PRIVACY POLICY

Saaf Company Incorporated

Personal Information Protection Policy

Saaf Company Incorporated (“Saaf”) is committed to safeguarding the personal information entrusted to us by our clients and employees. We manage your personal information in accordance with any applicable privacy and personal information laws. This policy outlines the principles and practices we follow in protecting your personal information. A copy of this policy is provided to any client or employee upon request.

This policy does not impose any limits on our collection, use or disclosure of business contact information or certain publicly available information.

Scope of this Policy

This policy applies to Saaf Company Incorporated and its subsidiaries. The policy also applies to any person providing services on our behalf.  

Personal Information

Personal information means information about an identifiable individual. This includes, but is not limited to, an individual’s name, home address and phone number, age, sex, marital or family status, medical history, visual images, an identifying number, financial information, educational history, etc.

Privacy legislation does not apply to business contact information. Business contact information is information that would enable an individual to be contacted at a place of business and includes the individual’s name, position name or title, business telephone number, business address, business email or business fax number. We are allowed to collect, use and disclose business contact information without consent as long as it is solely for the purpose of contacting an individual in relation to his or her business responsibilities.

Collecting Personal Information

When collecting your personal information, we will tell you why we want to collect the information and will provide, on request, contact information for a designated team member who can answer questions about the collection.

We collect, use and disclose your personal information for the following purposes:

·       To understand your needs and recommend our services at your request;

·       To provide the services you request;

·       To gather additional information from publicly available resources that will help us provide the services you request;

·       To maintain accurate records of services and treatment;

·       To bill accounts, maintain payment records and collect unpaid accounts;

·       To comply with legal and regulatory requirements and to act pursuant to legal authorizations;

·       To manage and monitor the employment relationship, including the hiring process, administering benefits, meeting regulatory and legal requirements, monitoring and addressing employee performance, providing reference information to third parties regarding our current and former employees, etc.;

·       To manage our business operations;

·       To share relevant part of information gathered to help service providers of energy efficiency upgrades provide us with quotes for their services;

 

If we want to use your personal information for a new purpose, we will inform you of this and ask for your consent unless the new purpose is permitted or authorized by law.

We will only collect the information we need for the stated purpose or as authorized by law.

Use of Service Providers Outside Canada

The Saaf website(“https://www.saaf.io/”) has been built with third party cloud-based tools, software and apps, and as such any and all personal data collected will be stored on these third party tools, software and apps’ systems, which may be outside of Canada (primarily in the U.S.A.).

Your data will only be accessible by members of Saaf and will be used for the purposes stated above.

Accountability

We have appointed a team member to oversee our compliance with this policy. We inform and train staff on privacy issues.

We will only share personal information with third parties to assist in fulfilling the stated purpose, or as authorized ore required by applicable law. Any third party’s use must adhere to our privacy policies or otherwise be permitted bylaw.

Consent

We will obtain consent to collect, use or disclose your personal information, except where we are authorized or required by law to do so without consent. For example, we may collect, use or disclose personal information without your knowledge or consent where:

·       We are required or authorized by law to do so (for example, if a court issues a subpoena)

·       The information is publicly available, as defined by statute or regulation;

·       The disclosure is made to a public body and the public body is authorized or required to collect the information from us;

·       The use of the information is necessary in order to collect a debt owed to us;

·       We are obtaining legal advice;

·       There is an emergency that threatens an individual’s life, health or personal security; or

·       We reasonably expect that obtaining consent would compromise an investigation or proceeding.

Other exceptions may apply.

Your consent can be express, implied, or given through an authorized representative such as a lawyer, agent or broker.

You may provide consent orally, in writing, electronically, through inaction (such as when you fail to notify us that you do not wish your personal information collected/used/disclosed for various purposes after you have received notice of those purposes) or otherwise. We may assume your consent in cases where you volunteer information for an obvious purpose.

You may withdraw consent at any time subject to legal, contractual and other restrictions, provided that you give reasonable notice to us. A client or employee’s decision to withdraw their consent to certain uses of their personal information may restrict our ability to provide a particular service or product. If so, we will explain the situation to assist the client or employee in making the decision.

Using and Disclosing Personal Information

We will only use personal information for the original purpose for which it was collected, or for a purpose reasonably related to that purpose, unless we have consent or are authorized by law to use the personal information for different purposes.

We will not disclose client or employee personal information for any additional purpose unless we obtain consent to do so are authorized by law to disclose the personal information for a different purpose.

Use of Appropriate Safeguards

We safeguard your personal information against unauthorized access, use, disclosure, copying or modification.

We make every reasonable effort to ensure that client and employee information is accurate and complete in relation to the purposes for which that information was collected. We rely on our clients and employees to notify us if there is a change to their personal information that may affect their relationship with us. If you are aware of an error in our information about you, please let us know and we will correct it on request wherever possible. In some cases we may ask for a written request for correction.

We protect client and employee personal information in a manner appropriate to the sensitivity of the information. We make every reasonable effort to prevent any loss, misuse, disclosure or modification of personal information, as well as unauthorized access to personal information.

Where required to do so, we will notify appropriate officials, without delay, of a security breach affecting personal information if it creates a real risk of significant harm to individuals.

We will retain client or employee personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose.

Within a reasonable period of time after we no longer reasonably require the personal information for legal or business purposes we will destroy the records containing the personal information, or render the personal information non-identifying so that it can no longer be used to identify an individual.

We will take appropriate security measures when destroying client personal information to prevent unauthorized access to the information.

Access to Records Containing Personal Information

We will give you reasonable access to your personal information upon request. We may charge a reasonable fee for doing so. Clients and employees have a right to access their personal information, subject to limited exceptions. For example, we may refuse to provide access to information if:

·       The information is protected by any legal privilege;

·       The information would reveal personal information about another individual;

·       The information would reveal the identity of an individual who has, in confidence, provided an opinion about another individual and the individual providing the opinion does not consent to the disclosure of his or her identity; or

·       The disclosure of the information could reasonably be expected to threaten the life or security of another individual.

Other reasons for refusal may apply.

If we refuse a request in whole or in part, we will provide reasons for the refusal.

You may make a request for access to your personal information by writing to Vikram V. Balasubramanian – Founder/CEO. You must provide sufficient information in your request to allow us to identify the information you are seeking. We will respond to your request within 45 calendar days, unless an extension is granted.

Questions and Complaints

If you have a question or concern about any collection, use or disclosure of personal information by the ‎Saaf Company Incorporated, or about a request for access to your own personal information, please contact Vikram V. Balasubramanian –Founder/CEO in the first instance. If you are not satisfied with the response you receive, you should contact the office of the Privacy Commissioner.