PRIVACY POLICY

This Privacy Policy was last updated on September 22, 2023

At Pelican International Inc. (hereinafter “Pelican”), we understand the importance of privacy and are committed to protecting your Personal Data. Pelican strives to collect, use and/or disclose personal and other information in a manner that complies with applicable laws, and prides itself on respecting the highest ethical standards in its business practices.

This Privacy Notice (hereinafter the “Policy”) outlines the types of data we collect, informs you of the way in which we collect and process, disclose and protect your Personal Data through our website www.pelicansport.com (hereinafter the “Website”),the person(s) responsible for managing your Personal Data and explains your privacy rights.

Pelican has designed this Policy to meet the regulatory requirements of the jurisdictions in which it operates. Please read this Policy carefully before visiting and using the Website or before providing us with any information. If you do not agree with the terms of this Policy, immediately stop using this Website.

By using this Website and providing us with your information, you agree with our Terms of Use and you consent to the collection, use and/or disclosure of your personal information for the limited purposes which are set out in this Policy, as well as for any other activity that may be described in this Policy.

If you are a resident of Nevada or California, please see the “Notice to Residents of Nevada” and “Notice to Residents of California” sections. If you are a resident of Quebec, please see the “Notice to Residents of Quebec”.

1- Data We Collect About You

Personal Data, or personal information, means any information about an individual from which that person can be identified.

We may collect, use, store and transfer, as necessary, different kinds of Personal Data about you and other information which we have grouped together such as:

  • Identity Data : includes first name, last name, username or similar identifier, title, date of birth and gender.
  • Contact Data : includes billing address, delivery address, email address and telephone number.
  • Transaction Data : includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data : includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Profile Data : includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Usage Data : includes information about how you use our website, products and services.
  • Marketing and Communications Data : includes your preferences in receiving marketing from us and our third parties and your communication preferences.

How is Your Personal Data Collected?

Pelican collects Personal Data and other information when you register for or use the services provided on our Website or by contacting us by mail, email or telephone, or through direct interactions.

You provide us with certain Personal Data when you: apply for our products and services, create an account on our Website, subscribe to our publications, request marketing to be sent to you or communicate with us.

You provide us with information in connection with your interaction with the Website through automated technologies or interactions when you browse our Website and accept cookies (“Cookies”). Under no circumstances can these Cookies collect personal information to which you have not consented. You may, at any time, refuse the use of Cookies.

The use of Cookies allows us to enhance your experience of our Website since they enable us to save your preferences, including login details, choice of language as well as the products and services that you have already ordered and/or viewed. For more information on Cookies, see our Cookie Policy.

We also obtain Personal Data about you from third parties or publicly available sources such as analytical data providers like Google Analytics, advertising networks, social media providers and similar platforms like Facebook and search information providers like “Google Ads”.

Purposes for Which We Will Use Your Personal Data

We will only use your Personal Data when the applicable law allows us to. Most commonly, we will use your Personal Data in the following circumstances:

  • If we need to perform a contract we are about to enter into or have entered into with you.
  • If it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • If we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your Personal Data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to receiving marketing-related announcements at any time by following the unsubscribe instructions included in the advertising email that was sent to you to your email address or through your personal account on Pelican’s Website.

We have set out, in a table format, a description of all the ways we may use your Personal Data. See table 1 below.

Marketing
We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. We have established the following Personal Data control mechanisms:

  • Promotional Offers
    We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

    You will receive marketing communications from us if you have requested information from us or purchased goods or services from us or if you provided us with your details when you registered for a promotion and/or service and, in each case, you have not opted out of receiving that marketing.
  • Third-Party Marketing
    We will get your express opt-in consent before we share your Personal Data with any company outside the Pelican group of companies for marketing purposes.
  • Opting Out
    You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you.

    Please contact us if you require specific information on the legal basis on which we rely for processing your Personal Data, at the following email address: [email protected]

Who Collects Your Personal Data?

The entity listed below is the one that collects Personal Data and other information through our services.

Our postal address is as follows:

Pelican International Inc.
1000 place Paul-Kane
Laval (Québec), Canada H7C 2T2


Table 1 : Ways we may use your Personal Data

  • To register you as a new customer, register your product for warranty or technical support/customer service :
    a) Identity
    b) Contact
    c) Profile
    d) Usage
    e) Marketing and Communications
    f) Technical

  • To process and deliver your order including manage payments, fees and charges and collect and recover money owed to us :
    a) Identity
    b) Contact
    c) Profile
    d) Usage
    e) Marketing and Communications
    f) Technical

  • To manage our relationship with you which will include notifying you about changes to our terms or Privacy Policy or asking you to leave a review or take a survey :
    a) Identity
    b) Contact
    c) Profile
    d) Usage
    e) Marketing and Communications
    f) Technical

  • To use data analytics to improve our website, products/services, Marketing, customer relationships and experiences :
    a) Identity
    b) Contact
    c) Profile
    d) Usage
    e) Marketing and Communications
    f) Technical

2- Data Security

We have put in reasonable security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

If we know of a violation of your Personal Data, we will report it to the competent authority as soon as possible after learning about it, unless this violation is not likely to create a risk of infringement on rights and freedoms of natural persons. If the risk is likely to be high, Pelican undertakes to communicate the Personal Data breach to the person concerned, whenever possible.

Although every effort is made to ensure that no one can view, access or obtain your personal information, it is not yet possible to guarantee the complete confidentiality and security of communications made over the Internet. Any unencrypted communication sent by email over the Internet is neither secure nor confidential and may be intercepted, lost or tampered with. Pelican, affiliates, sister companies and subsidiaries, as well as its agents, officers, shareholders, directors and employees, are not responsible for any damages that you or anyone else may suffer as a result of the transmission of confidential or sensitive information over the Internet. These communications are performed at your own risk.

3- Sharing (Communicating) Your Personal Data

For the same purposes referred to in the table presented in Section 1 above, we may need to share your Personal Data with other entities, whether they are Internal Third Parties, meaning the other companies of the Pelican group in their capacity as joint controllers or processors or with External Third Parties such as service providers acting as processors.

When the communication of your Personal Data is made to Third Parties for purposes other than those expressed in the table presented in Section 1, we would first obtain, when required by law, your express, clear and unequivocal consent following a request made in plain language.

If we share your Personal Data, we ensure that it is protected by requiring all companies included in our group to follow the same rules when handling your Personal Data. Whenever we transfer your Personal Data, we will ensure, as far as is reasonably possible, that it is treated with a similar degree of protection when required by law.

In all cases, we require all Third Parties to respect the security of your Personal Data and to treat it in accordance with applicable law. We do not allow any Third-Party service provider to use your Personal Data for their own purposes. We only allow them to process your Personal Data for specific purposes and in accordance with our instructions.

Social Media and Technology Integrations

We offer parts of the Website through other websites, platforms, and services operated or controlled by separate third parties. In addition, we integrate technologies operated or controlled by separate entities into parts of our Website. Some examples include:

  • Links to websites, platforms, social media sites, and other services not operated or controlled by us. Other parties may collect information about your online activities over time and across different websites when you visit this Website.

Pelican is not responsible for the privacy practices or the content of these third parties and any information that you provide to such third parties, including what information they share with us, your rights and choices on their services and devices, and whether they store information in the United States or elsewhere, shall be subject to the privacy policies of the owners of these third parties. Pelican encourages you to consult and review their privacy policies and terms of use before providing any personal information.

Children’s Policy

The Website is intended for a general audience, and is not directed at children under thirteen (13) years of age.

We do not knowingly collect or solicit personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) in a manner not permitted by COPPA.

Please do not allow children under the age of 13 to provide any personal information through this Website. If we learn that a child under the age of 13 has provided personal information in violation of our Privacy Policy, we will delete that information as soon as practical and to the extent required by applicable law. If you learn that a child under the age of 13 has provided personal information to us, please send us an email immediately at [email protected]. We will take steps to delete this information promptly to the extent required by applicable laws.

We do not knowingly “sell”, as that term is defined under the California Consumer Privacy Act of 2018 (“CCPA”), the personal information of minors under 16 years old who are California residents.

If you are under 18 years old and registered to use the Website, you can ask us to remove any content or information you have posted on the Website. To make a request, email us at [email protected] with “Under 18 Content Removal Request” in the subject line, and tell us what you want removed. We will make reasonable good faith efforts to remove the post from prospective public view, although we cannot ensure the complete or comprehensive removal of the content and may retain the content as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Certain variances may occur in other jurisdictions with regards to Children’s Policy.

4- Person in Charge of Managing Your Personal Data

We have appointed a data privacy manager (DPM) who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including any requests to exercise your legal rights, please contact the DPM by sending an e-mail to [email protected].

Other individuals within Pelican may be delegated to act on behalf of the DPM or to take responsibility for the day-to-day collection and/or processing of Personal Data.

You have the right to make a complaint at any time to the relevant authority responsible for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach any relevant authority so, please contact us in the first instance.

For Quebec Residents, please see the appropriate Section for more information about the Person Responsible of Personal Information.

5- Your Rights With Respect to Your Personal Data

You have the right to access, modify or delete the Personal Information we hold about you, and in certain cases to object to the processing of your Personal Information or to request that it be provided to you in a portable format. For example, if your Personal Information changes, if you wish to review or correct it, or if you no longer wish to benefit from our services, you can correct, update or delete your Personal Information on the member information page or by sending an email to our customer service at the following email address: [email protected]. Upon request, Pelican will let you know whether or not we hold Personal Information about you. We will respond to your request within a reasonable time.

7- Retention of Personal Data

Unless a retention period is required by, your Personal Data will bot be retained beyond the period necessary to fulfill the purpose for which we collected it.

Once the required period has expired, we ensure that your Personal Data is:

  1. Destroyed in a secure manner; or
  2. Anonymized, whenever possible.

7- General Provisions

Severability

If any provision hereof is held illegal, invalid or unenforceable by any competent authority in any jurisdiction, such illegality, invalidity or unenforceability shall not in any manner affect or render illegal, invalid or unenforceable such provision in any other jurisdiction or any other provision hereof in any jurisdiction.

Modification of this Policy

We reserve the right to update or modify this Policy at any time. Any changes will be effective immediately upon posting on our Website with a “Last Updated” date at the top of the revised Policy. Should we make a material change to this Policy, we will notify you on our Website. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of our Website after the changes constitutes your acceptance of the revised Policy.

Governing Law

This Website is controlled and operated by Pelican from Greater Montreal, Quebec, Canada and these conditions are governed by the laws of the Province of Quebec and the laws of Canada applicable therein, without regard to the principles of conflict of laws. You agree to be bound by these laws.

Any dispute, controversy or claim arising out of or in connection with these terms or the use of this Website, including any matters regarding the validity or application of the terms of use, is subject to the exclusive jurisdiction of the courts located in the Province of Québec.

Jurisdiction

This Site is controlled and operated by Pelican from Greater Montreal, Quebec, Canada. Pelican makes no representation as to the suitability or availability of any elements appearing on this Website in any other jurisdiction. Individuals who choose to access this Website from other locations do so on their own initiative and are responsible for complying with the relevant local laws, where applicable.

9- Notice to Residents of Quebec
CONFIDENTIALITY INCIDENT

In order to comply with the changes to the Act respecting the protection of personal information in the private sector, chapter P-29.1 (hereinafter “The Bill”) and to the Regulation respecting confidentiality incidents (hereinafter “The Regulation”), we have established a Privacy Incident Governance Policy (hereinafter “Governance Policy”).

OBJECT AND NORMATIVE FRAMEWORK

This Governance Policy specifies the steps to be taken when Pelican has reasonable grounds to believe that a privacy incident has occurred involving Personal Information that we hold, as well as the steps to be taken to reduce the risk of serious harm being caused in connection with a security incident.

DEFINITIONS

These definitions are to be considered for application of the Governance Policy, and may be supplemented by any other regulation, policy, directive or procedure.

Privacy Incident:

Access, use or disclosure of personal information that is not authorized by law, as well as its loss or any other form of breach to its protection.

Personal Information (according to the Bill):

Any information which relates to a natural person and directly or indirectly allows that person to be identified.

REPORTING A CONFIDENTILIATY INCIDENT

Any person to whom we may disclose Personal Information (Internal Third Parties and External Third Parties) must report to us when they ave reasonable cause to believe that a Privacy Incident involving Personal Information held by Pelican has occurred. This report must be made as soon as possible to the Person.

PERSON RESPONSIBLE FOR PERSONAL INFORMATION

In compliance with our legal obligation, we have designated a Person Responsible for Personal Information (hereinafter “PRP”). This person can be reached at the following e-mail address: [email protected].

ROLES AND RESPONSIBILITIES

In addition to the responsibilities listed in Section 4 – The Personal Data Manager, the PRP must also:

  • Contribute to the implementation of the security incident management process;
  • Maintain the Security Incident Register;
  • Contribute to security risk analyses in order to identify threats and vulnerable situations and implement appropriate solutions.

The PRP is responsible for handling incidents and complaints relating to Personal Information and may also work with any other relevant person as required.

RIGHT OF WITHDRAWAL

In order to respect your rights, if you do not wish us to use and/or communicate your Personal Information, you may write to us at the following address: [email protected]. We will reply within a reasonable time.

GRIEF

Upon request, the Personal Information of a deceased person may be shared with his or her spouse or to a close relative if this information is likely to help the person in his or her grieving process.

COMMUNICATION OUTSIDE QUEBEC

Your Personal Information may be disclosed outside Quebec. If your Personal Information are disclosed outside Quebec, we ask that it be treated with an appropriate level of security.

9- Notice to Residents of Nevada

If you are a resident of Nevada, the following additional provisions apply to the collection, use and disclosure of your personal information.

Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests to direct the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. Data sharing practices are not considered a “sale” under Nevada law and Pelican does not sell Personal Data within the meaning of that law.

8- Notice to Residents of California

In the past twelve (12) months, we have collected the following categories of personal information enumerated in the CCPA:

  • Identifiers, including name, email address, phone number, account name, and an ID or number assigned to your account.
  • Demographics, such as your age or gender. This category includes data that may qualify as protected classifications under other California or federal laws.
  • Commercial information, including engagement with the Website.
  • Internet activity, including your interactions with our Website.
  • Inferences, including information about your interests, preferences, and favourites.

For more information on information we collect, including the sources we receive information from, review the “Data We Collect About You” section. We collect and use these categories of personal information for the business purposes described in this specific section.

Under the CCPA, “sell” is defined broadly, and Pelican does not sell information under the traditional meaning of the term “sell” or as defined in the CCPA. In the event that certain Personal Data must be shared with third parties outside the Pelican Group, this sharing of Personal Data will be performed in accordance with the information indicated in the section “Sharing (Communicating) Your Personal Data” of this Policy.

Right to Delete

If you are a California resident, you have the right to delete the personal information we have collected from you and the right know certain information about our data practises in the preceding twelve (12) months. In particular, you have the right to request the following from us:

  • The categories of personal information we have collected about you;
  • The categories of sources from which the personal information was collected;
  • The categories of personal information about you we disclosed for a business purpose or sold;
  • The categories of third parties to whom the personal information was disclosed for a business purpose or sold;
  • The business or commercial purpose for collecting or selling the personal information; and
  • The specific pieces of personal information we have collected about you.

To exercise any of these rights, please email us at: [email protected]. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within ten (10) days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.

Right to Opt Out

In the event that Pelican sold your personal information in conformity with the term “sell” defined under the CCPA, you have the right to opt out of the sale of your personal information by us to third parties at any time. You may also submit a request to opt out by emailing us at: [email protected].

Authorized Agent

You may designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.

Right to Non-Discrimination

You have the right not to receive discriminatory treatment by us for the exercise of any your rights.

CCPA’s Shine the Light Request

Customers who are residents of California may request:

  • a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes;
  • a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write to us at the email [email protected] or postal address set out in the section “Who Collects Your Personal Data” above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.