(Last Updated: January 1, 2025)
At WorkWell, we value your privacy. This Privacy Policy explains what personal information WorkWell collects, how we use and disclose it, and your rights regarding that information. It applies to information collected from users of the WorkWell Platform (both Clients and Providers), as well as anyone who visits our website or uses our app.
By using the Platform, you agree to the collection, use, and disclosure of your personal information as described in this Privacy Policy. If you do not agree, please do not use WorkWell.
We collect personal information that you voluntarily provide to us, as well as some information automatically when you use the Platform. “Personal information” means information about an identifiable individual, as defined under applicable law. The types of information we collect include:
1.1 Information You Provide Directly:
Account Registration Info: When you sign up, we collect information such as your name, email address, phone number, mailing address, and account password. If you register as a Provider, we may ask for additional details like your trade skills, profile description, photographs (e.g., a profile photo), and possibly business information if you operate as a company.
Identity Verification Data: If we conduct identity or age verification, we will collect data such as your date of birth, and we may request images of your government-issued ID (e.g., driver’s license or passport) and a selfie photograph to verify your identity. This information is sensitive and is handled with care (often using third-party verification services) – see section on “How We Use Information” below.
Background Check Information: For certain Providers, with consent, we may collect information needed for a background check (such as full name, aliases, address history, government ID, and possibly Social Insurance Number in rare cases if needed for accuracy). The actual background check (e.g., criminal record report) may be conducted by a third-party agency, which will share the results with us (usually a simple pass/fail or relevant records, not all raw data).
User Profile and Services Info: Clients might provide a profile too (optional), including a profile photo or preferences. Providers provide details on the services they offer, their rates, qualifications, years of experience, etc. Any information you include in your profile is voluntarily provided by you and is intended to be shared with other users via the Platform.
Payment Information: If you are a Client, to pay for services you must provide payment details. We use a third-party payment processor to handle credit card and payment data, so typically we collect your credit/debit card number, expiration date, and billing address, but we transmit it directly to the payment processor (like Stripe) – WorkWell itself does not store full card numbers. If you use another payment method (e.g., Apple Pay, etc.), we collect necessary info to facilitate that. For Providers, we collect payout-related information such as your bank account details or other payout account (to send you your earnings), and possibly tax-related information (e.g., if we need to send you a tax form for earnings, we might collect your SIN or business number where required by law).
Communications with Us: If you contact WorkWell support or communicate with us in any way (support tickets, emails, phone calls), we will collect the information you choose to provide in those communications. This could include details about an issue you’re having, feedback, or any other info you volunteer. We may record calls or keep chat transcripts for quality assurance and training.
Content of Reviews and Posts: If you submit reviews, ratings, or comments on the Platform, we collect that content. Similarly, if there are forums or Q&A sections (if any), anything you post is collected. Note that content you post publicly (like reviews) will be visible to others along with your first name and last initial or username.
Surveys and Promotions: From time to time, we may offer user surveys, contests, or promotions. If you choose to participate, you may provide certain information (feedback, contest entries, etc.). For example, a survey might ask about your satisfaction or suggestions. Contest entries might require contact info for winner notification.
1.2 Information Collected Automatically:
When you use the app or website, certain information is collected automatically by technical means:
Usage and Device Information: We collect details about how you use the Platform, such as the dates and times of access, the features you used, the pages or screens you viewed, crash reports, and referring/exit links. We also gather technical info about your device or browser: IP address, device identifier (e.g., UUID), device type (model, manufacturer), operating system and version, mobile network, language settings, and app version. This data helps us understand usage patterns and improve our services. For instance, we may log that a user spent X minutes browsing cleaning services or that a certain feature is used frequently.
Location Data: Given that WorkWell connects clients and providers for in-person services, we collect geolocation information in several ways:
When Clients search for services, we may collect and use the location they provide or their device’s GPS location (with permission) to show nearby providers.
When a Provider is marked as “available” or during an active job, our app may collect the Provider’s precise GPS location periodically so that we can, for example, show the Client an ETA or confirm the Provider was at the job location (for safety and verification). You will typically be prompted to allow location services in the app. You can control location sharing via your device settings, but note that the Platform’s functionality (such as matching by proximity or tracking en route) may be limited if you disable it.
We might also derive an approximate location from your IP address (to infer city/region).
We treat precise GPS location as sensitive and use it only for providing the service features and safety (see “How We Use” below). If you are a Provider, consenting to location tracking during active jobs is likely a condition of using the app, because clients expect to see when you’re en route and it’s important for confirming service delivery.
Cookies and Similar Tech: Our website uses cookies, and our app or website may use similar tracking technologies (like pixels, local storage, SDKs). Cookies are small text files stored on your browser that help us recognize you and remember preferences. For example, we may use cookies to keep you logged in, or to track analytics on our site usage via Google Analytics or similar. We may also use cookies or pixels in emails to know if you open them. You can set your browser to reject certain cookies (see “Your Choices” below), but note that some functionality might be impaired.
In-App Telemetry: The app might collect data about app performance, such as crash logs (which include function names, error codes, etc.) and interaction events (e.g., button clicks) to diagnose issues. This is usually done via third-party analytics SDKs (e.g., Firebase, Mixpanel). These help us improve user experience by understanding where issues occur.
Call and SMS Data: If the Platform facilitates phone calls or texts between Users (for example, using a masked number system so actual numbers aren’t revealed), we may receive call metadata (such as time of call, duration) and SMS metadata or content if messages pass through our system. For instance, we might log that a client and provider spoke for 5 minutes via our intermediary number. We won’t record the actual voice call without notice, and SMS content we typically monitor only for compliance (like ensuring no contact info exchange if against rules, or scanning for prohibited content).
Moderation Tools: As noted, we may have automated systems that scan messages for certain red flags (such as phone numbers, certain keywords related to prohibited transactions or harassment). These tools operate automatically on message content; if a flag is raised, it might be reviewed by our Trust & Safety team. (This is partly an automatic collection of content data for monitoring compliance.)
1.3 Information from Third Parties:
Sometimes we obtain information from third-party sources, which we may combine with data we have about you:
Background Check Services: As mentioned, third-party services may provide us with background check results for Providers (with consent). This could include criminal record checks, identity verification outcomes, driving record (if driving-related services), or other public records. We typically get a report saying “clear” or listing offenses if any, and we use that to determine eligibility on our platform. We keep such info confidential and use it solely for trust and safety decisions.
Identity Verification Services: If we use a partner to verify ID documents (for example, a service like Veriff, Jumio, or Trulioo), those partners may give us confirmation that the document is authentic and matches the selfie, or provide a score of confidence. They might also provide extracted data (like name, DOB from the ID) which we use and then often discard the image. We may store an indicator that you are “Verified” and maybe a reference number, but often not the ID image long-term (see retention later).
Payment Processors: Our payment provider (e.g., Stripe) may give us limited information such as a tokenized representation of your card, the card brand, expiry, and last 4 digits (so we can show you partially and let you know card status). They might also inform us of any updates (via updater services) or issues (like a charge failure reason). If there’s a dispute/chargeback, we receive details of that from the processor/bank. For payouts, if a payout fails (due to wrong account info), the bank may tell us.
Social Media or SSO: If we allow signup or login through a third party (like “Sign in with Google” or Apple), we get info from them such as your name and email and an authentication token. We only use that to create/log in to your account. If you authorize it, we might also import a profile photo from Google or other basic profile info to populate your WorkWell profile.
Referrals: If someone refers you to WorkWell (e.g., via a referral program), they may provide us your name and email or phone. We will only use that to send an invite or referral message. If you join, you may optionally let us know who referred you to grant them referral credit.
Public Sources: We could use publicly available information to supplement profiles in some cases (for example, if a Provider has a business website or public reviews elsewhere, we might note that, or to verify a business name). But generally, user profiles are user-generated.
Marketing Partners: We might get demographic or interest data from marketing partners or data
WorkWell uses the collected information for purposes that include the following:
Providing and Improving the Service: First and foremost, we use your information to operate the Platform and facilitate services. This includes using personal data to create and manage your account, allow Clients and Providers to find and communicate with each other, and process bookings and payments. For example, we use contact and identity information to confirm your identity, to enable profile pages and user matchmaking, and to send booking confirmations or messages. Location data is used to suggest nearby services and (for Providers) to show Clients when you’re on the way or at the job site. We also use various data to maintain and improve our Platform’s functionality, performance, and user experience – such as analyzing how users navigate the app (via usage data and cookies) to identify bugs or popular features and make improvements.
Safety and Trust: We are committed to making WorkWell a safe marketplace. We use personal information to screen Users and prevent fraud or unlawful behavior. For example, identity verification information and background check results are used to vet Providers’ trustworthiness and eligibility. We may use your government ID to verify that you are real and of legal age, and background check data to ensure no disqualifying criminal history for certain services, in compliance with law. We also use data (including communications content, as allowed) to monitor for and investigate potential violations of our Terms (like harassment, fraud, or attempts to take transactions off-platform). As noted, our system may automatically scan messages for triggers (like exchange of contact info or flagged words) to help catch misconduct. If a dispute or incident is reported, we will use relevant info (profile data, messages, location logs, etc.) to investigate and resolve it. Location logs might confirm whether a Provider was present at a location at a certain time if there is a complaint. We may also use audio or chat records with customer support to train staff in handling issues better.
Communications: We use your contact information to communicate with you about your account and bookings. This includes sending service-related announcements and messages such as appointment reminders, confirmations, updates on the status of a service (e.g., “Your provider is en route”), and feedback requests. We will also respond to your inquiries or support requests using your contact info. If you provide a phone number, we may send you necessary SMS messages for verification (e.g., sending a one-time code) or service updates. By providing your phone number, you consent to receive such calls or texts from us or from other users through our masked number system as part of the servic quoteit.caquoteit.ca】. Standard call/SMS rates may apply. You can opt out of receiving certain texts by replying “STOP” to our SMS, though note this may limit your use (for example, you might not receive critical booking communications if you opt out quoteit.caquoteit.ca】. Please refer to the Notification Preferences in your account settings for more options.
Marketing and Promotional Purposes: If you are an active user, we may use your email or phone to send promotional communications about new features, special offers, surveys, newsletters, or other marketing content from WorkWell that we think you might find useful. For example, we might send a newsletter highlighting top-rated providers in your area, or a promotion offering a discount on your next service. You have the choice to opt out of receiving marketing emails or texts (see Your Choices below). We will not send you marketing SMS unless you have consented where required by law. We may also use certain data (like your service history and demographics) to customize or target our advertising – for instance, showing you relevant ads on third-party sites (if we engage in retargeted advertising). If we use third-party advertising networks or social media to reach you, we might share a hashed identifier or device identifier to them to help identify you as part of an audience for our ads. We do not sell your personal information to unaffiliated third parties for their own marketing.
Facilitating Connections and User Content: We use information to facilitate the interactions between Clients and Providers. For example, if you are a Client posting a job request, we will use your provided service details and location to show relevant Providers that opportunity, and conversely show you potential Providers. When a booking is made, we share necessary info between the involved users: a Client will see a Provider’s name, profile, photo, and contact details (perhaps a masked phone number) and vice versa. Additionally, any content you post (like reviews) we will display on the Platform associated with your profile for others to read, as intended. We may slightly edit or moderate reviews (for instance, to remove offensive language per our guidelines) but generally we use and publish your feedback as given.
Processing Payments: We use payment and financial information to charge Clients and pay Providers. This involves using your provided payment method to collect service fees, and using Provider payout information to disburse earnings. Our system, through the payment processor, will use billing addresses, card security codes, etc., to process transactions and prevent fraud. We also keep records of transactions for financial reconciliation, fee calculations, and to provide both Clients and Providers with records (like receipts, earning statements, etc.). Payment information may also be used to handle chargebacks or refunds – e.g., if a refund is due, we will credit the original card. We adhere to PCI-DSS standards as required by our payment processors to protect payment data.
Enforcing our Terms and Policies: We use data to enforce agreements and policies, including these Terms of Service, the Codes of Conduct, and other guidelines. This can mean using evidence from the Platform to address violations – for example, using message logs to substantiate a breach of the no-off-platform-payments rule and taking corrective action. We also may use your age info to enforce age restrictions. If necessary, information may be used to pursue or defend against legal claims involving WorkWell – e.g., preserving evidence or sharing info with our legal counsel.
Legal Compliance: We may use your information as necessary to comply with legal obligations. For instance, to satisfy tax and accounting requirements (keeping invoices, records of income for Providers if we are required to issue tax forms), to fulfill lawful requests from government or law enforcement (see “Sharing” section), or to comply with regulatory requirements (for example, if a provincial law requires record-keeping of certain transactions or verification of certain service provider credentials, we will use/store data accordingly). If you exercise privacy rights (such as an access request), we will use your data to respond to you as required by laquoteit.ca】.
Research and Development: We may use aggregated, anonymized, or de-identified information for analytical and research purposes to improve WorkWell’s services. For example, we might analyze aggregated booking data to understand peak demand times, or use survey feedback to develop new features. These insights help us make data-driven decisions to enhance user satisfaction and innovate our offerings. When using data for these purposes, we do not include personally identifying details in any public research reports or similar outputs.
We will not use your personal information for purposes materially different from the above without informing you and obtaining your consent if required. The legal bases for our processing of personal data (where applicable law requires) generally include: your consent (for example, for marketing communications or certain data processing like background checks), fulfillment of our contractual obligations to you (providing the services you requested, which requires processing of your data), compliance with legal obligations, and our legitimate interests (such as ensuring trust and safety, improving our platform, and marketing to grow our business) – balanced with your rights and expectations.
If we rely on consent for certain uses (e.g., sending marketing emails in jurisdictions requiring opt-in consent), you have the right to withdraw that consent at any time, which will not affect the lawfulness of processing before withdrawal.
WorkWell is not in the business of selling your information – we share information only as necessary to provide our services and as described here (and in accordance with privacy laws). We may share your personal information in the following ways:
Between Users (Client <> Provider): When a booking is made or during the negotiation of a service, we share certain information between the Client and the Provider involved to facilitate the service. Providers will typically see the Client’s first name, first initial of last name (or business name, if applicable), the service details and location, and any notes the Client provided. Clients will see the Provider’s profile information: name (or business name), profile photo, ratings, number of past jobs, maybe verification badges (like “ID verified”), and any public reviews. Once a booking is confirmed, we may also share fuller contact info to the extent needed: e.g., a Provider might see the Client’s address and a phone number to reach them (possibly a masked number through our system). Likewise, a Client will get the Provider’s phone contact (masked) and potentially last name if needed for introductions at the door. We do not share things like your government ID, actual birthdate, or background check results with other users; those are for internal verification only. However, we may display a badge or indicator that “Background Check Passed” or “ID Verified” on a Provider’s profile. If you include personal info in your profile or communications, the other user will see that – that’s under your control. In-app messaging between Client and Provider is obviously shared between those two parties (and monitored by us as per the Terms for compliance).
With Your Consent: We will share your information with third parties outside of WorkWell when we have your consent to do so. For example, if we wanted to feature your testimonial or story on our blog or in media, we’d ask your permission before using your name or likeness. If you specifically request we share data with a third party (say, you integrate a calendar app and want booking info shared to your calendar), we will do so. Also, if you partake in a co-branded promotion or event with a partner, we might share info with that partner as disclosed in the terms of that promotion (with your consent by participation).
Service Providers (Third-Party Processors): WorkWell uses various trusted third-party companies to perform tasks on our behalf and help us provide our services – we only share the information necessary for them to perform these services. These third parties include:
Payment processors: as detailed, to process payments and payouts securely (they get your payment details and personal info needed to verify transactions). For example, we use Stripe; your payment data is handled under Stripe’s systems in compliance with PCI standards.
Identity verification and background check services: we share personal info (like your name, DOB, ID document, etc.) with third-party vendors that perform verification or check quoteit.ca】. They return a result to us. These vendors are contractually obligated to protect the data and use it only for the verification purpose.
Cloud storage and IT providers: we may use cloud computing or storage services (e.g., Amazon Web Services or Google Cloud) to host our data and platform. Personal data is stored on their secure servers but controlled by WorkWell – these providers act as data processors only. We use industry standard security measures such as encryption for data at rest or in transit as appropriate.
Analytics tools: we use analytics and crash reporting services (like Google Analytics, Firebase, etc.) which may set cookies or SDKs that collect usage data and device identifiers. This helps us analyze app performance and user behavior on an aggregated level. These analytics providers may receive some identifiers and device info as described in section 1.2. They are not allowed to use the data for purposes outside our instructions. You can opt out of some analytics as noted in the Cookies/Tracking section.
Communication tools: we might use third-party services to facilitate communications, such as a service to send emails (e.g., SendGrid) or SMS (e.g., Twilio). They will process contact info and message content as needed to deliver communications. Another example: if we have a customer support chat widget, the provider of that service (with whom you interact for support) will see what you type to assist you.
Map services: As mentioned, we integrate Google Maps Platform for location-based functions. This means when you search a location or when a Provider’s GPS is shown on a map, certain data is being communicated to Google’s APIs. *By using WorkWell, you agree that Google may process your location data pursuant to its own Privacy Policy developers.google.com】. For example, when the app displays a map of the job location, it’s loading Google Maps content and possibly sending coordinates to Google to render the map. We incorporate by reference the Google Maps/Google Earth Additional Terms of Service and Google Privacy Policy; these apply to the use of map features on our Platform. We do not send personal info like your name to Google when just loading a map, but location coordinates and any map queries are subject to Google’s systems.
All these service providers are bound by confidentiality and data protection obligations (through contracts or law) to ensure your data remains protected. We do not permit them to use your personal information for their own marketing or other purposes unrelated to providing services to WorkWell.
Business Partners: In certain cases, we might partner with other businesses to offer joint services or promotions (e.g., a home insurance company offering a discount on WorkWell services). If you decide to engage with those offers, we might share limited info with that partner. For example, if a partner gave you a code to redeem on WorkWell, we might confirm to the partner that you used the code and perhaps share aggregate usage (to settle accounts). We won’t share your full user profile to a third party without your explicit opt-in. If WorkWell integrates with third-party platforms (like a calendar or voice assistant integration), we will explain what data passes to that third-party and seek your consent.
Legal and Law Enforcement: We may disclose personal information when we believe in good faith that such disclosure is necessary to *comply with applicable law, regulation, legal process, or governmental request stikeman.com】. This includes responding to court orders, subpoenas, or lawful requests by public authorities (such as to meet national security or law enforcement requirements). If a law enforcement or regulatory body requests data (for example, an investigator asks for records to investigate an incident that occurred through the platform), we will verify the validity of the request and only provide information that is legally required. We may also disclose information if we believe it is necessary to prevent, investigate, or address illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Service. For instance, we may alert police of a credible threat of harm or provide relevant info to assist with an investigation of a user suspected of committing a crime via our platform. We aim to balance user privacy with legal obligations and safety – we will not voluntarily hand over data unless there is a legitimate basis and we are permitted to do so.
Litigation and Liability: If we are involved in a dispute or legal proceeding with you or a third party, we may share relevant information as needed in connection with the proceeding. For example, if a client sues WorkWell claiming injury, we might use and disclose communications and activity logs to defend ourselves. Or if a provider’s insurance company requests proof of the booking details to process a claim for damage, we may provide that (to the extent allowed). We will do so under appropriate legal frameworks (e.g., under a protective order if needed).
Corporate Transactions: If WorkWell undertakes a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our assets, your personal information may be disclosed to the parties involved (e.g., to investors, or to the acquiring entity) as part of due diligence or the transaction, and may be transferred to the successor or purchaser as one of the business asset quoteit.ca】. For example, if another company acquires WorkWell, your information will likely be one of the transferred assets so that service can continue. In such cases, we will ensure that the receiving party agrees to respect your personal information in a manner consistent with this Privacy Policy or we will notify you and give an opportunity to opt-out if required by law.
Aggregated or De-Identified Data: We may share information that has been aggregated (combined with other data so it no longer identifies you personally) or de-identified (stripped of personally identifying characteristics) with third parties for any lawful purpose. This data cannot be linked back to individual users. For example, we might publish reports or insights like “X% of WorkWell users book cleaning services twice a month” or share statistics with a business partner or in press releases. Such information will not contain anything that could reasonably be used to identify you.
We do not sell or rent your personal information to third-party “data brokers” or marketers. All sharing is either integral to our service or done with care for your privacy and usually on an opt-in basis.
If we need to share your information for a purpose not covered by this Privacy Policy, we will obtain your consent or provide you with the opportunity to opt out of such sharing.
WorkWell retains your personal information only for as long as necessary to fulfill the purposes outlined in this Policy or as required or permitted by law. In general:
Account Information: We retain the personal information associated with your account for as long as your account is active. If you choose to delete your account or if WorkWell deactivates it, we will initiate deletion of your personal information within a reasonable timeframe. However, we may retain certain data after account deletion for legitimate reasons: for instance, to comply with legal obligations such as retaining transaction records for tax, auditing, and financial reporting (often 7 years, as required by CRA and accounting rules). We also may keep data to enforce our Terms (for example, to prevent a banned user from re-registering) or to resolve disputes (retaining evidence of interactions in case of legal claims). When we retain data for these reasons, we limit access to only what is necessary.
Service Transactions: Information related to bookings, payments, and services provided may be retained indefinitely in anonymized form for statistical purposes. But anything personally identifying in those records will be removed or securely stored after a certain period (e.g., financial records with personal info are generally kept for 7 years). Communications between Clients and Providers (chat logs) may be retained for a period in case of later disputes or inquiries, but typically we’ll purge routine message data after a set time if not needed (for example, messages older than 2 years might be deleted, unless linked to a dispute).
Legal Requirements: We may need to keep certain information for longer if required by law. For example, if a law enforcement request is open, or if related to a legal case, we’ll retain relevant data until the matter is resolved. Similarly, if you performed work as a Provider, we might need to keep records of payments to you as evidence for tax authorities or to issue any required forms (like a T4A if required by Canadian law for independent contractor payments canada.ca】.
Backup and Cache: Even after deletion from our active database, residual copies of your personal info might remain in our backups or cache for a short period until those are overwritten or refreshed. We maintain backup systems for reliability, which means a complete purge of data might only occur when backups containing that data expire. We have processes to delete or anonymize data from backups as feasibly as possible.
Identity and Verification Documents: For sensitive info like identity documents or background check reports, we typically do not store the originals longer than needed to verify. For example, once a Provider is verified, we may erase the raw ID scan and just keep a record “Verified on X date” and the result of the background check (pass/fail). In some jurisdictions, we may be required to retain a copy of verification for a certain time to prove compliance (e.g., if required by an employment law or by insurance). We store such documents securely and restrict access. They are deleted once no longer needed.
Aggregate Data: As mentioned, we may keep aggregated, non-identifiable data indefinitely for analysis, without further notice, since it has no personal impact.
When we no longer need personal information, we will either delete it or anonymize it. If deletion is not immediately possible (for example, because the data is stored in backups), we will ensure it remains securely stored and isolated from further active use until deletion is practical.
WorkWell respects your rights regarding your personal information. Under Canadian privacy laws (such as PIPEDA) and similar regulations, you have the following rights (subject to certain exceptions and limitations):
Access and Portability: You have the right to *request access to the personal information WorkWell holds about youquoteit.ca】. This typically means you can ask us to confirm whether we’re processing your personal data and request a copy of that data. We will provide you with the information in our records, generally within 30 days as required by laquoteit.ca】. In some cases, certain data may be exempt from disclosure (for example, if revealing it would also reveal someone else’s personal data or if it’s subject to legal privilege). We may ask for verification of identity before releasing data to ensure we don’t give your data to an unauthorized person. If you require your data in a portable format (and it’s feasible), we will provide it in a common format.
Correction: If you believe that any personal information we have about you is inaccurate or incomplete, you have the right to request that we correct it】. For example, if your phone number or address changed or our records have a typo in your name, you can ask us to update it. In many cases, you can directly correct and update your information through your account settings (e.g., edit your profile). If you need assistance or if something is not editable by you (like an internal note that’s incorrect), contact us and we will rectify it. We will make the correction or add a notation of the correction request in our file as required by laquoteit.ca】. If we have shared incorrect information with third parties, and if required, we will forward the corrected information to them.
Withdrawal of Consent: Where we rely on your consent to process information, you have the right to withdraw your consent at any time. For instance, you can opt out of marketing emails by clicking “unsubscribe” in those emails or adjusting settings. You can withdraw consent for SMS marketing by replying “STOP” or contacting support. If you previously consented to background checks or location tracking and want to withdraw, you may adjust the app settings (turn off location) or contact us to discuss consequences. Please note, if you withdraw consent for certain essential data processing (like identity verification or location for an active provider), we may not be able to provide you with the full functionality of the Platform or any services. We will inform you if that’s the case. Withdrawal does not apply retroactively – processing already done remains lawful.
Deletion (Right to Erasure): You may request that WorkWell delete your personal information. This is sometimes called the “right to be forgotten.” For example, you can request deletion of your account and associated data. We will delete the information that we are not required to retain. However, as noted in Data Retention, we might need to keep certain data for legal or internal business reasons (which we will communicate to you if relevant). If complete deletion is not possible (e.g., data is in backups), we will isolate it from active use. Our support team can guide you through account deletion – typically via account settings or a written request. Once deleted, your profile will no longer be visible and we will not contact you, but historical activity (like reviews you wrote) might be anonymized rather than scrubbed if that’s allowed.
Objection to Processing: In some jurisdictions, you have the right to object to certain types of processing. For example, you can object to processing based on our legitimate interests (like some profiling or marketing). If you object, we will evaluate whether we have compelling legitimate grounds to continue processing or if we must cease. In practice, this might overlap with withdrawal of consent or marketing opt-outs (which we readily honor). If you have concerns about any other processing, let us know.
Restriction of Processing: You can request that we limit the processing of your data in certain circumstances – for instance, while a correction is being verified or if you’ve objected to processing and we’re considering it. Restriction means we store the data but won’t use it until resolved.
Automated Decision-Making: WorkWell does not typically make automated decisions that have legal or similarly significant effects without human involvement. While we may do things like automated match ranking or automated moderation flags, there is human oversight in enforcement. If you believe you were subject to an automated decision unfairly, you can request human review.
Marketing Choices: As mentioned, you can control your marketing preferences:
Emails: Click “unsubscribe” in any promotional email or adjust your notification settings in the app/web. Transactional emails (like receipts or important account notifications) cannot be fully opted out of, as they are necessary for service.
SMS: If you opted in to promotional texts, you can reply “STOP” to opt out. For service-related texts (e.g., verification codes or booking updates via SMS), those are necessary if you want to use that feature; if you opt out, you might need to rely on email or in-app notifications instead.
Push Notifications: You can control push notifications via your mobile device settings (e.g., disable WorkWell app notifications if you don’t want them).
Cookies: You can set your browser to refuse all or some cookies, or to alert you when cookies are being set. Check our Cookie Policy or your browser’s help for instructions. Note: disabling cookies might affect site functionality (like staying logged in). For analytics, Google Analytics offers an opt-out browser add-on. For advertising, if we engage in retargeting, you can use tools like the Digital Advertising Alliance’s opt-out page (if available in your region) to opt out of behavioral advertising.
Access to Privacy Officer / Complaint: We have appointed a Privacy Officer responsible for WorkWell’s compliance with privacy lawquoteit.ca】. If you have questions, concerns, or complaints about our privacy practices, you can contact the Privacy Officer (contact info below). If you file a complaint about our handling of your personal information, we will investigate and respond. If you are not satisfied with our response, you have the right to escalate your complaint to the relevant Privacy Commissioner in Canada (for example, the Office of the Privacy Commissioner of Canada for PIPEDquoteit.ca】, or your provincial privacy commissioner if applicable). We will provide you the contact information for the appropriate regulator upon request.
To exercise any of your rights, please contact us at [email protected] or via the contact information provided below. We will verify your identity (to protect your privacy) and respond within the legally required timeframes. There is no fee for making a request, unless it is manifestly unfounded or excessive (in which case we may charge a reasonable fee or refuse the request with explanation, as allowed by law).
WorkWell takes the security of your personal information seriously. We implement reasonable physical, technical, and administrative security measures designed to protect your information from unauthorized access, use, alteration, and disclosure. These measures include:
Encryption: We use encryption in transit for sensitive data. Our app and website are served over HTTPS, which encrypts data between your device and our servers. Important fields (like passwords) are stored hashed or encrypted. Any payment transactions are processed via encrypted channels and tokenization by our payment processor. Identity documents uploaded for verification are transmitted securely and often stored in encrypted form with limited access.
Access Controls: We restrict internal access to personal information on a need-to-know basis. Only authorized WorkWell employees, agents, and contractors who require the data to perform their duties (such as customer support, trust and safety, or development) are given access to personal information, and they are bound by strict confidentiality obligations. We use authentication controls (passwords, multi-factor authentication for admins) to prevent unauthorized internal access.
Anonymization and Pseudonymization: Where possible, we anonymize or pseudonymize data in our systems. For instance, unique user IDs are used internally instead of real names in many contexts. Communication between users is proxied (masked phone numbers and email relay) so actual contact info isn’t exposed unless users share it.
Monitoring and Testing: We maintain and monitor our systems for potential vulnerabilities and attacks. We employ firewalls and intrusion detection systems on our network. Regular security audits, code reviews, and penetration testing are conducted to evaluate our defenses. We also keep our software and infrastructure updated with security patches.
Employee Training: Our team members are trained on the importance of privacy and security. We have procedures in place in the event of suspected breaches, and our staff know how to handle personal data with care (for example, verifying identity before discussing account details with a user).
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. Cyber threats evolve rapidly, and despite our efforts, breaches can occur (due to sophisticated attacks or human error). You also play a role in keeping your information safe: please choose a strong, unique password and do not share it. Use the Platform’s security features (like two-factor authentication if available). Notify us immediately if you suspect any unauthorized access to your account.
In the unlikely event of a data breach that poses a real risk of significant harm to you, we will notify you and the appropriate authorities as required by law (for example, PIPEDA requires notice of certain breaches to the Office of the Privacy Commissioner of Canada and affected individuals). We will act quickly to mitigate any breach and assist users as needed.
WorkWell is based in Canada. If you are using the Platform from outside of Canada, be aware that your personal information will likely be transferred to, stored in, and processed in Canada and potentially the United States (where some of our third-party service providers may operate or where cloud data may be stored) or other jurisdictions. These countries may have data protection laws that differ from those in your home country.
However, whenever we transfer personal information internationally, we will ensure appropriate safeguards are in place to protect it. For instance, for data moving from the EU or UK to Canada, note that Canada (for private sector PIPEDA-covered data) is recognized as providing an adequate level of protection by the EU. For transfers to the U.S. or other countries from Canada or elsewhere, we rely on methods such as standard contractual clauses or equivalent contractual protections, or the third-party being certified under frameworks like the EU-U.S. Data Privacy Framework (if applicable), or we obtain your consent for those transfers where required.
By using WorkWell, you consent to the transfer of your information to Canada and the U.S. (and other countries as needed) for processing and storage. We will take steps to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.
If you have questions about our international data practices, please contact our Privacy Officer.
WorkWell’s Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 13 (or under the age of majority as defined in your jurisdiction, if higher) without verifiable parental consent. As stated in the Terms, minors are not eligible to register as Users.
If we become aware that we have inadvertently collected personal data from a child under 13 (or a minor under the applicable age threshold) without proper consent, we will take steps to delete that information as soon as possible. Parents or guardians who believe their child may have provided us personal information can contact us to request deletion of such data.
Some services booked through WorkWell might involve minors (e.g., tutoring a child, or entertainment at a kids’ party), but the booking must be made by an adult guardian, and any minor’s personal details should be provided only as necessary for the service and with guardian consent. For example, a parent might give a tutor their child’s first name and age; we treat that as information provided with consent of the parent for the purpose of that service. We encourage parents to supervise their children’s use of services and to discuss safety and privacy with them.
We may update or modify this Privacy Policy from time to time. If we make material changes to how we handle your personal information, we will provide you with prominent notice – for example, by email (sent to the email address associated with your account) or by posting a notice on our app/website. We will indicate at the top of the Policy when it was last updated.
Any changes will become effective on the date indicated in the notice or the updated Policy. Your continued use of the Platform after a Privacy Policy change signifies your acceptance of the revised terms, to the extent permitted by law. If you do not agree with the changes, you should delete your account or refrain from using the Platform after the effective date of the revised Policy.
For clarity, we will not use previously collected personal information in a manner materially different than stated in the Policy in effect at the time of collection without obtaining your consent, unless otherwise required by law.
WorkWell welcomes your questions, concerns, and feedback about privacy.
Privacy Officer: If you have any questions about this Privacy Policy or WorkWell’s privacy practices, or if you wish to exercise your rights regarding your personal information, please contact our Privacy Officer. You can reach our Privacy Officer by email at [email protected] or by mail at:
Privacy Officer
WorkWell Mobile Providers Inc.
17-450 Pondmills Rd,
London, ON.
N5Z 4X2
(Please include your contact information and a detailed description of your request or privacy concern.)
We will address your inquiries as promptly as possible. If you feel that we have not satisfactorily resolved your privacy concern, you have the right to contact the Office of the Privacy Commissioner of Canada or your provincial privacy commissioner to discuss the issue or file a complainquoteit.ca】.
Thank you for trusting WorkWell with your personal information. We are committed to protecting your privacy while providing you with a convenient and reliable service marketplace.