LeanSuite Legal

Your privacy is critically important to us at LeanSuite.com Corp. ("LeanSuite," "we," "us," or "our"). This Privacy Policy explains how we collect, use, share, and protect information when you use our web application, websites, and related services (collectively, the "Platform").

This policy applies to any user of the Platform, whether you are a company, an individual employee, or any other authorized user ("you" or "your").

By accessing or using our Platform, you agree to the terms of this Privacy Policy and our Terms of Service. If you do not agree with these terms, please do not access or use the Platform.

1. Information We Collect

We collect information in a few different ways to provide and improve our service.

1.1. Information You Provide Directly to Us

Account and Profile Information: When you register for an account, we collect your name, email address, password, phone number, and physical address. If you are a company, we may also collect information about your business and payment details.

User Content: We collect the information you post to the Platform, such as suggestions, Kaizen event details, comments, reviews, photos, and other interactive content.

Communications: If you contact us directly, we may receive additional information about you. We also store communications between you and other users that occur on the Platform.

1.2. Information We Collect Automatically (Usage Data)

Log and Usage Data: Like most websites and technology services, our servers automatically collect information when you access or use our Platform and record it in log files. This data may include your IP address, browser type, operating system, referring URLs, pages viewed, and timestamps.

Cookies and Similar Technologies: We use cookies to operate and administer our Platform and to improve your experience. A "cookie" is a piece of information sent to your browser that allows our Platform to remember information about your preferences. You can control the use of cookies at the individual browser level.

Device Information: We may collect information about the device you are using to access the Platform, including the type of device, operating system, and unique device identifiers.

Analytics: We may use third-party analytics services, such as Google Analytics, to collect and analyze usage data, which helps us understand how our Platform is used and to improve our services. These services may use cookies and similar technologies to collect information about your use of the Platform.

1.3. Information from Third-Party Services

Google APIs: If you choose to connect your Google account to our Platform, we will receive certain information from Google APIs. Our use of this information is strictly governed by the Google API Services User Data Policy, as detailed in Section 5.

Payment Processors: We use third-party payment processors (e.g., Stripe) to handle payment information. We do not store your full payment card details on our servers.

2. How We Use Your Information

We use the information we collect for various business purposes, including:

• To Provide and Improve the Platform: To operate, maintain, personalize, and enhance our services, and to develop new features and functionality.
• To Improve Customer Service: To more effectively respond to your support requests and service needs.
• To Communicate With You: To send you service-related communications, updates, security alerts, and administrative messages. We may also send you occasional company news, or related product information. You can opt-out of marketing communications as described below.
• For Analytics and Reporting: To create aggregated, non-identifying reports about the usage of our Platform.
• For Safety and Security: To detect and prevent fraud, abuse, and other harmful activity.
• To Comply with Legal Obligations: To enforce our terms and comply with our legal obligations.

3. How We Share and Disclose Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• With Other Users: Your profile information and content you post on the Platform (e.g., suggestions, comments) may be visible to other authorized users within your company, as necessary for the Platform's functionality.
• With Service Providers: We share information with third-party vendors and service providers who perform services on our behalf. This includes major cloud hosting providers such as Microsoft Azure and Google Cloud Platform, which we use to host the Platform and store your data, as well as providers for payment processing, data analysis, and customer support. These service providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.
• For Legal Reasons: We may disclose your information if required by law or in a good-faith belief that such action is necessary to comply with a legal obligation, protect our rights or property, or ensure the safety of our users or the public.
• In Connection with a Business Transfer: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.
• Aggregated or Anonymized Data: We may share aggregated or anonymized data that cannot reasonably be used to identify you.

4. Your Privacy Rights and Choices

You have rights regarding your personal information.

• Access and Update Your Information: You may review and update your account information by logging into your account settings.
• Marketing Communications: You can opt-out of receiving promotional emails from us by clicking the "unsubscribe" link in the email. Please note that you will continue to receive essential service-related and transactional emails.
• Data Deletion: You may request the deletion of your account and personal information by contacting us at support@theleansuite.com. We will delete your information within a commercially reasonable timeframe, subject to our need to retain certain information for legal or legitimate business purposes as described in our Data Retention policy.
• Control Cookies: Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings.

5. Google API Services User Data Policy

This means:

• We only use Google User Data to provide or improve prominent user-facing features of the Platform.
• We do not use Google User Data for advertising purposes.
• We do not transfer Google User Data to third parties, except as necessary to provide or improve our services, comply with applicable law, or as part of a merger or acquisition (with notice to you).

6. Data Security

We are committed to protecting your information. We implement a variety of administrative, technical, and physical security measures to protect the confidentiality, integrity, and availability of your personal information. These measures include industry-standard encryption, access controls, and secure server hosting.

As part of our commitment to security and transparency, LeanSuite has successfully completed a Service Organization Control (SOC) 2 Type 1 audit. This independent audit, conducted by a certified third-party firm, validates that our security controls are properly designed to meet the trust services criteria for security and confidentiality established by the American Institute of Certified Public Accountants (AICPA). This attestation demonstrates our dedication to maintaining a robust security posture to protect your data.

However, no security system is impenetrable, and we cannot guarantee the absolute security of our systems.

7. Data Retention

We retain your personal information for as long as is necessary to provide the services to you, to fulfill the purposes outlined in this policy, or as required by law. When you close your account, we will take steps to delete your information within a reasonable timeframe, though some information may remain in our backup archives for a limited period.

8. International Data Transfers

Your information is processed and stored on the secure servers of our cloud infrastructure providers, primarily Microsoft Azure and Google Cloud Platform. These servers may be located in various countries, including Canada and the United States. Therefore, your information may be transferred to, stored, and processed in a country that has different data protection laws than your country of residence.

9. Children's Privacy

Our Platform is not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it.

10. Changes to This Privacy Policy

We may modify this Privacy Policy from time to time. If we make material changes, we will notify you by updating the date of this policy and, in some cases, by providing more prominent notice (such as by adding a statement to our homepage or sending you an email notification). We encourage you to review this policy periodically.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: