Privacy and Cookie Policy

Absolute Software Corporation and its affiliates (“Absolute”, “we”, “us”, or “our”) are committed to respecting and protecting the accuracy, confidentiality, and security of your personal information, and want you to feel secure when visiting our website (the “Website”), downloading and using any mobile device applications we offer from time to time (the “Mobile Apps”), and using our services (the “Services”). This Privacy & Cookie Policy (this “Policy”) sets out our policies concerning the collection, use, disclosure, and protection of personal information we receive from individuals using the Website, or from customers using the Mobile Apps or the Services, as well as the types of cookies that Absolute uses on the Website.

“Personal information” means all information about an identified or identifiable individual. In some jurisdictions, the terms “personal data”, and “personally identifiable information” are used in local privacy laws rather than the term “personal information”. Absolute uses the terms “personal information”, “personal data”, and “personally identifiable information” interchangeably.

Quick Links

Scope of this Policy

This Policy was drafted with the objective of complying with or exceeding the requirements of Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) and British Columbia’s Personal Information Protection Act (“PIPA”), as Absolute’s corporate headquarters are located in Canada and its parent company is incorporated in British Columbia, Canada. However, Absolute also does business in other countries, and non-Canadians also use the Website, the Mobile Apps, and the Services. Many of these other countries, and their sub-units, have their own laws applicable to the protection of personal information, which may or may not conflict with or contain more restrictive legal obligations than PIPEDA and PIPA. It is Absolute’s policy to comply with all applicable privacy legislation. As such, this Policy outlines the minimum standards for Absolute’s treatment of personal information. Where applicable laws contain additional requirements, Absolute will ensure compliance with those laws. Should there be, in any specific case, an inconsistency between this Policy and an applicable privacy law, this Policy will be interpreted in that case to give effect to and comply with the applicable privacy law.

Absolute will update this Policy from time to time in response to changing legal, technical, and business developments. We will take appropriate measures to notify you about material changes in a manner that is consistent with the significance of the changes we make. As well, a history of material changes is noted at the end of this Policy. However, it is your responsibility to review the most current version.

Please note that this Policy applies to Absolute’s customers who use the Services and the Mobile Apps, and to users of the Website. The Services and the Mobile Apps may be used by Absolute’s customers (i.e., corporations, schools, healthcare organizations, governments, or other organizations) to collect personal information about individuals, such as their personnel, students, or patients. If you are an individual who believes that one of Absolute’s customers has collected personal information about you through its use of the Services or the Mobile Apps and you wish to withdraw consent, access your personal information, request correction or deletion, complain about the collection of your personal information, or exercise any other rights that you may have regarding your personal information, your query should be directed to that party, not to Absolute.

Accountability

Absolute is responsible for personal information under its control and will take all reasonable steps to handle such personal information fairly and to ensure compliance with applicable laws in relation to the collection, use, disclosure, and protection of personal information.

In order to oversee overall compliance with this Policy and with applicable personal information protection laws, Absolute has designated a Privacy Officer (who is also Absolute’s Data Protection Officer for the purposes of the European Union’s General Data Protection Regulation, known as the “GDPR”). Contact information for Absolute’s Privacy Officer can be found at the end of this Policy.

Please note that if you are a corporate customer or any other type of organization, you are responsible for the legal collection and use of personal information of individuals within your organization, in accordance with the principles set out in your privacy policies and the applicable laws in the jurisdictions in which you operate or in which you or your personnel use the Services or the Mobile Apps. Absolute is not responsible for your privacy practices and policies. If your use of the Services involves the collection of personal information of your personnel or other individuals (whether in connection with their use of your devices or otherwise), it is your responsibility to ensure that you obtain the necessary consents, provide the necessary notices, and otherwise comply with all applicable laws relating to the collection, use, and disclosure of their personal information.

Absolute’s legal basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only where we need the personal information to perform a contract with you, or where the processing is in Absolute’s legitimate interests and not overridden by your privacy and data protection interests or fundamental rights and freedoms, or where Absolute has your consent to do so. Specifically, we have a legitimate interest in using your personal information for product development and internal analytics purposes, and otherwise to improve the safety, security and performance of our Services. In some cases, Absolute may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person. If we collect and use your personal information in reliance on our legitimate interests (or those of any third party) other than as described in this Policy, we will make it clear to you at the relevant time what those legitimate interests are.

Through the Website, the Services, and the Mobile Apps, Absolute collects, uses and discloses to certain third parties personal information for the following primary purposes:

The paragraphs below provide further information about what types of personal information we collect and how we use and disclose it for each of the Services, the Mobile Apps, and the Website.

The Services

Absolute’s products and the Services help keep devices and data safe and secure, and our products are designed to help protect your privacy. Using a very small software agent, our products allow your device to call into our confidential and secure monitoring center on a regular basis and transmit to our servers certain information relating to your computer (including, among other things, device IP address, device name, user name, list of hardware, and installed software). With your consent and participation, certain of our products may also collect additional asset-related information for certain other purposes designated by you, such as hardware/software inventory, lease management, PC migration, and software license compliance, as well as the detection of specific types of data stored in files on your devices. In addition, if you use Absolute’s geolocation service, Absolute will also collect geolocation data from the device.

If the Services you purchase include device theft investigation and recovery services and you report your device as lost or stolen, with your consent we may collect further information from the lost or stolen device (such as key capture logs, registry and file access information, and geolocation information) in order to determine its location, the user, their activity on the device, and any data accessed. Once we have gathered sufficient information to determine its location, we may compile such information and deliver it to a law enforcement agency having jurisdiction over the individual in possession of the lost or stolen device. The law enforcement agency may then use this information to attempt to recover the lost or stolen device.

The terms of your use of the Services will be governed by your license or other agreement with us.

Mobile Apps

For Absolute’s consumer customers (i.e., individuals who purchase our products for their own personal use), the Mobile Apps may collect personal information such as your name, email address, street address, phone number, device make and model, serial number, and device IMEI (International Mobile Equipment Identity) number. In addition, if you use Absolute’s geolocation service, Absolute will also collect geolocation data from your device which can be done through IP, Wi-Fi, or GPS.

Absolute will use this personal information for product registration and installation purposes, as well as for customer verification in the event that you contact our Global Support team for assistance. Some of this personal information may also be used by Absolute in the event that you file a theft report for your device. If you use Absolute’s geolocation service, Absolute may use your geolocation data to map your device location and display it to you through our Customer Centre.

Absolute may share your contact or product information with its Original Equipment Manufacturer (“OEM”) partners if you contact our Global Support team for assistance and Absolute needs to work with the OEM in order to assist you. Finally, we may share certain personal information with our external service providers to assist us with the delivery of email campaigns, and for product renewal and upgrade purposes.

For Absolute’s non-consumer customers (i.e., corporations, schools, healthcare organizations, governments, and other organizations), the Mobile Apps generally do not collect personal information. Rather, they facilitate the collection of information by our customers and utilize information already collected through the use of the Services. The Mobile Apps generally serve as management agents and self-service portals, facilitate the download of non-app software, and perform administrative functions. They may, however, determine the jailbroken status of a device.

Absolute will try to collect personal information directly from the individual concerned unless authorized by that individual to collect it from a third party or as otherwise permitted by law.

If personal information is collected for any other purposes than described above (unless the purpose for collecting personal information is obvious and you provide your personal information for that purposes, or unless otherwise permitted or required by applicable law), Absolute will communicate the purpose of collecting the personal information to you at the time of collection, either orally or in writing, as well as its use and how it may be disclosed.

If personal information is gathered in writing, the purpose of its collection will be communicated through printed materials, the Website, or email. If personal information is gathered orally, Absolute will provide an oral explanation of the purpose for the collection and use.

The Website and Use of Cookies

If you visit the Website and request a free evaluation or trial, request or subscribe to marketing materials, download content (such as whitepapers or webinars), contact us, place an order, or register to use the Services, we will collect personal information that you voluntarily provide to us (including your IP address, name, title, address, email address, telephone number, and contact preferences) in order to respond to your request or inquiry.

In addition, we use certain types of Cookies on the Website. “Cookies” are small text files containing small amounts of information which are downloaded to your device when you visit a website so that the website can remember some information about your browsing activity on the website, either for the duration of your visit or for repeat visits. The cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow a website to recognize a user’s device. They do many different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving your user experience. In general, cookies make the interaction between you and the website faster and easier. They cannot be used to run programs or deliver viruses to your device. In general, cookies do not identify you personally.

The following describes the types of cookies that Absolute currently uses or may in the future use on the Website:

Session Cookies

These are temporary cookies that expire when you close your browser. A session cookie assigns a randomly-generated, unique identification number to your device when you access the Website. Assigning your device a number facilitates the proper functioning of the features of the Website by permitting us to maintain a persistent “state” for your session, including information relating to orders that you may place. We also use session cookies to collect anonymous information (i.e., information that does not identify you personally) about the ways users use the Website, such as which pages they visit, which links they use, and how long they stay on each page. We analyze this information (known as “click-stream information”) to better understand our users’ interests and needs and to improve the content and functionality of the Website.

Persistent Cookies

Unlike a session cookie, a “persistent cookie” does not expire when you close your browser. It stays on your device until the expiration date set in the cookie (for example, at the end of a calendar month) or until you delete it. Persistent cookies can be used to “tag” your device so that the next time you visit (or someone using your device visits), our server will recognize you, not by name, but by the “tag” on your device. This will enable us to provide you with a personalized experience even if we do not know who you are. It will also allow us to collect more accurate information about the ways people use the Website, for example, how people use the Website on their first visit and how often they return. Using persistent cookies permits us to provide you with a more personalized experience and, in some cases, may save you the trouble of re-entering information already in our database.

Strictly necessary cookies

These cookies are essential for the running of the Website. Without these cookies, parts of the Website would not function. They enable you to move around the Website and use its features, such as accessing secure areas. These cookies do not track where you have been on the Internet and do not gather information about you that could be used for marketing purposes.

Performance cookies

These cookies are used to monitor the performance of the Website, for example, to determine the number of page views and the number of unique users the Website has. Web analytics services may be designed and operated by third parties on Absolute’s behalf. The information provided by these cookies allows us to analyze patterns of user behaviour, and we use that information to enhance user experience or identify areas of the Website which may require maintenance. These cookies do not collect information that identifies a visitor. All information collected through these cookies is aggregated and therefore anonymous.

Functional cookies

These cookies allow the Website to remember choices you make (such as your preferences, language, or the region you are located in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts, and other parts of web pages that you can customize. The information these cookies collect may be anonymized, and they cannot track your browsing activity on other websites.

Targeting or advertising cookies

These cookies, which may be placed on your device by us or our trusted third party service providers, remember that you have visited a website and use that information to provide you with advertising which is tailored to your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website. It may be disclosed to third parties, such as advertisers, that you have visited our website. Although this type of cookies can track your activity around the Internet, they cannot identify you personally. Without these cookies, online advertising you encounter will be less relevant to you and your interests. We do not sell your personal information or cookie data to third parties, such as advertisers.

Web Beacons

When you visit the Website, your device may receive one or more “web beacons” in order to assist us with delivering cookies, to collect anonymous information about the use of the Website by our users, and to deliver customized or targeted content to you on the Website and through our partners. Web beacons (also referred to as “tracking pixels,” “1x1 gifs,” “single-pixel gifs,” “pixel tags,” or “action tags”) are graphic images, usually no larger than a 1x1 pixel, placed at various locations on the Website. They also help us identify browser types, search terms that bring users to the Website, and the domain names of websites that refer traffic to us. We also utilize web beacons to provide us with more information on any emails we send out. In particular, a web beacon in an email communication will send us information to let us know that you have received, opened, or acted upon an e-mail you have chosen to receive from us.

JavaScript Tags/Pixels

These are used by us to collect anonymous information about the use of the Website by our users, and to deliver customized or targeted content to you on the Website and through our partners. We may use JavaScript tags to anonymously track how visitors interact with the Website, including where they came from and the manner in which they use the Website.

By using the Website, you agree that we can place these types of cookies on your device.

Some people find the idea of a website storing information on their device intrusive. If you would prefer to opt out of cookies, it is possible to manage them by changing the cookie settings on your device, in your browser settings. Existing cookies that have already been set can be deleted from your device. You can also block some or all cookies. However, you should be aware that you might lose some features and functionality of the Website if you do so. If you need assistance with your cookie settings, consult the help menu within your browser. For more detailed information about cookies and how to manage and delete them, visit www.aboutcookies.org.

The Website may contain links to third party sites, and we recommend and encourage you to read the privacy policies posted on those third party sites. Absolute is not responsible for the privacy policies or practices of any third party.

By using the Website, you will be deemed to have consented to the collection, use, and disclosure of your personal information by Absolute in accordance with this Policy.

As a general principle, Absolute will obtain your consent before collecting, processing, storing, using, or disclosing your personal information for any purpose other than as identified in this Policy. Such consents may be included in our license or other agreement with you. Absolute will make an exception only where legal, medical, or security reasons make it impossible or impractical to obtain consent, as discussed further below. We will make reasonable efforts to ensure you understand how your personal information may be used or disclosed. If Absolute plans to use previously-collected personal information for a new use that is incompatible with the original purpose, you will be informed of the new purpose, and we will obtain consent from you prior to this new use.

The form of consent can vary, depending on the sensitivity of the information and the circumstances. Consent may be express or implied depending on the nature of the personal information or the use, and depending on applicable privacy laws. At times, consent for one use can fairly be implied to include consent for other included or related uses. When determining the appropriate form of consent, Absolute will be guided by what a reasonable person would consider fair and appropriate in the circumstances.

Your consent may be provided to Absolute orally, in writing, or electronically, either personally or through an authorized individual. Consent can be implied (where not prohibited by applicable privacy laws) when you are informed that information will be used for certain purposes and you submit the information with this knowledge, or consent can be implied where the purpose for collecting, using, or disclosing the personal information would be considered obvious and you voluntarily provide personal information for that purpose.

Absolute may collect, use or disclose personal information without your knowledge or consent in the following limited circumstances:

Subject to certain exceptions (e.g., where the personal information is necessary to provide the Services or the withdrawal of consent would frustrate the performance of a legal obligation), you may withdraw or refuse to provide your consent to Absolute, or request that your personal information be removed from our databases and records, by giving reasonable notice. All communications with respect to the withdrawal of consent should be made in writing and addressed to Absolute’s Privacy Officer.

If you refuse or withdraw consent, or request that your personal information be removed from our databases and records, Absolute will make you aware of the likely consequences of this action. In some cases, it may prevent Absolute from providing you with the Services (or a portion thereof).

Limited Collection

Absolute will restrict its collection of personal information to that information which is necessary and relevant for the legitimate purposes identified. Absolute will not collect excessive personal information, and will limit the purposes of collection to what a reasonable person would consider fair and appropriate in the circumstances. Absolute will collect personal information only by fair and lawful means, will be transparent, up-front, and open with you, and will communicate in a manner that is clear and reasonably understood.

Limited Use, Disclosure And Retention

Absolute will use and disclose personal information only as described in this Policy, for the purposes for which it was collected, as agreed by you, and/or without your consent for the limited circumstances listed above in the section titled Consent. We will not use or disclose personal information for any additional purpose that is incompatible with the original purpose unless we obtain consent to do so. We do not sell your personal information to third parties, including advertisers.

Absolute may share personal information with our employees, contractors, consultants, affiliates, service providers, business partners, and other parties who require such information to assist us with providing you with the Services.

The use, collection, and disclosure of personal information may involve Absolute transferring personal information across borders. If this occurs, we will comply with all applicable data transfer and data sovereignty laws.

Absolute will retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, as required for Absolute’s legitimate business purposes, and/or to comply with applicable legal, tax, or regulatory requirements. After this time, any personal information you have provided to us will be destroyed, deleted, or anonymized.

Absolute may use and disclose aggregated and anonymous or de-identified information to third parties, including the general public. For example, we may analyze and publish reports on usage and performance trends or statistics from across our global customer base for information or marketing purposes, but only after we have removed any personal information that would identify or be associated with any particular individual or customer. This type of aggregated and anonymous or de-identified data can help Absolute to improve our products, services, and advertising, and it can be used by customers and the public to better understand trends in the industry. We will never sell this aggregated data.

Accuracy

Absolute will make reasonable efforts to ensure that the personal information collected and used by us is accurate, complete, and up-to-date to meet the purposes for which it is collected and used. Absolute does not routinely update personal information unless it is necessary to meet the purposes for which it is collected. Absolute therefore relies on you to keep your applicable personal information accurate and current.

You may request a correction to your personal information in order to ensure its accuracy and completeness. Any request to correct personal information must be made in writing to Absolute’s Privacy Officer and must provide sufficient detail to identify the personal information and the correction being sought.

If your personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required and send the corrected information to any third party to whom we disclosed the personal information in the previous year. If the correction is not made, we will note your correction request in the relevant records.

Safeguarding Personal Information

Absolute will make reasonable security arrangements and use appropriate technical and organizational measures to protect all personal information under our control (regardless of the format in which it is held) against unauthorized access, loss, theft, collection, use, disclosure, duplication, modification, disposal, or similar risks, by both individuals outside of Absolute as well as within. The types of security safeguards that we use vary, depending on the nature and sensitivity of the personal information, the harm that might result from its improper use or loss, and how it is stored (e.g., in paper or electronically). Absolute’s security safeguards include locked filing cabinets, physically secured offices where personal information is held, limited employee access, the use of IDs, passwords, restricted servers, firewalls, and encryption for electronic files, as well as contractual requirements for service providers to provide comparable security measures.

Absolute will use appropriate security measures when disposing of and destroying personal information, such as shredding documents and deleting electronically stored information, in order to prevent unauthorized access.

Absolute trains all staff who handle personal information on the importance of and our procedures for maintaining confidentiality. All employees, contractors, consultants, and service providers of Absolute who are provided access to personal information on behalf of Absolute are required to be familiar with and comply with the provisions of this Policy and applicable laws.

Absolute will continually monitor compliance with this Policy and will investigate any suspected breaches swiftly and effectively. If a breach is found to have occurred, Absolute will comply with all applicable data breach laws, including notifying relevant individuals and regulatory bodies where required. Absolute and its employees will respond promptly and in accordance with applicable laws to any notices or demands issued by a Privacy Commissioner or similar regulatory body in any relevant jurisdiction. Absolute will also continually review and update our security policies and controls as technology changes to ensure ongoing personal information security.

Openness

This Policy is available to the public on the Website so that information about our policies and practices relating to the management of information is readily available to everyone.

Requests for Access

You have certain rights to access your personal information, subject to limited exceptions under applicable laws such as solicitor-client privilege, disclosure that would reveal personal information about another person, legal obligations, and proprietary rights. Absolute’s Privacy Officer can assist you with any such request. Such a request may include:

All requests should be made in writing (by mail or email), provide sufficient detail to identify the information being sought, and be directed to Absolute’s Privacy Officer. Absolute’s Privacy Officer may require further information defining the request more succinctly.

We will respond to written requests within 30 days of receiving such request, or sooner if required by applicable laws. We will either make the requested information available within that time period, or provide written notice of an extension where additional time is required to fulfill the request. If Absolute cannot fulfill your request in full or in part, you will be provided with a response in writing that documents the reason for refusal and the recourse available to you.

A minimal fee may be charged for providing access to personal information, where permitted under applicable law. Where a fee applies, we will inform you of the cost and request further directions from you on whether or not we should proceed with your request.

See below under CCPA Compliance (California) for specific data access and data deletion rights applicable to our California consumer customers under the California Consumer Privacy Act (the "CCPA").

GDPR Compliance (European Economic Area, UK and Switzerland)

This section applies specifically to Absolute customers residing or carrying on business in the European Economic Area, the United Kingdom (UK) or Switzerland (collectively, “Europe”) where the GDPR (or local legislation implementing the GDPR) applies.

Absolute will be the Processor and you will be the Controller (as those terms are defined in the GDPR) with respect to any personal information that Absolute processes on your behalf through your use of the Services or Mobile Apps. Absolute will comply with its obligations as Controller under the GDPR with respect to personal information processed by Absolute for its own business purposes. The relevant entity acting as a Controller is Absolute Software Corporation, its contact details are included below, and the contact details of the Data Protection Officer are included below. If you are located in Europe, you may request access to the personal information we maintain about you, update and correct inaccuracies in your personal information, restrict or object to the processing of your personal information, have your personal information anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your personal information to another company. In addition, you have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place. You may also withdraw any consent you previously provided to us regarding the processing of your personal information at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent. You may exercise these rights by contacting us using the contact details at the end of this Policy. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

For Absolute’s consumer customers (i.e., individuals who purchase our products for their own personal use), you have certain rights under the GDPR which you may exercise by contacting Absolute’s Privacy Officer. Absolute will respond to such requests in accordance with its obligations under the GDPR.

As mentioned in the first section of this Policy, the Services and the Mobile Apps may be used by Absolute’s non-consumer customers (i.e., corporations, schools, healthcare organizations, governments, or other organizations) to collect personal information about individuals. If you are an individual who believes that one of Absolute’s customers has collected personal information about you through its use of the Services or Mobile Apps and you wish to exercise any of the rights under the GDPR, your request should be directed to that customer, not to Absolute.

If you are located in Europe, we will comply with applicable data protection laws when transferring your personal information outside of your jurisdiction. In particular, we will rely on (i) an EU Commission, UK or Swiss government adequacy decision, such as when transferring your personal information to Canada; (ii) contractual protections for the transfer of your personal information, or (iii) another valid data transfer mechanism. If you are located in Europe, you may contact us as specified below for more information about the safeguards we use to transfer personal information outside of Europe.

If you do not provide your personal information when requested, you may not be able to use our Services if that personal information is necessary to provide you with our Services or if we are legally required to collect it.

If you are located in Europe, we only process your personal information for specific purposes where we have a valid legal basis, as explained in the section “Legal Basis and Purposes for Collecting Personal Information”. We will disclose and retain your personal information as explained in the section “Limited Use, Disclosure And Retention”.

CCPA Compliance (California)

This section applies specifically to Absolute’s consumer customers (i.e., individuals who purchase our products for their own personal use) who reside in California. California consumers with disabilities may access this policy in an alternative format by sending an email to: [email protected].

For purposes of this CCPA Compliance section, “Personal Information” means anything that identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular California consumer or household.

Absolute does not and will not sell Personal Information.

The categories of Personal Information we collect about California consumers together with our sources of this information, business purposes for collecting this information and entities with whom we share this information are described in the Mobile Apps and the Website and Use of Cookies sections above.

Right to Know

California consumers have the right to know about the Personal Information we collected and/or disclosed about you during the prior 12 months. Specifically, you have a right to know:

You can obtain your Personal Information that we have collected and/or disclosed by submitting a verifiable written request to us by  clicking here  and completing the online questionnaire or by calling us at our toll-free telephone number of 1-888-999-9857. You can also complete a written request form at one of our physical locations. If you have questions about this process, please direct them to [email protected]. Absolute will require you to verify your identity in accordance with the provisions of the CCPA.

Within 14 days of receiving your request to know, we will confirm receipt of your request and provide information about how we will process your request, including a description of our process to verify your identity and when you should expect our response. Generally, we will respond to your request within 45 days and provide you the requested Personal Information by mail or a readily usable electronic format. Under certain circumstances, we may take up to 90 days to respond to your request. In these circumstances, we will provide you with notice and an explanation of the reason we will take more than 45 days to respond to your request.

If you request to obtain specific pieces of your Personal Information and we are unable to verify your identity, we will deny your request and inform you that we cannot verify your identify and explain why we have no reasonable method to identify you. However, we will treat your request as a request to obtain the categories of Personal Information we collect, disclose, and/or sell as described below.

If you request to obtain the categories of Personal Information we have collected and/or disclose and we are unable to verify your identity, we will deny your request, inform you that we cannot verify your identify, and direct you to this Policy which describes our general business practices regarding our collection and maintenance of Personal Information. We will also explain why we have no reasonable method to identify you.

By law, we can deny your request to know specific pieces of your Personal Information, in whole or in part, if it conflicts with US federal or state law. If we deny your request for these reasons, we will notify you that your request has been denied and explain the reasons for the denial. If your request in denied only in part, we will disclose the remainder of the Personal Information you requested.

By law, we cannot provide you with specific pieces of your Personal Information if the disclosure creates a substantial, articulable, and unreasonable risk to the security of your Personal Information. Additionally, we are prohibited by law from disclosing to you your Social Security number, driver’s license number, or other government-issued identification number, financial account information, any health insurance or medical identification number, an account password, or security questions and answers (each if and as applicable to our business).

Right to Delete

You have the right to request us to delete the Personal Information that we have collected or maintained about you and your household. You can request us to delete your Personal Information by submitting a verifiable written request to us by clicking here and completing the online questionnaire, or by calling us at our toll-free telephone number of 1-888-999-9857, or by submitting a written request to at one of our physical locations. If you have questions about this process, please direct them to [email protected]. Absolute will require you to verify your identity in accordance with the provisions of the CCPA.

Within 14 days of receiving your request to delete, we will confirm receipt of your request and provide information about how we will process your request, including a description of our process to verify your identity and when you should expect our response. Generally, we will respond to your request within 45 days. Under certain circumstances, we may take up to 90 days to respond to your request. In these circumstances, we will provide you with notice and an explanation of the reason we will take more than 45 days to respond to your request.

If we are able to verify your identity, we will delete your Personal Information by one of the following deletion methods and will notify you of the deletion method used:

We may offer you the option to delete a select portion of the Personal Information you requested to be deleted in addition to the option to delete all of the Personal Information you requested to be deleted. If your Personal Information is stored on or archived in our back-up systems, we will delete the Personal Information as described above when our archived or back-up system in next accessed or used. We will also direct our service providers to whom we have provided your Personal Information to delete your Personal Information.

Prior to deleting your Personal Information, we will send you an email or call you to confirm that you want your Personal Information deleted.

If we are unable to verify your identity, we will deny your request and inform you that we cannot verify your identify. By law, we may also deny your request to delete if retention of your Personal Information is necessary to:

If we deny your request to delete, we will:

In responding to your request to delete, we will maintain a record of your request for the legally required period of 24 months.

Right to Non-discrimination

You have the right to receive our Services on equal terms regardless of whether or not you exercise your rights under the CCPA.

Rights Regarding Direct Marketing

Our California consumer customers may individually request information about our disclosures of certain categories of Personal Information to our affiliates and/or any third parties for their direct marketing purposes. We will provide a list of the categories of Personal Information disclosed to our affiliates or any third parties for their direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties or affiliates. This request may be made by any individual no more than once per calendar year. Individual California customers must submit their requests to us either by email at [email protected] or write to our Privacy Officer at the address listed in the Complaint Procedure below. We reserve our right not to respond to requests submitted other than to the specified email or mailing addresses.

Use by Children

The Website, the Mobile Apps, and the Services are not intended for use by minors. Absolute does not knowingly collect information about minors and believes that minors should obtain their parents’ or legal guardians’ consent before providing any personal information. If you believe that we have mistakenly or unintentionally collected a minor’s personal information, please contact Absolute’s Privacy Officer. By using the Website, the Mobile Apps, or the Services, you represent that you are over the relevant age of majority.

Complaint Procedure

Complaints, concerns, or inquiries about Absolute’s privacy policies and practices, including compliance with this Policy, should be made in writing to:

Privacy Officer / Data Protection Officer
Absolute Software Corporation
Suite 1400, Four Bentall Centre
1055 Dunsmuir Street
Vancouver, B.C. Canada, V7X 1K8

Tel: 604-730-9851 (ask for the Legal Department)
Fax: 604-730-2621 (attention to the Legal Department)
E-mail: [email protected]

Specific details about the inquiry or complaint must be provided. All complaints will be investigated and will be responded to in accordance with applicable laws. If Absolute’s Privacy Officer is unable to address your concerns, the issue may be escalated to the office of Absolute’s Chief Executive Officer or to the relevant Privacy Commissioner or similar regulatory authority for your jurisdiction (for example, in British Columbia, the Information and Privacy Commissioner for British Columbia).

Effective Date and Updates

This Policy was initially published effective January 6, 2004 and was updated in April 2014 and April 2016.

A further update to this Policy was made in October 2017, when a paragraph regarding the use of aggregated, anonymous, or de-identified information was inserted at the end of the section titled Limited Use, Disclosure, and Retention.

A further update to this Policy was made in May 2018, when changes were made to ensure further transparency and compliance with the GDPR. More specifically, (i) we added new sections titled GDPR Compliance (European Union and European Economic Area) and Use By Children, (ii) we added additional language in the section titled Legal Basis and Purposes for Collecting Personal Information to ensure greater openness and transparency about how and why we collect personal information, and (iii) we added language clarifying that individuals who believe one of Absolute’s customers has collected personal information about them through that customer’s use of the Services should make any requests about that personal information directly to that party, not to Absolute.

A further update to this Policy was made in January 2020 when, primarily, changes were made to address the CCPA, in the new section titled CCPA Compliance (California).

A further update to this Policy made on September 16 2022. When additional changes were made in the CCPA and GDPR section to automate consumers requests regarding the handling of their personal information

Financial Services