services provided by third parties. We do not assume responsibility for the privacy practices of third parties and we encourage you to review all third-party privacy statements prior to using third-party websites, products, or services.

Changes to this Privacy Statement

This Privacy Statement was last revised as of the date that appears at the top of this page. To review a summary of recent changes, click here.

From time to time, we may make changes to this Privacy Statement. When changes are made, they will become immediately effective when published in a revised Privacy Statement posted on our website, unless otherwise noted. We may also communicate the changes to this Privacy Statement by other means.

How to Contact Us

All comments, questions, concerns, or requests regarding your personal information or our privacy practices should be forwarded to our Privacy Officer as follows:

Privacy Officer
privacy@flightpath.fm
Flightpath Software
25 Dundurn St North
Hamilton, Ontario L8R 3C9, Canada