Type of website: News, Media or E-Commerce

Last revision: 27^th day of August, 2023

First Published: 11th day of July, 2021

For this policy the “Privacy Officer” is the data controller for Supply Chain Logistics Consulting DBA, officially registered as “S&Co., Supply Chain Logistics Consulting Inc.” and contacted at:

Email: privacy@supplychainlogistics.net

Phone: (877) 682-7286

Purpose: The purpose of this privacy policy (this “Privacy Policy”) is to inform users of our Site of the following:

1. The personal data we will collect;
2. Use and purpose of collected data;
3. Who has access to the data collected;
4. The rights of site users and subscribers; and

PART A: DISCLOSURE OF COLLECTION OF PERSONAL INFORMATION

We “Supply Chain Logistics Consulting” dba, registered under the name of “S&Co., Supply Chain Logistics Consulting Inc.” in Canada will collect and use personal information that you provide to us for a purpose. Such information may include your email address, your name, your phone number when you include it, also the company name provided in subscription forms, questionnaire forms, or your appointment scheduling requests, and email messages addressed to any recipient at our Company.

We will use any information you provide to us for the purpose you have specified, such as for scheduling our meetings with you, or to send you information you specifically requested from us and related correspondence. We will only contact you for reasons other than these if you specifically ask for, subscribe to, or request to receive further information from our Company and provide us with your consent to be contacted, such as to send you marketing information as it relates to products and services we may offer, or industry information that we have identified as being pertinent to our Customers.

The information you provide in any online form located on our public website where users are not required to login, is not yet considered confidential and we request that you restrict your message to the details necessary to proceed into the agreed service and where applicable, to complete the form. Further actions may be required for us to work together, such as acceptance of a mutual confidentiality agreement, disclosure of potential conflict of interest form, a mutual non-disclosure agreement, or a conditional non-compete agreement. These provisions are for our mutual benefit and are taken to provide information protection and may enable a higher level of transparency through the course of our work together.

To receive additional information from us you will need to opt-in to receiving S&Co., Supply Chain Logistics Consulting Inc. emails at the email address you provide to us, we may ask that you specifically consent to receive communication for that purpose.  You may be required to reaffirm your option to opt-in to continue to receive certain information from us during our business relationship, such as when our communications with you change, and you can receive company updates, or new customer content. You will always receive important information pertaining to an active account under contract with our Company if you have one.

To schedule a consultation with our Company, either you or a customer service agent appointed by our company, will need to use your contact details in scheduling software used to make the booking. We will also update our accounting and customer relationship management (CRM) software(s) with your contact information if you purchased our services and require an invoice, requested a quotation, and/or to provide you with information and updates pertinent to your request.

Your approval to be contacted will include for marketing purposes at the supplied contact, in which case you will receive automated emails about the Company and its products or services. You may choose to opt-out of marketing emails and will remain informed regarding the specific services you requested in a service order or paid subscription from us. Signing up for marketing content or resubscribing can be done by submitting a new subscription request on the Company website or by sending your request in an email to sales@supplychainlogistics.net.

Payments and Financial Information

Payments can be completed directly using PayPal, Stripe or another PCI compliant payment service method that does not require our personnel to obtain any financial information from you directly. If you require assistance, please contact our sales teams and we can guide you to the appropriate resource or action to complete a payment.

Our customer service agents will never ask for financial information, even if you request our direct assistance to process a payment. Instead, we will guide you to the methods provided for this purpose and can remain with you until the payment is arranged and is confirmed as completed. This measure is for our mutual protection and security.

If a service requires, we will seek to adapt an appropriate solution for you to purchase services using established payment processors, such as participation in a special rewards program or automating your recurring payments on a subscription until it is cancelled by you.

You, the Customer, have a Right to be Informed:

We, the Company, have a responsibility to tell individuals what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. Do not hesitate at anytime to request more information from us about your data and to let us know when you want to exercise your “right to be forgotten”.

We do our best to limit the length of time we hold any personally identifiable information that is not useful and is not contributing to our providing or improving your service. This may mean information about our communication, such as when inquiries were made regarding our services, what method was used to communicate with you and details such as the location, industry, or type of business will be used to provide you with the best possible quotation for services and then, to deliver on those items.

We may also retain contextual information to help us monitor our spending on paid services such as advertising, business development and marketing, allowing us to judge if it is effective. We may also make the occasional survey available to you or to the public to learn how our clients and potential clients found our services or to learn how we might improve our communication. This information will only be linked to you if you agree to receive more information from us in that survey or previously opted-in to receive personalized communications from our company.

Lawful Basis

Our guide to extending data protection practices beyond what is regulated, is the GDPR (General Data Protection Regulation), which specifies that a lawful basis must be documented when organizations process personal data. We seek to attribute the lawful reason for our collection and retention of any information held by our company about you. To facilitate with this, we take steps to select and work with software or information services vendors with these same values that also strive to ensure clients receive the same right to understand and control when their personal information is being collected and how it is being used and shared.

The GDPR specifies the following reasons are considered a lawful basis for a company to retain data;

1) Consent: If the data subject gives their explicit consent or if the processing is necessary

2) Contract: To meet contractual obligations entered into by the data subject

3) Legal: To comply with the data controller’s legal obligations

4) Protection: To protect the data subject’s vital interests

5) Task: For tasks carried out in the public interest or exercise of authority vested in the data controller

6) Reasonable Use: For the purposes of legitimate interests pursued by the data controller such as IT security, marketing, fraud prevention, customer profile, vendor account contact details.

We will not send you marketing emails that you did not opt-into receive from us and our marketing content will always contain an opportunity to “Unsubscribe” with that option clearly displayed on the message itself. We encourage you to contact us anytime to update your communication preferences or to provide us with your feedback.

We would like if you chose to follow us on social media and joined our mailing list(s), frequently visited our website, and connected with our Company often to receive regular updates about our services and products.

Data Processing: Our preferred data processing partner and software vendor locations are situated in Canada where the company is located and operates, however certain software and data processing applications may be in other countries.

Web Analytics: The Supply Chain Logistics Consulting website(s) and our online web services use Google Analytics software to understand our ability to effectively reach the companies and individuals looking for our services. Please review “How Google uses data when you use our partners’ sites or apps”, for more information about how this is done at www.google.com/policies/privacy/partners/.

Push Notifications: We will not push notifications to you without your express consent to be contacted for a specific purpose, such as reminding you about an upcoming meeting by SMS message or for updates regarding your services and billing status if you have requested or agreed to receiving communications from us by text message.

Privacy: We ask that you let us know about opportunities to amend a privacy violation and to correct any perceived intrusion on your data privacy rights, including those by our company and/or the communication partners we work with. Contact us directly by email at privacy@supplychainlogistics.net where we limit observation of feedback received to the staff or service providers required to adjust.

–//–

PART B: CORPORATE PRIVACY POLICY

Who We Share Personal Data With;

Employees

We may disclose user data to any member of our organization who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy and for the duration that it is required.

Third Parties

We may share user data with the following third parties:

Supply Chain Logistics Consulting, (S&Co. Supply Chain Logistics Consulting Inc.), Active Subprocessor List:

https://drive.google.com/file/d/1FtO1xxEvDQMwNoThtHwuhs5v6RHxsJzn/

We may share user data with third parties for the following purposes:

Where applicable, third parties are not permitted to access user data beyond what is reasonably necessary to achieve the given purpose, such as for providing our Company with direct services.

In every situation where circumstances allow, we will seek to select suppliers that reasonably restrict their own access to the amount and type of data they process while providing services to our company.

Necessary circumstances might include those where a company established as a trusted data processor provides us with a broad scope of required services. You may review what companies’ data processing status is active with us and view their individual privacy policies by referencing the Active Data Processor List included in this policy and the information provided on their corporate websites as well.

Third Parties: You may be sharing your data with third parties once leaving our website(s). These include websites we do not own or third-party platforms providing you with information accessed by clicking a link on our website to view their content, or by clicking a link to another site to make a purchase;

Third party websites are not governed by our company, and we do not control the use of any information they collect from you directly or inadvertently when you visit their websites or use their services.

Third party service providers are subject to the same data privacy legislation as applies in your region and you may familiarize yourself with their data management and privacy policies, choose to adapt your use of cookie selections, and adjust your browser settings to communicate your preferences.

Other Disclosures

We will not sell or share your data with other third parties, except in the following cases:

1. If the law requires it;
2. If it is required for any legal proceeding.
3. To prove or protect our legal rights; and
4. To buyer(s) of this company in the event the company is sold.

If you follow hyperlinks from our Site to another Site, please note that we are not responsible for and have no control over their privacy policies and practices. By continuing to use our services you agree we are not liable for third party website information, products, services, or the availability of such, nor are we liable for any damages or loss experienced by your reliance upon them, furthermore, you understand that by displaying a link to a third-party website it does not imply endorsement.

How Long We Store Personal Data

Retained personal data is reviewed in regular periods of renewal such as at one-year intervals.  PIPEIDA, GDPR, CCPA Compliance, customer data and subscription automation software may be used to conduct these reviews and to process these removals instantaneously. We will seek to notify you and provide an opportunity to remain an active subscriber to our services when processing such updates.

From time to time or at recurring regular intervals, the company may also provide notifications by email to individuals for information kept longer than this period and may include an invitation to review your personal preferences for data collection and retention by our Company.

How We Protect Your Personal Data

We maintain controls on our security online and on our corporate electronic devices. Our data is housed in secure cloud servers protected by security standards, policies, and best practices. The company also maintains insurance, is governed, and administered, by our corporate policies in the event of a breach.

Similarly, we have developed a notification plan, applied restrictions to access and sharing, and developed an information security policy which includes specific protocols in the event a breach does occur. Internal security reviews are frequently conducted to look for weaknesses and to scan for unusual network, device, and user login activity.

Access to our customer data is limited by user role protections, 2FA two-factor authentications, and/or data is kept on third party cloud servers with adequate protections and security limiting company employee, and subcontractor access to that information, providing only what is required for the performance of any individuals specific scope of work and responsibilities while active.

When work is required that includes access to sensitive information, contractors and employees may be required to sign confidentiality agreements, provided with access according to the scope of their role and have access withdrawn upon completion of projects, either in part or fully depending on the remaining scope of work with our Company. We like to work with suppliers that improve these protections and share the same or better, quality of care for data.

While we take all reasonable precautions to ensure that user data is secure and that users are protected, there always remains the risk of harm. The Internet can be insecure at times and therefore, we are unable to guarantee the security of user data. We commit to continue practical and reasonable actions for conscientious data protection.

Automated Decision-Making and Profiling

Decision-making based solely on automated means happens when decisions are taken about you by technological means and without any human involvement. They use factual data and can be taken even without profiling and are frequently used to award financial loans.

Profiling may include maintaining information about the consumption of information and services from one source or may use data from multiple sources such as social media or a combination of public and private sources.

In regions where the GDPR applies, individuals have a right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. You can object to your personal data being used in this way or require a manual review of an automated decision at any time by contacting our privacy officer.

At our Company, we may use automated decision-making and profiling if the decision:

1. Is necessary to enter or to perform a contract between you and us;
2. Is authorized by law which also provides suitable measures that safeguard your rights and freedoms and legitimate interests; or
3. Is based on your explicit consent.

At the time and date of this policy revision, no automated decision-making is used by the company.

Our Company seeks to provide you with the best experience in our interactions and will make use of sophisticated customer service enhancement and content delivery tools to facilitate delivering services tailored to your indicated preferences and conditional to your consent.  We commit to informing you of any updates that apply automated decision making as it relates to you such as in an online notification.

Potential for future use of Automated Decision-Making technology.

Service Support: When it is reasonable for us to do so, we may employ the use of an AI enabled chatbot that will answer, and then direct your inquiries based on the service region you are in, your preferred language, and our company’s working hours, or match you with an available agent that has relevant expertise based on the purpose that you described for contacting our company.

Content Delivery: The company is may also employ reasonable ways to improve our content and content delivery systems to provide you with relevant, timely and engaging information aligned with your preferences and interests. Our services may be augmented using software and automated decision-making systems to filter, select, and deliver content to you that is informative and important to you, without needing a humans help.

Personalization: Automated decision-making services could access company information and the personal details that you have allowed us to use for the services being delivered to you. This process may apply to improve existing support, and to provide you with important updates related to your services with our Company, relevant industry information, or recent marketing content.

Consent: Our digital marketing, support helpdesk, collection of feedback, customer surveys, content delivery or experience improvement activities are performed with your express and informed consent. We do not provide information to other entities for direct marketing, and we never sell customer data.

Alternative to Automated Services

If we make developments that use decision making or at any time or alter our methods significantly, we will seek to update this policy and will inform you of our specific use of automated decision making before and during your use of those services. You will be informed of alternate options to receive the same type of service as those using automated decision making and we will attempt to deliver the same quality of service regardless of your choice, we cannot guarantee that direct services will be comparable to those augmented by technology or that they will be satisfactory when delivered to you. Some factors may be affected such as response time, accuracy of the information provided and time to resolution.

Your Rights as a User

We remain committed that regardless of location, individuals should have digital privacy rights and as a company, we are building our digital spaces according to our belief that the direction of data privacy legislation and development is towards empowering individuals to make more informed choices and standards that specify privacy protection as a default.

Our corporate guide to provide users of our services with rights in addition to the requirements of PIPEDA as legislated by the Canadian Government reference the GDPR as a basis to create corporate policy. More information regarding PIPEDA can be found at https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda

Such rights specifically accorded to whomsoever the GDPR applies directly, and the users we seek to support through our expressed commitment have the;

1. Right to be informed;
2. Right of access;
3. Right to rectification;
4. Right to erasure;
5. Right to restrict processing;
6. Right to data portability; and
7. Right to object.

More information about the meaning of each of these terms can be found at https://gdpr.eu/.

Other specific requirements will apply to users from regions in California Consumer Privacy Act of 2018 (CCPA) including;

1. The right to know about the personal information a business collects about them and how it is used and shared;
2. The right to delete personal information collected from them (with some exceptions);
3. The right to opt-out of the sale or sharing of their personal information; and
4. The right to non-discrimination for exercising their CCPA rights.

Also, the rights included in the CCPA, as amended and in effect as of January 1, 2023, to include;

5. The right to correct inaccurate personal information that a business has about them; and
6. The right to limit the use and disclosure of sensitive personal information collected about them.

Children

We do not knowingly collect or use personal data from children under 16 years of age. If we learn that we have collected personal data from a child under 16 years of age, the personal data will be deleted as soon as possible. If a child under 16 years of age has provided us with personal data their parent or guardian should contact our privacy officer for remedy.

How to Access, Modify, Delete, or Challenge the Data Collected

If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data and to who we disclosed your personal data, if you would like your data to be deleted or modified in any way, or if you would like to exercise any rights such as those established by the GDPR, please contact our privacy officer here:

Company Privacy Contact

Email: privacy@supplychainlogistics.net

Toll Free: (877) 682-7286, 100

Do Not Track Notice

Do Not Track (“DNT”) is a privacy preference that you can set in certain web browsers. We do not track the users of our Site over time and across third party websites and therefore do not respond to browser-initiated DNT signals. We are not responsible for and cannot guarantee how any third parties who interact with our Site and how your data will respond to DNT signals.

Modifications to the Policy

This Privacy Policy may be amended from time to time to maintain compliance with the law and to reflect any changes to our data collection process(es). When we amend this Privacy Policy we will update the “Revised Date” at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates. If necessary, we may choose to notify users by email of changes to this Privacy Policy.

Feedback and Complaints

If you have any feedback about how we process your personal data, please contact us through the methods listed in the Contact Information section so that we can, wherever possible, resolve the issue. If you feel we have not addressed your concern in a satisfactory manner you may contact a supervisory authority. You also have the right to directly make a complaint to a supervisory authority. You can lodge a complaint with a supervisory authority by contacting the Office of the Privacy Commissioner of Canada 30, Victoria Street Gatineau, Quebec K1A 1H3.  Toll-free: 1-800-282-1376.

Contact Information

If you would like to request a copy of your Personal Information in machine readable form, you can email privacy@supplychainlogistics.net.

For general inquiries please contact the company using established channels on the S&Co., Supply Chain Logistics Consulting Inc. website Contact Page: https://www.supplychainlogistics.net/contact

You may subscribe to receive company updates and schedule a meeting for consultation services here https://mailchi.mp/4400719b3c68/supplychainlogistics