Security policy

Last update: June 2022

Hello there! Welcome to Paradocs!

We understand that your personal information is important to you. In this privacy policy (the “Privacy Policy”), we explain to you how Paradocs Solutions Inc. (hereafter referred to as “Paradocs”, “we”, “us” or “our”) collects, uses, discloses and otherwise processes personal information.

If the above date changes, this means we have updated our Privacy Policy. We encourage you to keep an eye on the latest update date either way! If you need to reach out to us for any questions or concerns regarding this Privacy Policy, or if you want to exercise your privacy rights, you can contact us by using the following contact details information:

Attention: Privacy Officer

However, if your request is about how any of our business Clients process your personal information, we recommend that you reach out to this Client directly.

1. When Does this Privacy Policy Apply?

This Privacy Policy explains how we process your personal information:

  • Through our core mountain resort management software services and products, technical support and training services related thereto and payment terminal integration services, which are provided by us to our business Clients (“B2B Services”);
  • When you access our public website at (“Website”);
  • Through our use of cookies and other tracking technologies;
  • For our marketing activities; and
  • When you communicate with us or interact with our social media accounts.

(together, the “Services”)

In this Privacy Policy, we use the following terms:

  • Client” means any organization, entity or company that use the B2B Services;
  • Users” means individuals who are using or accessing websites and platforms operated by Clients that use our B2B Services,
  • End Customers” means collectively and indistinctly Users and individuals who are purchasing products, services and activities in person from our Clients’ station or site, through an agent or representative of such Clients using our B2B Services; and
  • you” means any individual who uses any of the Services, including Users, End Customers and Clients’ internal end users.

As mentioned above, this Privacy Policy applies to our Services, which are for the most part used directly by our Clients. We try our best to describe the processing of personal information that occurs in the context of our Services, but please keep in mind that our Clients may use it differently. That being said, this Privacy Policy does not apply to how personal information is processed outside our Services. Please see section 10 to learn more about what information we share with them, our relationship with them as well as their and our respective roles relative to the handling of your personal information.

This Privacy Policy does not apply to websites, applications, or other services of third parties, nor does it apply to integration partners which can be accessed through plug-ins or APIs. Those third parties are responsible for providing you with their own privacy policies on how they handle your personal information. We are therefore not responsible for their privacy policies, procedures and practices, and we encourage you to review their privacy policies before using these external services.

This Privacy Policy is for transparency purposes and some of the data that we identify in this Privacy Policy as personal information may not be protected as personal information under applicable laws. For instance, business contact information is often excluded, and you may not have the same rights over such data than other users, depending on the laws that apply to you.

2. What is “Personal information”? What about “Cookies”?

When we use the term “personal information”, we mean any information that relates to an identified or identifiable natural person. This includes the obvious data such as a name, home address, email address and phone number, birth date, but it also includes IP-addresses and data specific to the physical, physiological, genetic, economic, cultural or social identity of natural persons. We also include cookies and other tracking technologies in our definition of personal information.

A “cookie” is a file that a website puts on a computer’s hard disk so that the website can remember something about individuals at a later time. In this Privacy Policy, when we refer to “cookies”, we also include other technologies with similar purposes such as pixels, tags and beacons. For more information on cookies, you can refer to websites such as and

In this Privacy Policy, when we use the term cookies, we also imply similar tracking technologies such as tracking pixels (or pixels tags), web beacons and browser fingerprinting.

Cookies can be installed by us, in which case, they are called “first party cookies”. They can also be installed by third parties, such as Google Analytics, these are called “third party cookies” and result in the sharing of your personal information, such as IP addresses, with these third parties.

3. What personal information do we process, and why?

We collect personal information to (1) provide our Clients and our Users with our Website and our B2B Services, (2) respond to your inquiries, should you e-mail us, (3) conduct our marketing activities, including through re-targeting cookies, (4) to obtain analytics and performance data on how our Services are performing, including our ads, and (5) to process job applications.

We process personal information on behalf of our Clients. Our Clients are responsible for ensuring that they have an appropriate lawful basis for processing your personal information. We do not have control over how our Clients process personal information, and if you have any questions about how they process your personal information, we invite you to contact them directly.

However, in limited cases, such as for marketing activities, we may be the organization in control of the processing. See below the different categories of personal information we may receive or collect in the course of our Services.

Category of Personal informationExamples of dataPurposes and examples of use
Electronic DataIP address, mobile identifier, device type, operating system and Internet browser type.This data is collected automatically through our Services in order for them to function effectively, to fix bugs or to improve the security of our Website. These may be collected through cookies (go to section 4 to learn more about cookies we use).
Usage and Performance DataTime spent on the Services, pages visited, links clicked, language preferences, pages that led or referred you to the Website.We collect this information for analytics purposes, to help us know more about your use of our Services and to improve such Services. These may be collected through cookies (go to section 4 to learn more about cookies we use).
Communication DataFirst and last names, email address, content of communications (including video recordings if support is requested or provided through video call).When you connect with to obtain support as a User of our B2B Services , such as through the support Portal , through social media or through other means, we collect your personal information to respond to your inquiries.
Registration Data; CredentialsCompany name, first name, last name, email address, phone number, passwordWhen a User signs in, we collect this information to create their account.
End Customer DataEnd Customers’ name, email address, postal address, phone number, birthdate, transactions that have been made, or purchases made through the B2B Services including transaction history, interactions with Clients’ sales associates through their website, at the sales counter or through or other channels (i.e. live chat functionalities) and relationship with other Clients .This personal information is collected through our B2B Services in order for us and our Clients to provide Users and Clients with our core services, i.e. giving them the opportunity to sell/purchase goods and services and manage sales, whether online through their own consumer-facing platform or on-site, using our B2B Services. Our Clients may, however, use your personal information in different ways, as described in their own privacy policy.

We may also de-identify this data to understand how Users use our services, to understand End Customers’ personal preferences, for research and development and to improve our business, products and services.

Clients’ internal end users DataEmployee name and birthdate, employee Address, employee certification level, employee time entries, employee availabilities, employee Wage and commissions, employee qualifications.We collect personal information in order to provide and administer our B2B Services only as required to execute our obligations under these agreements, as per our customers’ instructions, and to comply with applicable laws.

We may also de-identify this data to understand how internal end users use our services, to understand internal end users’ personal preferences and to improve our business, products and services.

Payment Integrations DataEnd Customers’ Credit Card ID and Customer ID, 4 last digits of credit cardWe collect personal information in order to provide and administer our services only as required to execute our obligations under these agreements, as per our customers’ instructions, and to comply with applicable laws.
Career DataFirst and last names, email address, phone number, content of cover letters and resumes, links to LinkedIn profile.We collect this personal information to process your job application if you apply on the “Careers section of our Website.
Social Media DataPublicly available information on your social media profiles and other personal pages, such as LinkedIn, Facebook and YouTube.If you follow us or interact with us on social media, we may process your personal information for marketing or advertising purposes, subject to applicable laws, including those on consent.

4. What cookies and similar tracking technologies do we use?

We collect essential, functional, performance and targeting cookies. To jump to the section of this Policy which explains how you can manage your preferences regarding cookies, click here. We only collect functional, performance and targeting cookies with your consent. Paradocs uses both first-party and third-party cookies:

  • First-Party Cookies – First-party cookies are those that are issued by us, and they can only be set or retrieved by us. They are used for purposes specific to us, such as to personalize the website.
  • Third-Party Cookies – Third-party cookies are placed on our website by other entities, such as to create new functionalities or conduct advertising.
Type of CookieDescription
EssentialThese cookies are required for the Services to function as intended and be secured. For instance, essential cookies are used to remember your cookie preference if you are prompted to accept or refuse certain cookies. We are not required to obtain your consent for these cookies.
PerformanceThese cookies, also called analytics cookies, are used to monitor usage and performance, such as what pages are visited often, whether there are any bugs, and which sites where visitors come from. Analytics cookies are used to generate aggregated statistical data about traffic and behavior of users when using our Services. For instance, we use Google Analytics to keep track of how our Services are used.
FunctionalFunctional cookies are used to provide you with some functionalities and to remember preferences, consents and configurations.
Targeting CookiesThese cookies are used to deliver advertising more relevant to you and your interests. They are also used to limit the number of times you see an ad as well as to help measure the effectiveness of a campaign.

5. How can you modify your cookie preferences?

You can manage your cookie preferences through your browser using the instructions provided below by clicking on the browser that you are using. However, by blocking some cookies that enable the functions of the Services, parts of the Services may not be available.

You can also use WebChoices which is a browser-based tool for opting out of interest-based advertising. AdChoices provides additional solutions and explanations to control block and control cookies, as well as plug-ins to retain opt-out cookie preferences, even if you delete your cookies.

You can install the Google Analytics opt-out browser add-on, which prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:

6. Where do we store your personal information?

Our servers are hosted in Canada or in the United States. Our service providers, however, may store your personal information in other countries. Some countries may not offer the same level of protection offered in your country for personal information.

7. How long do we retain your personal information?

We keep your personal information for as long as required to achieve the purpose of the collection or as required by applicable laws, whichever is longer.

8. How do we protect your personal information?

We strive to implement physical, organizational, contractual and technological security features that are proportional to the risks, taking into consideration factors such as the sensitivity of the personal information that we collect.

However, it is important to understand that we cannot guarantee the security of personal information on the Internet and that you must also take precautions, such as not sharing your credentials with anyone. No method of information transmission or information storage is 100% secure or error-free, so we unfortunately cannot guarantee absolute security. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately using the contact information provided at the beginning of this Policy.

While some components or versions of our B2B Services imply that personal information is stored on our Clients’ servers, it may also be stored on ours, in which case we store personal information on Google Cloud, Digital Ocean, OVH and AWS, which use several layers of encryption to protect customer data at rest. We may also use Elastic Cloud, which secures connection with Basic Auth and SSL.

9. With whom do we share your personal information?

Within our organization, only the persons who need to have access to your personal information because of their roles or functions are granted such access.

We share your personal information with the following categories of recipients: Clients, service providers (such as cloud service providers, email service providers, marketing service providers and payment processing service providers), API providers and law enforcement authorities (if required under applicable law). We do not sell personal information and we do not share the personal information collected as part of the Services for other reasons than to provide the Services, except if required by the law or as set forth below.

When Users use our Clients’ platforms and, for instance, complete a purchase of our Client’s services, all such information is made available to the relevant Client. Clients can use that information to create reports and business intelligence.

We may share your personal information in connection with, or during negotiations of, any merger, sale of assets, financing, or acquisition of all or a portion of our business by another entity or investors.

It’s important for us to let you know that Clients aren’t our suppliers; they’re distinct controllers of your personal information and may process and otherwise handle your personal information as they deem fit. Other third parties to which we share your personal information re listed in the table below:

10. What rights do you have over your personal information?

Your rights differ depending on where you are located in the world.

In most locations, you can access and rectify your personal information, as well as withdraw your consent to the processing of your personal information.

However, we remind you that our Clients are the entities responsible, with few exceptions, for receiving and responding to your requests to exercise these rights, since we act as their service providers. Thus, we may redirect you to them or simply forward your request to them, depending on the agreements governing our relationship.

All of these rights are subject to limitations within the law, so, with respect to requests for which we are responsible, as a controlling entity, to respond, if we can’t process those, we will provide you with explanations.

We will respond to such requests within 30 days. In some cases, we may need additional information to validate your identity, in which case, we will use it only for this reason and delete it afterwards. We do not charge any fees for you to exercise your rights.

If your request is lengthy and difficult, and if we are allowed to do so by law, we may charge you a reasonable fee to assist you. If you are not satisfied with how we process your request, you can communicate with your local data protection authorities or privacy commissioners, and lodge a complaint. We will provide you with explanations on how to do so in our response to your request, based on your location.

You always have the right to lodge a complaint to the local authorities if you disagree with how we handle your personal information. Please see below to know how to do so.

11. How can you invoke your rights?

You can exercise your rights at any time by contacting us with the contact information provided at the beginning of this Privacy Policy.

If you are located in Canada, note that the Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal information when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:

9:00 am to 4:00 pm EST
Toll-free: 1-800-282-1376

Mailing address
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec
K1A 1H3

You can also use this online form.

If you have any issue with how we collect, use or disclose your personal information, or how we responded to your request, please let us know. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.

12. Do you respond to “Do Not Track” signals?

If you are a resident of California, you have the right to ask companies to stop tracking you on the Internet. Please note that we do not respond to Do Not Track signals. However, if you have a legitimate request about your personal information, be sure that we will try our best to assist you!

13. Can we change this Privacy Policy?

Yes, we might modify this Privacy Policy from time to time, such as to reflect new processing activities, adapt to new laws and regulations or reflect technological changes or corporate changes, such as a result of a merger and acquisition. You can refer to the latest update date above to know the moment at which this version has been published.