Revised September 1, 2018
full to ensure that you are fully informed.
Our legal basis for collecting and using your Personal Data will be based on the necessity of performance of a contract we have with you and/or our Customer.
We will generally collect Personal Data from you only where we have your consent to do so and where we need the
Personal Data to complete the Services we have been contracted to provide. In the event you subscribe to a newsletter, participate in our blog or sign-up for information on our product and services, the legal basis for collecting and using your Personal Data is based on consent.
Information You Provide to Us
Generally, you control the type and amount of information you provide us when you sign up for, or use the Site or Services.
Non-personal data (“NPD”) is information that is in no way personally identifiable. Personal data is information that is collected that personally identifies you (“Personal Data”) and may include:
When we communicate with you on our Site and Services we will use the email address you provide when you registered as a user. You may change your contact preferences at any time through your on-line account.
Any public posts, such as blog articles, comments, questions and testimonials, that are placed on the Sites may be read, collected, and used by others who access them.
Our website may also offer the ability for users to communicate with each other through online community discussion boards or other mechanisms (“Community Forums”).
If you chose to submit any public posts or participate in Community Forums you should use care when exposing any Personal Data as such information is not protected
these postings. To request removal of your Personal Data from our blog or community forums, please contact us. In some cases, we may not be able to remove your Personal Data.
If any posting on our Sites contains information of third parties, you must make sure you have permission to include that information in your posting. While we are not legally liable for information that may be posted by our users, we will remove any postings about which we are notified, if such postings violate the privacy right of others.
Information We Collect Automatically
We automatically collect information (“Usage Data”) regarding the actions you take on the Sites and Services. In some countries, including countries in the European Economic Area (“EEA”), this information may be considered Personal Data under applicable data protection laws. Usage Data helps us understand trends in our users’ needs so that we can better consider new features or otherwise improve our Services.
We may share Usage Data about our users with our third-party service providers for various purposes, including to help us better understand our customers’ needs and improve our Services.
When you use the Sites or Services, some examples of the Usage Data we may collect could include:
We may store such Usage Data itself and/or such information may be included in databases owned and maintained by MESH Diversity’s service providers.
We may use such information and pool it with other information to track, for example, the total number of visitors to our Sites or users of our Services, and/or the number of visitors to each page of our Sites. We use this information to help us understand how people use the Sites and Services, and to enhance the Sites and Services.
Our mobile application may collect certain additional information automatically, including, but not limited to: the type of mobile device you use;
your mobile device’s unique device ID; the IP address of your mobile device; your mobile operating system; the type of mobile Internet browsers you use;
available storage space; connection type (e.g. WiFi vs. cellular); and information about the way you use the application. We may also use GPS technology (or other similar technology) to determine your current location. If you do not want us to have your location information, you should turn off the location services for the mobile application located in your mobile phone settings and/or within the mobile application.
Examples of how cookies and web beacons are used include pre-populating your username for easier login or to allow user-specific messaging.
Most web browsers are initially set up to accept cookies. You can remove persistent cookies and change your privacy preferences by following directions provided
in your Internet browser’s “help” directory. However, certain features of the Sites or Services may not work if you delete or disable cookies.
We may use your Personal Data for the following purposes:
MESH Diversity will never sell Personal or Customer Data. For data aggregation purposes we may use your NPD but any such data aggregation would not include any of your Personal Data.
We may disclose your Personal Data to the following categories of recipients:
We recognize our legal obligations to protect the Personal Data we have gathered about individuals. We have therefore implemented appropriate technical and organizational measures to secure against unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction of Personal Data.
These arrangements include industry-standard security measures including physical security measures, network security measures, and organizational measures such as non-disclosure agreements and need-to-know access. Unfortunately, because of the inherent nature of the Internet, we cannot guarantee against the possible loss or misuse of your Personal Data. We strongly urge you to protect any passwords you have to our Site and Services and not to share them with anyone.
You should log out of our Site when you finish using it particularly if you are using a computer in a public place.
We will retain your information for as long as your account is active or where we have an ongoing business need to do so (for example, to comply with applicable legal, tax, or accounting requirements). We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymize it; or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible. As noted above, we may retain your NPD for an indefinite period and use it for data aggregation and statistical analysis purposes.
Third parties may collect, but we do not authorize them to collect, personally identifiable information about your online activities over time and across different websites when you use the Sites or Services.
We use third-party service providers to provide some services that are necessary or ancillary to our delivering the Sites and the Services, and some of these services may include processing Personal Data. These service providers are generally located in Canada and the USA.
In order to provide security and confidentiality or your Personal Data, MESH Diversity has undertaken contractual and other measures to ensure our service providers provide adequate protection for Personal Data and that all processing is done with an appropriate level of confidentiality and security.
If you access our Site and Services from the EEA you may have certain rights with respect to your Personal Data under the General Data Protection Regulation (“GDPR”)
including: the right to be informed about the collection and use of the Personal Data you provide; the right to access your Personal Data; the right to correct or delete your Personal Data; the right to restrict or limit the processing of your Personal Data; the right to get your personal data and use it for your own purposes (the right of data portability); and rights in relation to automated decision-making and profiling. You also have the right to file a complaint with supervisory authorities if your Personal Data has not been processed in compliance with GDPR. For more information visit https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr). If you want to exercise any of the above rights, or if you have any questions on how and why we process your data, please reach out to us using the contact information below. We will respond within 10 business days of receipt of your request.
Data Transfers to MESH Diversity Offices
The Personal Data that we collect from you may be transferred to MESH Diversity’s offices in Canada for the purposes of support, finance, analytics, sales and account management. Service providers located in Canada are governed by the Personal Data Protection and Electronic Documents ACT (“PIPEDA”). Transfers of personal data to Canada are legally authorized by a finding of the EU Commission that Canada has an adequate level of data protection (pursuant to Article 45 of the GDPR).
Transfers to Other Countries
We use third party service providers to provide services that are necessary to delivering our Services, and some of these services may include processing Personal Data. Our service providers are generally located in Canada and the US. The US has not been found to have an adequate level of data protection under article 45 of the GDPR. In some cases, our US service providers have certified their compliance under the Privacy Shield Framework that requires
If you have any questions or concerns about our policy or use of your Personal Data, please contact us by email at firstname.lastname@example.org or by using the contact details below:
MESH Diversity Inc.
105 Barrington Crescent
Moncton NB E1G 4V4
MESH/diversity empowers D&I professionals with the strategic support, tools, metrics and data needed to drive the success across their organizations.