Latest update: January 1, 2022
Volanté Software Inc. has developed a hospitality point-of-sale (POS) system (peer-to-peer network of terminals and kiosks) as well as POS & Customer Relationship Manager (CRM) software. Our Customers operate in various commercial industries such as healthcare, education, food services and restaurants, retirement and senior living communities, attractions, stadiums and events.
The purpose of this Privacy Statement is to inform you about how Volanté Software Inc. (“Volanté”, “we” or “us”) collects, uses, discloses and protects your personal data in delivering our Services. This Privacy Statement also contains information about your rights regarding your personal data. If you have any questions regarding this Privacy Statement, you may reach us by email at firstname.lastname@example.org or by mail at:
Attn: Privacy Officer
Volanté Software Inc.
49 Coldwater Road,
Toronto, Ontario, M3B 1Y8
1. WHEN DOES THIS PRIVACY STATEMENT APPLY?
This Privacy Statement applies when you visit volantesystems.com (our “website”), when you submit your personal data for an employment opportunity; communicate with us, register for an online account and create a profile to purchase a product and when you subscribe to, use or access our point-of-sale (POS) systems, software and mobile application services that we offer through our Customers (together, our “Services”).
“Visitor” means any person who visits the Volanté website.
“Customer” means any person, organization, business who has purchased Volanté’s products and services, including our POS systems and terminals, our different types of kiosks, as well as our CRM, Multi-Meal and other POS software offered through a paid subscription.
“User” means any individual and/or employee who creates an account or accesses Volanté’s POS Services through a Customer. In this case, a User’s personal data is collected and processed by our Customers through their use of Volanté’s POS Systems and Software Services.
When Volanté delivers its Services to our Customers, we are a data processor, which means that we only process your personal data on behalf of another entity, our Customers. We are a data controller when we collect, use and disclose the personal data of website visitors.
This Privacy Statement does not apply when you use third-party websites, applications or services. For example, if you click on a link to other websites from our Services, then these websites are subject to their own privacy practices, and not this Privacy Statement. Our Clients also have their own Privacy Statements describing how they collect, use and disclose your personal data.
In addition, Volanté Services may contain features designed to interoperate with external Applications not provided by Volanté. These features are available at our Customer’s discretion and may require Customers to enter into contractual agreements with sub-processors. Customers must also inform Users of such external Applications and obtain their consent when applicable. This Privacy Statement does not apply to these external Applications.
If you require information about your personal data that is collected and held by one of our Customers or how our Customers process your personal data, we recommend that you reach out to this Customer directly.
2. WHAT IS PERSONAL DATA?
In this Privacy Statement, when we use the term “personal data”, we mean any information that relates to an identified or identifiable natural person. This includes a name, home address, email address, phone number, birth date, as well as banking, balance, payroll and credit card, past purchases, meal and food preferences and other economic, cultural or social identity data. It also includes any information which is not personal on its own, but which becomes personal data when associated with other information that allows us to identify you indirectly.
This Privacy Statement is for transparency purposes. You should note that some of the information we identify as personal data may not be protected as such under applicable privacy laws. Therefore, you may not have the same rights regarding this personal data.
3. WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU, AND FOR WHAT PURPOSES?
We collect personal data directly from you when you visit our website, purchase a product, inquire about our Services and submit your personal data for an employment opportunity.
We also process various types of personal data for the purposes of delivering our Services to our Customers and to you, the Users. We support our Customers and our Users with point-of-sale solutions such as POS Systems, terminals and kiosks as well as Multi-Meal, corporate dining and Customer Relationship Manager (CRM) software.
We process such personal data in accordance with the instructions of our Customers, who are responsible for determining which lawful basis allows them to process your personal data and, if applicable, to obtain your consent.
You will find below the categories of personal data we collect along with a description as to why that personal data is collected, and how we use it.
- Account Registration Data
Examples: name, surname, email address, password
When you, as a User of our Services, sign up for an account through our Customers, you will need to provide your first name and surname; your email address and create an account password.
We collect the information that you share with us to create this account or to register you. We use this information to administer your account and the corresponding Services. We may send you emails concerning your account, upgrades, changes related to our Services or policies. These communications may be provided to you directly or through our Customers, to inform you of important information relating to our Services as well as when they are necessary to maintain a safe environment.
- Meal Plan Data
Examples: food item choices and purchases, nutrition and recipe preferences, allergy information, meal plan program participation, dietary restrictions and special care notifications.
Our Services enable Users to order food items, participate in meal plan programs, record dietary information and restrictions. We process this information based on our contractual agreements with our Customers, to provide our Customers with our Services. Menu plan data could be used by our Customers to better understand your food choices and preferences, track trends and buying habits, improve operations such as food preparation & ordering, offer preferred menu items, create timely promotions and personalize your experience.
- Purchase Data
Examples: account transactions, employee ID, account balance information, employee badges and discounts, meal cards, meal credits, transaction history, gift cards, billing, and shipping details.
We collect your purchase and shipping data when you purchase a POS product through our online shop (shop.volantesystems.com). To complete your online purchase, we use a third-party payment provider to process your credit card information and thus, do not collect your credit card information.
In order to send you the products you have purchased, we collect your shipping information and share it with our third-party delivery providers for shipping purposes.
We may also process your Purchase Data on behalf of our Customers when you make purchases through our Services. Volanté may process your credit card information on behalf of our Customers, unless our Customers have chosen to use a third-party payment provider. Volanté is PCI DSS certified and we use tokens to securely store your purchase data for future use.
- Marketing Data
Examples: your contact information, preferences, purchase history, cookies, browsing habits.
We collect Marketing Data to market our products and services. For example, we use marketing cookies to provide you with personalized and tailored advertisements based on your preferences and promote our products and services on social media websites. Click here to learn more about how we conduct interest-based advertising.
If you consent, we will send you our newsletters, magazines, news articles and promotional emails promoting our Services. You may unsubscribe at any time directly in the emails or by contacting us at email@example.com.
- Customer Database Module Data
Examples: name, room number, allergy information, badge number, patient ID, date of birth, date of admission and dietary restrictions, social activities, participating retailers, retail items
Our Services provide our Customers with functionalities that allow their Users to purchase products and services from participating third parties, including to make appointments and reservations, participate in special activity programs and events and so on.
For our Customers operating in the Retirement and Senior Living Industry and the residents of these facilities, we process personal information and personal health information, including patient ID, level of care, employee ID, allergic information, collected by our Customers through the Point-Click-Care functionalities, which allow Users to purchase retail items, spa services, special activity programs in addition to meal items offered at the Customer’s retirement or senior living facility.
We process this information according to our Customer’s specifications to deliver our Services.
- Usage Information and Technical Log Data
Examples: Technical logs, IP address, browser type and configuration, operating system, number of visitors, pages viewed, length of visits, geographical location, language preferences and device information
We collect Usage Information and Technical Log Data automatically through our website to allow us to monitor and secure our website, and to understand traffic within our website so that we can optimize them and improve our Services.
- Employment Data
Examples: Education information, professional experiences, contact information
If you apply for one of our career opportunities, we will collect and process the personal data you share with us, including any attachments and content. We will only use this information for making employment decisions.
- Communication Data
Examples: Contact information, messages content
If you communicate with us by e-mail, social media, through our website chat service or otherwise, we will collect the personal data that you share with us to respond to your communication.
We use third-party service providers to operate our chat function on our website. During business hours, your questions will be directed to Volanté’s support team. Outside our business hours, your questions will be directed to the appropriate team member, who will respond to your request in a timely manner.
If your communication relates to the collection, use and disclosure of your personal data by our Customers, we may share the communication data when required.
We collect cookies that classify in each of these categories:
|Type of cookies||Description|
|Essential Cookies||Essential cookies are necessary to operate the core functions of our website. These include login cookies, session ID cookies and security cookies. For example, we use Doubleclick to verify if your browser accepts our cookies.|
|Functional Cookies||Functional cookies are used to provide you with certain website functionalities and to remember your preferences, consents, and configurations. For example, we use a unique id cookie for each chat box session to see previous issues with you and reconnect.|
|Analytical Cookies||Analytical cookies are used to generate aggregated statistical data about your traffic and behavior when you visit our website. For instance, we use Google Analytics to determine how visitors use our website, the number of visitors, from where our visitors come from on the web, the pages they visited and how much time was spent on our website. We only see this data in an aggregated and traffic-based format, and we cannot see each visitor’s data individually.|
|Marketing Cookies||We use marketing cookies to serve you ads and marketing materials that better align with your interests. We also use analytic cookies to understand our marketing cookies and limit the number of times you see an ad, measure the effectiveness of our marketing campaigns and adjust content. Click here to learn more about interest-based advertising and how we use marketing cookies for this purpose.|
5. WHAT IS INTERESTED-BASED ADVERTISING, AND DO YOU CONDUCT ANY?
Interest-based advertising (also known as targeted or behavioral advertising) means that your preferences and interests are collected through cookies or otherwise, and then used to serve you advertising and marketing materials that are relevant to you (based on those preferences and interests).
Without interest-based advertising, you would still be getting ads when browsing the Internet. However, these ads would not be personalized based on your preferences and interests – and so, they would be less relevant to you, and less effective for us.
For instance, we use Google Ads, LinkedIn Ads and Facebook Ads to provide you with ads based on your browsing history and search requests. We use YouTube to provide you with personalized ads based on your viewing content.
6. HOW CAN I MANAGE MY COOKIE PREFERENCES AND MY ADS SETTINGS?
You can manage your cookie preferences through your browser by using the instructions provided below and by clicking on your browser. However, by blocking some cookies that enable the functions of the Services, parts of the Services may not be available.
To know more about why you are seeing an ad, how to manage your advertising preferences and/or opt-out of advertising cookies and tracking technologies for interest-based advertising, please visit:
7. HOW CAN YOU UNSUBSCRIBE FROM OUR COMMUNICATIONS?
With your express consent, we provide you with various communications, such as electronic newsletters. You can unsubscribe at any time from such communications by using the link to unsubscribe included in our electronic messages, or you can contact us at firstname.lastname@example.org.
Commercial electronic messages, such as promotional e-mails, may contain cookies and tracking technologies which provide us with information as to whether you are interacting with our messages. Click here to learn more about how to control your preferences regarding cookies.
8. DO WE SHARE PERSONAL DATA WITH THIRD PARTIES?
We generally identify to whom, and for what purposes, we disclose your personal data, at the time we collect such information from you or otherwise obtain your consent to such disclosure.
We may also transfer your personal data to service providers that are assisting us in our operations. We ensure that those service providers are subject to appropriate privacy standards. Examples of our service providers include:
- Payment processors
- Delivery and mobile online ordering service providers
- Employment service providers
- Hosting/infrastructure/storage providers
- Communications services providers
- Analytical service providers
- Ad conversion tracking and personalized content service providers
Please check out our Partners’ page as a starting point.
In addition, we may use and disclose your information when we believe such use or disclosure is permitted, necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public and government authorities; (d) to enforce or apply our policies and agreements; (e) to protect our rights, operations or property; (f) to collect amounts owed to us; (g) to allow us to pursue available remedies or limit the damages that we may sustain; (h) to protect the safety of our Customers, Users, Visitors or others; (i) to address, prevent or stop fraud or other activity that we consider to be illegal or unethical; or (j) to address an emergency involving danger of death or serious harm.
8. HOW DO WE PROTECT YOUR PERSONAL DATA?
Volanté safeguards your personal data with industrial-strength security features and deep security functionality. Volanté terminals offer point-to-point encryption as an added layer of privacy. Furthermore, Volanté is a P2PE, PCI DSS compliant solution that adheres to the industry’s most stringent security requirements of food service management.
We have implemented physical, organizational, contractual and technological security measures in an effort to protect your personal data from loss or theft, or unauthorized access, use, or disclosure. For example:
- we restrict access to your personal data to those employees or agents who need access for authorized purposes;
- electronic data is protected by technological means, such as firewalls, access controls, and encryption);
- we sensitize our employees and agents to the importance of safeguarding personal data
Like most organizations, we cannot guarantee that our safeguards will always be effective. No method of transmitting information over the Internet or of storing information is completely secure. A breach of security safeguards can result in such risks as phishing and identity theft.
We may also require you to assist us to safeguard your personal data. For instance, if you use an account on our website, you should use unique and strong passwords, not share your passwords with others, and promptly alert us if you believe your password has been compromised. You should only connect to our website via a safe network.
9. WHERE DO WE STORE YOUR PERSONAL DATA?
Our cloud-based platform is hosted on Google Kubernetes Cloud servers located in the United States. In some cases, our Customers can choose to store personal data directly on the POS system.
Unless prohibited by law or contracts with our stakeholders, we may rely on service providers who are in the United States who assist us with the Services, in which case your personal data may be stored in or accessed from the United States. In that case, your personal data will be subject to United States laws and may be subject to disclosure to United States governments, courts or law enforcement or regulatory agencies, pursuant to those laws. Subject to those laws, Volanté uses reasonable measures to protect your personal data as it would be protected in Canada. If you would like more information about our policies and practices regarding processing of personal data outside of Canada, please send us an email at email@example.com.
10. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We retain your personal data for as long as required for the purpose for which it was collected, or longer if we are required or permitted to do so under applicable laws. We also retain the personal data we process on behalf of our Customers for as long as it is required under our Customers’ instructions.
We retain your online account data for as long as the account exists in our databases. You can request the deletion of your account by sending an email to the organization with whom you have set up your account (our Customer). When you ask for your account to be deleted, this is automatically deleted from our databases.
11. WHAT ARE YOUR PERSONAL DATA RIGHTS?
The law provides you with rights regarding your personal data. These rights may change depending on where you are located, and they may not apply to all types of personal data. Most individuals have the right to access their personal data, and the right to request corrections to their personal data under certain circumstances, such as if the personal data is inaccurate or outdated.
If you want to exercise your rights, or if you have a question or complaint about how we collect, use, or disclose your personal data, you can communicate with us by email at firstname.lastname@example.org or by writing to us at:
Attn: Privacy Officer
Volanté Software Inc.
49 Coldwater Road,
Toronto, Ontario, M3B 1Y8
We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or for us to send a copy of your personal data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request.
For security reasons and to avoid any fraudulent request, we may be required to ask that you provide a proof of identity with your request. We will not use such personal data for any other purposes.
We will respond to your request within thirty (30) days unless agreed otherwise. Please remember that personal data rights are not absolute and may be refused. If your request is denied, we will notify you in writing, and provide you with detailed reasons and information on how to contest our decision.
The OPC has published advice to help you access your personal data, as well as exercise your rights when it is held by a business. For more information, you may contact the OPC’s Information Center at:
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec K1A 1H3
Open from 9:00 a.m. to 4:00 p.m. EST
You may also use this online form.
If you are not satisfied with how we process your request, you can communicate with the OPC and lodge a complaint by filling out this form.
Finally, your browser may allow you to automatically transmit a “Do Not Track” request to websites you visit. Volanté does not currently respond to or change any of its practices when it receives a “Do Not Track” request from your browser.
12. DO YOU UPDATE THIS PRIVACY STATEMENT?
Yes, we will update this Privacy Statement if we change how we collect, use, or disclose your personal data or if there are changes to our privacy legislations.