Shape Our Tomorrow (SOT) Privacy Policy

1. Introduction

Shape Our Tomorrow (SOT) values the privacy of our users and is committed to protecting their personal data when interacting with SOT and when using SOT services such as NedCare. This Privacy Policy describes how we collect, use, store, and protect your personal information while ensuring compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Health Insurance Portability and Accountability Act (HIPAA).

2. Data Collection and Usage

a. Personal Information Collected

• We collect personally identifiable information (PII) only when necessary to provide and enhance our services. This may include:
  • Name and contact information
  • Account credentials
  • Usage data (e.g., frequency of use, device settings adjustments, call types, and interactions with entertainment services)
  • Feedback provided through surveys

b. Communication Privacy

• The content of any communication conducted through the NedCare service is inaccessible to SOT unless explicitly invited by a customer.
• End-to-end encryption ensures privacy and security in all communications.

c. Usage Data Processing

• Usage data is collected for:
  • System performance analysis
  • Service functionality improvements
  • Ensuring a secure and stable experience
• Authorized healthcare professionals may use NedCare data in their professional duties, in compliance with HIPAA regulations.

3. Data Sharing and Third-Party Access

• SOT does not share personal data with third parties without the explicit consent of the customer.
• Aggregated and de-identified data may be used for system analytics but will not contain PII or PHI.
• Third-party integrations (e.g., streaming services) are user-controlled and adhere to PIPEDA and HIPAA regulations.

4. Data Retention and Deletion

• Retention Period: Customer usage data and related records are stored for a maximum of three (3) years after the termination of the customer’s service agreement.
• Secure Deletion: Upon expiration of the retention period, data is permanently deleted in compliance with PIPEDA requirements.
• Customers can request early deletion of their data, subject to verification.

5. Data Security Measures

• Encryption: All communications and data are protected with end-to-end encryption.
• Access Controls: Only authorized users and invited parties can access communication sessions.
• Audit Logs: System interactions are logged for security monitoring.
• Breach Response: In case of a data breach, affected users will be notified following PIPEDA and HIPAA breach notification requirements.

6. User Rights and Consent Management

• Right to Access: Customers can request a copy of their stored personal data.
• Right to Correction: Users can update or rectify incorrect personal data.
• Right to Withdraw Consent: Customers may revoke data-sharing permissions at any time.
• Right to Data Portability: Users can request a structured, commonly used format of their data.

Note: For the purposes of this section, personal data does not include usage data.

7. Compliance and Contact Information

SOT adheres to PIPEDA and HIPAA to ensure privacy and security. For any inquiries or data-related requests, please contact our Data Protection Officer (DPO):

📧 Email: privacy@shapeourtomorrow.com

Last Updated: February 2025