Privacy Policy

Your privacy is important to us. That's why we ensure our achitecture conforms to industry standards and regulatory requirements.

This privacy statement (“Policy”) describes the current policies of Vome Inc., (“Vome” or “we” or “our”) with regard to personal information collected by us from you. We developed this Policy so you know how we collect, use, disclose, transfer and store your information. Please read through this Policy to familiarize yourself with our privacy practices. If you have any questions, please let us know by emailing us at legal@vomevolunteer.com.

Scope

This Privacy Policy applies to our collection, use and disclosure of personal information received via the following channels:

• This website, services and software that we operate and in which we post a direct link to this Privacy Policy; and
• Face-to-face, phone, email, chat, video conference, mail or other business interactions with our customers, vendors or other businesses interested in our services.

What information do we collect?

We collect information from you when you register on our site, use our services, respond to a survey or fill out a form. When inquiring or registering on our site, as appropriate, you may be asked to enter your: name, email address, phone number, business or other information as necessary to operate our site and software.

We may record the following information:

• Name, email address, phone number and password (Registration Information),
• Billing address, subscription data and credit card information (Billing Information),
• Date of birth, gender, address, profile picture, time zone, language preference (Profile Information),
• IP Address (Location Information),
• Data sharing permissions with other accounts (Permissions Information),
• Volunteer data such as information attached on submitted forms, reservation data, number of hours or shifts logged (Activity Information).

All personally identifiable information is subject to PIPEDA, HIPAA and GDPR as described below.

What do we use your information for?

Any of the information we collect from you may be used in one of the following ways:

• To improve our website

  We continually strive to improve our website offerings based on the information and feedback we receive from you.

• To improve customer service

  Your information helps us to more effectively respond to your customer service requests and support needs.

• To process transactions

  Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the service requested.

• To administer a contest, promotion, survey or other site feature
• To send periodic emails

  The email address you provide during registration, may be used to send you information and updates pertaining to your account, in addition to receiving occasional company news, updates, related service information, etc.

  Note: If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.

• To operate our software and products

  The information you provide or allow us to access on your behalf, may contain information such as an email address, address, location, date of birth, gender or other personal information.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

We use cookies to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business. To learn more about our Cookie Policy, you can use the following link: Link to Cookie Policy.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable information may be provided to other parties for marketing, advertising, or other uses.

What Security Measures Have We Implemented?

We take serious measures to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. All web access, our web site, APIs and web portal all use Secure Sockets Layer (SSL) software, which encrypts information you input, to protect information you submit via our Services.

Vome secures user information by ensuring:

• Our Amazon Web Services (AWS) infrastructure and services are PIPEDA, HIPAA and GDPR compliant. To learn more about how we incorporate best practices for security, identify and compliance, visit Amazon AWS Architecture Center to review their guidelines. Additionally, you can read this AWS Whitepaper to get an overview of Amazon Web Services.
• All user data is safely stored on servers in Canada.
• All data transmission is over SSL connections.
• Data and data backups are encrypted at rest.
• Data access via the portal is restricted by login.
• Data access via the portal is restricted to users and the organizations for which they are a part of.
• Administrators at these organizations may gain access to user data when they are invited by an administrator from the organization.
• Private information is NOT included in any SMS, email or other unencrypted communication sent out by the system.
• Terms and Conditions of Use accepted by all system users outline additional information related to data usage and access limitations.
• All access is logged in an audit trail.

Our security measures are only as good as you are in ensuring privacy. It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.

Childrens Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website and services are all directed to people who are at least 13 years old or older.

Personal Information Protection and Electronic Documents Act (PIPEDA)

We are in compliance with the law concerning privacy of your information. In Canada, we are governed by PIPEDA, an overview of which and how we are establishing company policy and compliance can be downloaded here.

The law gives individuals the right to:

• know why an organization collects, uses or discloses their personal information;
• expect an organization to collect, use or disclose their personal information reasonably and appropriately, and not use the information for any purpose other than that to which they have consented;
• know who in the organization is responsible for protecting their personal information;
• expect an organization to protect their personal information by taking appropriate security measures;
• expect the personal information an organization holds about them to be accurate, complete and up-to-date;
• obtain access to their personal information and ask for corrections if necessary; and
• complain about how an organization handles their personal information if they feel their privacy rights have not been respected.

The law requires organizations to:

• obtain consent when they collect, use or disclose their personal information;
• supply an individual with a product or a service even if they refuse consent for the collection, use or disclosure of your personal information unless that information is essential to the transaction;
• collect information by fair and lawful means; and
• have personal information policies that are clear, understandable and readily available.

Québec P-39.1 – Act respecting the protection of personal information in the private sector

The object of this Act is to establish, for the exercise of the rights conferred by articles 35 to 40 of the Civil Code concerning the protection of personal information, particular rules with respect to personal information relating to other persons which a person collects, holds, uses or communicates to third persons in the course of carrying on an enterprise within the meaning of article 1525 of the Civil Code. For full details, download the Act.

Health Insurance Portability and Accountability Act (HIPAA)

In the USA, Vome is compliant with HIPAA and takes all measures available to protect your data. To download a copy of our HIPAA policy: Vome-HIPAA-Compliance-Notice-2022.

General Data Protection Regulation (“GDPR”) (EU)

The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018.

By using Vome’s website or services, you understand that we will use your personal information, data concerning your profile, and other data as described in this privacy policy, and consent to this usage in accordance to the EU GDPR. For more details on our GDPR policy, download a copy here: Vome-GDPR-Compliance-Notice-2022.

California Privacy (CCPA)

The California Consumer Privacy Act (“CCPA”) provides consumers, in California, with specific rights regarding their Personal Information. Principally, The CCPA will provide consumers, in California, with new rights, including a right to transparency about data collection, a right to be forgotten, and a right to opt out of having their data sold.

While the CCPA does not apply to information already subject to other USA federal regulations, such as HIPAA for example, it does apply to entities covered by these laws to the extent they collect and process other personal information about consumers.

While much of the CCPA is a subset of the GDPR, there are several unique differences. The CCPA requires that we disclose for the previous 12 months:

• Types of personal information that Vome has collected
• Types of personal information that Vome has sold
• Types of personal information that Vome has shared for commercial reasons

Please contact us at legal@vomevolunteer.com to update or remove any personally identifiable data we may have on you.

Since we do not sell your data, there is no need to opt-out. However, if you have concerns about the use of the data we do collect as you browse this web site or use our services, you may request that we delete any personally identifiable data by contacting us at legal@vomevolunteer.com. You should also exit our web site and delete any cookies or history stored in your browser. The simplest approach to perform this action is to search for “how to delete cookies” in your favorite search engine.

Your Consent

By using our site and/or services, you consent to our privacy policy. On our web site, this consent is expressly requested while navigating our home page and when viewing our privacy notice. Your consent may be withdrawn by contacting Vome and requesting this action.

How to update or delete your data

You can ask us to correct personal information about you that you think is incorrect or incomplete. You can always update or delete any personal information yourself by logging into your account. Ask us how to do this. You may ask us to delete your personal information, including your account. Requests should be emailed to legal@vomevolunteer.com.

We will comply with the understanding that you may no longer be able to use our products or services. Due to legal or government requirements, we may have to maintain an archived copy of your data along with any transaction records for a fixed period of time.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.

Contacting Us

If there are any questions regarding this privacy policy you may contact us at legal@vomevolunteer.

References

• PIPEDA Overview Presentation [PDF]
• Québec – P39.1 Act respecting the protection of personal information in the private sector [PDF]

Policy revised: 12 Oct 2022