ShareGate Privacy Policy

Workleap Platform Inc. offers an online platform commercialized as ShareGate (“ShareGate”). Workleap Platform Inc. understands the importance of protecting personal information. For this reason, Workleap Platform Inc. strives to have business procedures and security safeguards in place to protect personal information under its control.

1. Application and Scope

This Privacy Policy (the “Policy”) describes our practices with respect to the collection, use and disclosure of Personal Information by Workleap Platform Inc. and our affiliated entities in Canada, such as Workleap Technologies Inc. and Laboratoire d’Innovation Technologique GSoft Inc. (collectively, “ShareGate Group”).

This Policy is intended to establish responsible and transparent practices for the management of personal information and to satisfy the relevant and applicable legal requirements. This Policy sets out the standards, responsibilities and obligations of ShareGate Group in respect of any personal information collected, accessed or processed by ShareGate Group in the course of its business operations and specifies the obligations of ShareGate Group that arise from the End User License, Maintenance and Support Agreement (the “EULA”) governing the use of ShareGate, entered into between ShareGate Group and its corporate customers (each, a “Customer”), whereby ShareGate Group might handle or have access to personal information.

This Policy also governs personal information collected about ShareGate Group’s website users and explains how ShareGate Group uses and discloses personal information collected from people who visit its website and otherwise interact with ShareGate Group through https://sharegate.com (the “Website”). It also explains how ShareGate Group uses cookies and similar technologies.

2. International Compliance

ShareGate Group complies with: (i) data protection laws applicable to ShareGate Group; (ii) anti-spam laws applicable to ShareGate Group; and (iii) applicable industry standards concerning data protection, confidentiality or information security. ShareGate Group has global operations and therefore, in some cases, information managed by ShareGate Group may be transferred, processed and stored in other countries, although at all times, ShareGate Group will ensure that personal information is protected by confidentiality and security procedures and protections that are, at a minimum, equivalent to those employed by ShareGate Group itself.

ShareGate Group complies with this Policy as well as applicable Canadian private sector data protection laws such as the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and substantially similar provincial laws pertaining to the collection, use and disclosure of personal information. PIPEDA provides for an adequate protection of personal information according to the European Commission Decision of 20 December 2001 pursuant to Directive 95/46/EC of the European Parliament and the Council.

Where applicable, our commitment to the General Data Protection Regulation (Regulation (EU) 2016/679) may be found in our Data Processing Addendum.

3. Definition of Personal Information

Personal Information” is defined as any information about an identifiable individual. This may include, for example, email addresses and contact details and any similar information provided to ShareGate Group in the course of its business operations, or which ShareGate Group may receive from business inquiries. Personal Information that is aggregated and/or anonymized and cannot be associated with an identifiable individual is no longer considered Personal Information.

4. Collection and Use of Personal Information through the Products

When providing ShareGate, ShareGate Group only processes personal information in accordance with the EULA and applicable laws. ShareGate Group generally uses personal information from or about its Customers or which is received from Customers and belongs to their own customers or end users (hereinafter referred to as “Customer’s Personal Information”) in furtherance of the following purposes:

a. to create, establish and administer Customer’s subscription to ShareGate, to respond to Customer inquiries related to its subscription and to contact Customer about ShareGate Group’s products or subscription-related matters;

b. to provide products, including to provide Customer with ShareGate and customer support related to ShareGate;

c. to manage and develop ShareGate Group’s business and operations;

d. to measure and analyze User behavior;

e. to monitor, maintain and improve ShareGate’s features;

f. to understand how Users interact with ShareGate and ensure our services, products or features work correctly;

g. to develop new services, products, features, programs and promotions;

h. to understand Customers and Users’ needs and preferences and customize how we tailor and market products and programs to our Customers and Users based on their interests;

i. to meet legal and regulatory requirements and to allow ShareGate Group to meet contractual requirements relating to the products provided to Customer, including ShareGate;

j. to conduct surveys on the quality of ShareGate’s products or to collect feedbacks on such products;

k. to provide Customer with offers for additional services, features and products that ShareGate Group believes may be of interest to Customer;

l. to conduct market or benchmarking research and data analytics by tracking and analyzing current or previously collected Personal Information; and

m. to measure the effectiveness of our marketing.

When possible, ShareGate Group will use Personal Information in an aggregated and/or anonymized format.

Unless required or authorized by law, when providing products, ShareGate Group will not use personal information for any other or new purpose without obtaining its Customers’ consent.

5. Collection and Use of Personal Information through the Website

ShareGate Group generally collects and uses Personal Information from or about its Website users in furtherance of the following purposes:

6. Legal bases for processing Personal Information

Pursuant to privacy laws applicable in the European Economic Area and in the United Kingdom, ShareGate Group collects and processes Personal Information about individuals under a variety of legal bases, depending on the reason for such collection or processing. ShareGate Group shall only collect, process or use Personal Information where:

7. Sharing of Personal Information

ShareGate Group will not sell, rent or trade personal information to any third party. However, ShareGate Group may share personal information when authorized and/or required by law or as follows:

8. Security of Personal Information

ShareGate Group will store and process the Personal Information in a manner consistent with industry security standards. ShareGate Group has implemented technical, organizational and administrative systems, policies, and procedures to help ensure the security, integrity and confidentiality of personal information and to mitigate the risk of unauthorized access to or use of personal information, including (i) appropriate administrative, technical and physical safeguards and other security measures designed to ensure the security and confidentiality of the personal information it manages; (ii) a security design intended to prevent any compromise of its own information systems, computer networks or data files by unauthorized users, viruses or malicious computer programs; (iii) appropriate internal practices including, but not limited to, encryption of data in transit or at rest; using appropriate firewall and antivirus software; maintaining these countermeasures, operating systems and other applications with appropriate reasonable up-to-date virus definitions and security patches so as to avoid any adverse impact to the Personal Information that it manages; appropriate logging and alerts to monitor access controls and to assure data integrity and confidentiality; permitting only authorized users access to systems and applications; and (iv) all persons with authorized access to Personal Information must have a genuine business need-to-know prior to access (“Security Program”).

9. Training and Supervision

ShareGate Group maintains adequate training programs to ensure that its employees and any others acting on its behalf are aware of and adhere to its Security Program. ShareGate Group shall exercise necessary and appropriate supervision over its relevant employees to maintain appropriate confidentiality and security of the Personal Information it manages.

ShareGate Group shall promptly notify Customer of a data breach, of a loss of data or of a failure of ShareGate Group’s Security Program:

While the initial notice may be in a summary form, a comprehensive written notice shall be given to Customer within the legally required timeframe, where applicable. The notice shall summarize in reasonable detail the nature and scope of the Data Incident (including each data element type) and the corrective action taken or to be taken by ShareGate Group. ShareGate Group shall promptly take all necessary and advisable corrective actions, and shall cooperate with Customer in all reasonable efforts to mitigate the adverse effects of Data Incidents and to prevent their recurrence.

11. Users Legal Rights Regarding Personal Information

To the extent that ShareGate Group’s processing of Personal Information is subject to the General Data Protection Regulation (Regulation (EU) 2016/679) or to the Data Protection Act 2018 and the GDPR as saved into United Kingdom law by virtue of Section 3 of the United Kingdom’s European Union (Withdrawal) Act 2018, ShareGate Group relies on the legal bases described under section 6 hereof to process Personal Information. Subject to applicable laws, Users also have the right to: (i) access and rectification or erasure of Personal Information, to the extent that ShareGate Group may need to retain certain Personal Information, including for record keeping purposes or to comply with legal obligations; (ii) restrict or object to ShareGate Group’s use of Personal Information (though, in some cases, this may mean no longer using ShareGate or the Website) where ShareGate Group is relying on a legitimate interest (or those of a third party) and there is something about User’s particular situation which impacts on User’s fundamental rights and freedoms; (iii) lodge a complaint with their local data protection authority (contact details for data protection authorities in the European Economic Area are available here); and (iv) data portability. Users will not have to pay a fee to exercise such rights, however, ShareGate Group may charge a reasonable fee or refuse to comply if the request is unfounded, repetitive or excessive.

12. How to Contact Us

Any complaints or requests regarding this Policy or ShareGate Group’s handling of Personal Information can be addressed to ShareGate Group’s customer service at:

Workleap Platform inc.

Attention: Data Protection Officer

1751, rue Richardson, Suite 1.050
Montréal (Québec) H3K 1G6
email: [email protected]

A User who seeks to exercise his/her data protection rights referred to in Section 11, in respect of Personal Information stored or processed by ShareGate Group on behalf of a Customer (typically the User’s employer), must direct his/her query to such Customer, as being the data controller. If ShareGate Group receives such User’s request to exercise his/her data protection rights referred to in Section 11 (including for access to or correction of Personal Information), ShareGate Group shall redirect the User to Customer and, upon request from Customer, shall assist Customer in responding to such request, if applicable.

Our Data Protection Officer will attempt to respond to your request within the legally applicable timeframe, and in any case no later than 30 days after receipt of such request. We will advise you in writing of our response to your request. Should we refuse to grant your request, we will inform you of the legal reason of our refusal, and we will apprise you of remedies available to you and of the time limit for exercising them.

Should you be unsatisfied with the outcome of your request, you may lodge a complaint with ShareGate Group’s supervisory authority, the Commission d’accès à l’information (https://www.cai.gouv.qc.ca/a-propos/nous-joindre/).

13. Change of Privacy Policy

ShareGate Group will review and update its policies and procedures as required to keep current with rules and regulations, new technologies, standards and customer concerns. This Policy may therefore change from time to time.

This Policy was last updated on August 31st, 2023.