Privacy notice for Gary Jonas Computing Ltd.,
Gary Jonas Computing Ltd., d/b/a Leonardo (“Leonardo”) respects your privacy and is committed to protecting your personal information. This privacy notice will inform you as to how we look after your personal information and tell you about your privacy rights and how the law protects you.
Who we are
We are Gary Jonas Computing Ltd., d/b/a Leonardo (Leonardo”) our registered office is at 111 Peter Street, Suite 530, Toronto, Ontario, M5V 2H1 Canada.
We can be contacted at the above address or at the following email address email@example.com
For the purposes of applicable data protection legislation, where we process your personal information on our own behalf, we are the data controller and where we process your personal information on behalf of a hotel, we are the data processor. This is explained in more detail below.
Applicability of this Policy
Personal information collected and/or processed on our own behalf
We ask for and may collect personal information from you when you submit web forms on our Websites, or set-up user accounts, or as you use interactive features of the Websites, including participation in surveys, contests, promotions, downloading documents, requesting customer support, registering for events or otherwise communicating with us.
This will include:
- personal information about you which we ask you for (e.g. your name, address, and email address) when you register as a user of our products or services.
- personal information about you which we ask you for (e.g. your name, address, and email address) when you register to receive a newsletter or download further content or enquire about one of our products and services or when you use a Website generally;
- personal information in any surveys which you complete for us;
- details of your use of the Websites.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
Use of data
We may use this information to:
- provide any service offered by us which you choose to use;
- pre-complete forms and other details on our Website to make your next visit to our Website easier (eg saved login information);
- notify you of our promotions, relevant new products and services;
- notify you of promotions from members of our group which may be of interest to you (if you opt in to receiving such information);
- send you newsletters informing you about our offers and services(if you have registered to receive a newsletter);
- personalize your access to our Website (where you have registered on our Website);
- ensure, as far as is practical, that our Website is compatible with the browsers and operating systems used by most of our visitors;
- contact you from time to time to ask for your opinion and suggestions on the services we are offering.
Our legal basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you on our own behalf (where we are data controller) only where: (a) where we need the personal information to perform a contract with you (e.g. to deliver the services you have requested), (b) where we need to comply with a legal or regulatory obligation or (c) in most cases, where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms).
Generally we on a contracted business relationship or specific consent as a legal basis for processing your personal information. You have the right to withdraw consent to marketing at any time by contacting us at firstname.lastname@example.org
Change of Purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at email@example.com
If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
A cookie is a small file which is placed on the user’s hard drive during a visit. This file allows the user to move quickly and easily around our website. It is used to identify returning users and to identify subscribers and registrants (a registrant – and subscriber – will have the cookie linked to their e-mail address as a way of identifying them). This means that if you are a registrant or subscriber, you will not have to login each time you visit.
You can delete cookies from your hard drive at any time. Bear in mind, though, that if you delete these cookies, any settings such as your stored username and password will have to be reset when you log in again.
We collect analytics information when you use the Websites to help us improve them. We use Google Analytics that place cookies on a browser across the Websites. These cookies help us increase the Website’s effectiveness for our visitors. These cookies are set and read by Google. No personal information is associated with these cookies.
Social Media Widgets:
The Websites include social media features, such as the Facebook Like button, and widgets, such as the Share This button or interactive mini-programs that run on our Websites. These features may collect your Internet protocol address, which page you are visiting on the Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Websites. Your interactions with these features are governed by the privacy statement of the companies that provide them.
We use reputable third-party systems to deliver the e-mails you will receive from our Website if you subscribe to our e-mail newsletters or have chosen to receive information about products and offers. These third-party systems use unique identifiers and invisible images (often called “pixel tags” or “clear GIFs”) to perform message open sensing, message format sensing, and click-through sensing on our behalf in order to bring you more relevant information.
How Long We Retain Your Personal Information:
Disclosure of personal information
Where we are the data controller, we will ensure that any disclosure is permitted by applicable data protection laws. We may employ the services of a third party to help us in certain areas such as the provision of a booking engine, website hosting, credit card processing, and email delivery. In some cases, the third parties may receive your information.
We will require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline your consent at any time. All emails we send will carry a link to unsubscribe. Alternatively, you can email us at firstname.lastname@example.org
You can also exercise the following rights as laid out by the applicable data protection legislation:
Right of access: you have the right to request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Right to Request correction: you have the right to request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Right of erasure: In certain circumstances, you may have a broader right to the erasure of personal information that we hold about you – for example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Right to object to processing: you may have the right to request that Leonardo stop processing your personal information and/or to stop sending you marketing communications.
Right to restrict processing: you may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is inaccurate or unlawfully held).
Right to data portability: In certain circumstances, you may have the right to be provided with your personal information in a structured, machine-readable and commonly used format and to request that we transfer the personal information to another data controller without hindrance.
If you would like to exercise such rights, please contact us by emailing email@example.com. You also have the right to complain to a data protection authority about our collection and use of your personal information
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights) unless we are charged a fee by any of our processors. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Children’s Personal Information
We do not knowingly collect any personal information from children under the age of 13. If you are under the age of 13, please do not submit any personal information through our Websites or services. If you have reason to believe that a child under the age of 13 has provided personal information to us through the Websites or Services, please contact us at firstname.lastname@example.org, and we will use commercially reasonable efforts to delete that information.
We have put reasonable technical and organizational measures in place to ensure that users’ personal information is not misused, accidentally destroyed, lost or altered within our server environment. However, the internet is an open system and we cannot guarantee that unauthorized third parties will never be able to defeat these measures or use your personal information for improper purposes.
Transfer of Personal Information Overseas
Some of the companies who process personal information for us are based outside the European Economic Area (EEA) so their processing of your personal information will involve a transfer of data outside the EEA. Whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission. For further details, see European Commission: Adequacy of the protection of personal information in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal information the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal information to third countries.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
Changes to this statement