Privacy Policy

This section presents the privacy policy, outlining the practices for collecting, using, and protecting personal data.
image (10)
Last update: July 2, 2025
DEFINITIONS

In this Privacy Policy (the “Policy“) of RIOH Inc. (“RIOH“, “we“, “u“, or “our“), the following capitalized terms have the meanings set forth below, unless the context otherwise requires:

  • Platform” means the IoTcare geolocation software. 
  • Anonymized Information” means information that no longer allows, at any time and irreversibly, the direct or indirect identification of a natural person.
  • Personal Information” means information that can be used to identify an individual, directly or indirectly, excluding Anonymized Information and Business Contact Information, in accordance with applicable laws.
  • Business Contact Information” means information relating to the performance of a function within a company, such as a person’s name, title, and position, as well as the address, email address, and telephone number of their place of work. 
  • Manager” means your employer or any other person who legally controls your access to the Platform.
  • End User“, “End Users“, and “you” refer to the individual(s) who create(s) an individual account and use(s) the Platform in connection with their duties at the Controller.
SCOPE AND APPLICATION

This Policy applies to any user of the Platform whose Personal Information is collected, disclosed, or otherwise used by RIOH for and on behalf of the Controller via the Platform. 

The Controller may also collect, disclose, or otherwise use your Personal Information for other purposes; in this case, we invite you to contact the Controller to exercise your rights or to learn more about how your Personal Information is processed.

This Policy also describes why and how we collect, disclose, and use your Personal Information for our own purposes (please see the “Collection and Use” and “Cookies” sections for more information on this subject).

PERSONAL INFORMATION PROTECTION PROGRAM

In order to protect Personal Information, we strive to implement policies, practices, and procedures related to the management of Personal Information that we hold or control. These internal policies and procedures may govern the collection, use, disclosure, retention, and destruction of Personal Information, as well as complaint handling, information security, and data governance. These policies and practices may also provide a framework for conducting privacy impact assessments and preventing and responding to potential privacy incidents. These policies and practices must be approved by our Privacy Officer.

PERSONAL INFORMATION PROTECTION OFFICER

RIOH’s senior management has delegated the management of personal information protection to the Privacy Officer. In addition, the Privacy Officer provides the necessary support in the event of questions, complaints, or requests relating to personal information protection. For more information, please see the “Contact Us” section.

CONSENT

We do not have a direct business relationship with individuals whose Personal Information is processed on our Platform, with the exception of End Users. For this reason, we require the Manager to ensure that all mandatory consents have been obtained from individuals whose Personal Information is processed on the Platform, when required by applicable laws.

COLLECTION AND USE

RIOH collects and uses the following Personal Information in connection with the use of the Platform:

  • Identification information, such as your first and last name, email address, and phone number, and the unique universal identifier (UUID) of your mobile device, if applicable;
  • Information relating to your use of the Platform, such as your username, password, login dates and frequencies, and your activities when you are logged into the Platform;
  • Cookie-related data (if applicable);
  • Any other Personal Information provided to RIOH by the Controller or an End User in connection with the use of the Platform.

We collect your personal information when you provide it to us, including when you use our Platform or fill out our registration form. Some information is also collected automatically when you use our Platform or log in to your user account. If this data can be linked to your identity, we will consider it personal information and treat it accordingly. 

The following are the purposes for which RIOH collects and uses Personal Information in connection with the Platform, for and on behalf of the Controller: 

  • To enable your access to the Platform;
  • To verify your identity and authenticate you;
  • To respond to your requests, complaints, comments, and questions and to communicate with you;
  • To establish and maintain a business relationship with the Controller;
  • To assist the Controller with requests to exercise End Users’ rights or in resolving disputes, if applicable;
  • To provide any other service for and on behalf of the Controller (in accordance with the contract between RIOH and the Controller).

The following are the purposes for which RIOH collects and uses Personal Information for its own purposes:

  • To maintain and improve the functioning and security of the Platform;
  • To promote our services, special offers, and other news about us, including by sending a newsletter; 
  • To meet its contractual, legal, and regulatory requirements;
  • To manage and administer the Responsible Party’s user account;
  • To prevent and detect suspicious or fraudulent activity or activity that violates our terms of use;
  • To investigate and resolve incidents; 
  • For any other purpose permitted by law, including responding to requests from law enforcement or government authorities.
COMMUNICATION AND TRANSFER OF PERSONAL INFORMATION

RIOH only communicates and transfers Personal Information when required or permitted by the contract with the Manager or otherwise required or permitted by applicable laws. RIOH may sometimes need to share Personal Information with its subcontractors or agents to help us make all the features of our website available. They will only have access to the Personal Information necessary to perform these tasks and are required not to disclose or use it for other purposes. Please note that these subcontractors or agents may be located outside Quebec, in which case appropriate measures are taken by RIOH.

RETENTION

RIOH will not retain Personal Information longer than is necessary or relevant for the identified purposes, unless otherwise provided for in the contract with the Controller or by legal or regulatory requirements. Once these periods have expired, RIOH will return or destroy the Personal Information in accordance with the contract with the Controller or its internal policies for managing Personal Information, as applicable.

SECURITY MEASURES

RIOH makes the security of the Personal Information it collects, uses, and has in its custody a priority. Therefore, RIOH ensures that it implements security measures appropriate to the sensitivity of the data in order to protect Personal Information from risks such as loss or theft, unauthorized access, disclosure, copying, use, modification, or destruction. To the extent possible and applicable, RIOH implements and maintains technical and administrative measures to help protect the security, integrity, availability, and confidentiality of Personal Information.

ACCURACY; CORRECTION

RIOH relies on the Manager and the End User to ensure the ongoing accuracy of the Personal Information that RIOH collects, uses, and retains for the purposes mentioned above. You can access your account at any time to view your Personal Information. You can also modify or correct this Personal Information, as well as your passwords. If you are unable to modify certain Personal Information yourself or view it through your account, please contact our Privacy Officer.

INCIDENT MANAGEMENT

The Controller is generally responsible for managing and following up on security incidents with End Users. In accordance with the contract entered into with the Controller, RIOH will provide reasonable assistance to support the Controller in investigating the incident and complying with its obligations, for example with regard to notifications to data subjects (including End Users) and reporting the incident to the relevant privacy commissioners or other relevant parties.

ACCESS TO INFORMATION AND OTHER SIMILAR RIGHTS

Depending on applicable law, you may have certain rights in relation to your Personal Information, such as the right to portability and de-indexing of your Personal Information, the right to access or correct your Personal Information, the right to withdraw your consent (if applicable), the right to restrict the use of your Personal Information, and the right to object to it. To exercise any of these rights (to the extent they are available), please contact us at the address provided in the “Contact Us” section. However, RIOH will generally refer such requests to the Controller, unless: (a) the Personal Information is collected and used for and on behalf of RIOH, (b) RIOH has agreed to process such requests under the contract with the Controller, or (c) law or court order requires that such requests be processed by RIOH.

COOKIES

A cookie is a small text file that is stored in a dedicated location on your computer, mobile device, tablet, or other device when you use your browser to visit an online service. Other tracking technologies, such as web beacons and tracking pixels, may be used for similar purposes. In this Policy, all such tracking technologies are collectively referred to as “Cookies.” Any Personal Information collected using Cookies by or on behalf of RIOH is treated with the same level of confidentiality as any other Personal Information held by RIOH.

(a) Strictly necessary cookies

These Cookies are necessary for the Platform to function and cannot be disabled in our systems. Strictly necessary Cookies must be present for the Platform to provide basic functions; they may include login and allow you to navigate from page to page without losing previous actions in the same session.

(b) Non-essential cookies

If you have consented to their use, RIOH and/or its third-party partners may also use the following non-essential cookies in connection with the Platform:

  • Functionality cookies. These Cookies enable the Platform to provide enhanced functionality and personalization of your browsing experience. If you have consented to their use, Functionality Cookies enable the Platform to remember your preferences and choices, including your username, region, and language. 
  • Analytical Cookies. We may use Analytical Cookies to better understand traffic trends on the Platform, in addition to helping us measure and improve the Platform’s effectiveness. These Cookies are used for statistical purposes only. All information collected by these Cookies is aggregated and anonymous.

With the exception of strictly necessary Cookies, we will only place Cookies on your devices if you consent to this, and these Cookies will be stored for a maximum period of thirteen (13) months from the date they are placed on your devices. At the end of this period, your consent will be required again.

Cookies can be managed and/or disabled via your browser’s cookie settings. However, if you refuse Cookies, you may not be able to use all the features of the Platform.

CONTACT US

Our Privacy Officer is available to answer any questions, requests, or complaints regarding RIOH’s personal information management practices. Here is their contact information: 

Personal Information Protection Officer
RIOH inc.
300-15, 11700 Avenir Street
Mirabel, Quebec J7J 0G7 Canada 
info@rioh.io  

RIOH may also forward your request to the Officer, if more appropriate. 

For complaints regarding this Privacy Policy, our Privacy Officer will investigate and communicate with the complainant regarding the procedure to follow. If the complaint is justified, the specific situation will be corrected and the complainant will be informed.

RIOH would like to mention that we are committed to responding promptly and accurately to all your questions and concerns regarding the confidentiality and security of Personal Information, as well as our policies and practices regarding the protection of Personal Information.

POLICY CHANGES AND UPDATES

RIOH may, at its discretion, update, revise, modify, or supplement this Policy from time to time. If significant changes are made to the Policy, you will be notified when you log in and/or we will notify you in any other manner in accordance with applicable laws and regulations. The Policy and any related notices, if any, will be posted on our Platform. RIOH requests that its users review the revised Policy before continuing to use its Platform.

11417257.3