CRM Privacy Policy

Happiness Virus CRM Privacy Policy

Happiness Virus uses SmartMatchApp as Customer Relations Management system (CRM). This privacy policy discloses the privacy practices for happinessvirus.smartmatchapp.com. This privacy policy applies solely to information collected by this web site.
It will notify you of the following:

  1. What personally identifiable information is collected from you through the web site, how it is used and with whom it may be shared.
  2. What choices are available to you regarding the use of your data.
  3. The security procedures in place to protect the misuse of your information.
  4. How you can correct any inaccuracies in the information.

Our Privacy Policy may change from time to time and all updates will be posted on this page. If you feel that we are not abiding by this privacy policy, you should contact us immediately.

Information Collection, Use, and Sharing

We only have access to/collect information that you voluntarily give us via online forms or other direct contact from you. We will not sell or rent this information to anyone. We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to support you in daily operation of the software. Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

What personal data we collect and why we collect it

In order to be able to provide our matchmaking service we collect following information including but not limited to:

Your name, surname, email address, address, phone number, date of birth, gender, marital status, presence of children, your body specifications, languages spoken, education level, profession, income level, religion, hobbies.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included.

Your Access to and Control Over Information

You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:

  • See what data we have about you, if any.
  • Change/correct any data we have about you.
  • Have us delete any data we have about you.
  • Express any concern you have about our use of your data.

Security

We take precautions to protect your information. When you submit sensitive information via the website, your information is protected. Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

PIPEDA

PIPEDA (Personal Information Protection and Electronic Documents Act) – An Act to extend the present laws that protect the privacy of individuals and that provide individuals with a right of access to personal information about themselves.

As mentioned before Happiness Virus uses SmartMatchApp as CRM system. In it’s turn SmartMatchApp privacy standards are based on the Principles Set Out in the National Standard of Canada Entitled Model Code for the Protection of Personal Information, http://laws-lois.justice.gc.ca/eng/acts/P-8.6/page-11.html#h-26 It addresses: the ways in which organizations collect, use and disclose personal information; the rights of individuals to have access to their personal information; and the right to have it corrected, if necessary. The Model Code’s 10 principles are (These principles are usually referred to as “fair information principles”. They are the foundation of PIPEDA. )

 

Principle 1 – Accountability

An organization is responsible for personal information under its control. It must appoint someone to be accountable for its compliance with these fair information principles.

Status: Implemented.

To get in touch with Happiness Virus’s Privacy Officer please email to support@happinessvirus.me

 

Principle 2 – Identifying Purposes

The purposes for which the personal information is being collected must be identified by the organization before or at the time of collection.

Status: Implemented

Happiness Virus has identifying purpose statement in the visible format before, at the time or after the time of data collection. In the following places:

a) Happiness Virus CRM Web Form

b) Happiness Virus CRM Internal Form

c)  In Happiness Virus CRM Profile / Access page (personal settings for member users) (under Privacy Policy)

e) Every user or members, before using Happiness Virus CRM has to agree with identifying purpose with a one-time click

 

Principle 3 – Consent

The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.

Status: Implemented

Happiness Virus has knowledge and consent statement in the visible format before, at the time or after the time of data collection. In the following places:

a) Happiness Virus CRM Web Form

b) Happiness Virus CRM Internal Form

c) In Profile / Access page (personal settings for member users) (under Privacy Policy)

e) Every user or members, before using Happiness Virus CRM has to agree with identifying purpose with a one-time click

 

Principle 4 – Limiting Collection

The collection of personal information must be limited to that which is needed for the purposes identified by the organization. Information must be collected by fair and lawful means.

Status: Implemented

Happiness Virus only collects information needed or the purpose of identification, support, communications and providing matchmaking service.

 

Principle 5 – Limiting Use, Disclosure, and Retention

Unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.

Status: Implemented

Happiness Virus does not share or rent your information and your data with anyone.  Information is stored in the system until when users decides and requests to remove the data

 

Principle 6 – Accuracy

Personal information must be as accurate, complete, and up-to-date as possible in order to properly satisfy the purposes for which it is to be used.

Status: Implemented

Happiness Virus secures the information provided by users in the system. Users are responsible for accuracy and completeness of the information.

 

Principle 7 – Safeguards

Personal information must be protected by appropriate security relative to the sensitivity of the information.

Status: Implemented

Happiness Virus is only accessed by authorized personnel of clients and also by SmartmatchApp team strictly for support purposes.

 

Principle 8 – Openness

An organization must make detailed information about its policies and practices relating to the management of personal information publicly and readily available.

Status: Implemented

Happiness Virus provided the privacy and agreement documents for all our users in easy-to-access format and places.

a) Happiness Virus CRM Web Form

b) Happiness Virus CRM Internal Form

c) In Profile / Access page (personal settings for member users) (under Privacy Policy)

d) Every user or members, before using Happiness Virus CRM has to agree with identifying purpose with a one-time click

e) Happiness Virus Website Privacy Policy

 

Principle 9 – Individual Access

Upon request, an individual must be informed of the existence, use, and disclosure of their personal information and be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

Status: Implemented

Upon authorized request from clients, Happiness Virus provides information of the existence of the information in the system.  This information can be updated by users or requested to be updated by Happiness Virus authorized staff.

 

Principle 10 – Challenging Compliance

An individual shall be able to challenge an organization’s compliance with the above principles. Their challenge should be addressed to the person accountable for the organization’s compliance with PIPEDA, usually their Chief Privacy Officer.

Status: Implemented

SmartMatchApp will answer the requests directly from authorized users and customers of Happiness Virus  CRM system in order to demonstrate the compliance of the system.  Please contact our Privacy Officer at support@happinessvirus.me

GDPR

Canadian GDPR Adequacy designation

It is important to note that PIPEDA has been recognised as providing an adequate level of privacy protection relative to the GDPR. This “adequacy” determination, one of the original reasons of enacting PIPEDA, permits Canadian organisations to process personal information of EU residents without having to comply with the “Privacy Shield” which governs U.S. companies.

While a review of compliance requirements under the GDPR reveals that many are reflected in Canadian privacy law already, a number are potentially more rigorous. Happiness Virus and SmartMatchApp updated its procedures, documents and policies to meet the following additional new compliance requirements:

 

Breach reporting.

The requirement for reporting of breaches to the relevant “data protection authority”, where feasible, within 72 hours of the occurrence. As we know, PIPEDA has been amended to provide for reporting of breaches, as well as notification of affected individuals – another new GDPR requirement. However these new PIPEDA rules do not stipulate a specific time period for reporting.

Status: Implemented

 

Accountability.

A key new GDPR compliance requirement is internal organisational accountability, specifically the establishment of a comprehensive data protection program. Such a program must include documented policies and procedures, maintaining detailed records of all data processing activities, guided by the principle of “privacy by design and by default”. While some features of this requirement go beyond what is dictated expressly under PIPEDA, Canadian businesses again are familiar with this overall dictate which is consistent with guidance issued by the federal and provincial Privacy Commissioners.

Status: Implemented

Substantive privacy rights.

The GDPR also stipulates a number of new or enhanced substantive privacy rights for individuals which organisations will need to address and build into their privacy protection procedures, including the following:

 

Consent

– Must be a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of his or her personal data and must be given by a statement or a clear affirmative action.

Status: Implemented

SmartMatchApp provides the privacy statements and licensing agreement documents for all our users in easy-to-access format and places.

a) Happiness Virus CRM Web Form

b) Happiness Virus CRM Internal Form

c)  In Happiness Virus CRM Profile / Access page (personal settings for member users) (under Privacy Policy)

d) Every user or members, before using Happiness Virus CRM has to agree with identifying purpose with a one-time click

 

Right to erasure (“right to be forgotten”)

– Broader than under the Directive and not specifically provided for under Canadian privacy laws.

Status: Implemented

Any Happiness Virus CRM user information can be removed and deleted either directly by users or upon their request, byHappiness Virus personnel.

 

Right of individuals to restrict processing of their data

– E.g. as when accuracy is challenged – expanded.

Status: Implemented

Happiness Virus CRM users can easily control their data. If any information is not accurate users can correct the data directly in their accounts or request Happiness Virus to correct it.

 

Data portability

– The right of individuals to transfer their data from one data collector to another

Status: Implemented

Happiness Virus provides complete export function in readable xls format and authorized users can export the client profile data and client activities data at any given time.