Skip to content

Privacy Policy

Last Updated: December 2, 2024



QReserve is committed to protecting your personal information. This privacy policy (as it may be amended, replaced or otherwise modified from time to time, the “Privacy Policy”) describes how we collect, use and disclose the information we collect in connection with your use of the Services and Websites (as those terms are defined below), and what choices you have with respect to that information.

When we refer to “we”, “us”, “our” or “QReserve”, we mean the QReserve entity that acts as the controller or processor (on behalf of the controller) of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.

If you are a user in the UK or the European Economic Area ("EEA"), please refer to our section "Your Rights Under the European Data Protection Laws" below which provides information on the rights that you have specifically under the EU General Data Protection Regulation and the UK's Data Protection Act 2018 (collectively we call them the "European Data Protection Laws").

If you are a user in California, please refer to our sections for California residents: "California Privacy Notice", "California Privacy Rights", and the "California Privacy Chart."

Applicability Of This Privacy Policy

This Privacy Policy applies to QReserve’s online management tools and platform, including any associated QReserve desktop applications (collectively, the “Services”), QReserve.com and other QReserve websites (collectively, the “Websites”) and other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with QReserve.

In order for you to use the Services and the Websites, the collection of certain personal information (as described below) is necessary. By using the Services and the Websites or otherwise providing us with your personal information, for users outside of the UK and EEA, you explicitly consent to the collection and use of such information in accordance with this Privacy Policy. Accordingly, if you do not agree with the terms, do not access or use the Services or the Websites. If you are a user in the UK or EEA, please refer to the section "Your Rights Under the European Data Protection Laws" below which provides information on the basis on which we may process your Personal Data.

If you are under the age of 16, or any higher minimum age in the jurisdiction where you reside, you are not permitted to use the Websites or the Services unless your parent has consented in accordance with applicable law. If we learn that we have collected Customer Information (defined below) of a child under the relevant minimum age without parental consent, we will take steps to delete the information as soon as possible. If you learn that anyone younger than 16 has unlawfully provided us with Customer Information, please contact us and we will takes steps to delete such Customer Information.

This Privacy Policy does not apply to any third party applications or software that integrate with the Services through the QReserve platform (“Third Party Services”), or any other third party products, services or businesses.

Please note that a separate end user license agreement governs delivery, access and use of the Services (the "Customer Agreement"), including the processing of any Customer Information (defined below) and, for users outside of the UK and EEA, this Privacy Policy is incorporated by reference into, and forms a part of, the Customer Agreement. The organization (e.g., your employer or another entity or person) that entered into the Customer Agreement ("Customer") controls their instance of the Services (their "Site") and any associated Customer Information. If you have any questions about specific Site settings or privacy practices, please contact the Customer whose Site you use. If you have an account, you can check https://my.qreserve.com/memberships for contact information of your Site owner(s) and administrator(s).

Information We Collect and Receive

This section describes how QReserve may share and disclose Customer Information. Customers determine their own policies and practices for the sharing and disclosure of Customer Information in connection with their use of the Services, and QReserve does not control how they or any other third parties choose to share or disclose Customer Information.

  • Customer’s Instructions: QReserve will share and disclose Customer Information in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement, in connection with the Customer’s use of Services functionality, and as required by applicable law. This would also include sharing information on social media services with your permission.

  • Operating Systems and Platforms: Displaying the Services. When an Authorized User submits Customer Information, it may be displayed to other Authorized Users in the same or connected Sites. For example, an Authorized User’s email address may be displayed with their Site profile. Please consult the Help Center for more information on Services functionality.

  • Public QReserve User Profiles: Certain data is visible to any QReserve user including, but not limited to, visitors of the Websites who may not necessarily be Customers or Authorized Users, institutional administrators, partnering companies, and any other member of the public. QReserve may offer services to display this information in various formats with the understanding that it is available to any party through our search engine. QReserve is not obligated to provide this data except under terms agreed upon by both parties.

  • QReserve Site Members: Semi-Private data. These fields are private to general users but could be available to any administrators members of a Site of which you are a member.

  • QReserve Site Administrators: Private data. This data is only visible to Site administrators and we will not share it with other parties without your permission.

  • Collaborating with Others: The Services provide different ways for Authorized Users working in independent Sites to collaborate, such as shared portals which connect data from multiple sites. Customer Information, such as an Authorized User’s profile Customer Information, may be shared, subject to the policies and practices of the other Site(s).

  • Customer Access: Site administrators, Authorized Users and other Customer representatives and personnel may be able to access, modify or restrict access to Customer Information. This may include, for example, the applicable Customer using features of the Services to export logs of Site activity, or accessing or modifying your profile details.

  • Third Party Service Providers and Partners: We may engage third party companies or individuals as service providers or business partners to process Customer Information and support our business. These third parties include virtual computing and storage services (such as Google Cloud) and email delivery services (such as SparkPost). View our current service providers here.

  • Third Party Services: Customer may enable or permit Authorized Users to enable Third Party Services. When enabled, QReserve may share Customer Information with Third Party Services. Third Party Services are not owned or controlled by QReserve and third parties that have been granted access to Customer Information may have their own policies and practices for its collection and use. Please check the privacy settings and notices in these Third Party Services.

  • Corporate Affiliates: QReserve may share Customer Information with its corporate affiliates, parents and/or subsidiaries.

  • Business Transactions: If QReserve engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of QReserve’s assets or shares, financing, public offering of securities, acquisition of all or a portion of our business, any similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some or all Customer Information may be shared or transferred, subject to appropriate confidentiality arrangements.

  • Google Calendar Integration: If you choose to connect your QReserve account to your Google account for our integration with Google Calendar then QReserve will store an OAuth Refresh token that allows us to communicate with Google on your behalf. QReserve does not store any information from your Google Calendar that did not originate from QReserve other than a unique ID of Google Calendar events generated from QReserve. When connecting to Google Calendar, QReserve temporary retrieves a list of calendars for you to choose from to link to; however, only the chosen calendar ID is stored in QReserve after this step in order to facilitate the pushing of events to that calendar moving forward. Your authorized connection to Google can be revoked at any time either through your Profile page in QReserve or through your Google account settings.

  • Microsoft 365 Integration: If you choose to connect your QReserve account to your Microsoft 365 account for our integration with Outlook Calendar then QReserve will store an OAuth Refresh token that allows us to communicate with Microsoft on your behalf. QReserve does not store any information from your Outlook Calendar that did not originate from QReserve other than a unique ID of Outlook Calendar events generated from QReserve. When connecting to Outlook Calendar, QReserve temporary retrieves a list of calendars for you to choose from to link to; however, only the chosen calendar ID is stored in QReserve after this step in order to facilitate the pushing of events to that calendar moving forward. Your authorized connection to Microsoft 365 can be revoked at any time either through your Profile page in QReserve or through your Microsoft 365 account settings.

  • Aggregated or De-identified Data: We may disclose or use aggregated or de-identified Customer Information for any purpose. For example, we may share aggregated or de-identified Customer Information with prospects or partners for business or research purposes, such as telling a prospective QReserve customer the average number of users or reservations made through a typical Site.

  • To Comply with Laws: If we receive a request for information, we may disclose Customer Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.

  • To enforce our rights, prevent fraud, and for safety: We may disclose Customer Information to protect and defend the rights, property or safety of QReserve or third parties including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.

  • With Consent: QReserve may share Customer Information with third parties when we have consent to do so. For users outside of the UK and EEA, when you provide us with Customer Information in connection with your use of the Services or the Websites, you are deemed to consent to our collecting it and using it for the reasons outlined above.

QReserve does not sell individuals' personal information to anyone and QReserve does not share individuals' personal information with third parties for those parties' commercial use. The law also requires us to explicitly state that we do not sell the personal information of minors under 16 years old.

How We Protect Customer Information

QReserve takes security of data very seriously. QReserve works hard to protect Customer Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Customer Information we collect, process and store, and the current state of technology. Given the nature of communications and information processing technology, QReserve cannot guarantee that Customer Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Statement, to make our products and services available to you, or as instructed by you, unless a longer retention period is required or permitted by law. Data associated with accounts that have had no activity are routinely deleted or obfuscated after a two-year period, provided they are not linked to any active services or customers.

Our data hosting center is currently located in Montréal, Québec, Canada and Calgary, Alberta, Canada. Should this change, please note that, should you continue to use the Websites and the Services, you may be transferring your Personal Data to countries outside of Canada, whose legal systems do not offer the same protection for your data as the laws of Canada.

California Privacy Notice

The law requires QReserve to tell you about how we collect, use, and share your information in a certain way – specifically, we need to tie it back to "legal categories" of personal information that are listed in the law. To do this, we bundled up the information we gave you above in the sections titled Information We Collect and Receive; How We Use Customer Information; and How We Share and Disclose Information, and matched the different examples of personal information we collect about you with the legal categories. To make things easier to understand, we've put this information in a chart that shows you five things:

  1. The legal category of personal information,
  2. The types of personal information we collect about you for each legal category,
  3. The sources from which we collect each category of information,
  4. The purpose for why we collect and use your personal information for each category, and
  5. The business purpose for which we share your personal information, and who we share it with.

We've included the above information in the California Privacy Chart at the end of this Privacy Policy. We will include this as a reminder with the California Privacy Chart as well, but it's important to clarify that the California Privacy Chart lists examples of the types of information included in each legal category. So to make things easier to understand, we've indicated in bold underline the examples that actually apply when we process your personal information.

California Privacy Rights

In certain circumstances, California residents may have the following rights regarding their personal information:

  • The right to know what personal information we collect about you,
  • The right to know how we share your personal information,
  • The right to deletion of your personal information,
  • The right to access and get a copy of the personal information we have about you, and
  • The right to non-discrimination, or the right to equal service and price even when you exercise your privacy rights.

How to Make a Request: If you wish to exercise any of the rights we've described above, please contact us using any of the methods in the Contacting QReserve section below. Be ready to provide your name and email address, and if you have authorized an agent to make a request on your behalf, we will need you to provide the agent's name and email address, as well as your written authorization appointing the agent to make a request on your behalf.

You can contact us to make a request by email, phone, or regular mail.

Changes To This Privacy Policy

Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business or to how we collect, process and store, Customer Information, which may necessitate changes to this Privacy Policy. QReserve otherwise reserves the right to change this Privacy Policy from time to time in its discretion. If we wake changes to the Privacy Policy, we will post the revised Privacy Policy on the Website. By continuing to use the Website and the Services, for users outside of the UK and EEA, you will be deemed to have accepted any changes we make to the Privacy Policy, so we encourage you regularly review this Privacy Policy for any such changes. We will never make changes to this Privacy Policy or how we collect, process and store Customer Information that is contrary to applicable law. We are committed to protecting your Customer Information and will never materially change our policies and practices to make them less protective of Customer Information collected in the past without the consent of affected customers. If you disagree with any changes to this Privacy Policy, you should deactivate your Services account. Contact the Customer if you wish to request the removal of Customer Information under their control.

Data Protection Officer

To communicate with our Data Protection Officer, please refer to the section below titled "Contacting QReserve".

Identifying The Data Controller And Processor

For the purposes of the European Data Protection Laws, the Customer is the controller of Customer Information and QReserve Inc., a Canadian company based in Hamilton, Ontario, Canada, is the processor of Customer Information relating to Authorized Users who use Sites established for Customers within and outside of the U.S. and Canada.

Your Rights Under the European Data Protection Laws

Individuals located in certain countries, including the UK and the EEA, have certain statutory rights as provided below in relation to their Personal Data processed by QReserve as controller. In relation to Personal Data for which QReserve acts as processor, data subjects must reach out to the relevant controller of that Personal Data to exercise their rights.

  • Object To Processing. You may object to us processing your Personal Data where we rely on a legitimate interest as our legal grounds for processing your Personal Data.
  • Access Personal Data Relating To You. You have the right to obtain a copy of your Personal Data as well as other supplementary information (this largely corresponds to the information provided in this Privacy Policy). This is so that you can understand how and why we are using your Personal Data and check we are doing it lawfully.
  • Rectification. You have the right to have inaccurate Personal Data rectified, or completed if it is incomplete.
  • Automated Decision Making. These rights do not apply as we do not make any automated decisions about you.
  • Restriction. You have the right to restrict us from processing your Personal Data in certain circumstances such as where you are contesting the accuracy of your Personal Data or you have objected to us processing your Personal Data. Whilst the restriction is in place we cannot do anything with the Personal Data in any way except to store it.
  • Data Portability. You have the right to receive Personal Data that you have provided us a separate controller in a structured, commonly used and machine readable format. You can also request us to transmit this information directly to another controller. This is only applicable where the lawful basis we rely on to process your Personal Data is consent or for the performance of a contract.
  • Erasure. You have the right to request that we erase your Personal Data in certain circumstances such as where your Personal Data is no longer necessary for the purpose for which we originally collected it, or we are relying on consent as the lawful basis for holding your Personal Data and you have withdrawn your consent.
  • Withdraw Your Consent. Where we have relied on your consent to process your Personal Data, you have the right to withdraw the consent you have given us at any point. This is a vital and necessary aspect of consent. To withdraw your consent, you can contact us at the details in the "Contacting QReserve" section.

For you to exercise these rights, you can usually do this using the settings and tools provided in your Services account. If you cannot use the settings and tools, contact the Customer for additional access and assistance. Please check https://my.qreserve.com/memberships for Customer contact information. Alternatively please get in touch with us using the information in the section "Contacting QReserve". We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex and/or if we receive a high number of requests, in which case we will respond within three months.

Please be aware that there are exceptions and exemptions that apply to some of the rights which we will apply in accordance with the applicable laws.

It is important that you ensure you have read this Privacy Policy. If you do not think that we have processed your Personal Data in accordance with this Privacy Policy, you should let us know as soon as possible using the information in the "Contacting QReserve" section below.

Similarly, you may complain to the relevant supervisory authority in your country. In the UK this is the Information Commissioner's Office, information about how to contact this regulator can be found at www.ico.org.uk.

Any transfer of your Personal Data outside the UK and the EEA will be carried out in accordance with the European Data Protection Laws to safeguard your privacy rights and give you remedies in the unlikely event of a security breach or to any other similar approved mechanisms.

To the extent that QReserve’s processing of your Personal Data is subject to the European Data Protection Laws, we are allowed to process your Personal Data for the following reasons and on the following legal bases:

  • To pursue our legitimate interests. We have good, sensible, practical reasons for processing your Personal Data as described in the section "How We Use Customer Information", which is in our interests; and
  • To comply with our legal obligations and establish, exercise or defend our legal rights.

Data Protection Authority

If you are outside of the UK or EEA, subject to applicable law, you have the right to (i) restrict QReserve’s use of Customer Information that constitutes your Personal Data and (ii) lodge a complaint with your local data protection authority or the Office of the Privacy Commissioner of Canada. If you are a resident of the UK or EEA and believe we maintain your Personal Data within the scope of the European Data Protection Laws, you may direct questions or complaints to the data protection regulator in your jurisdiction.

Office of the Privacy Commissioner of Canada
Toll-free: 1-800-282-1376
Phone: (819) 994-5444
Fax: (819) 994-5424
TTY: (819) 994-6591

30 Victoria Street
Gatineau, Quebec
K1A 1H3
or on the Web at:
http://www.priv.gc.ca

Contacting QReserve

Please also feel free to contact QReserve if you have any questions about this Privacy Policy or QReserve’s practices, or if you are seeking to exercise any of your statutory rights. If you would like more information about our policies, if you would like to see exactly what Personal Data we have about you in our records, or you wish to register a complaint, please contact:

QReserve Privacy Inquiry
289-426-3217 x101
privacy@qreserve.com

You may also contact us at hello@qreserve.com or at our mailing address below:

QReserve Inc.
1063 King Street West, Suite 405
Hamilton, Ontario L8S 4S3
Canada

Document Updates

2024-12-02
  • Added more specificity on when accounts with no activity or links to active customers will be removed. Data associated with accounts that have had no activity are routinely deleted or obfuscated after a two-year period, provided they are not linked to any active services or customers.
2024-09-18
  • Added that backup solutions has migrated from Toronto, Ontario, Canada to Calgary, Alberta, Canada. Data residency remains in Canada and has not changed.
2023-09-20
  • Added a section to Information We Collect and Receive describing the type of information required to create and sustain a connection to Microsoft 365.
2023-02-13
  • Added a sentence to How We Protect Customer Information describing our retention policy being that required to provide services.
2023-01-29
  • Added a section to Information We Collect and Receive describing the type of information required to create and sustain a connection to Google Calendar.