Privacy

LeapAP Inc. and its affiliates and subsidiaries (“LeapAP” or “we”, “our” or “us”) value our users, clients and customers, including you (“you”) and we respect your privacy. This privacy policy (the “Policy”) describes the kinds of personal information we collect about you, why we collect it, how we use it, how we protect it, and under what circumstances we share it with third parties. This Policy also describes the decisions you can make about your personal information.

Application of policy

This Policy applies to the following:

  • LeapAP products and services
  • This LeapAP website, including all subpages and successor pages (the “Website”)
  • Any interactions with our users, customers, clients, prospective clients and prospective customers

This Policy will continue to apply for as long as we hold your information, including after the termination of any of your products or services with us. By providing us with your personal information, you are consenting to the collection, use, and sharing of your personal information as set out in this Policy.

If this Policy changes in the future, we will post an updated version on our website at www.LeapAP.com. We recommend that you check this Website periodically in order to review our current Policy. You can tell if this Policy has changed by checking the effective date that appears at the bottom of this Policy.

Information We Collect

When you access the Website and use our software and services, you voluntarily give us certain personal and business information including but not limited to:

  • Your name, title, email address, telephone number
  • Login information including passwords
  • Contact information, business name and contact data, business registration and liability compliance information, and invoice data and supporting documentation

CLIENT DATA

  • Client name, client legal name, physical address, mailing address, and configuration and preference information
  • Invoice data, purchase order data, and supporting documentation
  • If payments services are being provided, bank account information, including institution, transit, and account number in Canada or routing number and account number in the US, as well as account type and account ownership information

VENDOR DATA

  • Business name, tax ID, contact names, emails, telephone numbers, mailing address,
  • Business registration and liability compliance information
  • Invoice data, purchase order data,  and supporting documentation
  • If you choose to accept payment via EFT or ACH, bank account information, including institution, transit, and account number in Canada or routing number and account number in the US, as well as account type and account ownership information

PAYMENTS ACTIVATION AND USAGE DATA

If your entity applies to obtain payments services, including those provided by our affiliates, subsidiaries, and third party partners, we will collect certain information from you or about you (including from your entity’s agent or representative), which may include, but is not limited to:

  • contact information (title, full name, e-mail address, mailing address and telephone number)
  • date of birth
  • bank account information, including institution, transit, and account number in Canada or routing number and account number in the US, as well as account type and account ownership information
  • the entity’s business, affairs and industry
  • the ownership and control of the entity, which may include, at our discretion, information about its shareholders, directors, officers, partners, and/or trustees
  • information about those with power to bind the entity and those who can execute transactions on behalf of the entity
  • your signature, if you are a payment approver activating cheque/check payments or have power to bind your entity as part of the payments activation process
  • answers to regulatory compliance and risk assessment questions
  • in Canada,
    • copies of government-issued photo identification and/or a picture of yourself (a “selfie”) that you provide us or one of our service providers, or other acceptable forms of identification for the purposes of verifying identity pursuant to our compliance policies and regulatory and contractual obligations
    • information from third party service providers, for example from Equifax as part of our credit-file-based identity verification process and for fraud prevention

For the purposes of this Policy, applicants operating sole proprietorships are deemed to be acting for and on behalf of an entity.

INFORMATION YOU PROVIDE WHEN YOU CONTACT US

If you contact our team, you may be asked for information that identifies you (such as your name, address, or a phone number), along with additional information we need to help us promptly answer your question or respond to your comment or complaint. We may record the conversation or retain this information to assist you in the future and to improve our customer service, and product and service offerings.

INFORMATION COLLECTED AUTOMATICALLY THROUGH YOUR USE OF OUR SERVICES OR WEBSITE


Service Information

We collect information that is generated through your actions when you use our services or Website, such as your transactions, interactions with our services, your preferences or statistics regarding your use of our services.

Cookies and Log Files

See “Our Use of Cookies and Log Files” below.

Analytics

We may use third parties, including Google Analytics, to help us gather and analyze information about the areas visited on the Website and in our products in order to better understand, evaluate and improve the user experience and the convenience of the Website and our products.

Third Party Integrations

If you choose to integrate third party software with LeapAP (including but not limited to an accounting system), we may collect personal information that your third party software makes available to us for the purposes of enabling the two platforms to communicate and synchronize data/transactions as required.

Using Information We Collect

In addition to the purposes identified to you before or at the time of collection, we use the information collected by us for the following purposes, as applicable:

  • Delivering our services to you
  • Communicating with you for the purposes you have separately indicated when you signed up to the Website
  • Learning more about you and your product preferences by looking at, among other things, the IP address of your computer and your activity on the Website; and address problems with, and improve, our website design and our products and services
  • Verifying your identity and other information you have provided to us
  • Managing your relationship among products, affiliates, subsidiaries, and third-party payments partners, including maintaining accurate and consistent information about you
  • Performing anti-money laundering searches and conducting certain background verifications and other information for the purposes of ensuring that we accurately identify you
  • Complying with legal, regulatory, and contractual obligations
  • Managing and assessing our risks and operations
  • Detecting, limiting, preventing, combating, and suppressing errors, risk, fraud, financial abuse and other unauthorized or illegal activities
  • Tailoring your product, service, or Website experience
  • De-identifying your information by removing personal identifiers such as your name, address and account numbers. This information will not be used to identify individuals, and may be used for analytics and reporting, developing and improving our products and services, and identifying trends and insights that may be of value to us and our clients
  • As otherwise required or permitted by applicable law

AUTOMATED DECISION MAKING

We may use automated decision making systems to process your personal information. We may rely on decisions made by these automated systems for the following purposes:

  • providing our products or services to you (e.g. verifying your identity, assessing internal risk);
  • customer service purposes (e.g. using AI powered chatbots);
  • security, anti-money laundering, and fraud detection or prevention purposes.

Sending Information We Collect

We do not sell your personal information.

We will not share, sell or rent your personal information in personally identifiable form with any third party, except if, and to the extent necessary, in our good faith judgment, doing so is required to: comply with laws or regulations; respond to a valid subpoena, order, or government request; establish or exercise our legal rights or defend against legal claims; investigate, detect, suppress, prevent or take action regarding illegal or prohibited activities, suspected fraud, and to investigate or prevent actual or suspect loss or harm to persons or property; or as otherwise required by law.

Affiliates, Subsidiaries, and Service Providers: we may transfer your personal information to our affiliates, subsidiaries, and other third party service providers or partners who provide various services on our behalf such as identity verification, technology, administration, cheque/check printing, marketing and advertising, hosting, data analysis, customer service and CRM software, legal, and accounting.

We use various service providers to specifically assist us with identity verification. These service providers may review the personal information documentation you provide us to confirm its authenticity, or may compare your information in our control with information about you from other sources to confirm your identity when activating our payments services. We may use biometric ID verification providers, such as Persona, to confirm the authenticity of photo identification and to verify the identities of new clients. We may also use credit-file identity verification providers, such as Equifax, as part of our payments activation process. Alternative methods of identity verification may be available. We take these steps to verify your identity very seriously in order to detect, prevent and suppress errors, fraud, financial abuse and other unauthorized or illegal activities.

Partners: we may share your personal information with third party financial institutions or similar partners that help us offer, underwrite, endorse, or sponsor elements of our products or services, such as certain payments services.

De-identification and aggregation: we may remove personal identifiers from your information and maintain and use it in aggregate form that may later be combined with other information to generate anonymous, aggregated statistical information. Such anonymous, group data may be shared on an aggregated basis with our business partners, but we will not disclose your personally identifiable information unless we receive your express consent to do so.

Corporate Changes: If we enter into a business transaction involving personal information or are considering one, such as selling assets, we may share personal information securely with the other parties to the transaction, for example, as part of due diligence or when we complete the transaction. Accordingly, we may transfer information we have about you in connection with a prospective or completed merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of LeapAP or as part of financing, a corporate reorganization or stock sale or other change in corporate control, including for the purpose of determining whether to proceed or continue with such transaction or business relationship.

Your Personal Information Rights

Subject to certain exceptions prescribed by law, you have the right to contact us to stop receiving marketing emails/calls/texts from us, review the personal information held by us, and update and correct personal information held by us.

If you contact us to do any of the things listed above, we may require you to provide sufficient personal information to allow us to identify you and tell you about the existence, use and disclosure of your personal information and this personal information will only be used for this purpose. If you contact us about your personal information, we will respond to your request within a reasonable time and at no cost to you.

Our Use of Cookies and Log Files

We use browser tracking cookies (or “cookies”), which are small text files that are placed on the hard disk of a computer by a website. Cookies are uniquely assigned to you, and can only be read by a website or web server that issued the cookie to you. In general, you can visit our Website without indicating who you are or submitting any personal information. However, we collect and log the IP (Internet protocol) addresses of all visitors to the Websites and other related information such as page requests, browser type, operating system, and average time spent on the app and Website.

To improve your experience on our Website, we use cookies and logs files to: recognize you when you return to our website; keep track of activity on our Website and remember what items you have clicked on or viewed; study how you navigate through our website and which products you request in site searches so that we can improve the design, content and function of our Website; and customize the message, content and delivery of online banner advertisements and e-mails that reflect how you navigate to and through our Website based on your online behavior. We call this “Browsing Data”. We may hire third-party service providers to assist us in the collection and analysis of this Browsing Data collected through cookies, but none of your personal information is disclosed to these third party service providers.

You have the ability to accept or decline our use of cookies. You can refuse cookies by turning them off or blocking them in your internet browser. If you decide to turn off or block cookies, our website might not function correctly.

Protection of Personal Information

We aim to provide you with a safe experience.

WE IMPLEMENT SAFEGUARDS

We maintain reasonable administrative, technical, and physical safeguards in an effort to protect personal information in our custody and control against unauthorized access, use, modification, and disclosure. We train our employees to keep clients’ personal information strictly private and confidential. We require all of our staff to sign confidentiality agreements that oblige them to respect and protect clients’ personal information. We ensure that departing staff understand they remain contractually obliged to respect the privacy of clients’ personal information.

Your online access to elements of your personal information is protected with a password you select. Do not disclose your password to anyone. We will never ask you for your password in any unsolicited communication (such as letters, phone calls or email messages).

While we try to create a secure and reliable Website for users, the confidentiality of any communication or material transmitted to or from the Website or via e-mail cannot be guaranteed.

WE DON’T RETAIN INFORMATION LONGER THAN NECESSARY

We will retain your personal information only for a time and to the extent necessary for the purposes for which it was collected as described in this Policy and for reasonable backup, archival, audit, or other similar purposes, or to otherwise meet legal requirements.

WE LIMIT ACCESS TO PERSONAL INFORMATION

We store personal information electronically on servers to which only authorized persons have access, and only by means of secure authentication and authorization. We authorize employees and service providers to have access to clients’ personal information only on a least-privilege, or “need-to-know”, basis in order to fulfill their job requirements.

WE REQUIRE SIMILAR SAFEGUARDS FROM OUR SERVICE PROVIDERS

Our service providers are transferred the information they need to perform their designated functions and committed to maintaining your confidentiality. Our service providers are not permitted to use your information for any unauthorized purpose. Your personal information may be maintained and processed by our affiliates and other third party service providers outside of Canada, in the US, or other jurisdictions. We undertake to protect your personal information when it is transferred to other jurisdictions through contractual protections at least equal to our own standards. In the event personal information is transferred to the US or other foreign jurisdiction, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with the laws of those jurisdictions. Such disclosure may occur under circumstances that are different from those that apply in Canada and are contemplated under this Policy.

STEPS YOU CAN TAKE TO PROTECT YOUR PERSONAL INFORMATION

To protect your access to our services and products, you should:

  • Activate multi-factor authentication
  • Use a long and unique password. Do not use the same password for any other purpose.
  • Never share your password with anyone
  • Do not permit others to use your device(s) used to access our services
  • Log out once you have finished using our services

Links to Other Sites

We provide links on our Website to other, third party sites we think you will enjoy. These sites operate independently of us and have established their own privacy and security policies. Any personal information you provide on linked pages or other sites is provided directly to that third party and subject to that third party’s privacy policy. We strongly encourage you to review these policies at any site you visit. This Policy does not apply to such linked pages or other sites, and we are not responsible for the content or practices of any linked websites which are provided solely for your convenience.

Children’s Online Privacy Protection

The Website is not intended for use by children under the age of 18. We do not knowingly collect or use any personal information from any children under the age of 18. If we become aware that we have unknowingly collected personal information from a child under the age of 18, we will make commercially reasonable efforts to delete such personal information from our database.

Questions or Comments

If you have any questions or comments or wish to make a complaint about this Policy, please feel free to contact us by emailing contact@leapap.com. If you contact us about your personal information, we will respond to your request within a reasonable time and at no cost to you.


This Agreement is drawn up in English at the request of all parties. Les parties aux présentes on expressément convenu que ce contrat soit rédigé en anglais.

Effective Date: August 18, 2024.