On this page

1. Our Information
2. Basic Concepts
3. Why we collect personal information
4. What personal information do we collect?
5. Cookies and Tracking Technologies
6. Legal Basis for processing your personal information
7. Sharing Your Information
8. How we protect your personal information
9. Retention and destruction of personal information
10. Your Rights
11. Complaints
12. Anti-Spam Compliance (CASL)
13. Changes to This Privacy Policy

The Privacy Policy (“Policy”) has been created to demonstrate the commitment of MAPLE BEAR GLOBAL SCHOOLS (hereinafter referred to as the “MBGS,” “we,” or “our”), to the security and privacy of the information collected from users, who are the data subjects of their personal data (“Data Subject,” “User,” or simply “you”), as well as to assist data subjects in making informed decisions regarding their privacy.

This Policy sets forth the general conditions for the collection, use, storage, and other forms of processing and protection of personal data through our Website (https://www.maplebear.ca/), in accordance with the applicable privacy and personal data protection legislation in force, including but not limited to, the Personal Information Protection and Electronic Documents Act (“PIPEDA”) of Canada, the Canada’s Anti-Spam Legislation (CASL) and the General Data Protection Regulation of the European Union (“General Data Protection Regulation” or “GDPR”), and other laws described in this Policy.

This Policy does not apply to our employees’ personal information. That information is covered under the Maple Bear Global Employee Privacy Policy.

Please read this Policy carefully and, if you still have questions, feel free to contact us through the Service Channels listed here.

1. Our Information

• Company Name: Maple Bear Global Schools
• Contact Information: Raíssa de Freitas Calvette
• Privacy Officer e-mail: dataofficer@maplebear.ca

   

2. Basic Concepts

For a better understanding of this Policy, the following definitions should be considered:

Personal Data or Data: under PIPEDA, personal information includes any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form, such as:

• age, name, ID numbers, income, ethnic origin, or blood type;
• opinions, evaluations, comments, social status, or disciplinary actions;
• employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).

Special categories of Personal Data: also known as sensitive personal data, includes data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data (used for identification), health data, and data concerning sex life or sexual orientation.

Data Protection Officer (DPO) or Privacy Officer: person appointed by the MBGS to act as a communication channel between us, the Data Subjects, and the Office of the Privacy Commissioner of Canada (OPC).

Data subjects: individual whose personal information is being collected, used, or disclosed.

Office of the Privacy Commissioner of Canada (OPC): an independent Agent of Parliament and reports directly to Parliament. The Office of the Privacy Commissioner of Canada provides advice and information for individuals about protecting personal information. Also enforce PIPEDA, that set out the rules for how certain businesses must handle personal information.

Applicable legislation: All legislation pertaining to privacy and personal data protection, especially the Personal Information Protection and Electronic Documents Act – PIPEDA (S.C. 2000, c. 5).

Website: it designates the electronic address https://www.maplebear.ca/ and other sites linked to Maple Bear Global Schools, including those for various operations.

3. About data we collect

When you access our Website, MBGS acts as the controller of your personal data. In other words, MBGS is responsible for decisions regarding the processing of your personal data, acting in accordance with applicable legislation and as described in this Policy.

Data will be collected when you interact with our Website. We only collect personal information that is directly related to the purposes for which it is needed, such as providing services, fulfilling contractual obligations, ensuring compliance with legal requirements, or improving user experiences. The amount and the type of the information collected will be limited to that which is needed to fulfil the identified purpose(s).

We do not intentionally collect, store, or otherwise process personal data that is excessive or unnecessary for the purposes that justified its collection, nor do we process sensitive personal data. Accordingly, we request that you refrain from sharing such data with us. Should we become aware that such data has been inadvertently collected and processed, it will be deleted from our records.

Important: You are not required to provide us with your information; however, without providing certain information when requested, you may be denied access to certain features. In addition to the Data you provide, whenever you interact with our Website, information will be automatically collected. Such information is generally non-identifiable; however, when combined with other data that makes it possible to associate it with you, it will be treated by the Website as Personal Data.

To the extent permitted by applicable law, the Website may process the following personal data provided by you:

You are solely responsible for the accuracy, veracity or updating of the Data you provide to us. We are not obligated to process your Data if there are reasons to believe that such Processing may impute to us a violation of any applicable law, or if you are using our websites for illegal or unlawful purposes.

Protection of Children’s Privacy

We are committed to protecting the privacy of children and complying with all applicable laws concerning the collection, use, and disclosure of children’s personal information, including PIPEDA and international standards such as GDPR and the U.S. Children’s Online Privacy Protection Act (COPPA), where applicable.

We do not knowingly collect personal information from children without the consent of a parent or legal guardian, except as permitted by law or under the authority of a school acting in place of a parent (in loco parentis) for educational purposes.

Parents and guardians have the right to:

• Access the personal information we collect about their child;
• Request corrections or deletions of such data;
• Withdraw consent for further data processing, subject to legal or contractual obligations.

To exercise these rights, or for questions about your child’s personal information, please contact our Privacy Officer at dataofficer@maplebear.ca

4. Cookies and Tracking Technologies

We use Cookies and similar tracking technologies to track the activity on our Website and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze our services.

You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Website.

For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy.

5. Lawful Basis for processing your personal information

We process your personal data in accordance with the applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), the Brazilian General Data Protection Law (LGPD), and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), as applicable.

The lawful basis on which we rely to process your personal information include:

• Performance of a Contract: Processing is necessary to fulfill our contractual obligations with you, such as providing access to educational services, managing user accounts, and ensuring the delivery of digital learning tools and content.
• Compliance with Legal Obligation: We may process your data when necessary to comply with legal or regulatory obligations to which we are subject, including record-keeping, safety, and reporting obligations.
• Consent: Where required by law, we will obtain your prior, informed, and explicit consent for specific processing activities, particularly when it involves the use of your personal data for optional services or third-party educational platforms. You may withdraw your consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.
• Legitimate Interests: In some cases, processing is necessary for the legitimate interests pursued by the school, Maple Bear Global Schools, or affiliated entities, such as ensuring the security and proper functioning of our platform, managing licenses, and improving our educational offerings. We ensure that such interests are balanced with your fundamental rights and freedoms.

About Consent:

Wherever possible, we seek a person’s consent before we collect their personal information. The form of consent may vary depending on the circumstances and the type of information being requested. Consent can be express or implied, and can be provided directly by the individual or by an authorized representative.

We will not use your personal information without your consent unless it is either:

• for the same purpose for which the information was originally collected or compiled;
• consistent with that purpose;
• for a purpose that may be disclosed under an investigation.

We are committed to ensuring that all processing of personal information is done transparently, fairly, and in accordance with the rights of data subjects. If you have any questions regarding the legal basis for a specific processing activity, please contact our data protection officer or local administrator.

6. Sharing Your Information

Your personal data may be disclosed to third parties under the following circumstances:

• To service providers engaged to support or operate our educational and administrative services, strictly for the fulfillment of their contractual obligations;
• With the companies and within business areas of MBGS, which are in agreement with this Policy;
• With service providers or partner companies, to facilitate, provide or perform activities related to our Website;
• With marketing and advertising companies, to automatically deliver promotions and information appropriate to your profile;
• In case of corporate changes, such as mergers, acquisitions or incorporations performed by of MBGS;

• When required by applicable law, judicial or administrative authority, or when necessary to protect the rights, property, or safety of MBGS, its students, or third parties.

If you have any questions about who we share your Data with, please contact us through the Service Channels provided at the end of this Policy.

If your data is transferred outside Canada, we will ensure that appropriate safeguards are in place to protect it.

7. How we protect your personal information

In any organization, failure to protect personal information can increase the risk of a privacy breach. These privacy breaches can lead to things such as reputational harm, fraud or identity theft.

We will protect personal information from loss or theft, unauthorized access, use or disclosure, modification or destruction through appropriate administrative, technical and physical security measures and safeguards. However, no method of transmission over the Internet is 100% secure.

We follow the relevant privacy and security policies and other guidance on information technology security, as applicable to the educational sector.

Additional information about our methods of protection:

• Staff training on privacy practices and the safeguarding of personal information, with a focus on the sensitive data of students, faculty, and staff;
• Granting access to information on a “need-to-know” basis to ensure the confidentiality and integrity of educational records;
• Screening and security checks of employees, contractors, and prospective employees based on the sensitivity of the personal and academic information they will handle;
• Technical measures such as secure logins, audit trails, encryption, firewalls, and other technical security safeguards to protect student and institutional data;
• Physical security measures such as locked filing cabinets, restricted access to administrative areas, and controlled entry to offices where personal information is stored.

We will also use contractual or other appropriate means to ensure that third parties who handle personal information on our behalf implement a similar level of protection in compliance with relevant laws and policies.

8. Cross Border Data Transfer

MBGS may transfer your data internationally to other countries or international organizations. This will only occur when strictly necessary to achieve the purpose for which your personal data is being processed, prioritizing, whenever possible, storage on servers located in Canada.

MBGS may, by adopting appropriate measures and safeguards for the protection of Personal Data, transfer Personal Data internationally for the purposes set forth in this Policy, including:

• Provision of services and execution of contracts: to process your registration and allow access to courses or other operations of its partners, suppliers, service providers, and/or customers, as well as to ensure compliance with contracts and other commercial agreements, guaranteeing access to products and/or services from MBGS and strategic partners.
• Security: to enable the adoption of security measures and protocols for fraud prevention.
• Rights and obligations: to ensure compliance with MBGS’s legal and/or regulatory obligations, as well as the regular exercise of rights in judicial, extrajudicial, administrative, or arbitration proceedings.
• Specialized services: such as the use of data storage and/or processing services in the cloud or on servers located in other countries.

Personal Data may be transferred and processed in different countries, depending on the need, as well as countries where MBGS partners, suppliers, service providers, and/or customers are located or operate, such as Brazil and the EU.

When necessary and as applicable, the international transfer of Personal Data will be carried out by MBGS in accordance with the mechanisms provided for in the Applicable Legislation and applicable standards, in particular: (i) transfer to countries or international organizations that provide a level of protection of Personal Data adequate, as recognized by an adequacy decision issued by the Data Protection Authority; or (ii) through the adoption of standard contractual clauses, in accordance with applicable regulations; or (iii) compliance with legal or regulatory obligations; execution of a contract or preliminary procedures related to a contract; regular exercise of rights in proceedings. Without prejudice, MBGS may also adopt other international transfer mechanisms provided for in the GDPR and other applicable standards.

The international transfer of Personal Data will be carried out for the period necessary to fulfill the purposes set forth in this Policy and in any contracts and/or agreements entered with partners, suppliers, service providers, and/or customers. This period may vary depending on the nature of the data transferred and the applicable legal requirements.

9. Retention and destruction of personal information

We are responsible for ensuring that all personal information is managed within a set life cycle. According to Privacy Regulations, personal information can be retained for as long as is necessary for the purposes set out in this Privacy Policy. We will also retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

MBGS will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

10. Your Rights

Under PIPEDA, and global privacy legislations, such as GDPR and LGPD, you have the right to:

• Access the personal information MBGS holds about you.
• Request corrections to your personal information if it is inaccurate or incomplete.
• Request the deletion of your personal information, subject to certain exceptions.

To exercise any of these rights (to the extent they are available), please contact our Privacy Officer at dataofficer@maplebear.ca.

11. Anti-Spam Compliance (CASL)

We comply with Canada’s Anti-Spam Legislation (CASL). We obtain your express consent before sending you any commercial electronic messages, when applicable, including promotional emails, and provide you with the ability to easily withdraw that consent at any time.

12. Information about this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information.

By using our Website, you freely, knowingly, unequivocally, expressly, and fully consent to this Policy.

We strongly recommend that you read it carefully.