Thanks for using picMatch. This policy explains the what, how, and why of the information we collect when you use our Services. It also explains the specific ways we use and disclose that information. We take your privacy extremely seriously, and we never sell lists or email addresses.
We’ll start by getting a few definitions out of the way that should help you understand this policy. When we say “we,” “us,” and “picMatch,” we’re referring to picMatch inc., a Canadian, federally incorporated corporation. We provide online platforms that you may use to search for and monitor usage of your pictures online (the “Services”). When we say “you” or “Member,” we’re referring to the person or entity that’s registered with us to use the Services.
We offer the Services on our website http://www.picmatch.ca. While providing the Services, we may collect Personal Information, which means information about a Member or Subscriber.
4. Questions & Concerns
If you have any questions or comments, or if you want to update, delete, or change any Personal Information we hold, or you have a concern about the way in which we have handled any privacy matter please use our contact form to get in touch. You may also contact us by postal mail or email at:
Attn. Privacy Officer
521 St-Christophe St.
Montréal, QC, Canada H2L 5E4
5. Information We Collect
Information from your Use of the Service: We may get information about how and when you use the Services, store it in log files associated with your account, and link it to other information we collect about you. This information may include, for example, your IP address, time, date, browser used, and actions you’ve taken within the application.
Cookies and Tracking: When you use picMatch, we may store “cookies,” “tags,” or “scripts,” which are strings of code, on your computer. We and our analytics Service Providers (like Google) use those cookies to collect information about your visit and your use of our Website or Services. You may turn off cookies that have been placed on your computer by following the instructions on your browser, but if you block cookies, it may be more difficult (and maybe even impossible) to use some aspects of the Services.
Web Beacons: When we send emails to Members, we may track behavior such as who opened the emails and who clicked the links. We do that to measure the performance of our email campaigns and to improve our features for specific segments of Members. To do this, we include single pixel gifs, also called web beacons, in emails we send. Web beacons allow us to collect information about when you open the email, your IP address, your browser or email client type, and other similar details. Reports are also available to us when we send email to you, so we may collect and review that information.
Information from the use of our Mobile Apps: When you use our mobile apps, we may collect information about the type of device and operating system you use. We may ask you if you want to receive push notifications about activity in your account. If you opt in to these notifications and no longer want to receive them, you may turn them off through your operating system. We don’t access or track any location-based information from your mobile device unless you’ve given us permission. We may use mobile analytics software (like google analytics and application insights) to help us better understand how people use our application. We may collect information about how often you use the application and other performance data. We don’t collect or link that data with any personally identifiable information.
Use and Disclosure of Your Personal Information
We may use and disclose your Personal Information only as follows:
To promote use of our Services.
For example, if you leave your Personal Information when you visit our Website and don’t sign up for any of the Services, we may send you an email asking if you want to sign up. And if you use any of our Services and we think you might benefit from using another Service we offer, we may send you an email about it. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email we send.
To send you informational and promotional content that you may choose (or “opt in”) to receive. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
To bill and collect money owed to us. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments. To learn more about the steps we take to safeguard that data, see Section 12 below.
To communicate with you about your account and provide customer support.
To protect the rights and safety of our Members and third parties, as well as our own.
To meet legal requirements like complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
To provide information to representatives and advisors, like attorneys and accountants, to help us comply with legal, accounting, or security requirements.
To prosecute and defend a court, arbitration, or similar legal proceeding.
To provide, support, and improve the Services we offer. This includes aggregating information from your use of the Services and sharing such Aggregated Information with third parties.
To provide suggestions to you. This includes adding features that compare Members’ email campaigns, or using data to suggest other publishers your Subscribers may be interested in.
7. Data Collected for and by our Users.
As you use our Services, you may import into our system, personal information, including your pictures. We do not care if you own the copyright to those images or not. You are responsible to obtain any required permission to use the pictures you upload to our system. We may transfer personal information to companies that help us provide our Services (“Service Providers.”) All Service Providers enter into a contract with us that protects personal data and restricts their use of any personal data in line with this policy. As part of our Services, we may use and incorporate into features information you’ve provided or we’ve collected about Subscribers as Aggregate Information. We may share this Aggregate Information, including Subscriber email addresses, with third parties in line with the approved uses in Section 6.
We’ll retain personal data we process on behalf of our Members for as long as needed to provide services to our Members or to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.
8. Public Information and Third Parties
Blog. We have public blogs on our Websites. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information appears on our blogs and you want it removed, contact us here. If we’re unable to remove your information, we’ll let you know why.
Social Media Platforms and Widgets. Our Websites include social media features, like the Facebook Like button. These features may collect information about your IP address and which page you’re visiting on our site, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. We also maintain presences on social media platforms like Facebook, Twitter, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.
Service Providers. If it’s necessary to provide you something you’ve requested, like send you a T-shirt or enable a feature like Social Profiles, then we may share your personal information to a Service Provider for that purpose. We’ll tell you we’re working with a Service Provider whenever reasonably possible, and you may request at any time the name of our Service Providers.
Contest and Sweepstakes
We may, from time to time, offer surveys, contests, sweepstakes, or other promotions on our Websites or through social media (collectively “Our Promotions”). Participation in our Promotions is completely voluntary. Information requested for entry may include personal contact information like your name, address, date of birth, phone number, email address, username, and similar details. We use the information you provide to administer Our Promotions. We also may, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about our Services. We may share this information with our affiliates and other organizations or Service Providers in line with this policy and the rules posted for the Promotion.
Content of Email Campaigns
When you send an email marketing campaign, it bounces around from server to server as it crosses the Internet. Along the way, server administrators can read what you send. Email wasn’t built for confidential information. If you have something confidential to send, please don’t use picMatch.
11. Your Pictures
Your Pictures are stored on a highly secure private storage server, hosted by a highly trustable third party service provider (Microsoft). We don’t, under any circumstances, sell your Pictures or data about your pictures, this includes statistics about matches found.
When you upload your pictures to your account, we store only small versions of the images, resized to a minimum usable size for our system to use.
We will not use or disclose your pictures to anyone.
We may derive Aggregate Information from your Pictures, their related matches to provide statistics helpful to us.
12. Notice of Breach of Security
Nobody is safe from hackers. If a security breach causes an unauthorized intrusion into our system that materially affects you or people on your Distribution Lists, then picMatch will notify you as soon as possible and later report the action we took in response.
13. Safeguarding Your Information
Our credit card processing vendor uses security measures to protect your information both during the transaction and after it’s complete. Our vendor is certified as compliant with card association security initiatives, like the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC). We also perform annual SOC II audits. If you have any questions about the security of your personal information, you may contact us at firstname.lastname@example.org.
picMatch accounts require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party. Account passwords are encrypted, which means we can’t see your passwords. We can’t resend forgotten passwords either. We’ll only reset them.
14. We Operate in the United States
Our servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, we take many steps to protect your privacy, including offering a data processing agreement. By using our Websites, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in the United States and those third parties with whom we share it as described in this policy.
15. Data Transfers from your country, to the United States and Canada
picMatch has certified our compliance with the U.S.–E.U. and U.S.–Swiss Safe Harbor Framework. In light of a recent European Court of Justice ruling, we no longer rely on the Safe Harbor Framework to justify the transfer of the personal data of European and Swiss residents to the United States. Instead Members located in the EU or Switzerland must request our updated data processing agreement which incorporates the Standard Contractual Clauses here.
16. Members located in Australia
If you are a Member who lives in Australia then this section applies to you. We are subject to the operation of the Privacy Act 1988 (“Australian Privacy Act”). We have some specific points to make you aware of.
Where we say we assume an obligation about Personal Information then we are also requiring our subcontractors to undertake a similar obligation, where relevant.
We will not use or disclose personal information for the purpose of our direct marketing to you unless: you have consented to receive direct marketing; you would reasonably expect us to use your personal details for the marketing; or we believe you may be interested in the material but it is impractical for us to obtain your consent. You may opt out of any marketing materials we send to you through an unsubscribe mechanism or by contacting us directly. If you have requested not to receive further direct marketing messages, we may nevertheless continue to provide you with messages that are not regarded as “direct marketing” under the Australian Privacy Act, including changes to our terms, system alerts and other information related to your account.
Our servers are primarily located in the United States and Canada. In addition, we, or our subcontractors, may utilize cloud technology to store or process personal information, which may result in storage of data outside of Canada. It is not practicable for us to specify in advance which country will have jurisdiction over such off-shore activities. All of our subcontractors, however, are required to comply with the Canadian Privacy Act in relation to the transfer or storage of Personal Information overseas.
If you think the information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps, consistent with our obligations under the Canadian Privacy Act, to correct that information if you so request.
If you are unsatisfied with our response to a privacy matter, then you may consult either an independent advisor or contact the Office of the Canadian Information Commissioner for additional help. We will provide our full cooperation if you pursue this course of action.
17. Accuracy of Data, Transparency, and Choice
We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do that. If your data changes (like a new email address), then you’re responsible for notifying us of those changes.
We’ll retain your information for as long as your account is active or as long as needed to provide you services. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our Agreements.
We’ll give an individual, access to any Personal Information we hold about them within 30 days of any request for that information. Individuals may request this information from us by contacting us here. Unless it’s prohibited by law, we’ll remove any Personal Information about an individual, be it you or a Subscriber, from our servers at their request. There is no charge for an individual to access or update his or her personal information.
18. Do Not Track Disclosure
“Do Not Track” is a standard that’s currently under development. Because it’s not yet finalized, picMatch adheres to the standards in this policy and does not monitor or follow any Do Not Track browser requests. That said, some of our features may.