Privacy Policy

e-WorkSAFE Privacy Policy

Last updated: November 18, 2025

This Privacy Policy describes how e-WorkSAFE Inc. (“we”, “us”, “our”) collects, uses, discloses, stores, and protects personal information when individuals access or use our mobile application, website, or related services (“Service”).

We are committed to protecting your privacy and complying with applicable laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), provincial privacy laws in Canada, and—where applicable for U.S. users—requirements under the Children’s Online Privacy Protection Act (COPPA).

If you do not agree with this Privacy Policy, please do not use the Service.

1. Interpretation and Definitions

A. Interpretation

The words whose initial letters are capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.

B. Definitions

For the purposes of this Privacy Policy:

  • Account means a unique account created by a user or organization to access our Service or parts of our Service.
  • Affiliate means an entity that controls, is controlled by, or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
  • Application refers to e-WorkSAFE, the software program provided by the Company.
  • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to e-WorkSAFE Inc., 100 King St West, Suite 5700, Toronto, ON, M5X 1C7.
  • Country refers to: Ontario, Canada, and the laws of Ontario and Canada apply.
  • Device means any device that can access the Service such as a computer, a cell phone, or a digital tablet.
  • Personal Information/Personal Data is any information about an identifiable individual, such as name, email address, phone number, organization, device identifiers, and any content, forms, reports, photos, notes, attachments, or other information entered into the Service that relates to or could reasonably identify an individual.
  • Service refers to the Application.
  • Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
  • Usage Data refers to Technical and analytics information collected automatically when using the Service (e.g., IP address, device ID, app logs).
  • You means the individual accessing or using the Service, or the organization, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

2. Collecting and Using Your Personal Data

We collect the following categories of information when you use the Service:

A. Information You Provide

1. Account & Identity Information

  • Name
  • Email address
  • Password or authentication credentials (including SSO tokens)
  • Organization/employer name
  • Job role or access permissions
  • Optional profile details

2. Operational & Workplace Safety Information

(depending on how your organization uses e-WorkSAFE)

  • Forms, notes, checklists, and reports
  • Photos or attachments uploaded by users
  • Asset/equipment identifiers
  • Worksite safety records
  • User-submitted comments and logs

3. Communications

  • Support requests or feedback
  • Email or phone contact information for notifications

B. Information Collected Automatically (Usage Data)

Examples include:

  • IP addresses
  • Device identifiers (Android ID, manufacturer, OS version)
  • App interaction logs
  • Date/time of use
  • Crash reports
  • Performance metrics
  • Diagnostic events

Collected automatically through:

  • Application logs
  • Device sensors (where applicable)
  • Analytics tools such as Google Analytics for Firebase or Firebase Crashlytics (if active)

C. Information From Organizations (Enterprise Use)

If your employer or organization purchases the Service:

  • Administrative user lists
  • Roles and access levels
  • Audit logs of safety tasks

3. Use of Your Personal Data

The Company may use Personal Data for the following purposes:

Core Functionality

  • To provide, maintain, and secure the Service
  • To authenticate users and manage Accounts
  • To store and display workplace safety records and tasks
  • To provide administrative insights to the employer (if applicable)

Communication

  • To send notifications or service-related messages
  • To respond to support inquiries
  • To send updates about features (optional)

Analytics & Performance

  • To monitor stability, crashes, usage trends
  • To improve user experience and functionality

Legal & Compliance

  • To meet regulatory or legal obligations
  • To maintain audit trails for enterprise clients
  • To investigate misuse or security breaches

4. Data Mapping

Below is a clear mapping of typical data categories → purpose → sharing.

Data Type Purpose Shared With
Name, Email, Organization Account creation, authentication, user management Not sold. Shared only with hosting/identity service providers (Azure, SSO providers if used)
Password / Authentication tokens Secure access Not shared except with authentication provider
Safety forms, photos, reports Workplace safety functions; enterprise reporting Shared only with your organization or its administrators
Usage Data (IP, device ID, logs) Analytics, crash reports,performance Google Firebase Analytics / Crashlytics
Communications with support Customer service Internal team only
Diagnostic/Crash Data Debugging issues Firebase Crashlytics

We do not sell personal information and do not share data with advertising networks.

We may also share Your personal information in the following situations:

  • For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
  • With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
  • With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
  • With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
  • With Your consent: We may disclose Your personal information for any other purpose with Your consent.

5. Cloud Hosting & International Transfers

The Service is hosted primarily on Microsoft Azure, with data stored in:

  • Canada (primary region)
  • Additional regions (e.g., U.S.) only where required for redundancy, analytics, or support

Data may be transferred or accessible outside your province or country. All service providers must agree to:

  • Confidentiality obligations
  • Appropriate security safeguards

6. Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer periods.

7. Delete Your Personal Data

You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.

Our Service may give You the ability to delete certain information about You from within the Service.

You may update, amend, or delete Your information at any time by signing in to Your Account, if you have one, and visiting the account settings section that allows you to manage Your personal information. You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us.Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.

If your Account is managed by an employer, some records may be retained for compliance or safety-record-keeping requirements

8. Disclosure of Your Personal Data

Service Providers

For hosting, analytics, or communication services (e.g., Azure, Firebase). All are bound by confidentiality obligations.

Your Organization (Enterprise Accounts)

Workplace safety data is shared with your employer or designated administrators.

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability

9. Security of Your Personal Data

The security of Your Personal Data is important to Us. We use reasonable administrative, technical, and physical safeguards, such as:

  • Encryption in transit and at rest
  • Access controls
  • Secure storage on Microsoft Azure
  • Logging and audit trails
  • Periodic security reviews

No method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially reasonable means to protect Your Personal Data, We cannot guarantee its absolute security.

10. Children’s Privacy (COPPA & Canada)

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

11. User Rights

Depending on your jurisdiction, you may have rights to:

  • Access your personal data
  • Correct inaccurate information
  • Request deletion
  • Withdraw consent (where applicable)
  • Request information about how your data is used
  • Opt-out of non-essential communications

Complaints – Canada

You may contact the Office of the Privacy Commissioner of Canada (OPC):

https://www.priv.gc.ca

12. Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

13. Changes to This Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

14. Contact Us

If you have any questions about this Privacy Policy, You can contact us: