SpeedMatchApp Privacy Policy

This privacy policy discloses the privacy practices for speedmatchapp.com This privacy policy applies solely to information collected by this web site.
It will notify you of the following:

  1. What personally identifiable information is collected from you through the web site, how it is used and with whom it may be shared.
  2. What choices are available to you regarding the use of your data.
  3. The security procedures in place to protect the misuse of your information.
  4. How you can correct any inaccuracies in the information.

Information Collection, Use, and Sharing

We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone. We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to support you in daily operation of the software. Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

Your Access to and Control Over Information

You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:


We take precautions to protect your information. When you submit sensitive information via the website, your information is protected. Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.


Our Privacy Policy may change from time to time and all updates will be posted on this page. If you feel that we are not abiding by this privacy policy, you should contact us immediately.

Privacy Standards


PIPEDA (Personal Information Protection and Electronic Documents Act) – An Act to extend the present laws that protect the privacy of individuals and that provide individuals with a right of access to personal information about themselves.

SpeedMatchApp privacy standards are based on the Principles Set Out in the National Standard of Canada Entitled Model Code for the Protection of Personal Information, http://laws-lois.justice.gc.ca/eng/acts/P-8.6/page-11.html#h-26 It addresses: the ways in which organizations collect, use and disclose personal information; the rights of individuals to have access to their personal information; and the right to have it corrected, if necessary: http://laws-lois.justice.gc.ca/eng/acts/P-8.6/page-11.html#h-26 The Model Code’s 10 principles are (These principles are usually referred to as “fair information principles”. They are the foundation of PIPEDA. )

Principle 1 - Accountability An organization is responsible for personal information under its control. It must appoint someone to be accountable for its compliance with these fair information principles.

Principle 2 - Identifying Purposes The purposes for which the personal information is being collected must be identified by the organization before or at the time of collection.

Principle 3 - Consent The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.

Principle 4 - Limiting Collection The collection of personal information must be limited to that which is needed for the purposes identified by the organization. Information must be collected by fair and lawful means.

Principle 5 - Limiting Use, Disclosure, and Retention Unless the individual consents otherwise or it is required by law, personal information can only be used or disclosed for the purposes for which it was collected. Personal information must only be kept as long as required to serve those purposes.

Principle 6 - Accuracy Personal information must be as accurate, complete, and up-to-date as possible in order to properly satisfy the purposes for which it is to be used.

Principle 7 - Safeguards Personal information must be protected by appropriate security relative to the sensitivity of the information.

Principle 8 - Openness An organization must make detailed information about its policies and practices relating to the management of personal information publicly and readily available.

Principle 9 - Individual Access Upon request, an individual must be informed of the existence, use, and disclosure of their personal information and be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

Principle 10 - Challenging Compliance An individual shall be able to challenge an organization’s compliance with the above principles. Their challenge should be addressed to the person accountable for the organization’s compliance with PIPEDA, usually their Chief Privacy Officer.


Canadian GDPR Adequacy designation

It is important to note that PIPEDA has been recognised as providing an adequate level of privacy protection relative to the GDPR. This “adequacy” determination, one of the original reasons of enacting PIPEDA, permits Canadian organisations to process personal information of EU residents without having to comply with the “Privacy Shield” which governs U.S. companies.

While a review of compliance requirements under the GDPR reveals that many are reflected in Canadian privacy law already, a number are potentially more rigorous. SMA updated its procedures, documents and policies to meet the following additional new compliance requirements:

Breach reporting.
The requirement for reporting of breaches to the relevant “data protection authority”, where feasible, within 72 hours of the occurrence. As we know, PIPEDA has been amended to provide for reporting of breaches, as well as notification of affected individuals – another new GDPR requirement. However these new PIPEDA rules do not stipulate a specific time period for reporting.

A key new GDPR compliance requirement is internal organisational accountability, specifically the establishment of a comprehensive data protection program. Such a program must include documented policies and procedures, maintaining detailed records of all data processing activities, guided by the principle of “privacy by design and by default”. While some features of this requirement go beyond what is dictated expressly under PIPEDA, Canadian businesses again are familiar with this overall dictate which is consistent with guidance issued by the federal and provincial Privacy Commissioners.

Substantive privacy rights.
The GDPR also stipulates a number of new or enhanced substantive privacy rights for individuals which organisations will need to address and build into their privacy protection procedures, including the following:

Must be a freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of his or her personal data and must be given by a statement or a clear affirmative action.

Right to erasure (“right to be forgotten”)
- Broader than under the Directive and not specifically provided for under Canadian privacy laws.

Right of individuals to restrict processing of their data
- E.g. as when accuracy is challenged - expanded.

Data portability
– The right of individuals to transfer their data from one data collector to another