1-866-F12-8782

BOOK A CONSULTATION

I am a Business Leader

I am an IT Leader

1-866-F12-8782

BOOK A CONSULTATION

F12.net Privacy Policy

Introduction

F12.net is a technology company headquartered in Edmonton, focused on providing MSP and IT services to small, medium, and large businesses. For more information about our services, please refer to our website: https://f12.net.

This Privacy Policy applies to F12.net (“we”, “our”, or “us”) and outlines our practices regarding the collection, processing, use, and disclosure of personal information provided by website users, employees, contractors, agents, and existing/prospective customers. This Privacy Statement applies whether or not the collection, processing, use, and/or disclosure of personal information occurs online. In this Privacy Statement, “you” and “your” refer to each of the individuals described above.

Our privacy management practices are developed in accordance with applicable Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and the General Data Protection Regulation (GDPR), as well as with our contractual commitments.

Our websites may contain links to other websites maintained exclusively by third parties. We are not responsible for their content or privacy practices. We encourage you to read the privacy policy of every website you visit.

The website www.f12.net is primarily for residents of Canada and the United States who are at least 18 years of age.

In the event of a conflict between the terms of this Privacy Statement and a Master Services Agreement currently in effect between F12 and a customer, this Privacy Statement shall prevail to the extent necessary to resolve the conflict.

What is Personal Information?

Personal information is any piece of information that can be used to identify you and may include, without limitation, the following:

  • Race, ethnic origin, age, and marital status
  • Personal address, telephone number, and numerical identifiers (e.g., social insurance number, employee number)
  • Income, disciplinary status, employee files, credit or loan records, and intentions (e.g., to change jobs)
  • Education, employment, and financial history
  • Personal health information
  • Personal opinions, evaluations, and comments

The 10 Principles of Privacy

This Privacy Statement incorporates the following 10 principles:

1. Accountability
2. Identifying Purpose – Why We Collect Information
3. Consent
4. Limiting Collection
5. Limiting Use, Disclosure, and Retention
6. Accuracy
7. Safeguarding Personal Information
8. Openness – Keeping You Informed
9. Providing Individual Access
10. Challenging Compliance

Changes to how we handle your personal information shall be reflected in timely updates to this Privacy Statement. We reserve the right to add, modify, or remove portions of this Privacy Statement as permitted by law. You can determine when this Privacy Statement was last updated by referring to the “last revised” date at the end of this Privacy Statement. Changes will apply to personal information collected from the applicable “last revised” date as well as to existing personal information under F12’s control.

1.0 – ACCOUNTABILITY

F12 is responsible for maintaining and protecting personal information under its control. Our Privacy Officer(s) may be contacted via the Contact form at the bottom of this page. In conjunction with F12’s Legal Advisors, our Privacy Officer(s) is responsible for analyzing all personal information handling practices at F12 and ensuring this Privacy Statement is up-to-date. On occasion, specific Privacy Statement responsibilities may be assigned by our Privacy Officer(s) to other F12 staff members.

Protecting privacy is an integral part of our services. All F12 employees, contractors, and agents with access to personal information are required to treat personal information in accordance with this Privacy Policy.

2.0 – PERSONAL INFORMATION WE COLLECT

We may collect the following information about you from our websites:

  • Information you provide by filling in forms or submitting resumes on our site (www.f12.net) or customer sites operated by F12 for recruitment purposes. This includes information provided when registering to use our site, subscribing to our service, posting material, or requesting further services. We may also ask for information when you enter a competition or promotion sponsored by F12 and/or when you report a problem with our site.
  • Records of correspondence if you contact us.
  • Survey responses for research purposes, although responses are not mandatory.
  • Details of transactions carried out through our site and fulfillment of services.
  • Details of your visits to our site, including traffic data, location data, IP addresses, weblogs, and other communication data.

We collect personal information for the following purposes:

  • To fulfill your transaction request or for marketing purposes.
  • To develop or enhance services and products and inform you of such developments.
  • To allow you to participate in interactive features of our service when you choose to do so.
  • To manage and develop F12’s business and operations, including personnel and employment matters.
  • To ensure content from our site is presented in the most effective manner for you and your computer.
  • To meet legal and regulatory requirements.

If we propose to use your personal information for a purpose not previously identified, we will inform you of the new purpose prior to its use and confirm your consent.

If you purchase services from our website(s) or by telephone using a credit card, your credit card information will only be used for credit card processing purposes.

3.0 – CONSENT

At the time of collection or in advance, we will use clear, understandable language to confirm your consent to use your personal information. Before deciding the form of consent (e.g., direct vs. implied, written, verbal, electronic), we will consider the type of personal information required, the reason for its use, and the type of contact involved. Providing personal information is always your choice.

If you do not want to receive marketing communications from us, you may opt-out by checking the appropriate box on the submission form or notifying the Privacy Officer.

4.0 – LIMITING COLLECTION

We collect and process information by fair and lawful means. We only collect and process personal information for specific, limited purposes in accordance with this Privacy Statement.

Our websites use standard technology called “cookies” to collect information about how our websites are used. A cookie is a small data file that a website can send to a browser, which may then be stored on your computer as an anonymous “tag” that identifies your computer but not you. Cookies help make your visit to our websites more user-friendly. Cookies cannot retrieve any other data from your hard drive or obtain your email address. Only F12 can use our cookies to determine your identity. Any personal information collected through our use of cookies will be treated according to this Privacy Statement.

5.0 – LIMITING USE, DISCLOSURE, AND RETENTION

We use your personal information to:

  • Deliver contracted services and allow full use of the application functionality as purchased by the clients.
  • Deliver training and support to our application end users and/or carry out the transactions you have requested.
  • Communicate with you directly through emails, calls, chats, and video conferencing.
  • Process payments for application subscriptions.
  • Send communications about:
    • New application features and upgrades
    • Our services and offerings
    • Event announcements
    • Product notices and changes to our terms and policies
    • Particular programs in which you have chosen to participate
    • Promotional offers and surveys
    • Scheduling demos and managing free trials
  • Advertise and market our products and services, including delivering interest-based advertisements on this website and other sites or content syndication platforms and websites.
  • Conduct market research to improve our services and their delivery.
  • Create and manage marketing campaigns.
  • Generate sales leads and increase our market share.
  • Analyze user clicks and usage of the application and website to improve user experience and maximize usage of our services.
  • Manage our website and application to maintain and deliver contracted functionality and services.
  • Enforce our website and application terms and/or separate contracts (if applicable) with you.
  • Prevent fraud and other prohibited or illegal activities.
  • Protect the security or integrity of the website, application, our business, or services.
  • As disclosed to you at the point of collection or as required or permitted by law.

We do not sell customer lists or other personal information to third parties. However, disclosures of your personal information may occur in the ordinary course of business to our partners, consultants, and suppliers who agree to abide by this Privacy Statement.

Disclosures and Transfers for Processing: F12 discloses customer personal information only as required or permitted by contract or applicable law. Customer personal information may be stored, transferred, viewed, accessed, processed, handled, or otherwise used outside Canada by F12 or our service providers. Such information is protected with appropriate security safeguards but may be available to foreign government agencies under applicable law.

Records Retention: We retain personal information for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Our retention periods are based on the following criteria:

  • Legal Requirements: Compliance with applicable legal and regulatory requirements regarding data retention.
  • Business Needs: Retaining personal information for the duration of our business relationship with you and as needed to manage our business operations.
  • Service Improvement: Retaining usage data and other relevant information to analyze trends and improve our services, typically for a period of 2 years.

When personal information is no longer needed, we ensure its secure deletion using industry-standard practices. This includes:

  • Physical Measures: Shredding and securely disposing of physical documents.
  • Technological Measures: Using data deletion and encryption tools to securely erase digital information.

6.0 – ACCURACY

We encourage you to review and confirm the accuracy of all personal information provided to us. To the extent that updated personal information is relevant to the purpose(s) for which it was originally collected, we will make reasonable efforts to keep your personal information accurate and up-to-date based on the information that you provide. If you find any errors in your personal information, please contact the Privacy Officer as soon as possible (by mail or e-mail – see Section 1 above) and we will make the appropriate corrections.

7.0 – SAFEGUARDS

We use security safeguards appropriate to the sensitivity and nature of the personal information being protected to guard against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. Our measures of protection include:

  • Physical Measures: Locking filing cabinets and restricting access to offices.
  • Organizational Measures: Security passes and limiting access to personal information on a “need-to-know” basis.
  • Technological Measures: Firewalls, intrusion detection, passwords, and encryption.
  • Procedural Measures: Shredding sensitive personal information.

To protect the security, integrity, availability, and confidentiality of personal information, we implement, maintain, update, and monitor the following measures:

  • Technical Safeguards: Secure by Design methodology, access controls, unique usernames and passwords, two-factor authentication, encryption, tokenization, endpoint security software, and intrusion detection systems.
  • Administrative Safeguards: Governance structure promoting privacy, secure disposal of media, least privilege access control, risk assessment, and privacy training for employees.
  • Physical Safeguards: Secured facilities with restricted access, professional security staff, automatic fire detection and suppression equipment, and redundant power systems.

Compliance with Canada’s Anti-Spam Legislation (CASL): We comply with Canada’s Anti-Spam Legislation (CASL). This means that:

  • Consent: We obtain explicit consent before sending commercial electronic messages. You can provide consent by subscribing to our services, filling out a form, or any other affirmative action that indicates your consent.
  • Unsubscribe Mechanism: Every commercial electronic message we send contains an unsubscribe mechanism, allowing you to withdraw your consent at any time. You can unsubscribe by clicking the link in the email or contacting us at privacyofficer@f12.net.
  • Record Keeping: We maintain records of consent, including the date and manner of consent, to ensure compliance with CASL requirements.

8.0 – OPENNESS CONCERNING POLICIES AND PRACTICES

We strive to make information about our policies and practices accessible and easy to understand. This Privacy Policy is available on our privacy page at https://f12.net/privacy.

9.0 – INDIVIDUAL ACCESS

We provide the following rights to all individuals regardless of their location or applicable privacy regulations:

  • Access your personal information or request a copy.
  • Change or correct your personal information.
  • Delete or erase your personal information.
  • Object to the processing of your personal information.
  • Ask us to restrict the processing of your personal information.
  • Export your personal data.

We will direct inquiries and requests made by end-users to the appropriate customer, and we will assist customers with their obligations to notify affected individuals and/or report incidents.

Incident Management: We have established practices and procedures for incident readiness and response to identify the cause, extent, and nature of incidents involving personal information. We will provide reasonable and timely assistance to our customers to investigate and assist with their obligations to notify affected individuals and regulatory authorities.

10.0 – CONTACTING US

You may contact us to exercise any of your rights or ask for more information about your personal information and our privacy practices by contacting us at privacyofficer@f12.net.

Appendix

A.1 For Individuals Based in the European Economic Area (EEA), United Kingdom (UK) and Switzerland

If you are based in one of these jurisdictions, F12.net is the controller of your personal data collected in the following instances:

  • When you visit our website https://f12.net/
  • When we process your personal data for sales and marketing purposes

F12.net is a processor of all personal data processed on the application, on behalf of our clients. We only process the personal data under their direction. Please contact your employer or the organization that granted you access to the application for details on their privacy practices.

We only process personal data if we have a lawful basis for doing so. The lawful bases applicable to our processing as controller are:

  • Consent: We will ask for your express and informed consent every time we collect your personal data on this legal basis.
  • Contractual basis: We process the personal data as necessary to fulfill our contractual terms with you or our clients.
  • Legitimate interest: We process the names, contact details, job titles, companies of our existing and prospective clients for our marketing purposes, including market research and sales leads generation.

You have the following rights under the GDPR:

  • Be informed about the collection and use of your personal data
  • Access your personal data
  • Correct errors in your personal data
  • Erase your personal data
  • Object to the processing of your personal data. This right is also available to individuals whose personal data is processed by us for direct marketing purposes. If you object to the processing of your personal data for direct marketing purposes, we shall stop processing within 30 days of receipt of your request.
  • Export your personal data
  • Restrict our processing of your personal data for specific reasons, including any of the purposes supported by the legitimate interest legal bases (see Section 9 below).
  • Not to be subject to a decision based solely on automated decision making

We process personal data in Canada and the US and share it with our service providers in Canada and the US and other jurisdictions. We use standard contractual clauses, approved by the European Commission or competent UK authority (as applicable), as the data transfer mechanism for transferring personal data from the EEA or UK to other countries subject to data transfer requirements. See the table of our service providers here. (link to the table above)

You may contact us at privacyofficer@f12.net or you may contact our EU Data Representative at:

privacyofficer@f12.net

You may also lodge a complaint with your local supervisory authority:

  • EU Data Protection Authorities (DPAs). See their contact details here National Data Protection Authorities.
  • Information Commissioner’s Office (ICO)
  • Swiss Federal Data Protection and Information Commissioner (FDPIC).

A.2 For Individuals Based in The United States

Under the California Privacy Rights Act (‘CPRA’) – which amended and expanded on CCPA, Connecticut Data Privacy Act (‘CTDPA’), Virginia Commonwealth Data Protection Act (‘CDPA’), Utah Consumer Privacy Act (‘UCPA’), and the Colorado Privacy Act (‘CPA’), consumers may be able to exercise the following rights in relation to the personal information about them that we have collected (subject to certain limitations at law):

  • The right to access/know any or all of the information relating to your personal information that we have collected, processed or disclosed in the preceding 12 months (upon verification of your identity). For details on the categories of personal information we have collected and/or shared, refer to Section “2.0 Personal Information We Collect” and “4.0 How We Share Personal Information” in the notice. F12.net will provide a copy of the consumer’s personal data in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance.
  • The right to request the deletion of personal information we have collected from you.
  • The right to opt-out of personal information sales to third parties now or in the future. However, we do not sell your personal information.
  • The right to opt-in to personal information sales to third parties for consumers under the age of 16. However, we do not sell personal information of minor consumers.
  • The right to opt-out of sharing of personal information to third parties now or in the future. To view the information we have shared in the preceding 12 months, refer to section “4.0 How We Share Personal Information” in the notice.
  • The right to request rectification/correction of inaccurate personal information, considering the nature and purposes of the processing of the information. (Not Applicable under UCPA)
  • The right to limit use and disclosure of sensitive personal information to that which is necessary to perform the services or provide the goods reasonably expected by an average consumer. (Applicable under CCPA, as amended by CPRA)
  • The right to opt-out of the processing of sensitive personal information (I.e., data that reveals ethnic or racial origin, mental or physical health diagnosis, religious beliefs, sexual orientation, or citizenship or immigration status. (Applicable under UCPA)
  • The right to opt-out of targeted advertising. (Applicable under CPA, CTDPA, UCPA, VCDPA)
  • The right to opt-out of profiling in connection with automated decisions. (Applicable under CPA, CTDPA, UCPA)

Please note that if exercising these rights limits our ability to process personal information (such as a deletion request), we may no longer be able to provide you with our products and services or engage with you in the same manner. Additionally, F12.net has established processes (including reviewing business processes, systems and resources on a periodic basis) to ensure consumers who exercise any of the above rights under US state privacy laws are not discriminated against.

A.2.1 How to Exercise Your Consumer Rights

To exercise any of your right mentioned above, please submit a request by contacting us at privacyofficer@f12.net.

We will need to verify your identity before processing your request.

In order to verify your identity, we will generally require sufficient information from you so that we can match it to the information we maintain about you in our systems. Sometimes we may need additional personal information from you to be able to identify you. We will notify you.

We may decline a request where we cannot verify your identity or locate your information in our systems or as permitted by law. In this case, we may request that you provide additional information reasonably necessary to authenticate you and your request.

You may choose to designate an authorized agent to make a request under the CCPA on your behalf. No information will be disclosed until the authorized agent’s authority has been reviewed and verified. Once an authorized agent has submitted a request, we may require additional information (i.e., written authorization from you) to confirm the authorized agent’s authority.

If you are an employee/former employee of a F12.net client that uses our application and services, please direct your requests and/or questions directly to your employer or former employer.

If you are a third party (auditor, business associate, etc.), who was given access to the F12.net application by a F12.net client, please direct your requests and/or questions directly to the F12.net client that gave you access.

If F12.net does not take action on your Consumer Rights Request within the 45 days, or in the event of an extension, within the maximum 90-day response period, we will inform you in writing of the reasons for not taking action, as well as provide an explanation of any rights you have to appeal the decision. For opt-out or limit use and disclosure requests submitted under the CCPA, F12.net will respond as soon as feasibly possible, with up to a maximum of 15 days.

For consumers residing in Virginia, within 60 days of receipt of an appeal, and for consumers residing in Colorado, within 45 days of receipt of an appeal, F12.net will inform the consumer, in writing, of any action taken/not taken in response to the appeal, including an explanation of the reasons for the decisions. If the appeal is denied, F12.net will provide consumers with an online mechanism, if available, or another method which allows the consumer to contact the Attorney General to submit a complaint.

Minors Under Age 16

Our application and services are intended for business use, and we do not expect them to be of any interest to minors. We do not intentionally collect any personal information of consumers below the age of 13. If you believe that a child under 13 may have provided us their Personal Information, please contact us at privacyofficer@f12.net. Following contact, F12.net will request the age of data subject that is minor and get the consent of the holder of the parental responsibility for the minor, where F12.net needs to process that personal information.

A.3 For Individuals Based in Australia

This section is applicable to individuals whose personal information is collected, stored, used or disclosed by an APP Entity under the Australian Privacy Principles (“APPs”) contained in the Privacy Act of 1988.

A.3.1 Providing Anonymous and Pseudonymous Options

You have the option of anonymity or using a pseudonym when dealing with F12.net. However, this option may not be made available to you in certain cases, including if it’s impractical for F12.net to allow this option or when F12.net is required or authorized to deal with an identified individual by or under the law.

A.3.2 Collection, Use and Disclosure of Personal Information

F12.net collects personal information only by lawful and fair means. Additionally, F12.net collects personal information directly from you or your authorized representative, unless we have your consent for collection from another source (i.e., third parties), it is required or authorized by law, or it is unreasonable to collect the information only from you. F12.net may collect ‘sensitive information’ about you where you have consented to the collection and it is reasonably necessary for one of our functions or activities or if it is required or authorized by law.

F12.net only uses and discloses your information for the purpose for which it was collected (the primary purpose) unless one or more of the following apply:

  • You have consented
  • You would reasonably expect the secondary purpose
  • It is required or authorized by or under law
  • F12.net believes that it is reasonably necessary for an enforcement body’s activities

We disclose your personal information with our service providers in and other jurisdictions. We do not disclose your personal information to any overseas recipients unless one of the following applies:

  • You have consented to the disclosure
  • The recipient is subject to a law or binding scheme substantially similar to the APPs, and you can enforce that law/binding scheme
  • It is required or authorized by law
  • It is required or authorized by an international agreement relating to information sharing
  • It is reasonably necessary for an enforcement body’s or similar entity’s activities

See the table of our service providers here. (link to the table above)

A.3.3 Your Rights Under the APPs

You have the following rights related to the collection, use and disclosure of your personal data:

  • Be informed about the collection and use of your personal data
  • Access your personal information
  • Correction of your personal information to ensure accuracy and completeness
  • Request to not receive direct marketing communications from us or to not disclose your personal information to others for direct marketing purposes

If you wish to access your personal information or correct that information, please contact us at privacyofficer@f12.net. You may opt-out (unsubscribe) of receiving marketing communications by using the links provided in our emails. If you are unable to find the opt-out instructions, please contact us at privacyofficer@f12.net for assistance.

If you are concerned about F12.net’s handling of your personal information, you may lodge a complaint in writing to either the mail or email address listed below and we will provide a written response to your complaint within a reasonable time (30 days).

If you are not satisfied with our response, you may be able to submit a complaint to an external dispute resolution (EDR) scheme at privacyofficer@f12.net.

You may also complain directly to the Office of the Australian Information Commissioner (OAIC) by:

  • Email: enquiries@oaic.gov.au (be aware that email isn’t encrypted, if you’re concerned about this, use the online form on OAIC’s website which is secure)
  • Mail: GPO Box 5218, Sydney NSW 2001 (send it by registered mail if you’re concerned about sending it by standard post)
  • Fax: 02 9284 9666