Privacy Policy

Privacy Policy

Preserving your privacy is very important to DoProcess (referred to as “we” or “us” in this policy). We are dedicated to providing you with superior service while protecting your privacy and safeguarding personal information. The purpose of this Privacy Policy is to tell you what personal information we collect about you, how we use it, whether we disclose it to anybody else, how long we keep it, and how you can request access to your personal information.

We regularly review our privacy policies and procedures and will promptly post any changes to this Privacy Policy. The last revision date for this Privacy Policy is: March 12, 2021

Personal Information

On-line privacy concerns focus primarily on the protection of personal information which an individual reasonably expects to be kept private. “Personal Information” is defined in Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) as information about an identifiable individual.

Collection and Use

We will only collect personal information by fair and lawful means. We will not use or share the personal information provided to us in ways unrelated to the purposes for which it was collected.

We collect or use personal information when we provide and promote, or when you license, purchase or register for, products, services, functionality and other opportunities, when our functionality serves as a conduit to a third party, or when we reasonably believe that it will help administer our business. Our collection of personal information is often required in order to facilitate the functionality that you are using on our system. The type of personal information collected depends largely on the functionality that you use. In addition, such personal information collected may change over time since the range of products, services and functionality that we offer continues to expand and the technology we use continues to change. By providing us with personal information and using our functionality, you are deemed to have provided your permission to the collection and use of such information.

We collect and use such personal information as is reasonably required to provide the requested services, products, or information, and as is otherwise required or permitted by applicable laws, including as follows:

  • Personal Information about yourself such as contact information (e.g. your name, company name, address, billing address, phone/fax numbers, e-mail address); billing information (e.g. such as credit card information); and information relating to the product, service or functionality that you are using.
  • Depending on which products and services you have subscribed to and which privacy preferences you have indicated to us, we may use your contact information to provide periodic newsletters or to provide notices regarding products and services.
  • We collect information from you that you submit through web forms, or by other means, to the Transaction Data Exchange “TDX” Service. By submitting information about another individual to TDX, you represent that you have, where required by applicable privacy laws, obtained the consent of such individuals to submit such information. We use information you submit to the TDX service as is reasonably required to provide the TDX service and by submitting information to the TDX service you consent to our disclosure of such information to the third parties with whom you agree to exchange data.
  • We collect usage information such as data collected by our web sites (through technologies such as cookies). This information is used solely for enabling us to provide you with a customized online experience and to find ways to improve our offerings to you. Although cookies are widely used, it may be possible to disable cookies via your browser settings. However, in so doing, our web sites may not function properly or optimally.

We may collect and use your information for additional purposes that may be identified at or before the time that the information is collected or used.

Obtaining Your Consent

We may obtain your consent to use personal information by your express consent or we may determine that consent has been implied by the circumstances. Express consent may be given in writing (for example in an e-mail, a web form, through a web chat, or on paper); or verbally in person, over the telephone, or through online voice communications; or by your actions (for example, logging into or pressing certain buttons on our web sites or your use of our products or services).

When we receive personal information from you that enables us to provide you with a requested product, service or functionality, your consent to allow us to deal with that personal information in a reasonable manner is implied. If you need to provide personal information about other individuals, you must first obtain their consent for these purposes prior to your disclosure to us.

Providing us with personal information is always your choice. When you use our products, services or functionality, we ask that you provide information that enables us to respond to your needs. In doing so, you consent to our collection, use and disclosure to appropriate third parties of such personal information for these purposes. You also authorize us to use and retain this personal information for as long as it may be required for the purposes described above.

Access and Corrections

You are entitled to access and verify your personal information. We will take reasonable steps to correct personal information that is not accurate.

Upon receipt of a written request, you will be able to review, within a reasonable time following such request, any personal information that is maintained in reasonably retrievable form. You may be required to provide specific identification information so that we can verify your identify before we provide you with the personal information we hold. Requests that require archival or other retrieval costs may be subject to a fee which will be communicated to you prior to retrieving the information. Access to your personal information may be denied in certain circumstances including when such denial is required or authorized by law or may have an unreasonable effect on other people’s privacy.

Disclosure

We may disclose personal information as follows:

  • to third party service providers or agents who provide services to or on behalf of us (which third parties are obligated to maintain confidentiality and security of the personal information and are restricted from using such information other than as authorized by us or as otherwise permitted by law);
  • to third parties when our functionality serves as a conduit to a third party, including to the third parties with whom you agree to exchange data using the UnityC;
  • as required by law; required to comply with a warrant or court order; related to an offence that has been or is about to be committed; required due to an emergency; made for the purpose of collecting a debt owed by you; protecting our rights and that of our users and third parties;
  • to our legal, financial, insurance, and other advisors or in connection with the sale, reorganization, or management of all or part of our business or operations; and
  • as consented to by you in this Privacy Policy and from time to time, including to fulfill any other purposes that are identified in this Privacy Policy or when the personal information is collected.

Use of Third-party virtual meeting data

Additionally, to provide users with access to third-party virtual meeting capabilities, Unity provides users with the capability to associate their third-party virtual meeting credentials with their Unity account.  The third-party virtual meeting application provides Unity with an access token, which is used to authenticate the user with the third-party virtual meeting application.  This allows Unity to create and update meetings on behalf of the user.  Unity also stores a link to the created meeting, so that it may be initiated from within Unity.

How we Access and use your third-part virtual meeting application data

If you provide your third-party account credentials in Unity, such as Google Meet, Zoom or Microsoft Teams, some information from those accounts (“Third-party Account Information”) may be used in your account with us if you authorize such transmissions. That Third-party Account Information transmitted to our Services is covered by this Privacy Policy.  Users may choose to no longer allow Unity to access their third-party virtual meeting information by deleting the third-party virtual meeting token associated with their account from the account management screen.  Users may access and correct information accessed from their third-party account through the third-party application.

Associating your Google Meet credential to your Unity account grants Unity the following access:

Associating your Microsoft Teams credential to your Unity account grants Unity the following access:

  • “User.Read”, this grants Unity access to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users. This is used by Unity to display the user’s name from the Unity Appointment window when creating a Microsoft Teams meeting with the appointment.
  • “User.ReadBasic.All”, this grants Unity access to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address, open extensions and photo. Also allows the app to read the full profile of the signed-in user. This is used by Unity to get the list of all the users this user can book meetings on behalf of.
  • “offline_access”, this grants Unity access to read and update user data, even when they are not currently using the app. This is mandatory when working with other scopes but not used by Unity.
  • “OnlineMeetings.Read”, this grants Unity access to read online meeting details on behalf of the signed-in user. This is used by Unity to retrieve the meeting details including the Meeting URL.
  • “OnlineMeetings.ReadWrite”, this grants Unity access to read and write online meeting details on behalf of the signed-in user. This is used by Unity to create a meeting on behalf of a user.

Associating your Zoom credential to your Unity account grants Unity the following access:

  • “meeting:write:admin”, this grants Unity access to view and manage all the user meetings. This is used by Unity to book meetings on behalf of the user.
  • “user:read:admin”, this grants Unity access to view all user information in read-only mode. This is used by Unity to list all the users in the authorized user’s Zoom account to book meeting with them.

Storing and Sharing of third-part virtual meeting application data

Unity does not store any of the third-party virtual meeting application user information nor shares third-party virtual meeting application user data with any external system or parties.  Unity only retains a link to the Virtual Meeting created and an access token associated with the user’s third-party virtual meeting account, which is used to authenticate the user with the third-party virtual meeting application.  The link to the meeting and the access token are stored in accordance with this Privacy Policy.

Safeguards

We employ physical, electronic and procedural safeguards to protect our systems and all personal information under our control against unauthorized access and use. All safety and security measures are appropriate to the sensitivity level of the information collected.

Inquiries

If you have any questions, comments or concerns about our Privacy Policy, please contact our Privacy Officer at:

Privacy Officer
DoProcess

199 Bay St. (Commerce Court West)
Suite 4610
Toronto, Ontario
M5L 1E9

Tel: 416.322.6111
Email privacy@doprocess.com