Privacy Policy

This Internal Privacy Policy (the "Policy") sets forth the guidelines and procedures to ensure the protection and confidentiality of personal information and data collected, processed, and stored by Box Labs Inc. ("Company") in the course of providing its services.

1. Collection and Use of Personal Information

1.1 Purpose: The Company collects and uses personal information for the purpose of providing services and conducting business operations in compliance with applicable laws and regulations.

1.2 Consent: The Company obtains the necessary consent from individuals before collecting their personal information, except where permitted or required by law.

1.3 Limitation: The Company limits the collection of personal information to what is necessary for the identified purposes. Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law.

1.4 Data Minimization: The Company implements measures to minimize the collection of unnecessary personal information and ensures that personal information is accurate, complete, and up-to-date.

2. Data Security and Protection

2.1 Security Safeguards: The Company implements appropriate technical, administrative, and physical security measures to protect personal information against loss, unauthorized access, use, disclosure, alteration, or destruction.

2.2 Access Control: Access to personal information is restricted to authorized personnel who require access to perform their duties. Access rights are granted on a need-to-know basis and are regularly reviewed and updated.

2.3 Data Retention: Personal information is retained only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When personal information is no longer needed, it is securely destroyed or anonymized.

2.4 Third-Party Service Providers: The Company may engage third-party service providers to assist in the delivery of services. These providers are bound by contractual obligations to protect personal information and are authorized to use personal information only as necessary to provide the requested services.

3. Employee Training and Compliance

3.1 Training: The Company provides training to its employees on the importance of privacy protection, their responsibilities under this Policy, and applicable laws and regulations.

3.2 Compliance Monitoring: The Company monitors its privacy practices and conducts periodic assessments to ensure compliance with this Policy, applicable laws, and regulatory requirements.

4. Individual Rights

4.1 Access and Correction: Individuals have the right to request access to their personal information held by the Company and to request corrections or updates if inaccuracies are identified.

4.2 Inquiries and Complaints: Individuals may direct inquiries or complaints regarding the Company's handling of personal information to the designated privacy contact, whose contact details are provided below.

4.3 Opt-Out: Individuals have the right to opt-out of receiving marketing communications from the Company, and their preferences will be respected.

5. Privacy Contact

For any inquiries, requests, or concerns related to privacy and personal information protection, please contact:

Michael Demian, PharmD

CEO, Founder

647.991.3335

mdemian@boxlabs.ca