Effective Date: June 12, 2018
- Your Consent
- Adults Only
Due to the nature and sensitivity of the personal information that can be populated on the Platform, we do not permit minors to register for the Platform as a user. If you are under the age of 13 you may not provide any personal information about yourself. Onist does not knowingly collect, disclose or store personal information from children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with personal information, please contact us using our contact information provided in the “How to Contact Us” section below and provide us with as much information as reasonably necessary for us to locate and delete such personal information. In the event we become aware of a child under the age of 13 sending us personal information, we will delete such personal information as soon as possible.
- What is Personal Information?
Personal information means information about an identifiable individual. If information can be traced back to an individual, either through a name, address or a combination of other data elements such as job, postal code and type of car, that information is considered personal information.
- How do We Collect Your Personal Information?
The personal information residing on the Platforms is determined entirely by you and the other users. You decide what information to provide us with, either directly or indirectly. You directly provide us with your personal information by populating such information directly into the Platforms. You can indirectly provide us with your personal information in one of two ways:
a) By permitting another user, such as your spouse or your accountant (see our discussion on Connections below), to populate information into the Platforms on your behalf; or
b) By providing login IDs, associated passwords and instructions for the Platforms to retrieve your information from third-party accounts.
- What Personal Information Do We Collect?
The personal information we collect and you populate will depend on how you wish to use the Platforms. For example, if you choose to use the Platforms to organize and communicate your financial data with your financial advisors, you and your advisors may populate various financial information about you and members of your family members including your/their bank account information, insurance policies, shareholdings, trading history and mortgage statements. By populating financial information and adding your financial advisor as a Connection, your advisor can have access to all relevant financial information to suggest products and activities that would benefit you, such as further diversifying your portfolio or reducing exposure to certain industries. Information which may be collected by and/or populated in the Platforms include: personal information of you and your family members; information about business entities you or your family members own or are involved with, and your professional contact list; net worth information, which consists of your financial accounts, including your assets and liabilities; transaction activity, which consists of information about your financial transactions; and documents you, or other users you have granted permission to, upload into the Platforms. You represent and warrant to us that you have obtained all required consents and are fully authorized to disclose all information populated into the Platforms including without limitation personal information of your family members and clients, as applicable. You further agree to indemnify and hold Onist, its affiliates, subsidiaries, partners, service providers, suppliers and contractors and each of their respective officers, directors, agents, and employees, harmless for any loss, cost, complaint, damage, claim or liability whatsoever arising from or in connection with your disclosure of such information in connection with your use of the Platforms.
06. Who are Connections?
- How Do We Use and Disclose Your Personal Information?
- Provide You with the Services
- Contact You
Onist uses your personal information to contact you in order to provide product information, newsletters, service updates, and notifications about the Service. You may sign-up to receive email or newsletter or other communications from us. If you would like to discontinue receiving our marketing information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or by contacting us by using our contact information provided in the “How to Contact Us” section below.
- Allow You to Review Activity in Your Account
Onist automatically collects session information whenever you log onto and out of the Platforms. This information includes your browser’s type and version, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), your operating system’s type and version, your IP address, the time you logged in and the time you logged out and/or clickstream data. We collect this information as an additional security measure, to give you full visibility to your active sessions and your login history, to analyze trends in the aggregate and administer the Platforms, to allow you to identify suspicious activity in your account, and, if needed, to delete an unrecognized session. Onist does not share this information with anyone but you, and you cannot share this information with your Connections.
- Assist You with Technical Issues
Many technical issues can be resolved without looking into your personal information. Nevertheless certain technical issues might require Onist to access your personal information in order to analyze and fix them.
- As Required By Law
Onist may use and disclose your personal information as required or permitted by law in response to lawful requests by public authorities, including to meet national security or law enforcement requirements including, without limitation, in order to assist with a law enforcement investigation or comply with any subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, warrant or any judicial, administrative orders or demands.
- Aggregated Data
If you elect to have the Platforms access information from third party accounts by providing the access information to such third-party account, Onist’s service providers, Envestnet Yodlee, Inc. (“Yodlee”) and Quovo, Inc. (“Quovo”, and together with Yodlee, the “Data Aggregators”), will access such third-party accounts for the purposes of retrieving the relevant information and making it available on the Platform. Except for such access information, Onist does not provide the Data Aggregators any other information about you.
The Data Aggregators create anonymous information derived generally from your Content (“Aggregated Data”) and combine this Aggregated Data with other anonymous information in its possession (“DA Data”). The DA Data is an amalgam of anonymous information obtained from such sources. Each Data Aggregator uses its respective DA Data to improve its services, perform fraud screening, verify identities and verify the information contained in its accounts for use across the its network. Where permitted under applicable law, a Data Aggregator may also separately sell, license, reproduce, distribute and/or disclose the aggregated, anonymous DA Data. Even though the DA Data does not contain your personal information, nor does it allow you to be attributed to any data, we wanted to make you aware of our Data Aggregators’ anonymous data practices. You acknowledge that Onist has no control over the collection, use or distribution of DA Data by its Data Aggregators. When you close your Account with Onist, the anonymized data that was derived from your Content and combined into DA Data will not be removed from the DA Data. Please do not provide access information to any third-party account if you are not comfortable with our Data Aggregators’ practices described in this paragraph.
- The Protection and Security of Your Personal Information:
We implement and require our service providers to implement industry best practices appropriate to the sensitivity of your Content. We use and require our service providers to use administrative, technical, and physical safeguards to protect your Content against loss, theft, and unauthorized access, use, disclosure, copying, modification, disposal, or destruction in accordance with applicable legal requirements and industry best practices. These safeguards include, but are not limited to, token-based authentication, server hardening, running services in a virtual private cloud, encryption of data in transit and at rest, client side encryption, and audit trails. We train our employees to follow privacy and security practices specific to the Services. We also undertake security assessments to ensure that we maintain strong security controls. Onist makes further distinction between your financial data, your uploaded documents and the rest of your personal information in an effort to ensure that no person, not even our employees, will be able to gain access to your financial data or to the content of the documents you store with Onist. Your financial data, your uploaded documents and the rest of your personal information are stored separately on two different sub-systems. Your financial data is fully pseudonymized and encrypted when it is stored on our servers. The content of your documents is encrypted on your computer before it is uploaded to storage. Getting the full picture of your finances requires gaining access to both sub-systems. Such access is only given to your browser or the browser of your Connection(s) once you/they are logged onto the Platforms. Exceptional situations that require Onist to access your data, for example in order to fix certain technical issues, require our employees to follow a protocol that is fully audited and must involve more than one person. If you have any questions about the security of your personal information, you can contact us using our contact information provided in the “How to Contact Us” section below.
- Storage of your Personal Information
- Use of Session Tokens and Cookies
- Retaining Your Personal Information
- How you can update or remove your Personal Information
- Accessing Your Information and Addressing Your Privacy Concerns
You have the right to access personal information we hold about you and to have any concerns you may have over our policies and practices addressed. In addition, you have the right to obtain information regarding our policies and practices with respect to our use of service providers outside Canada, including Amazon. To access your information, discuss your concerns or learn more about our policies and practices please contact us using our contact information provided in the “How to Contact Us” section below.
- Service Platform
- How to Contact Us
Any comments or questions regarding your personal information or our policies and practices with respect to your personal information may be directed to email@example.com. Onist Technologies Inc., 325 Front Street West, 4th Floor, Toronto, ON M5V 2Y1