DealHijack’s policy applies to personal information about identifiable DealHijack customers and DealHijack employees that is collected, used or disclosed by DealHijack. It also applies to the management of personal information in any form whether oral, electronic or written.
Personal information may be requested from you when you:
· register yourself on our website;
· subscribe to a newsletter or mailing list;
In these instances, we may ask for your name, address and e-mail address. We may also keep records of your Facebook identification if you registered for our services via Facebook.
In addition, for each visitor to the DealHijack website, DealHijack’s web server automatically recognizes and stores information, such as the visitor’s IP address/domain name combination and any referring websites. We use this information to understand visitor traffic patterns through our websites for purposes of enhancing their usability. Your computer provides this information automatically each time you log on, unless you have activated blocking technology available in some browsers.
When you visit DealHijack’s website or advertisements appearing thereon, or use one or more of the DealHijack website services, we may use an industry-wide technology called “cookies’ which store certain information on your computer and which allow us to customize your experience to better match your interests and preferences, or to simply facilitate your signing in to use the services. Most browsers will allow you to erase cookies from your computer hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies, we may not be able to restore any preferences or customize settings you previously specified, and our ability to personalize your online experience would be limited. Please refer to your browser instructions or “help” screen to learn more about these functions.
The primary purpose of our collection of this information is to be able to provide customized newsletters to you, to seek your opinion from time to time, and to compile marketing and other statistics for use by DealHijack.
To better understand our policy, DealHijack has set out some basic definitions to use when reading and interpreting the principles below.
Collection: the act of gathering, acquiring, recording, or obtaining personal information from any source, including third parties, by any means.
Consent: voluntary agreement with the collection, use and disclosure of personal information for defined purposes. Consent can be either express or implied and can be provided directly by the individual or by an authorized representative. Express consent can be given orally, electronically or in writing, buy is always unequivocal and does not require any inference on the part of DealHijack. Implied consent is consent that can reasonably be inferred from an individual’s action or inaction.
Disclosure: making personal information available to a third party.
Personal Information: information about an identifiable individual, such as your name, address, telephone number, birth date, purchase information or e-mail address, that is recorded in any form, but does not include aggregated information that cannot be associated with a specific customer. For a customer, such information does not include: (a) information that is aggregated in such a manner that it cannot be collected to him/her; and (b) public information found in directories and listings, or business names, business addresses and/or contact numbers.
Use: the treatment, handling and management of personal information by and within DealHijack.
1. Accountability for DealHijack’s compliance with the provisions of DealHijack’s policy rests with the Privacy Officer. Other individuals within DealHijack may be delegated to act on behalf of the Privacy Officer or to take responsibility for the day-to-day collection and processing of personal information. The Privacy Officer has been designated to ensure customers have a designated avenue to answer their privacy-related inquiries.
2. DealHijack is responsible for personal information in its possession or custody, including information that has been transferred to a third person for processing. DealHijack shall use contractual or other means to provide a comparable level of protection while the information is being processed by a third party.
3. DealHijack shall implement policies and practices to give effect to these principles, including: a. implementing procedures to protect personal information; b. establishing procedures to receive and respond to complaints and inquiries; c. training staff and communicating to staff information about DealHijack’s policies and practices; and d. developing information to explain DealHijack’s policies and procedures.
2. Identifying Purposes
DealHijack will identify the purposes for which personal information is collected at or before the time the information is collected. 1. DealHijack collects personal information only for the following purposes: a. to establish and maintain responsible commercial relations with customers and to communicate with its customers; b. to understand customer needs and preferences; c. to meet legal and regulatory requirements; and c. to administer and manager its business operations, including personnel and employment matters.
2. DealHijack shall specify orally, electronically or in writing the identified purposes to the customer or employee at or before the time personal information is collected.
3. Persons collecting personal information will be able to explain to individuals the purposes for which the information is being collected, or will refer the individual to a designated person at DealHijack who will explain the purposes.
4. Unless required by law, DealHijack shall not use or disclose any new purpose personal information that has been collected without first identifying and documenting the new purpose and obtaining the consent of the customer.
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
1. In certain circumstances, personal information can be collected used, or disclosed without the knowledge and consent of the individual. For example, legal, medical or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate where there is an emergency threatening the individual’s life, health or security, or where the individual is a minor, seriously ill, or mentally incapacitated. In other instances, information may be publicly available. In addition, organizations that do not have a direct relationship with a customer may not always be able to seek consent. For example, seeking consent may be impractical for a charity or a direct-marketing firm that wishes to acquire a mailing list from another organization. In such cases, the organization providing the list would be expected to obtain consent before disclosing personal information.
2. DealHijack will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when DealHijack wants to use information for a purpose not previously identified). DealHijack will not make your consent a requirement to the supply of a service other than required to be able to supply the service.
3. In obtaining consent, DealHijack will use reasonable efforts to ensure that a customer is advised of the identified purposes for which personal information collected will be used or disclosed.
4. The form of consent sought by DealHijack may vary, depending upon the circumstances and type of information disclosed. In determining the appropriate form of consent, DealHijack shall take into account the sensitivity of the personal information and the reasonable expectations of its customers.
5. DealHijack will seek consent when the information is likely to be considered sensitive. Implied consent will generally be appropriate where the information is less sensitive. The use of services by a customer or the acceptance of employment by an employee will be considered implied consent to collect, use and disclose personal information for all identified purposes.
4. Limiting Collection
The collection of personal information will be limited to that which is necessary for the purposes identified by DealHijack. Information will be collected by fair and lawful means.
2. DealHijack may also collect personal information from such third parties as credit bureaus, employers, personal references or other third parties that represent they have the right to disclose the information.
5. Limiting Use, Disclosure and Retention
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual, or as required by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes.
1. DealHijack may collect, use or disclose personal information without the individual’s knowledge or consent in certain circumstances as described in Principle #3.1
2. DealHijack may disclose an employee’s personal information in the following circumstances: a. in the administration of that employee’s benefits; b. in providing references to prospective employers, upon receiving the consent of the employee; and c. as may be required by law.
3. Only DealHijack’s employees with a business need to know, or whose duties reasonably so require, are granted access to personal information about customers.
4. DealHijack will retain personal information for only as long as required to fulfill the identified purposes or as required by law.
5. Personal information that is longer required to fulfill the identified purposes will be destroyed, erased or made anonymous according to the guidelines and procedures established by DealHijack.
Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used. 1. The extent to which personal information will be accurate, complete and up-to-date will depend upon the use of the information, taking into account the interests of the individual. Information will be sufficiently accurate, complete, and up-to-date to minimize the possibility that inappropriate information may be used to make a decision about that individual.
2. DealHijack will update personal information about customers as and when necessary to fulfill the identified purposes or upon notification by the individual.
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information. 1. DealHijack will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution and format of the information, and the method of DealHijack.com Inc..
2. DealHijack protects all personal information regardless of the format in which it is held. Our methods of protection include: a. physical measures, such as locked filing cabinets, restricted access to offices and appropriate disposal of personal information; b. organizational measures, such as security clearances and limited access on a ‘need to know’ basis; and c. technological measures, such as the use of passwords and encryption.
3. DealHijack makes its employees aware of the importance of maintaining the confidentiality of personal information. All of DealHijack’s employees with access to personal information will be required as a condition of employment to contractually respect the confidentiality of personal information.
4. DealHijack will protect personal information it discloses to third parties by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used.
DealHijack shall make readily available to customers and employees specific information about its policies and practices relating to the management of personal information.
9. Individual Access
Upon request, a customer or employee shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
NOTE: In certain circumstances, DealHijack may not be able to provide access to all the personal information it holds about a customer or an employee. Exceptions may include information that it prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, information that is subject to solicitor-client or litigation privilege, or, in certain circumstances, information of a medical nature. DealHijack will provide the reasons for denying access upon request.
1. Upon request, DealHijack will inform an individual whether or not the organization holds personal information about the individual, and will provide that individual with a reasonable opportunity to review the personal information in his or her file.
2. DealHijack will allow the individual access to his or her personal information once the individual has provided DealHijack with a written request application. DealHijack will make the application available to customers through the Privacy Officer. The application will include sufficient information to permit DealHijack to provide an account of the existence, use, and disclosure to any third parties of this personal information. DealHijack will use the application only for this purpose.
3. DealHijack will respond to an application for individual access to personal information within a reasonable time and at minimal or no cost to the individual. The requested information will be provided or made available in a form that is generally understandable.
4. DealHijack will be as specific as possible in providing an account of third parties to which it has disclosed personal information about an individual. When it is not possible to provide a list of the organizations to which it has actually disclosed information about an individual, DealHijack will provide a list of organizations to which it may have disclosed information about the individual.
5. When an individual successfully demonstrates the inaccuracy or incompleteness of personal information, DealHijack will amend the information as required. Depending upon the nature of the information challenged, amendment involves the correction, deletion or addition of information. Where appropriate, the amended information will be transmitted to third parties having access to the information in question.
6. When a challenge is not resolved to the satisfaction of the individual, DealHijack will record the substance of the unresolved challenge. When appropriate, the existence of the unresolved challenge will be transmitted to third parties having access to the information in question.
10. Challenging Compliance
An individual will be able to address a challenge concerning compliance with the above principles to DealHijack’s Privacy Officer.
1. DealHijack will maintain procedures for addressing and responding to all inquiries or complaints from its customers about DealHijack’s handling of personal information.
2. DealHijack will inform individuals who make inquiries or lodge complaints of the existence of relevant complaint procedures.
4. DealHijack shall investigate all complaints. If a complaint is found to be justified, DealHijack will take appropriate measures, including, if necessary, amending its policies and procedures.
For more information please contact us by E-mail: [info@DealHijack.com]