Privacy Policy

ES&Mark, we collect and use information about you, our visitors to ES&Mark websites, or anyone contacting ES&Mark support. This Privacy Policy will help you better understand how we collect, use, and share your personal information. If we change our privacy practices, we may update this privacy policy. If any changes are significant, we will let you know (for example, through the ES&Mark admin or by email).

Our values

Trust is the foundation of the ES&Mark platform and includes trusting us to do the right thing with your information. Three main values guide us as we develop our products and services. These values should help you better understand how we think about your information and privacy.

Your information belongs to you

  • We carefully analyze what types of information we need to provide our services, and we try to limit the information we collect to only what we really need.
  • Where possible, we delete or anonymize this information when we no longer need it.
  • When building and improving our products, our engineers work closely with our privacy and security teams to build with privacy in mind. In all of this work our guiding principle is that your information belongs to you, and we aim to only use your information to your benefit.
  • We protect your information from others If a third party requests your personal information, we will refuse to share it unless you give us permission or we are legally required.
  • When we are legally required to share your personal information, we will tell you in advance, unless we are legally forbidden.

We try to build our products and services so they can easily be used in a privacy-friendly way. We also provide detailed FAQs and documentation covering the most important privacy topics, and respond to privacy-related questions we receive.

Why we process your information

We generally process your information when we need to do so to fulfill a contractual obligation (for example, to process your subscription payments to use the ES&Mark platform), or where we or someone we work with needs to use your personal information for a reason related to their business (for example, to provide you with a service). European law calls these reasons “legitimate interests.”

These “legitimate interests” include:

  • preventing risk and fraud
  • answering questions or providing other types of support
  • providing and improving our products and services
  • providing reporting and analytics
  • testing out features or additional services
  • assisting with marketing, advertising, or other communications

We only process personal information for these “legitimate interests” after considering the potential risks to your privacy—for example, by providing clear transparency into our privacy practices, offering you control over your personal information where appropriate, limiting the information we keep, limiting what we do with your information, who we send your information to, how long we keep your information, or the technical measures we use to protect your information.

We may process your personal information where you have provided your consent. In particular, where we cannot rely on an alternative legal basis for processing, where your data is sourced and it already comes with consent or where we are required by law to ask for your consent in the context of some of our sales and marketing activities. At any time, you have a right to withdraw your consent by changing your communication choices, opting out from our communications or by contacting us.

Your rights over your information

We believe you should be able to access and control your personal information no matter where you live. Depending on how you use ES&Mark, you may have the right to request access to, correct, amend, delete, port to another service provider, restrict, or object to certain uses of your personal information (for example, direct marketing).

If you are not happy with our response to a request, you can contact us to resolve the issue. You also have the right to contact your local data protection or privacy authority at any time.

Finally, because there is no common understanding about what a “Do Not Track” signal is supposed to mean, we don’t respond to those signals in any particular way.

Where we send your information

We are a Canadian company, but we work with and process data about individuals across the world. To operate our business, we may send your personal information outside of your state, province, or country, including to the United States. This data may be subject to the laws of the countries where we send it. When we send your information across borders, we take steps to protect your information, and we try to only send your information to countries that have strong data protection laws.

Transfers outside of Europe and Switzerland

If you are in Europe, the UK, or Switzerland, when we send your personal information to Canada it is protected under Canadian law, which the European Commission has found will adequately protect your information. If we then send this personal information outside of Canada (for example, when we send this information to our Subprocessors), this information is protected by contractual commitments that are comparable to those provided in Standard Contractual Clauses.

Finally, while we do what we can to protect your information, we may at times be legally required to disclose your personal information (for example, if we receive a valid court order). For information about how we respond to such orders, please review our Guidelines for Legal Requests.

How we protect your information

Our teams work tirelessly to protect your information, and to ensure the security and integrity of our platform. We also have independent auditors assess the security of our data storage and systems that process financial information. However, we all know that no method of transmission over the Internet, and method of electronic storage, can be 100% secure. This means we cannot guarantee the absolute security of your personal information.

How we use “cookies” and other tracking technologies

We use cookies and similar tracking technologies on our website and when providing our services. For more information about how we use these technologies, including a list of other companies that place cookies on our sites, a list of cookies that we place when we power a merchant’s store, and an explanation of how you can opt out of certain types of cookies, please see our Cookie Policy.

How you can reach us

If you would like to ask about, make a request relating to, or complain about how we process your personal information, please contact ES&Mark, or mail us at one of the addresses below. If you would like to submit a legally binding request to demand someone else’s personal information (for example, if you have a subpoena or court order), please review our Guidelines for Legal Requests.
[email protected]