1. Introduction

At Q-Fi Solutions Inc. (‘Q-Fi’), your privacy is our priority. This policy explains how we manage and protect your personal data when you engage with our website, our products, our services, or Q-Fi directly.

2. About Us

Q-Fi is a leading provider of survey software catered to market research bodies, academic institutions, government entities, and insights agencies. Throughout our operations, we might collect personal information from a variety of stakeholders: our clients, users of our systems, potential employees, individuals completing our online forms or those utilising our software on another site (referred to as a ‘client website’), or those seeking information about what we offer.

In these contexts, Q-Fi either acts as a ‘Data Controller’—deciding what data to gather and its use—or a ‘Data Processor’, where we operate based on the directives of a Data Controller. This policy extends to all Q-Fi's operations, encompassing all legal entities and operating bases.

For more details or to get in touch with Q-Fi, kindly refer to the “Additional Information” section at the end of this document.

3. The Data We Collect

Clients of Q-Fi harness our software to obtain survey responses. Our software operates on a self-service model, empowering our clients with the discretion to determine data collection, its management, and access permissions. In this scenario, our clients act as the Data Controllers, owning and regulating their data. Q-Fi, in relation to its SaaS operations and other select functions, operates as the Data Processor, handling personal data as guided explicitly by our clients.

Should you take a survey on a web or mobile platform via one of our clients, you might observe a footer saying ‘powered by Q-Fi Surveys’ with the data stored on a Q-Fi server. However, any personal information gathered through such surveys falls under the purview and responsibility of the respective Q-Fi client. If you wish to learn how a specific Q-Fi client will manage your data or to access their privacy policy, please contact the client that sent you the survey invitation.

Additionally, for analytical reasons, Q-Fi might generate aggregated and/or anonymised data. This could be sourced from forms on one or more of our official websites or a client's website.

4. Our Data Collection Practices

Q-Fi gathers personal data in three primary ways:

a. Information you actively share with us,
b. Data collected from other sources,
c. Anonymized data amassed for analytical purposes.
d.Information You Provide Your interactions with Q-Fi dictate the specific personal details you share. This may include‍

• Personal identifiers like your name, gender, job title, and professional contact details.
• Data shared through: our official website forms, Q-Fi survey forms, emails, online chats, technical support applications, voicemails, conferences, webinars, blogs, social media, and other channels.
• Transactional details such as payment or credit card data you provide for processing payments.
• Check-in details at our offices, including name, contact details, and other credentials.
• Job applications, including your CV or work portfolio.
• Other relevant information fostering our relationship, helping us serve you better.

4.2 Data from Other Sources Beyond your direct inputs, we may gather information via:

• Website Interaction: Like most digital platforms, Q-Fi tracks site traffic to enhance user experience. We collect data such as: visited URLs, referrer/exit pages, viewing time, clicks, platform, location, and other website interaction metrics
• Device Data: Automated collection of technical details from devices accessing our site, including IP addresses, device type, geolocation, and operating system specifics.
• Samples: Information from devices accessing our sample applications or surveys.
• External Entities: Publicly accessible sources (e.g., Google, LinkedIn) and third parties like our partners or contractors.
• Employers: Contact details shared by your employer for granting system access to a Q-Fi account or for communications and product demos.

4.3 Statistical Data Collection We may compile anonymized data to derive insights. From Q-Fi survey tool users, this could entail feedback about their site experience, likelihood of referring our platform to peers, and other anonymous data from interactions with Q-Fi software.

5. Data Utilization

The data we acquire is solely for Q-Fi’s operational purposes. We prioritise your data confidentiality, never commercialising it and only sharing as delineated in this policy, with your consent, or to satisfy legal and service commitments. Internally, only those with valid business justifications can access your details. Furthermore, our staff is under binding contracts, reinforcing data privacy and secrecy.

Q-Fi remains compliant with prevailing laws, processing personal data with your consent, due to legitimate reasons, or in line with legal/contractual duties. Nonetheless, Q-Fi reserves the right to share aggregated and/or anonymised statistical data with clients or other entities.

6. Purpose of Processing Your Data

Your personal information is processed by Q-Fi for the following objectives:

• Optimising the presentation of our website and services tailored for you.
• Delivering the information, products, and services (including training) you seek.
• Providing demonstrations, videos, sample surveys, mobile apps, information, or proposals for prospective services based on your interest or requests.
• Executing obligations arising from contracts between you and Q-Fi, such as billing or transaction processing through our service providers.
• Complying with legal, security, and regulatory prerequisites, and defending against illegitimate or suspicious actions.
• Establishing ongoing communication, including updates on changes to our offerings.
• Business management, service analysis, and improvements.
• Delivering more content and services to you.
• Undertaking activities communicated when data was initially collected or at the outset of our relationship, e.g., as specified in a customer agreement.

7. Data Retention Duration

We retain your personal data only for the duration required for its intended purpose. Retention spans differ based on several factors like purpose magnitude, contractual stipulations, operational necessities, legal motives, and archiving necessities. Personal information is deleted or depersonalized once deemed redundant or upon your written request.

8. Data Storage Locations

The bulk of personal data collected via our website forms or from Q-Fi clients resides in our CRM system, primarily Pipedrive and WebFlow. For further insights on their privacy measures, refer to their official privacy statement at their respective websites. Additionally, data may also be stored and processed at our local offices occasionally.
Note: This is not an exhaustive vendor list. A more detailed vendor list is available, and we retain discretion over vendor utilisation.

9. Data Sharing Practices

Q-Fi collaborates with a select group of third-party providers to enhance our operations. These entities might handle your personal data as they cater to our needs. They operate under Q-Fi's guidelines and have a contractual duty to safeguard your data according to regulations. We may also share data with our affiliates for legitimate purposes. Key third-party entities include:

• Core service providers in areas like CRM, data hosting, IT infrastructure, video hosting, marketing, and analytics.
• Sub-contractors under confidentiality agreements supporting our professional services.
• Financial institutions assisting with billing, payments, and insurance services.
• Partners offering complementary information, services, and products.
• Other third parties, especially in legal scenarios or during business mergers or acquisitions.

10. Managing Your Data

Q-Fi will comply with all legal requirements of the jurisdictions in which it operates.The Personal Information Protection and Electronic Documents Act (PIPEDA) is the federal privacy law for private-sector organizations in Canada.
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.The California Consumer Privacy Act (CCPA) is a privacy law for residents of California.

You hold several rights and means to control your data:
Opting-out of Communications: While Q-Fi occasionally dispatches promotional emails, you can unsubscribe via links in the email footers or by contacting us directly. However, service-related emails (like maintenance notices) for our system users are obligatory.

Personal Data Rights: Depending on local data protection regulations, you have the right to:

• Understand the data collection purpose.
• Access the data we maintain about you.
• Correct any inaccuracies in your data.
• Erase your data, subject to other legal constraints.
• Restrict our future data processing activities.
• Transfer your data to another entity.
• Object to data processing rooted in our legitimate interests.

Should you wish to exercise these rights, reach out via the Q-Fi addresses available or email us at dataprotection@qfisolutions.com. We endeavour to address all requests within 30 days of receiving them.

11. Cookie Policy

What's a Cookie? A small text file placed on your device by websites you visit, which recalls your preferences (like language) over time.

How Q-Fi Uses Cookies: We deploy both 'session' and 'permanent' cookies to improve your experience and gauge aggregate website behaviour. While Q-Fi controls some cookies, our service providers may use theirs, covering areas like analytics, advertising, social media, and live chat.

Managing Cookies: Adjust your browser settings to decline or manage cookies. Refusing them might diminish your website experience.

12. Google Analytics

We use Google Analytics, governed by its terms and privacy policy, to enhance your service experience. You can opt-out via browser settings or by using the Google Analytics Opt-out Browser Add-on. Reach out for more details on other analytics services we use.

13. European GDPR Concerns

EEA residents can lodge a complaint with the CNIL in France if they feel Q-Fi violates EEA data protection norms, especially GDPR. Visit the CNIL website for more. Before approaching the CNIL, kindly allow us an opportunity to address your concerns.

14. Other Privacy Matters

• Privacy for Minors: We do not knowingly or intentionally target anyone under 18, all content, marketing and product are created and marketed to companies or individuals seeking a solution for research and insights.
• Links to Third-party Sites: For user convenience, we may link to other sites. We aren't responsible for their content or privacy measures. Review their privacy policies before sharing personal data.
• Security: We employ industry standard security techniques and seek to employ all secure measures when sending and receiving data. However, no system is infallible on the internet so it’s not possible to guarantee 100% security.
• Changes to Privacy Policy: We can revise this policy as needed. For updates, check the "Last Updated" date above.

15. Contact Information

To address queries or raise complaints:

Email: dataprotection@qfisolutions.com
Address: 20 Bay Street, Unit 1100 Toronto, ON, Canada, M5J 2N8.
Phone: +1-855-734-9073