Privacy Policy

Last Updated Dec 7th, 2023

1. Our Commitment to Privacy
Personal privacy is important, and We acknowledge and respect the desire of individuals for personal privacy. 

Our Privacy Policy is intended to comply with the British Columbia Personal Information Protection Act and the European Union (“EU”) General Data Protection Regulation (“GDPR”). It also has some provisions which are intended to apply to residents of other jurisdictions.

We intend to regularly review Our privacy policies and practices and reserve the right to change the contents of this Privacy Policy at any time. 

Notice that changes to our Privacy Policy have been made will be indicated on the Policy with the date it was last updated.


2. Who We Are
Umso Software Inc., is a company formed under the laws of British Columbia, Canada (“Umso”, “Our”, “Us”, and “We”) with a delivery address of #900-2025 Willingdon Avenue, Burnaby, B.C., Canada  V5C 0J3.

We provide an online software application and related services enabling subscribers to build their own websites.

With respect to personal information related to Subscribers and Users in the EEA (but not with respect to End Users), Umso is the controller in relation to the processing activities described in this Privacy Policy.

3. Key Terms

In this Privacy Policy, the terms below have the following meanings:

Application” means Our proprietary Web-based software application called Umso™ and all associated documentation and other materials utilized by Subscribers or made available to you by Us for use in accessing the Website and using the Services to create a Subscriber Platform.

EEA” refers to the European Economic Area.

End Users” refers to individuals who visit or use any Subscriber Platform and the related services of our Subscribers.

personal information” refers to any information received, collected, maintained, or otherwise processed by Us that relates to an identified or identifiable individual respectively identifies, or could be used to identify, an individual.

Services” means the Application, the subscription to which provides you with an account or access to the functionality and feature set for the Application, to create a Subscriber Platform, whether the trial version, startup version, growth version, or business version or any other version available from time to time from Us, Our hosting services, or any other functions utilized by you or made available to you in conjunction with accessing the Website and the Application.

Subscribers” are persons who have registered with Us to use Our Services.

Subscriber Platform” means the website created by a Subscriber using the Application and Services.

Users” means, depending on the context, unregistered visitors to Our Website and/or Subscribers.

Web Site” means https://www.umso.com, any subdomains thereof, and any successor websites.

you and your” refers to a User.


4. Application of this PolicyThis Privacy Policy applies to all Users. This Privacy Policy is not intended to override the terms of any agreement you have with Us, nor any rights you may have under other applicable data privacy laws.

Prior to accessing or using Our Services, please read this policy and make sure you fully understand Our practices in relation to your personal information. If you read this Privacy Policy and do not agree to Our practices, you must immediately leave and discontinue all use of any of Our Services. If you have any questions or concerns regarding this Privacy Policy, please contact us at privacy@umso.com.

5. What is Personal Information?
Personal information” is personally identifiable information such as your name, residential address, business address, and e-mail address or any other information that relates to an identified or identifiable individual respectively that identifies or can be used to identify an individual. 

We are not in the business of collecting anyone’s personal information except to the extent it’s needed in relation to using Our Services, supporting the use of Our Services by Users, and communicating with Users and prospective Users.

We collect personal information when you provide it to Us, such as if you choose to communicate or register with Us before or after Using any of Our Services. This information may include details about yourself, including your name, telephone number, business mailing address, and email address to participate in any Services We may offer. 


6. How do We Process Personal Information (including Legal Bases)?

(i) If you register for Our Services, purchase and/or register domain names, use any of Our Services, or when you contact Us directly (by email or a support ticket), you may provide Us personal information, such as your name, email address, phone number, payment information (for Subscribers), Goods and Services Tax or VAT number identification information you include in your communications with Us, and personal information contained in scanned identification documents (such as an ID card, driver’s license, passport, or official company registration documents). With respect to personal information relating to individuals in the EEA, the legal basis for this processing activity is performance of a contract unless you are not our contractual partner in which case the legal basis is our legitimate interest in complying with the contractual obligations with the relevant contractual partner (e.g. your employer or commissioner).

(ii) We also collect personal information (name, contact details, information regarding technical issues, contents of your communication) to allow Us to contact Users or potential Users in the normal course of business, including providing technical support services, providing information on our latest software announcements and software updates, carrying out surveys or if you apply for employment with Us. With respect to personal information relating to individuals in the EEA, the legal basis for:

- communication in the context of applications for employment is performance of a contract (including taking steps upon your request prior to entering onto an employment contract).

- non-marketing communication is performance of a contract unless you are not our contractual partner in which case the legal basis is our legitimate interest in complying with the contractual obligations with the relevant contractual partner (e.g. your employer or commissioner) respectively in responding to your contact.

- direct marketing activities (e.g., email marketing) is your consent or, where we have not obtained such consent, our legitimate interest in promoting our Services.

(iii) When you visit Our Website, or download and/or use any of Our Services, We may collect personal information regarding your usage (such as IP address, behavior on the Website, information on the device in use, operating system, time of visit / use, Internet service provider (ISP), browser type and language, referring and exit website and applications, date/time stamp and clickstream data) for security or fraud prevention purposes. With respect to personal information relating to individuals in the EEA, the legal basis for this processing activity is compliance with legal obligations in relation to data security and, to the extent such obligation does not exist, our legitimate interest in rectifying faults, ensuring the security of Our Website and Service and in preventing fraud. 

(iv) We also collect personal information on an aggregated basis, such as Users’ browsing and click-stream activity on or relating to the Services, and non-identifying personal information regarding Users’ computing device, operating system, internet browser, country, city, screen resolution, language, and keyboard settings, internet service provider, referring/exit pages, and date/time stamps. With respect to personal information relating to individuals in the EEA, the legal basis for collecting and aggregating such information is our legitimate interest in understanding the use of Our Website and Services and in improving them, or consent where we have obtained such. The aggregated information may be used as explained in Section 7 below. 

(v) We may process personal information in the context of corporate transactions (e.g., reorganization, merger, sale, sale of assets, joint venture). This may concern any of the data categories indicated in the purposes described in Section 6 (i) to (iv). With respect to personal information relating to individuals in the EEA, the legal basis for this processing activity is our legitimate interest in effectively disposing of our assets and make economically sensible decisions about the development of Umso.

(vi) We process personal information to comply with legal obligations to which We are subject (e.g. under tax law). This may concern any of the data categories indicated in the purposes described in Section 6 (i) to (iv). With respect to personal information relating to individuals in the EEA, the legal basis for this processing activity is compliance with legal obligations. 

(vii) We may process personal information to safeguard our rights. This may concern any of the data categories indicated in the purposes described in Section 6 (i) to (iv). With respect to personal information relating to individuals in the EEA, the legal basis for this processing activity is our legitimate interest in establishing, exercising and/or defending legal claims.

We may receive personal information about you from certain third-party sources:

- security providers or fraud detection and prevention providers who assist Us in screening out visitors to the Website associated with fraud. This information will be processed for the purposes explained in Section 6 (ii) above;

- social media platforms (if you log-in or sign-up using your social media account, We may receive personal information from that service including your username and basic profile personal information). This information will be processed for the purposes explained in Section 6 (i) above.

We may also collect personal information of End Users, solely for and on our Subscribers’ behalf (as further described in Section 8 below). The personal information of End Users for example will include the country, city, referring source, pages visited on a Subscriber’s Platform, the computing device, software operating system, and log data but ultimately depends on what the Subscriber is collecting via Subscriber’s Platform.

In summary, we use personal information for providing the Services; enabling Us to improve and expand the Services; supporting Our Subscribers; contacting Users including for promotional purposes; analyzing Our performance; for security purposes; and to comply with applicable laws.


7. Non-Personal Information

We also collect non-personally identifiable information about Users in a number of ways, including tracking visits to Our Website through your IP address, computer settings, or search keywords used which let Us know more about whether different aspects of Our Website are informative or of interest to potential Users and Subscribers. 

We may collect, use, transfer, and disclose non-personally identifiable information for any purpose. However, to the extent that IP addresses or similar identifiers are considered personal information by local law, We also treat these identifiers as personal information. 

If We combine non-personally identifiable information with personal information, the combined information will be treated by Us as personal information for so long as it remains combined.

Anonymous or “non-personal” information gathered by Umso through accessing Our Website or communicating with Us may be used for technical, research, and analytical purposes. Information collected through surveys may be used by Us to analyze Our Services, target market, and to develop or enhance Our Services.

8. End Users of Subscribers

We may process (including but not limited to collection and storage) certain personal information of End Users on behalf of Subscribers and at their direction. For example, each of our Subscribers can build their own forms to collect personal information of End Users and other data via their own website. Such personal information may then be stored with Umso, on the Subscriber’s behalf.​

In this context, (a) We are considered a “Processor” and not a “Controller” (as both such capitalized terms are defined in the GDPR, and including their capitalized cognates) of such personal information of End Users; and (b) the Subscribers controlling and operating their own Subscriber Platforms are considered as the “Controllers” of such personal information of End Users, and are responsible to them for complying with all laws and regulations that may apply to the processing and control of such personal information of End Users, including all privacy and data protection laws of all relevant jurisdictions.

​Where Umso processes personal information of End Users on behalf of a Subscriber, Umso will conclude a data processing agreement with such Subscriber as necessary under applicable laws and regulations.

If you are an End User and wish to exercise your rights under applicable privacy and data protection laws and regulations, please directly reach out to the Subscriber to whose Subscriber Platform your request relates. 


9. The extent we share personal information and where it is processed 
Unless you specifically authorize Us to release your personal information, or release is required or permitted by law, We will not sell, lease, license, or trade your personal information to any other third parties. 

Personal information collected by Us is processed (including storage) in Oregon, in the United States of America. Subscribers’ websites and the personal information of End Users are Processed and stored in Toronto, Canada, Mumbai, India, and Frankfurt, Germany, and some of the personal information of End Users may also be processed (including storage) in Oregon. To the extent We transfer personal information of residents of the EU anywhere outside of Europe, We will ensure that (a) there is a level of protection deemed adequate by the European Commission (a list of countries deemed adequate is available here) or (b) that the relevant Model Standard Contractual Clauses approved by the European Commission (as included in the implementing decision (EU) 2021/914 of June 4, 2021) are in place. Where We rely on Model Standard Contractual Clauses approved by the European Commission Module Two (transfer from controllers to processors) is relevant for transfers to service providers processing personal information on our behalf or Module One (transfer from controllers to controllers) insofar as the transfer is made to other third parties.

For more information about these transfers and the transfer mechanisms (including a copy thereof) used with respect to them, please contact us at privacy@umso.com

Like other companies, We have business relationships with other service providers whose services complement our Services. We use:

- Alphabet Inc., a United States company, for its website analytics on Our Website;
- Amazon Web Services, a United States company for cloud services;
- Automattic, a United States company for its Akismet spam protection services;
- Profitwell, a subscription revenue analytics company in the United States;
- Pusher Limited, a company formed in England, for its cloud hosting services;
- Canny Inc., a United States user feedback platform;
- Functional Software Inc., a United States company, for its Sentry application monitoring and error reporting software service;
- NewRelic, a server monitoring company in the United States
- Wildbit LLC, a United States company for its Postmark email processing services;
- Stripe, a payment processor in the United States;
- ZenDesk, a customer support services company in the United States;
- Atomical Creative Inc. a data analytics company in Canada;
- Mixpanel Inc., a product analytics company in the United States;

(collectively, “Other Service Providers”). 

We and Our Other Service Providers that store or otherwise process your personal information on Our behalf are contractually committed to keep it protected and secured, in accordance with industry standards and regardless of any lesser legal requirements which may apply in their jurisdiction.

Thus, personal information may be subject to disclosure in accordance with the laws applicable in Canada, the United States, the EU, Germany, and India as well as the jurisdictions where the Other Service Providers physically locate their servers or store their data in relation to the services provided to Us. 

We only share personal information with our Other Service Providers in the normal course of using their software services offered to Us as a user/subscriber, ancillary to our business of providing our Services. The type of personal information we share includes the scope of personal information we receive including identifiers, such as your name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers; and commercial information, such as information regarding the type of Services subscribed for from Us.

Your personal information and the personal information of End Users may be accessible to regulatory, law enforcement, and national security authorities of those jurisdictions, and may be subject to disclosure in accordance with the laws of those countries or jurisdictions. Such laws may or may not provide the same level of protection for personal information as do the applicable laws of the jurisdiction in which you or your End Users ordinarily reside.

Further, we may share personal information with authorities, courts and/or consultants (e.g., lawyers, auditors), insofar as we are legally obliged to do so, or where this is necessary to safeguard our rights.

If Umso is involved in a merger, acquisition, or any form of sale of some or all of Our assets, We may transfer any and all personal information We collect to the relevant third party respectively to the extent permitted under applicable law. 

If we have any bona fide reason, We may share personal information if we believe doing so will help protect the rights, property, or personal safety of Umso, any of our Users, any End Users, or any member of the general public, with or without notice to you, as permitted under applicable law.

You are responsible to inform your End Users of the extent to which We collect, process, and use their personal information in the course of our provision of Services to you and on your behalf.


10. Informed Consent

For personal information of Our Users, We will only request personal information that We need and will only ask for it when it’s needed. 

Generally, this is going to be in the context of doing business with Users or prospective Users interested in Our Services. 

So if We ask you for personal information, it will either be self-evident why We’re asking for such information, or if not, We’ll explain to you why such personal information is needed and what We are going to do with it. Information on the use of personal information is provided in Section 6 above.

We will seek your prior consent to the collection, use, disclosure and other processing of the information as required by applicable privacy legislation. Your consent may be provided orally, or through use of Our Website as permittable under applicable law. With respect to personal information relating to individuals in the EEA, the legal bases We rely on for the processing of personal information are stated in Section 6 above.

Some examples associated with Our processing of your personal information will relate to subscribing for our Services, technical support services, sending invoices, following up on payments, or responding to communications requesting more information about Us or Our Services.

Where We rely on your consent for the processing of personal information, you’ll always have the right at any time to withdraw your consent from any such processing or collection of your personal information by contacting Us by email at privacy@umso.com. But withdrawing your consent is subject to certain allowable exceptions (e.g., We need the personal information to provide or to continue to provide Our Services, or, if the withdrawal of your consent would frustrate the performance of a legal obligation We may have. This is explained in more detail below under Section 22). Such exception does not exist with respect to the processing of personal information relating to individuals in the EEA on the basis of consent; such consent can be withdrawn at any time. Please note that the withdrawal of consent does not affect the lawfulness of processing based on such consent before its withdrawal.

Note that if you decide to withhold or withdraw your consent to certain uses of your personal information, We may not be able to provide Our Services to you.


11. Storage under applicable law

With respect to personal information related to individuals in the EEA, we will rely on the legal bases as stated in Section 6 above.

Subject to applicable laws in British Columbia, in Canada, in the United States, We may collect, use, or store personal information without your consent in the following limited circumstances:

- when the personal information is available from a public source (e.g., a telephone directory);
- to protect Us, Our Users, and others with whom We may do business, from fraud;
- to investigate an anticipated breach of an agreement or a contravention of law; or
- when such collection, use, or disclosure of personal information is permitted or required by applicable law.


12. Cookies and Other Technologies
Yes, Umso and Our Other Service Providers use “cookies” to collect information, helping Us understand User behaviour and preferences insofar as Our Services are concerned. 

A cookie is a small text file that is stored on the device you use to access a website. 

Cookies” contain a unique identification number that identifies your browser to Our computers each time you visit Our Website.

We may collect information about your mobile device, computer, or other hardware device from which you access Our Website including your IP address, operating system, and browser type. This is statistical data about Our Users’ browsing actions and patterns.

Our Website, email messages, and advertisements for Our Application or Services may use cookies and other technologies such as pixel tags and web beacons. These technologies help us better understand User behavior, make Our Website a bit more user-friendly by remembering site preferences and language settings, tell us which parts of Our Website people have visited, and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies and other technologies as nonpersonal information. However, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered personal information by local law, We also treat these identifiers as personal information. 

Similarly, to the extent that non-personal information is combined with personal information, We treat the combined information as personal information for the purposes of this Privacy Policy.

Umso also uses cookies and other technologies to remember personal information when you use Our Website and Services. Our goal in these instances is to make your experience with Us more convenient, personal, and safe from security breaches. For example, keeping you signed in, keeping your preferences, providing you with the Service you have decided to obtain from Us, understanding how you use Our Website, monitoring and analyzing the performance, operation, and effectiveness of Our Services, and for security purposes and fraud-protection purposes and in order to identify and prevent cyber-attacks.

Knowing someone using your computer or device has downloaded Our Application or is interested in a particular Service helps Us make our marketing and email communications more relevant to your interests. We may provide you with customized advertisements, content, and information; monitor and analyze the effectiveness of Our Website content and third-party marketing activities; and monitor aggregate site usage metrics such as total number of visitors and pages viewed. And knowing your contact information helps Us provide you with better customer service.

13. Types of Cookies
We use the following types of cookies to help improve your engagement with Our Website, identify repeat visitors, and offer an improved personalized service than would otherwise be available without using cookies:

Essential Cookies: these enable you to browse the Website and use essential features like secure and private areas.

Analytical cookies: these allow Us to recognize and count Users and see how Users move around Our Website when using it. This helps us improve the way Our Website works, for example, by making it easier for Users to find what they are looking for.

Function cookies: these enable you to navigate Our Website and gain full access to its features and secure areas, including e-billing services. These are also used to recognize you when returning to Our Website. This may enable Us to personalize content (for example, greet you by name or acknowledge what region you are from).

Marketing cookies: are used to deliver advertisements more relevant to your personal interests, to limit the amount of times you see an ad and measure the effectiveness of ads.

Performance cookies: these allow Us to analyze and improve the performance of Our Website to provide you with a better visitor experience.

Preferences & Features cookies: these remember choices you made on previous visits to Our Website so We can provide enhanced, more personal features as well as enabling automated completion of forms with information previously provided.

Targeting cookies: these record your visits to Our Website, the pages you have visited, and the links you followed to affiliated Websites. We use this information to make Our Website more relevant to your interests.

Cookies We use include ones We design, as well as cookies from Our Other Service Providers. Information from cookies is retained by Us for up to two years.

The cookie table below provides you with information about the type, categories, purpose, and duration of cookies placed by Us and Our Other Service Providers.

Umso Cookies

Cookie NamePurposeDurationCookie Type
landen_user_authused to identify logged in users365 daysessential


Cookies of Our Other Service Providers

Cookie NameOther Service ProviderPurposeDurationCookie Type
_ga Google Inc.
(1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Used to distinguish users730 daysAnalytical
_gidUsed to distinguish users24 hoursAnalytical
gaUsed to distinguish users730 daysAnalytical
gac_gbContains ad campaign related information90 daysAnalytical
_gatRate Limiting1 minuteEssential
gacContains campaign related information for the user90 daysAnalytical
__stripe_sidStripe, Inc. (354 Oyster Point Blvd, San Francisco, California, USA)Fraud Prevention30 minutesEssential
__stripe_midFraud Prevention1 yearEssential
ZD-storeZendesk, Inc. (989 Market Street, San Francisco, CA, USA)Web-widget PresentationIndefinitePreferences
ZD-buidAnalytics IDIndefiniteAnalytical
ZD-suidSession ID20 minutesEssential
ZD-rateLimitingQueuesRate LimitingIndefiniteEssential
pusherTransportTLSMessagebird (Trompenburgstraat 2C 1079 TX Amsterdam Netherlands) Server connection securityIndefiniteEssential

The table below has information about cookies that are used by Us on Subscribers’ Platforms.

Generally, these cookies initially placed on a Subscriber’s Platform are categorized as essential cookies. But our Services enable the ability to add other components, software, and third-party applications, so your Subscriber Platform may include other types of cookies from other persons requiring settings customized to your requirements.

Umso Cookies on Subscribers’ Platforms

NamePurposeDurationCookie Type
usrUsed to identify visitors1 yearAnalytical
u_spAuthentication for protected content1 yearEssential
langTo remember your language preferences1 yearFunction
cookie_consentTo remember your cookie preferences1 yearEssential
Tracking PreferencesTo track simple cookie opt-in1 yearEssential
c_idTo track your consent settings1 yearEssential
c_r_id_To track verified requests for security purposes24 hoursSecurity
We use cookies on Subscribers’ Platforms to provide an improved experience for your visitors, customers, and End Users and to identify your End Users, to monitor and analyze the performance, operation, and effectiveness of your Subscriber Platform, and to manage risks around security and safety of use. 

In accordance with the GDPR and the privacy laws of most other jurisdictions, Subscribers using our Services to create their own website must inform their visitors that they are using cookies on their website. If you are a Subscriber, this obligation might apply to you. This can be done by adding a section about your website's cookies in your privacy policy. Depending on the jurisdiction(s) to which you are subject, you may also be required to include details about the types of cookies your website uses.

You can also use the Umso “Cookie Content Solution” to add a cookie banner to your site. This gives visitors to your website the option to accept or decline non-essential cookies on your website (which is required for compliance with legislation in EU countries in any event). 

If you want to disable cookies on Our Website (or otherwise) and you’re using a web browser, go to preferences and then to the privacy pane to manage your preferences. Different browsers and mobile devices will have different ways to access privacy settings to enable blocking cookies, disabling cookies, or preventing cookies from being installed on your device. Check with your provider if required. Please note that certain features of Our Website may not function as intended once cookies are disabled.

If you previously consented, passively or otherwise, to Our use of cookies with your device or browser, you may always change your mind and revoke that consent by clicking the "Cookie Setting" link in the footer of our Website.

As is true of most online internet services, We gather some information automatically and store it in server log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.

We use this information to understand and analyze trends, to administer Our Website, to learn about User behavior on the Website, to improve Our Services, and to gather demographic information about Our User base as a whole. We may use this information in Our marketing and advertising services.

In some of Our email messages, We use a “click-through URL” linked to content on Our Website. When Users click one of these URLs, they pass through a separate web server before arriving at the destination page on our Website. We track this click-through data to help Us determine interest in particular topics and measure the effectiveness of Our communications to Users. If you prefer not to be tracked in this way, you should not click text or graphic links in these email messages.

Pixel tags enable Us to send email messages in a format customers can read, and they tell Us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers.

Further information on the purposes and legal bases for processing of personal information are described in Section 6 above.


14. Disclosure to Third Parties

At times, We may make certain personal information available to strategic partners that work with Us to provide Our Services, or that help Us market to prospective Users. Personal information will not be shared with third parties for their marketing purposes. Details regarding the potential (categories of) recipients of personal information can be found in Section 9.


15. Others

It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for Umso to disclose your personal information. We may also disclose information about you in accordance with applicable law if We determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.


16. Security

Our web site has industry standard security measures in place to protect the loss, misuse, alteration, or unauthorized access or disclosure of the information under Our control. 

We also use a variety of security technologies and procedures to help protect personal information such as encryption using Secure Socket Layer (SSL) technology, passwords, and physical security. Further, certain parts of Our Services offer HTTPS secure access; and the transmission of sensitive payment information (such as a credit card number) is through Stripe, which uses an industry standard SSL/TLS encrypted connection. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways to improve and enhance the security of our Services and protection of our Users’ privacy.

While there is no such thing as "perfect security" on the Internet, We take all reasonable steps to ensure the safety of your personal information. 

The transmission of information via the internet is not entirely secure and thus We can’t guarantee the security of your personal information transmitted to Us online. 

Thus any transmission of personal information by you is at your own risk.


17. Your rights

You have the following rights:
(i) Right to rectification

You have the right to make sure that the personal information that We have concerning you is accurate.

If you have questions about the accuracy of factual information We may have about you, you will have access to that information in order to verify and update it, or ask Us to delete it. 

We take reasonable efforts to ensure that personal information We receive, use, and store is accurate and complete. If you are noted as a contact for a Subscriber or prospective Subscriber, you will always have the opportunity to modify the personal information you provided to Us by requesting correction of your personal information in order to ensure its accuracy and completeness. 

Please send any request to rectify your personal information in writing, to privacy@umso.com and provide sufficient detail to identify the personal information that shall be corrected / completed. 

If your personal information is demonstrated to be inaccurate or incomplete, We will, so far as practicable, and as soon as practicable, correct your personal information to the extent required. 

(ii) Right of access

You have the right to request access to your personal information.

You also have the right to know how We use your personal information and to whom it has been disclosed, subject to certain limited exceptions. 

You can avail yourself of this right by contacting Us and We will take all reasonable steps to assist you with any legitimate request for access. 

Please send any request to access your personal information in writing, to privacy@umso.com and provide sufficient detail to identify the personal information sought. 

We will make the requested information available within 45 calendar days respectively within one month if you are located in the EEA. If We need more time, We’ll provide written notice of an extension to enable Us to fulfil the request. 

If for any reason We are not in a position to respond to a data access request, We will let you know. 

If a request is refused in full or in part, We will notify you in writing, providing the reasons for refusal, and the recourse available to you. 


(iii) Right to erasure

You have the right to request that your personal information is erased by Us. 

Please provide any request to erase your personal information in writing, sent to privacy@umso.com and provide sufficient detail to identify the personal information sought.

We will respond to all requests for erasure within a reasonable amount of time or provide you with written notice of an extension where We need additional time to fulfil your request. 

If you ask Us to erase your personal information, We’ll use commercially reasonable efforts to remove your personal information from Our files, however, We may not be able to delete some of your personal information to the extent that it’s still necessary in relation to the purposes for which it was collected, or in relation to a legal obligation We have or where it is required for the establishment, exercise or defense of legal claims. We may also retain, use, and share your “non-personal” information that We previously collected prior to your request for erasure.

And of course, if We do permanently delete your account with Us, all of your personal information will be gone from Our databases. After completing this process, you will no longer be able to use any of Our Services, and your account and all its data will be removed permanently, and We will not be able to restore your account or retrieve your data in the future. 


(iv) Additional rights for Users and Subscribers in the EEA

Right to restriction of processing
Users and Subscribers in the EEA have the right to request restriction of processing (i) for the period during which We verify the accuracy of personal information if a User or Subscriber has contested the accuracy of such data, (ii) if the processing of personal information is unlawful and the restriction of processing is requested instead of erasure of the data, (iii) if We no longer need the personal information but a User or Subscriber needs the data to establish, exercise or defend legal claims; or (iv) if the User or Subscriber has objected to the processing until it has been verified whether our legitimate grounds override such User’s or Subscriber’s interests, rights and freedoms.

If processing has been restricted, We will only process the data concerned - apart from storage - with the User’s or Subscriber’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or a member state of the EU.

Right to data portability
Users and Subscribers in the EEA have the right to request that we provide them with their personal information, which they have provided to us, in a structured, commonly used and machine-readable format, insofar as the processing of personal information is based on consent or a contract and the processing is carried out by automated means; in these cases, the User or Subscriber may also request that the personal information is transferred directly to another controller, if this is technically feasible.

Right to withdraw consent
Users and Subscribers in the EEA have the right to withdraw their consent at any time with effect for the future, insofar as the processing is based on such consent, without affecting the lawfulness of the processing based on consent prior to its withdrawal. Restrictions outlined in Section 10 and 22 do not apply.
Right to object

(i) Users and Subscribers in the EEA have the right to object at any time, on grounds relating to their particular situation, to the processing of personal information based on our legitimate interests or those of a third party.

We will then no longer process personal data for the purpose to which a User or Subscriber has objected, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the User or Subscriber, or the processing is necessary for the establishment, exercise or defense of legal claims.

(ii) To the extent that personal information is processed for the purpose of direct marketing, Users and Subscribers in the EEA have the right to object at any time to the processing of personal information concerning the User or Subscribers for the purpose of such marketing.

If a User or Subscriber objects to the processing of personal data for direct marketing purposes, we will no longer process the personal data for these purposes
Right to lodge a complaint
Users and Subscribers in the EEA have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of their habitual residence, place of work or place of the alleged infringement if the User or Subscriber considers that the processing of personal data relating to him or her infringes GDPR.

18. Residents of California
If you ordinarily reside in California and use the Services, the California Consumer Privacy Act (“CCPA”) may provide you the right to request access to and deletion of your personal information.​

Please review the information noted above in Section 19 if you intend to exercise the right to request that We delete your personal information. 

​Umso does not sell personal information of its Users to any third party for the intents and purposes of the CCPA.  ​

As We noted in Section 8 above, We may collect, store, and Process personal information of End Users, solely on our Subscribers’ behalf and at their direction. For such purposes, We reserve and will be considered as a “Service Provider” and not as the “Business” (as both such capitalized terms are defined in the CCPA. Umso does not and will not sell personal information of End Users.

Users of the Services who are California residents and under 18 years of age may request and obtain removal of content they posted by emailing us at privacy@umso.com. All requests must be labeled “California Removal Request” on the email subject line. All requests must provide a description of the content you want removed and information reasonably sufficient to permit Us to locate that content. We do not accept California Removal Requests via telephone. We have no responsibility for notices that are not properly addressed or sent properly, and We may not be able to respond if you do not provide adequate information. Please note that your request does not ensure complete or comprehensive removal of the material. For example, materials that you have posted may be republished or reposted by another user or third party over whom We have no control.


19. Links to Other Web Sites

Our Website contains links to other websites. 

We will not be responsible for the privacy practices or the content of such other websites and We expressly disclaim all liability associated with your use of and the content of such other websites. Such other websites will probably also have their own cookies, which they control and over which we also disclaim all liability for.


20. How long do We hold Personal Information

We may retain your personal information (as well as the personal information of End Users) for as long as you continue to maintain an active subscription or as otherwise needed to provide you with our Services.​

We may continue to retain your personal information after you cease being a Subscriber and/or cease using any particular Services, as reasonably necessary to comply with our legal obligations (including applicable privacy and tax legislation), to resolve disputes regarding our Users or personal information of End Users, to prevent fraud or abuse, to enforce our agreements and/or protect our legitimate interests.


21. Revisions to this Privacy Policy

We expect to revise this Privacy Policy from time to time, reflecting changes in technology, User feedback, and applicable legislation. 

Please ensure that you refer to the current version of Our Privacy Policy. 

All changes or replacements to this Privacy Policy are effective immediately upon posting on Our Website. 


22. Withdrawing Consent

This Section 22 does not apply to consent obtained from individuals in the EEA. With respect to personal information relating to individuals in the EEA, the legal bases We rely on for the processing of personal information are stated in Section 6 above.

Except as required by law, We won’t use or disclose your personal information for any purpose for which you refuse Us consent or later withdraw your consent. 

If you withdraw consent, you agree that in spite of this withdrawal We may continue to use the personal information previously provided to Us to the extent that We are contractually obligated to do so and to the extent necessary to enforce any contractual obligations you or your employer may have to Us. 

You also understand that although you may be able to use Our Services for some purposes without providing Us with any personal information, We need personal information about you for some fundamental purposes, including particulars that may require technical support, invoicing, payment, or involve an ongoing business relationship with Us. 

If you decide to refuse to provide Us with the information We require or later withdraw your consent to use and disclose this information, We may no longer be able to provide you with certain or all of Our Services.


23. Concerns

You have the right to communicate with Us about any issues that you may have relating to your personal information. 

Our Privacy Officer is responsible for ensuring Our compliance with this Privacy Policy.  

Please direct any complaints, concerns, or questions regarding Our compliance in writing to Our Privacy Officer by email at privacy@umso.com or to Umso Software Inc., #900-2025 Willingdon Avenue, Burnaby, B.C., Canada  V5C 0J3.


24. Applicable law

Umso is a British Columbia corporation and to the extent applicable, the laws of the Province of British Columbia, Canada without regard to principles of conflict of laws, will govern this Privacy Policy and any dispute of any sort that might arise between you and Us, as well as any of Our successors and assigns.
Made with
Cookie Settings
This website uses cookies

Cookie Settings

We use cookies to improve user experience. Choose what cookie categories you allow us to use. You can read more about our Cookie Policy by clicking on Cookie Policy below.

These cookies enable strictly necessary cookies for security, language support and verification of identity. These cookies can’t be disabled.

These cookies collect data to remember choices users make to improve and give a better user experience. Disabling can cause some parts of the site to not work properly.

These cookies help us to understand how visitors interact with our website, help us measure and analyze traffic to improve our service.

These cookies help us to better deliver marketing content and customized ads.