Privacy Policy

THEIA MARKERLESS INC.
Privacy Policy

Last Updated: December 14, 2024‍

This Privacy Policy is produced by Theia Markerless Inc. (“Theia”, “we”, “us”, or “our”) which acts as a controller in connection with your personal data. This Privacy Policy describes our policies on the collection, use, and disclosure of information when you visit our website (located at https://www.theiamarkerless.com/), all other sites owned and operated by Theia that redirect to/from this website, all subdomains provided through these sites, and all downloadable applications, features, functionality, content or information that is made available or provided on the website (collectively, our “Websites”). By using any of our services, including accessing our Websites or contacting us, you also accept our general Terms of Service, a copy of which is available at https://www.theiamarkerless.com/terms/ (our “Terms of Service”).

If you do not agree with the provisions of this Privacy Policy and/or of our Terms of Service, then please do not access our Websites or otherwise provide any of your personal information to us.

‍

1. Changes to the Privacy Policy

We may change this Privacy Policy from time to time in our sole discretion, so please be sure to check back periodically. You can tell if this Privacy Policy has changed by checking the last updated date that appears at the beginning of this Privacy Policy. We may, but are not obligated to, provide you with notice in case of any material changes made to this Privacy Policy. Any changes will be effective only after the effective date of the change and will not affect any dispute arising prior to the effective date of the change. You should not continue accessing our Websites or providing any of your personal information to us if you do not agree with the version of this Privacy Policy in effect at that time.

‍

2. What is Personal Data Do We Collect and From Where?

Personal data (also referred to as personal information in Canada) means any information that identifies you as an individual, whether directly or indirectly.

We collect/obtain personal data you provide to us or to the organization (such as your employer) that is using our services. The information we may collect or obtain (depending on the circumstances) includes, but may not be limited to the following types of information depending on your relationship with us:

• When you contact us for support or other inquiries, we may collect your name, contact information, the name of your organization, your specific request, and the content of your message.

• When you submit your feedback, we collect your name, contact information and any comments, suggestions, recommendations, requests or any other feedback (“Feedback”); for more information on how we use Feedback, please refer to our Terms of Use located at https://www.theiamarkerless.com/terms/.

• When you use our services, we may also collect usage data such as, the site from which you arrived from, the country from which you accessed our services, your Internet Protocol (“IP”) address, information about the date and time of your access as well as how long you use our services in each session, features you use in our services, and how long you use our services overall.

• When you access our Websites, we may collect certain information about your activity such as IP address, browser type and language and access times during your access. This may be through automatic data collection tools which may include cookies. For more information about cookies please see the section below titled “Our Use of Cookies and Log Files”.

In limited circumstances we may combine personal data with other information collected online and offline, including information from third party sources.

‍

3. Age of Majority

Our services are not intended for individuals under the age of 18. If we learn we have collected or received personal data from a minor without verification of parental consent, we will delete such personal data. If you believe we might have any information from or about a minor, please contact us using the details provided at Section 14 below.

‍

4. How We Use Your Personal Data

We use the information we collect from or about you for the following purposes (depending on your relationship with us):

• to communicate with you on information about our services, network updates, security or service-related issues, reminders, or notify you of changes to this Privacy Policy;

• to analyze, develop, improve and optimize the use, function and performance of our services and user experiences; for example, for internal research for technological development and demonstration and to improve, upgrade, or enhance Theia products and services to provide more intelligent, automated and predictive functionalities;

• to prevent and investigate possible fraud or other violations of our Terms of Use or End-User License Agreement and/or attempts to harm our users or to perform and/or enforce any other contract with you;

• to present our Websites and their contents to you and allow you to participate in interactive features on our Websites;

• to understand more about how you interact with the content on our Websites;

• to communicate with you and respond to your requests, questions, and complaints;

• to send direct marketing/ advertising communications relating to our services;

• to create, use, transfer, and store anonymous (or pseudonymous) and aggregated information for benchmarking, analytics, metrics, research, reporting, machine learning, and other business purposes, to the extent permitted by applicable law – we may combine personal data with other information collected online and offline, including from third party sources; by using our services, you agree that we are hereby licensed to collect, use, share, and store anonymized (or pseudonymized) aggregated data collected through our services for benchmarking, analytics, metrics, research, reporting, machine learning and other business purposes;

• to exercise our legal rights and defend claims;

• to receive business support including consultancy, banking, legal, insurance, audit and accounting services, subject to applicable law;

• to restructure our business, including in the context of internal re-organisations, business sales, transfers, mergers and acquisitions (and the planning, administration and negotiation of the same); and

• for other purposes disclosed to you at the time we collect your information, with your consent or as permitted by applicable law. ‍

Individuals located in the EEA/UK

Please see Section 13 of this Privacy Policy to understand the lawful bases on which we rely to undertake our processing of personal data.

‍

5. When Do We Share Your Personal data

There are some circumstances where we may share your personal data with the following categories of recipients (depending on your relationship with us):

• Customers

We may share your personal data with customers with whom we are engaged to collect and otherwise process your personal data.

• Research organisations

We may share your personal data with research organisations, groups and/or bodies for the purpose of research advancement.

• Purchaser third parties

We may share your personal data with third parties who wish to purchase this information for commercial gain, provided you have given your consent for your personal data to be shared in this manner.

• Service providers

We may share your personal data with contractors, service providers or individuals employed or engaged by us to support our business (e.g. a datacenter, data hosting providers, customer support service providers, billing department, analytics and search engine providers that assist us with optimization of our Websites, email distribution and marketing services providers).

• Business partners/affiliates

We may share your personal data with our affiliates or any business partners or agents acting on our behalf or with our financial, insurance, legal, accounting or other advisors that provide professional services to us.

• Buyers/ investors

We may share your personal data with a buyer, investor, new affiliate, or other successor if Theia or any affiliate, portion, group or business unit thereof, undergoes a business transition, such as a merger, acquisition, consolidation, reorganization, divestiture, liquidation or dissolution (including bankruptcy), or a sale or other transfer of all or a portion of any assets of Theia or any affiliates or during steps in contemplation of such activities (e.g., negotiations and due diligence).

• Legal/regulatory bodies

We may share your personal data, subject to applicable laws and regulations, to a government agency, court, or law enforcement personnel for the purpose of adhering to our legal/regulatory obligations and co-operation/interacting with the relevant body.

We reserve the right to disclose personal data if required to do so by law or in the good faith belief that such action is reasonably necessary to comply with a legal process, enforce our End-User License Agreement our Terms of Use or any other contract, respond to claims, prevent fraud or to protect the rights, property or safety of Theia, our affiliates, customers, service providers or the public.

‍

6. Your Access to and Control Over Information

Depending on where you reside, you may have the right to do the following at any time by contacting our Privacy Officer at the contact information listed in Section 14 below:

• obtain access to the personal data we have about you, if any;

• change or correct certain information we have about you;

• request that we delete certain of the information we have about you;

• withdraw your consent to the processing of personal data held in connection with you (including information held for the purposes of direct marketing);

• restrict how we collect, use or disclose your personal data;

• express any concern you have about our use of your information;

• opt-out of promotional messages and direct marketing. You have the option to opt out or unsubscribe direct marketing sent by SMS or other messaging platforms – to do so, just follow the instructions in the message like an unsubscribe link;

• obtain a machine-readable copy of your personal data to you or an external party of your choice; or

• lodge a complaint with a data protection authority, but we encourage you to first contact us with any questions or concerns.

Please be aware that those rights set out above may not apply in some instances, for example where our right to processing your personal data is necessary to establish, exercise or defend against legal claims.

If you refuse to provide us with the information we require or later contact us to withdraw your consent for us to use and disclose your personal data, we may no longer be able to provide you with our services.

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or made your personal data anonymous in accordance with our record retention practices.

‍

7. Data Retention

We retain personal data for as long as is necessary for the relevant purpose. There may also be laws that set out a minimum period for which we have to keep your personal data, even if we no longer need it for its purpose. Our retention periods are based on business needs and when personal data is no longer needed, we either irreversibly anonymise the information (and we may further retain and use the anonymised information) or securely destroy the information.

‍

8. Security

We take precautions and implement safeguards designed to protect your personal data. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. Therefore, despite our efforts, we cannot guarantee its absolute security. WE DO NOT WARRANT OR REPRESENT THAT PERSONAL DATA ABOUT YOU WILL BE PROTECTED AGAINST, LOSS, MISUSE, OR ALTERATION BY THIRD PARTIES.

‍

9. Our use of cookies and log files

We use browser tracking cookies (or “cookies”), which are small text files that are placed on the hard disk of a computer by a website. Cookies are uniquely assigned to you, and can only be read by a website or web server that issued the cookie to you. We also use browser “log files” which record certain information when you visit a website, including your IP address.

To improve your experience on our services, we use cookies and log files to: (a) recognize you when you return to our Websites and use our services; (b) keep track of activity on our services and remember what items you have clicked on or viewed; (c) study how you navigate through our Websites and which website you request in site searches so we can improve the design, content and function of our services; and (d) customize the message, content and delivery of any online banner advertisements and e-mails that reflect how you navigate to and through our services based on your online behavior. We call this “Browsing Data”. We may hire third-party service providers to assist us in the collection and analysis of this Browsing Data collected through cookies.

You have the ability to accept or decline our use of cookies. You can refuse cookies by turning them off or blocking them in your Internet browser. If you decide to turn off or block cookies, our Websites or services might not function correctly.

We will not respond to Web browser “do not track” signals. If you would like additional information about online tracking and various opt-out mechanisms, please see https://youradchoices.com/.

Please note that not all tracking will stop even if you delete cookies.

‍

10. Third Party Websites

From time to time, we may include links to third party websites which are not controlled or maintained by us. We are not responsible for personal data submitted by you to third party websites or the personal data collected by third party websites. You should review the privacy policies of third party websites or contact the third party website’s operator if you have questions or concerns.

‍

11. Transfers Within and Outside of Canada

Individuals located outside of the EEA/UK

We are a company based in the Province of Ontario. If you are accessing our Websites or using our services from other Canadian provinces, we may process, store, and transfer your personal data outside of those provinces and in and to a foreign country, such as the United States or other countries with different privacy laws that may or may not be as comprehensive as Canadian law. In these circumstances, the government, courts, law enforcement or regulatory agencies of that country may be able to obtain access to your personal data through the laws of the foreign country.

Individuals located inside the EEA/UK

If we transfer your personal data outside to a country not found to have an adequate level of data protection pursuant to the GDPR and UK GDPR, then we will generally rely on the EU Standard Contractual Clauses (together with the UK International Data Transfer Agreement/UK Addendum, where applicable), which include contractual safeguards requiring the recipient to process the personal data in accordance with UK data protection law standards. We may also supplement the EU Standard Contractual Clauses with additional measures if we consider that these are required.

Theia is based in Canada and subject to the Canadian federal Personal Information Protection and Electronic Documents Act (“PIPEDA”). From an EU/UK perspective, PIPEDA is considered to provide an adequate level of data protection pursuant to the GDPR and UK GDPR, therefore, no additional safeguards as required by law are required when transferring personal data from EU/UK to Theia, although we will always ensure your personal data is handled with care.

If you would like to more information about the safeguards we put in place when we transfer your personal data overseas and the means to obtain a copy of them, please refer to the “Contact” section below.

‍

12. Limitation of Liability (not applicable to EEA/UK residents)

UNDER NO CIRCUMSTANCES SHALL WE BE LIABLE FOR ANY DIRECT OR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES THAT MAY ARISE FROM A CLAIM OF BREACH OF THIS PRIVACY POLICY. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages. In such jurisdictions, our liability is limited to the greatest extent permitted by law, or $5, whichever is less.

‍

13. Additional information for individuals located in the EEA/UK, only

In this section, we clarify lawful basis for processing personal data applicable to you, as a website visitor or customer using our services, if you are located in the European Economic Area (“EEA”) (which includes the European Union member states, Iceland, Norway, Liechtenstein, the United Kingdom and Switzerland).

If you are located in the EEA, we ensure we have a lawful basis when we process your personal data. We will generally rely on one or more of the following lawful bases:

• you consent to processing of your personal data; when you consent, you can change your mind at any time;

• to provide you with the products and services you request, such as when you interact with our services, or to respond to your inquiries;

• we have a legal obligation to process your personal data, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request;

• to protect your vital interests, or those of others, such as protecting the safety of users who enjoy our services;

• we have a legitimate interest in carrying out the processing activity; for example to analyze and improve the safety and security of our services, for research and development, to market and promote our services and to protect our legal rights and interests; this includes implementing and enhancing security measures and protections and protecting against fraud, spam, and abuse or to maintain and improve our services; and/or

• you entered into a contract with us (e.g., a Photo/Video Release Notice), we process your personal data to perform and enforce the contract.

In the table below, we have set out the relevant lawful basis that applies to each processing activity for which we use your personal data (depending on your relationship with us).

Processing activity	Lawful basis for processing
To communicate with you on information about our services, network updates, security or service-related issues, reminders, or notify you of changes to this Privacy Policy.	Legitimate interest (to provide our services)
To analyze, develop, improve and optimize the use, function and performance of our services and user experiences.	Legitimate interest (to improve our services)
To present our Websites and their contents to you and allow you to participate in interactive features on our Websites.	Legitimate interest (to provide our services)
To prevent and investigate possible fraud or other violations of our Terms of Use or End- User License Agreement and/or attempts to harm our users or to perform and/or enforce any other contract with you.	Legal obligation (where the processing activity is required by law or regulation) In all other cases, legitimate interests (to comply with our obligations)
To understand more about how you interact with the content on our Websites.	Legitimate interest (To customize our services) Consent (Where required in connection with non-essential cookies)
To communicate with you and respond to your requests, questions, and complaints.	Legitimate interest (to provide our services)
To exercise our legal rights or defend claims.	Legal obligation (where the processing activity is required by law or regulation) In all other cases, legitimate interests (to comply with our obligations)
To send direct marketing/ advertising communications relating to our services.	Consent where required, otherwise, legitimate interests (to inform you about our services and research)
To customize your use of our services.	Legitimate interest (To customize our services) Consent (Where required in connection with non-essential cookies)
To receive business support including consultancy, banking, legal, insurance, audit and accounting services, subject to applicable law.	Legal obligation (where the processing activity is required by law or regulation) In all other cases, legitimate interests (to receive professional support in connection with our business)
To restructure our business, including in the context of internal re-organisations, business sales, transfers, mergers and acquisitions (and the planning, administration and negotiation of the same).	Legitimate interest (to transfer books of business or restructure or sell our business)
To create, use, transfer, and store anonymous (or pseudonymous) and aggregated information for benchmarking, analytics, metrics, research, reporting, machine learning, and other business purposes.	Legitimate interest (to provide our services)

‍

14. Contact

If you have any requests, questions or comments about your personal data or this Privacy Policy, you may contact our Privacy Officer in one of the following ways:

By email: info@theiamarkerless.com By mail: 27 Sydenham Street, Kingston Ontario, Canada, K7L3G8

Data protection authority

Details of data protection authorities in the EEA can be found at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Details of the UK data protection authority can be found at www.ico.org.uk.

‍

A PDF version of this policy is available here.