Privacy

Noibu is committed to protecting your personal information

Privacy Policy
GDPR/CCPA Commitment
Last Updated: May 13 2024

Noibu Privacy Policy

Welcome to Noibu Technologies Inc. (“Noibu”, “We”, “Us”, or the “Company”). We prioritize your privacy and are committed to protecting and handling your personal information with the utmost care. This Privacy Policy explains how we collect and use your personal information in relation to Noibu products, services, events, and websites or applications that link to this Policy (together, the “Noibu Products”). It also describes how you can control or exercise your rights related to your personal information.

Noibu adheres to the highest privacy standards, complying with international and local regulations including Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec’s Law 25, the EU’s General Data Protection Regulation (GDPR), relevant laws in the UK and Switzerland, and applicable U.S. state privacy laws such as the California Consumer Privacy Act (CCPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), and Virginia Consumer Data Protection Act (VCDPA). Our commitment ensures your personal information is protected in accordance with the most rigorous privacy laws, reflecting our dedication to safeguarding your privacy.

What does this policy cover?

This Policy covers our collection, use, and disclosure of information about identifiable individuals (“Personal Information”), particularly those individuals who complete transactions with our e-commerce clients (our “Clients”).

This Policy does not apply to the practices of companies that we do not own or control, including those practices of our Clients. For example, if you purchase from one of our e-commerce clients, your transaction data is managed by the client, not by Noibu directly. We cannot accept liability for the actions or policies of these independent sites, and we are not responsible for the content or privacy practices of such sites. You should review the applicable privacy policy of any company with which you do business. We do not knowingly collect or solicit Personal Information from anyone under the age of 16.

This Privacy Policy applies when you interact with us by doing any of the following:

  • Make use of our application and services as an authorized user
  • Visit any of our websites that link to this Privacy Policy
  • Visit any of our branded social media pages
  • Visit our physical offices
  • Attend any of our branded or sponsored events
  • Receive any communication from us including newsletters, emails, calls, or texts

Register for, attend and/or take part in our events, webinars, or contests

Collection and use of personal information and other data

2.1 Client Account Information

In order to use certain aspects of the Service, representatives of our Client Users may be required to have a valid Noibu account to log in to the Service (“Account”). When our Clients register for the Service, we generally collect only business contact information, including the company name and address. Noibu may also collect credit card billing information in order to process payments for the Noibu Service and Professional Services.

2.2 End User Data

When end users of our Client, including online shoppers (“End Users”), engage in a transaction with the e-commerce Client of Noibu, Noibu records de-identified behavior, such as pages visited and time spent on the site.

Purpose and Legal Basis for the Processing of Personal Data

We collect and use personal data about you with your consent to provide, maintain, and develop our products and services and understand how to improve them.

These purposes include:

  • Building a Safe and Secure Environment
    • To Verify or authenticate your identity; and
    • Investigate and prevent security incidents such as breaches, attacks and hacks.
  • Providing, Developing, and Improving our Products and Services
    • Deliver, maintain, debug and improve our products and services.
    • Enable you to access Noibu services and set up accounts.
    • Provide cloud services to enable the user and administrator to access, activate, administer, and monitor Noibu and other IoT solutions.
  • Provide you with technical and customer support
  • Organize and Deliver Advertising and Marketing
    • Aggregate your information in an anonymized form to generate usage statistics.
    • Send you newsletters and other marketing communications about current and future products, programs and services, events, competitions, surveys and promotions held by us or hosted on our behalf; and
    • Organize events or register attendees and schedule meetings for events.

Where we process your personal data to provide a product or service, we do so because it is necessary to perform contractual obligations. All of the above processing is necessary in our legitimate interests to provide products and services and to maintain our relationship with you and to protect our business, for example against fraud. Consent will be required to initiate services with you. New consent will be required if any changes are made to the type of data collected. Within our contract, if you fail to provide consent, some services may not be available to you.

2.3 Interactions with Noibu.com

When you interact with our website, Noibu.com, we automatically collect specific information related to your device and your activities. This includes details such as your web browser type, IP address, time zone, and cookies that are installed on your device. As you navigate through Noibu.com, we gather data on the web pages you visit, the search terms that brought you to our site, and your interactions with the site. This information is utilized to enhance your user experience, optimize website navigation, promote products or services tailored to your interests, and improve overall site security.

Storage location and transfer of personal information

Noibu stores its data, including Personal Information, on servers located in the United States and Canada, including through the use of our Sub-Processors. Your personal data may also be transferred to, and maintained on, servers residing outside of your state, province, country, or other governmental jurisdiction where the data laws may differ from those in your jurisdiction. We will take appropriate steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy as well as applicable data protection law. We will enter into EU Standard Contractual Clauses (or equivalent measures) with parties outside the EEA and ensure adequate controls are in place for the security of your data.

Disclosure of personal information with third parties

4.1 Disclosure of Results to Clients

We do not share or sell your personal data to third parties, including to third-party advertisers.

4.2 Disclosure of Statistical Data

Noibu discloses aggregate statistical data to its partners and clients, such as advertisers and other third parties, who may use the data for business purposes. This information does not include any Personal Information or otherwise identify any individual End Users.

4.3 Service Providers and Business Partners

We may from time to time employ other companies and people to perform tasks on our behalf and need to share Personal Information with them to provide the Service. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary to assist us. This includes third-party companies and individuals employed by us to facilitate our Service. Our current list of Sub-processors is available here.

4.4 Business Transfers

If we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be made available or otherwise transferred to the new controlling entity, where permitted under applicable law.

4.5 With Your Consent

If we need to use or disclose any Personal Information in a way not identified in this Privacy Policy, we will notify you and/or obtain your express consent as required under applicable privacy laws.

Security

The security of your Personal Information is important to us. We use commercially reasonable efforts, including encryption and access controls, to store and maintain your Personal Information in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Personal Information that you provide to us. We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.

Retention

We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or if required by law. All retained Personal Information will remain subject to the terms of this Privacy Policy.

Access, correction, and accuracy

7.1 Your Rights for Your Personal Data

Depending on your geographical location and citizenship, your rights are subject to local data privacy regulations. These rights may include:

Right to Access (GDPR Article 15, CCPA, PIPEDA)

You have the right to request a copy of the personal data we are processing about you.

Right to Rectification (GDPR Article 16, PIPEDA)

You have the right to have incomplete or inaccurate personal data that we process about you rectified.

Right to be Forgotten (right to erasure) (GDPR Article 17, CCPA, Law 25)

You have the right to request that we delete personal data that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise, or defend legal claims.

Right to Restriction of Processing (GDPR Article 18)

You have the right to restrict our processing of your personal data where you believe such data to be inaccurate; our processing is unlawful; or if we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish us to delete it.

Right to Portability (GDPR Article 20)

You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you or the third party that subscribes to Noibu’s services.

Right to Objection (GDPR Article 21)

Where the legal justification for our processing of your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise, or defense of a legal claim.

Right Not to Be Discriminated (CCPA)

You have the right not to be denied service or have an altered experience based on having executed any of your CCPA rights.

7.2 Withdrawing Consent

If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to opt out from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us at privacy@noibu.com.

7.3 How to Exercise Your Rights

You can make a request to exercise any of these rights in relation to your personal data by sending the request by mail or by email to the Noibu Privacy Compliance Officer as listed below. For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information.

Changes to this policy

We may amend this Policy from time to time. Use of Personal Information we collect is subject to the Policy in effect at the time such information is collected, used, or disclosed. If we make material changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our App or Services or sending you an email prior to the change becoming effective. You are bound by any changes to the Policy when you use the App after such changes have been first posted.

Contact us

If you would like to: access, correct, amend, or delete any personal information we have about you, register a complaint, or simply want more information, contact our Privacy Officer (Alex Bernier) at privacy@noibu.com or by mail at:

Privacy Officer, Alex Bernier

979 Bank Street Suite 500

Ottawa, ON Canada K1S 5K5

Noibu Cookie Policy

Cookies and similar technologies are standard features on websites that allow us to store small amounts of data on your computer about your visit to and use of Noibu.com (“the Website”). Cookies help us determine which areas of the Website are useful and which need improvement.

Understanding Cookies and Site Data Collection

When you interact with Noibu.com, we automatically collect specific information related to your device and your activities. This includes your web browser type, IP address, time zone, and cookies that are installed on your device. As you navigate through Noibu.com, we gather data on the web pages you visit, the search terms that brought you to our site, and your interactions with the site.

Use of Cookies and Similar Technologies

In addition to the data collected as described above, when you visit or log in to our website, Noibu and our online data partners or vendors use cookies and similar technologies. These technologies help us associate your activities on our website with other personal information they or others have about you, including your email or home address, which may have been collected in previous interactions.

Types of Cookies Used on Noibu.com

Necessary Cookies: Enable you to navigate the Site and use its services and features. Without these cookies, the Site will not perform smoothly.

Analytics Cookies: Collect information about your use of the Website and enable us to improve the way it works.

Performance Cookies: Help us understand and analyze the key performance indexes of the website which enhances your user experience.

Advertising Cookies: Display targeted promotions or advertisements based on your interests on the Site or to manage our advertising.

Managing Your Cookie Preferences

You can choose whether to accept the use of cookies and similar technologies in general by changing the settings on your browser, or by adjusting specific settings for our Service. However, if you disable cookies, your experience with the Service may be diminished, and some features may not function as intended.

Opting Out of Targeted Advertising

If you prefer not to receive targeted advertising based on the information collected via cookies, you may opt out at any time by visiting https://app.retention.com/optout.

Usage of R2b2 Cookies (U.S. Residents Only)

The use of R2b2 cookies and related data tracking technologies applies specifically to residents of the United States. These technologies link the activities on our site with other personal information held about you by third parties, primarily for the purpose of delivering targeted advertising based on this information. If you are a U.S. resident and prefer not to receive targeted advertising based on this information, you may opt out at any time by visiting https://app.retention.com/optout.

Other Tracking Technologies

Google Analytics: Uses cookies and similar technologies to collect and analyze information about use of the Site and report on activities and trends.

Pixel Tags: Track actions of users of the Website, measure the success of our marketing campaigns.

Physical Location and Browser Information

We may collect physical location data to provide personalized services. We also collect browser or device information to ensure the Service functions properly.

How to Manage and Delete Cookies

You can manage your cookie preferences at any time through your browser settings or via our Service’s settings. Instructions for managing cookies can be found on your browser provider’s website or at All About Cookies.

For detailed instructions on deleting cookies from your browser:

For more information or any concerns, please contact us at privacy@noibu.com.

GDPR / CCPA commitment

The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The CCPA (California Consumer Privacy Act) protects the privacy of California residents.

Our commitment: Noibu has undertaken the required business and technology steps to operate in a manner compliant with GDPR / CCPA.

What has Noibu done about the GDPR / CCPA?


  1. Ran a compliance gap assessment to ensure our technical and organizational processes meet regulation standards.
  2. Updated our privacy policy to comply with GDPR / CCPA.
  3. Created a Data Processing Agreement with SCCs for GDPR and CCPA Service Provider Addendum.
  4. Ensure that we collect the minimum amount of data needed for you to use Noibu.
  5. Attest to not reselling anyone’s data.
  6. Verify that data is used only for the benefit of Noibu users.

GDPR: Data Processing Agreement (DPA)

You can access the Data Processing Agreement here. Please fill out, sign and send to info@noibu.com with the subject “Company Name, Data Processing Agreement”. We will countersign it and provide you with a fully executed downloadable copy via email within 2 business days. If you have any questions about its contents please email privacy@noibu.com.

CCPA Service Provider Addendum

You can access our CCPA Service Provider Addendum (SPA) here. This is a written contract entered into between a business and a service provider as those terms are defined in the CCPA. In order for a business to transfer personal information to Noibu who acts as a Service Provider where that transfer does not amount to a sale of personal information. The CCPA requires that a business and a service provider enter into a written contract in order to share personal information.

What do Noibu customers need to do?

  1. Make sure your Terms of Service or Privacy Policy properly communicate to your users how you are using Noibu (and any other similar services) on your website or app. We recommend you ensure your policies are up to date and clear to your readers.
  2. If you have customers in the European Union you will want to sign a DPA with Noibu. You can access the DPA here and we’ll be happy to countersign.
  3. If you are a business under the CCPA, consider signing our CCPA Addendum.

If you have any questions regarding GDPR please contact privacy@noibu.com.

CCPA CompliantPipedaQuebec Privacy ActPCiDSSAICPA SOCGDPRISO/IEC 27001:2022 Certified by Prescient SecurityISO/IEC 27701:2019 Certified by Prescient Security