Mobilus Technologies inc.

Privacy and Personal Information Protection Policy

1. General Information

a) Introduction

Privacy protection is important at Mobilus Technologies Inc. (hereinafter referred to as “Entity”, “We”, “Our”). For this reason, We have established protection measures and sound management practices for your Personal Information in accordance with applicable laws in Quebec and Canada.

This privacy policy (the “Policy”), to be read together with Our Legal Notice, describes our practices regarding the collection, use, processing, communication, and retention of the Personal Information of our clients, visitors, and users. It applies to the Entity as a whole.

By using our websites https://www.mobilus.com/ https://support.mobilus.ca/ https://app.mobilus.com/ (the “Websites”), our mobile application Mobilus or any of our services, you agree that We can collect, use, process, disclose, and retain your Personal Information in accordance with the conditions described herein. If you do not accept to comply with and be bound by this Policy, you are not authorized to visit, access, or use Our Websites or Services, nor to share your Personal Information with Us.

This Policy does not apply to the Personal Information of the employees, representatives, and consultants of the Entity, or any other person affiliated with the Entity, as well as to any information that does not constitute Personal Information as defined by the applicable laws in Quebec and Canada.

a) Personal Information Protection Officer

Questions, comments, and complaints regarding the Policy and the Entity's privacy practices can be addressed to Our Personal Information Protection Officer at the following contact details:

Phone: 1.888.450.6257

Email: rprp@mobilus.com

Address: 200-817, West Main Street, Magog (Quebec) J1X 2B4

2. Definitions

The words and expressions that follow, when they appear with an initial capital letter in the Policy, have the meaning attributed to them below, unless there is an implicit or explicit exception in the text:

“Service Provider”: any natural or legal person who processes Personal Information on behalf of the Entity. These are third-party companies or individuals employed by the Entity to facilitate the Services, provide the Services on behalf of the Entity, perform services related to the Services or assist the Entity in analyzing the use of the Services.

“Personal Information”: any information that concerns a natural person and allows for their identification, that is, directly or indirectly reveals something about the identity, characteristics (e.g., abilities, preferences, psychological tendencies, predispositions, mental capacities, character, and behavior of the concerned person) or activities of this person, regardless of the nature of the medium and the form in which this information is accessible (written, graphic, auditory, visual, computerized or other).

“Personal Information Protection Officer”: the person who is in charge of the application of the current Policy and whose contact details are identified in section 1 of this Policy.

“Services”: Services refers to the Websites and our pages on social networks and the services and products provided to you.

3. Processing of Personal Information

3.1 Collection of Personal Information

As part of our activities, We may process various types of Personal Information including the information listed below:

  • contact details, such as your first and last name, your email address, and your phone number;
  • information related to products or services, such as information about the Services We have provided to you;
  • information that you choose to provide or transmit to Us, for example, when you fill out our forms, apply for one of our job offers, or communicate with one of our employees or representatives;
  • information collected automatically when using the Website and our Services, including:
    • connection information and other information about your activities on the Website, such as your IP address, the pages you have viewed, the time and date of your visits, the number of connections, the type of browser you are using, the operating system of your device, and other hardware and software information;
    • demographic data and geolocation data, such as your IP address, an exact or approximate location determined from your IP address or the GPS of your mobile device (depending on the settings of your device);
    • financial information about your activities when using the Website and our Services, such as credit card numbers when you conduct commercial transactions in connection with the Entity.

In each case, this Personal Information is processed in accordance with the legitimate and necessary purposes listed in section 3.2 below.

3.2 Use of Personal Information

We may use your Personal Information for the legitimate purposes described below:

  • operate, maintain, supervise, develop, improve, and offer all the features of Our Websites;
  • introduce you to Services;
  • allow you to apply for job offers;
  • fulfill our contractual obligations to you;
  • develop, improve, and offer new Services;
  • interact using an online messaging module;
  • send you messages, updates, security alerts;
  • for marketing and business development purposes, if you have previously consented to the processing of your Personal Information for these purposes;
  • respond to your questions and provide assistance as needed;
  • conduct research, analyses, and statistics in connection with Our business and our Services;
  • detect and prevent fraud, errors, spam, abuse, security incidents, and other harmful activities;
  • for any other purpose permitted or required by law.

3.3 Disclosure of Personal Information

We may disclose your Personal Information to our employees (including human resources and IT departments), contractors, consultants, agents, service providers, and other trusted third parties (collectively, the “Service Providers”), who need this information to help Us operate Our Websites, conduct our business or serve you, provided that these Service Providers have previously committed in writing to ensure the confidentiality of your Personal Information in accordance with applicable laws and Our Information Governance Program.

We do not sell, trade, or otherwise disclose your Personal Information to third parties.

3.3.1 Service Providers and Other Third Parties

Although We try to avoid disclosing your Personal Information to third parties, We may use Service Providers to perform various services on Our behalf, such as IT management and security, marketing, as well as data analysis, hosting, and storage. We have defined below the cases in which such sharing may occur:

  • We use Google Analytics to analyze the audience of the Website, establish statistics, and converse with customers and prospects. Check their privacy policy (in English only);
  • We use the services of Active Campaign. Check their privacy policy (in English only);
  • We use the services of the social network LinkedIn to communicate about our activities and to present our products and Services. Check their privacy policy (in English only);
  • We use the services of Facebook to communicate about our activities and to present our products and Services. Check their privacy policy (in English only);
  • We use the services of the social network YouTube to communicate about our activities and to present our products and Services. Check their privacy policy (in English only);
  • We use Zendesk for customer service management. Check their privacy policy (in English only);
  • We use the services of Google Workspace to store information. Check their privacy policy (in English only);
  • We use the services of Pipedrive to communicate with our customers. Check their privacy policy (in English only);
  • We use Metatracer to ensure Our compliance with the privacy laws that apply to Us. Check their privacy policy (in English only);
  • We use Amazon Web Services for hosting our solutions and data. Check their privacy policy (in English only);

Before disclosing your Personal Information to Service Providers outside the province of Québec, or depending on the nature of the Personal Information being disclosed, We conduct an assessment of privacy-related factors. When We provide your Personal Information to Service Providers, We establish written agreements with them before your Personal Information is shared, and We only provide them with the Personal Information necessary for the performance of their tasks. Under these agreements with our Service Providers, We commit to ensuring the principles set out in this Policy are adhered to. These Service Providers are obligated to use the Personal Information confidentially, according to our guidelines, and solely for the purposes for which it was provided. We offer sufficient guarantees regarding the implementation of adequate protective measures proportional to the sensitivity of the Personal Information processed or shared. When our Service Providers no longer require your Personal Information, We request that they appropriately destroy this data.

3.3.2 Compliance with Laws, Responding to Legal Requests, Harm Prevention, and Protection of Our Rights

We may disclose your Personal Information when We believe such disclosure is authorized, necessary, or appropriate, specifically:

  • to respond to requests from public and governmental authorities, including public and governmental authorities outside your country of residence;
  • to protect our operations;
  • to comply with legal proceedings;
  • to protect our rights, our privacy, our safety, our assets, yours or those of third parties;
  • to enable us to pursue available remedies or limit the damages that We might sustain; and
  • in compliance with applicable laws, including laws outside your country of residence.
3.3.3 Business Transaction

We may share, transfer, or disclose, in strict compliance with this Policy and the provisions of the Act respecting the protection of personal information in the private sector, RLRQ c P-39.1 (the "Private Sector Act") and the Act modernizing legislative provisions as regards the protection of personal information, LQ 2021, c 25 (the "Act 25", sanctioned on September 22, 2021), your Personal Information in the event of a sale, transfer, or assignment, in whole or in part, of the Entity or our assets (for instance, following a merger, consolidation, change of control, reorganization, bankruptcy, liquidation, or any other business transaction, including during the negotiation of such transactions). In this case, We will inform you before your Personal Information is transferred and becomes subject to a different privacy policy.

3.4 Consent for Personal Information

As much as possible, the Entity directly obtains the concerned individual's consent for us to collect, use, and disclose their Personal Information. However, if you provide us with Personal Information about other people, you must ensure you have properly informed them that you are providing their information and have obtained their consent for such a disclosure.

We will seek your explicit, clear, free, informed consent, given for specific purposes, before using or disclosing your Personal Information for purposes other than those stated herein. We will also request your explicit consent whenever sensitive Personal Information is involved in one of the Entity's processing activities. We will ask for your consent for each specific purpose in simple and clear terms, separate from any other information provided to you.

BY USING OUR WEBSITES, OR BY SENDING YOUR PERSONAL INFORMATION VIA EMAIL, YOU AGREE TO THIS PRIVACY POLICY AND TO THE COLLECTION AND PROCESSING OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THE PRIVACY POLICY.

If you do not agree, please stop using the websites. Unless otherwise provided by law, you may withdraw your consent at any time, upon providing reasonable notice. Please note that if you choose to withdraw your consent to the collection, use, or disclosure of your Personal Information, certain features of our websites might no longer be accessible to you, or we might not be able to offer you some of our services.

3.5 Retention of Personal Information

Subject to applicable laws, We retain your Personal Information only for the time required to achieve the purposes for which this information was collected, unless you agree to your Personal Information being used or processed for a different purpose. For example, the duration of some information can extend up to 7 years following the end of the Services provided by the Entity on your behalf. Additionally, our retention periods may change occasionally due to legitimate interests (for instance, to ensure the security of Personal Information, to prevent abuse and breaches, or to pursue criminals).

For more information about the periods during which your Personal Information is retained, please contact our Personal Information Protection Officer using the contact details provided in Article 1b) of this Policy.

4. Your Rights

As a concerned individual, you can exercise the rights listed below by writing to Our Personal Information Protection Officer at the coordinates provided in Article 1b) of the Policy. Please note that we may ask you to verify your identity before responding to any of these requests.

  • You have the right to be informed about the Personal Information we hold about you, its use, communication, retention, and destruction, subject to exceptions provided by applicable law;
  • You have the right to access your Personal Information, request a copy, including paper documents containing your Personal Information, subject to exceptions provided by applicable law, and to obtain, if necessary, additional details on how we use, communicate, retain, and destroy them;
  • You have the right to rectify, modify, and update the Personal Information we hold about you if they are incomplete, ambiguous, outdated, or inaccurate;
  • You have the right to withdraw or modify your consent to the Entity collecting, using, communicating, or retaining your Personal Information at any time, subject to applicable legal and contractual restrictions;
  • You have the right to ask us to stop disseminating your Personal Information and to de-index any link attached to your name that provides access to this information if this dissemination violates the law or a court order;
  • You have the right to request that your Personal Information be communicated to you or transferred to another organization in a structured and commonly used technological format;
  • The right to be informed of a confidentiality incident concerning your Personal Information that may cause you serious harm. For this purpose, we maintain a register that lists all confidentiality incidents and we assess the harm they may cause;
  • You have the right to file a complaint with the Information Access Commission, subject to the conditions provided by applicable law.

To follow up on your request, you may be asked to provide appropriate identification or to identify yourself in another way.

5. Connection Cookies and Other Tracking Technologies

We use connection cookies and other similar technologies (collectively referred to as "Cookies") to help us operate, protect, and optimize the website and the services we offer. Cookies are small text files that are stored on your device or browser. They allow certain information to be collected during your visit to the website, including your language preference, browser type and version, device type, and unique device identifier. While some of the Cookies we use are deleted after your browser session ends, other Cookies are retained on your device or browser to allow us to recognize your browser on your next visit to the website. The Personal Information collected through these Cookies is not intended to identify you. They primarily ensure the functioning of the website, enhance the user's browsing experience, and provide some data to help us understand the traffic and interactions occurring on our websites and detect certain types of fraud. Cookies do not harm your device and cannot be used to extract your Personal Information. We collect your IP address, information about your device, operating system or browser, your journey and browsing history on our websites, your queries, browsing preferences (used languages), etc.

You can configure your browser to be notified of the placement of Cookies when you visit the website, so you can decide, in each case, whether to accept or refuse the use of certain or all Cookies. Please note that disabling Cookies on your browser may affect your browsing experience on the website and prevent you from using some of its features.

To learn more about how we use Cookies, you can consult our "Cookie Policy".

6. Security Measures

The Entity has implemented physical, technological, and organizational security measures aimed at adequately protecting the confidentiality and security of your personal information against loss, theft, or any unauthorized access, disclosure, reproduction, communication, use, or modification. These measures notably include:

On an administrative level, the adoption of a series of policies and procedures as part of our information governance program that:

  • Regulate the access, communication, retention, depersonalization, including anonymization and/or, if appropriate, the destruction of Personal Information;
  • Define the roles and responsibilities of our employees throughout the lifecycle of Personal Information and documents;
  • Establish procedures for intervention and response in the event of a confidentiality incident;
  • Govern the process for requests and complaints related to the protection and processing of Personal Information.

Technically, the use of several methods such as:

  • The use of a secure server. All sensitive information provided is transmitted using "Secure Socket Layer (SSL)" technology and then encrypted in our payment gateway provider's database to be accessible only by authorized individuals with special access rights to these systems, and they are required to keep the information confidential;
  • The use of backup systems, network monitoring software, etc.;
  • The use of encryption and task separation systems, access controls, and we conduct internal audits.

We have not exhaustively listed all the measures we implement given the public nature of this Policy.

Despite the measures described above, we cannot guarantee the absolute security of your Personal Information. If you believe your Personal Information is no longer protected, please contact our Personal Information Protection Officer immediately using the details provided in section 1b) above.

7. Modification of this Privacy Policy

We reserve the right to modify this Policy at any time in accordance with applicable legislation. In case of modifications, we will publish the revised version of the Privacy Policy and update the "last updated" date at the bottom of this page. We will also inform you by email at least thirty (30) days before the new version of our Policy becomes effective. If you do not agree with the new terms of the Privacy Policy, we invite you not to use our Websites and Services anymore. If you continue to use our Websites or our Services after the new version of our Policy takes effect, your use of our Websites and Services will be governed by this new version of the Policy.

8. Links to Third-Party Websites

From time to time, We may include references or links on Our Websites to Our Facebook page or to websites, products, or services provided by third parties (the "Third-Party Services"). These Third-Party Services, which are neither operated nor controlled by the Entity, are governed by privacy policies that are completely distinct and independent from ours. Therefore, we assume no responsibility for the content and activities of these sites. This Policy applies only to the Website and Services that We offer. The Policy does not extend to Third-Party Services such as Our Facebook and LinkedIn pages.

9. Invisible reCAPTCHA

Invisible reCAPTCHA analyzes activity on a web page feature (e.g., mouse movements and typing patterns) to determine whether a user is a robot.

The invisible reCAPTCHA service may collect information from your device. The information collected by reCAPTCHA is stored in accordance with its privacy policy.

10. Individuals Under 14 Years of Age

We do not knowingly collect and use Personal Information from individuals under the age of 14. If you are under 14, you should not provide Us with your Personal Information without the consent of your parents or guardian. If you are a parent or guardian and you learn that your child has provided Us with Personal Information without consent, please contact Us using the details provided in section 1b) above to request that We delete the child's personal information from our systems.

11. Applicable Laws

The laws of Canada and Quebec, excluding its conflict of law rules, will govern this agreement and your use of the Website. Your use of the Website may also be subject to other local, provincial, national, or international laws.