Infodepots, along with our channel partners (Kalkine Limited, Kalkine Media Limited, and AccuraData Ltd, with company and ICO numbers – 07903332, ZA508648; 12643132, ZB004482, and 12464062, ZA781751, respectively), ensure our data compliance with CCPA (California Consumer Privacy Act) and GDPR (General Data Protection Regulation) through several rigorous measures and protocols.
The website www.kalkine.ca (the “Website”), including all associated pages and our mobile or software application, is operated by Kalkine Canada Advisory Services Inc. (“KCAS”), a Canadian equities and stock market research firm registered in British Columbia under company number BC1229863. KCAS is also extra-provincially registered in Ontario (Corporation Number: 0050281141) and Alberta (Corporate Access Number: 2126607593). The registered office of KCAS is located at Suite 1700, 777 Dunsmuir Street, Vancouver, British Columbia, V7Y 1K4, with Business Number 761925130BC0001. The company is also a channel partner for Infodepots.
Data being sourced and the consent received for telemarketing purposes will be used by Kalkine Canada Advisory Services Inc. (Business No: 761925130BC0001, British Columbia Company Number: BC1229863), along with its service provider Kalkine Solutions Private Limited (registered as an extra-provincial entity in British Columbia with Company Number: A0112223 and holding a telemarketer license in British Columbia under License Number: 85548).
Our CCPA & GDPR protocols include:
Data Collection and Consent: Infodepots and its channel partners adhere to the principle of obtaining clear and explicit consent from individuals before collecting their data. For GDPR, this means ensuring that consent is freely given, specific, informed, and unambiguous. Under CCPA, it involves informing consumers at or before the collection point about the categories of personal information and the purposes for which it will be used.
Data Processing and Purpose Limitation: Together, Infodepots and its subsidiary companies ensure that personal data is collected for specific, explicit, and legitimate purposes and is further processed in a manner compatible with those purposes. We limit data processing to the purposes for which the data was collected, which aligns with GDPR’s purpose limitation principle and CCPA’s regulations.
Data Minimization: Infodepots and its channel partners practice data minimization by ensuring that only the personal information that is necessary for the specified purposes is collected and processed. This approach aligns with GDPR’s data minimization principle and CCPA’s mandate to collect data that is relevant and limited to what is necessary.
Security Measures: To comply with GDPR and CCPA requirements, Infodepots and its channel partners implement appropriate technical and organizational measures to ensure security appropriate to the risk. This includes protecting against unauthorized or unlawful processing, accidental loss, destruction, or damage by encryption and ensuring confidentiality, integrity, availability, and resilience of processing systems and services.
Data Subject Rights: Infodepots and its subsidiary companies recognize and facilitate the rights of data subjects under GDPR, which include the right to access, rectification, erasure, restriction of processing, data portability, and objection. Similarly, under the CCPA, consumers are given the right to know about the personal information collected about them, the right to delete personal information, the right to opt out of the sale of their personal information, and the right to non-discrimination for exercising their CCPA rights.
Data Breach Notification: In compliance with GDPR and CCPA, Infodepots and its channel partners have procedures to detect, report, and investigate personal data breaches. GDPR mandates notification of a data breach to the supervisory authority within 72 hours of becoming aware, whereas CCPA requires businesses to notify consumers of a breach.
Vendor Management and Due Diligence: Infodepots and its subsidiary companies conduct due diligence with third parties and vendors to ensure they comply with GDPR and CCPA. Contracts with processors include clauses that specify the rights and obligations of both parties, including data protection aspects. By adhering to these principles and measures, we demonstrate our commitment to protecting personal data and ensuring our practices comply with the CCPA and GDPR, reflecting our dedication to privacy, security, and consumer rights.