Privacy policy.

Effective date: 19 April 2020

We strive to ensure that your right to privacy is properly protected when you use our services and your personal data is processed in a lawful, fair, and transparent manner. This privacy policy is drafted to explain to you how we collect, use, and disclose your personal data. It also provides you with an overview of the choices you have with respect to your personal data. Please read this privacy policy carefully and, if you have any questions, please feel free to contact us.

General Information

About the Privacy Policy. This LXT AI Inc. Privacy Policy (the “Privacy Policy”) governs the processing of personal data collected from individual users and business entities (the “user”, “you” and “your”) through the websites https://linguistixtank.com and https://www.lxt.ai (the “Websites”) and the related data processing services (the “Services”) (collectively,  the Websites and the Services are referred to herein as “LxT”). This Privacy Policy is not applicable to any third-party applications or software that integrate with LxT or any other third-party products, services, or businesses.

Responsible entity. The company that is responsible for the processing of your personal data through LxT is Linguistix Tank Inc. having a registered business address at 4312 Village Centre Court, Mississauga ON L4Z 1S2, Canada, and the corporation number 892607-7 (“we”, “us”, and “our”).

Our role as a data controller and data processor. When handling personal data, we act as a data controller and a data processor in terms of the applicable data protection laws, including, but not limited to, the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and the EU General Data Protection Regulation (GDPR), UK Data Protection Act and ISO 27001 Information Security Management System. Our role depends on the specific situation involving personal data as explained in detail below:

  • We act in the capacity of a data controller when we ask you to submit your personal data that is necessary to ensure your direct access and use of LxT (e.g., when you conclude a contract for the Services or communicate with us). In such instances, we are a data controller because we make decisions about the types of personal data that should be collected from you and the purposes for which such personal data should be used. Therefore, we comply with the data controller’s obligations set forth in the applicable laws.

  • We act in the capacity of a data processor in situations when our clients submit to us materials within the scope of the Services (the “Files”) and those Files contain personal data. We do not own, control, or make decisions about the personal data in the Files and such personal data is processed only in accordance with the instructions provided by the respective client. The client submitting the Files acts as a data controller and the client is responsible for deciding what personal data should be collected from data subjects and how such data should be processed by us. In the situations when we act in the capacity of a data processor, we comply with data processors’ obligations set forth in the applicable laws. In order to ensure that personal data is processed in accordance with the strictest data protection standards, we offer our clients a data processing agreement that can be received for a review by contacting us.

Consent to the Privacy Policy. Before you submit any personal data to us, you are encouraged to read this Privacy Policy that is always available on the Websites for your consultation. In certain instances, we may seek to obtain your consent, for example:

  • If we intend to collect other types of personal data that are not mentioned in this Privacy Policy;

  • If we intend to use your personal data for purposes that are not indicated in this Privacy Policy;

  • If we would like to disclose or transfer your personal data to third parties that are not specified in this Privacy Policy; or

  • If we significantly amend this Privacy Policy.

Minors. LxT should not be accessed or used by persons under the age of 18. Therefore, we do not knowingly collect personal data of persons under the age of 18. When our clients submit the Files within the scope of the Services, those files may contain personal data belonging to minors. Although we may process minor’s personal data upon our client’s request within the scope of the Services, the respective client remains solely responsible for obtaining that personal data in a lawful manner and complying with the applicable data protection laws when transferring such data to us via the Files.

Cookies. We use cookies on the Websites. For detailed information on our use of cookies, please read our cookie policy . Our cookie policy explains what types of cookies we use, for what purposes they are used, and gives instructions on how to decline cookies.

Types and purposes of personal data

We collect only a minimal amount of personal data and use it for specified and limited purposes. In this section, we explain what personal data we collect, for what purposes we use that data, and on what lawful bases we rely on when processing personal data.

  • Types of personal data. We comply with data minimization principles. It means that we collect only a minimal amount of personal data that is necessary to ensure your proper use of LxT. No excessive personal data is collected via LxT. The list of the types of personal data that we collect from you or process on behalf of our clients is provided in the table below.

  • Purposes of personal data. We process your personal data only for specified and legitimate purposes explicitly mentioned in this Privacy Policy. In short, we use personal data only for the purposes of enabling you to use LxT, providing the Services, maintaining and improving the Websites, conducting research about our business activities, and replying to your inquiries. We do not use personal data for any purposes that are different from the purposes for which personal data was provided.

  • Overview of types and purposes of personal data. When our clients conclude a service agreement with us, we collect their full legal name, registered office address, authorized representative’s name and title, email address, and phone number; the purposes of the data collection are to enable client’s access to the Services, deliver the requested Services, send notifications updates, contact the client, if necessary, and to maintain our business records, the legal basis of the data collection are performing the clients’ contractual requirements and pursuing our legitimate business interests (to administer our business). When you contact us through the contact form available on the Websites or by email, we collect your name, email address, and any information that you decide to provide in your message; the purposes of the data collection are to respond to your inquiries, and to provide you with the requested information; the legal basis of the data collection are pursuing our legitimate business interests (to grow and promote our business), and your consent (for optional personal data). When you use the Websites, we collect your IP address, cookie-related data (please refer to our cookie policy for more information); the purposes of the data collection are to analyze, improve, and evaluate our business activities, personalize the Websites for your location, and to ensure the security of the Websites; the legal basis of the data collection are pursuing our legitimate business interests (to analyze and improve our business activities and ensure security), and your consent (for certain cookie-related data).

  • HR Data. When we hire our employees, contractors, or other personnel, we collect certain personal data from them that is necessary for (i) concluding employment and service contracts, (ii) maintaining our business records, (iii) complying with our legal obligations, and (iv) pursuing our legitimate business interests. The lawful bases that we rely upon are ‘pursuing our legitimate business interests’ (i.e., administering our business) and ‘complying with our legal obligations’. The personal data collected within the scope of human resources management includes the data as follows, or employees: full name, address, phone number, email address, background check information, national ID number, social insurance number, and medical insurance documents; for contractors and service suppliers: full name, phone number, email address, social media ID; and instant messaging software ID.

  • Additional (optional) data. If you request support, participate in an activity organized by us, submit your feedback, reviews, comments, or otherwise communicate with us, we may collect certain personal data that is relevant to the case. Please note that the provision of such data is optional and you may choose what personal data you would like to share with us. We will use such personal data to reply to you, provide you with the requested services, or for pursuing our legitimate business interests (i.e., to analyze and improve our business).

  • Failure to provide personal data. If you do not provide us with the personal data when requested, we may not be able to perform the requested operation and you may not be able to use the full functionality of LxT, receive the Services, or get our response.

  • Confidentiality of the Files. We put reasonable efforts to ensure that any data in the Files remains confidential and properly protected. Moreover, we do not intentionally and directly access, manage, correct, delete, share, or disclose the Files, unless it is strictly necessary for the provision of the Services, enforcement of our legal terms, or we are requested by law enforcement agencies to do so. Our clients are solely responsible for the content of the Files.

  • Sensitive data. In certain cases, we process special categories of personal data (“sensitive data”), if such data is included in the Files. Sensitive data is data related to a natural person’s health, opinion about religious and political beliefs, racial origins, membership of a professional or trade association, or information about sexual orientation. Our clients are solely responsible for obtaining sensitive data in a legitimate manner. The legal basis on which we rely when processing sensitive data is ‘performing a contract with our client’.

Non-personal (technical) data

When you use the Websites, we collect some technical data about your device and visits. In this section, we inform you what non-personal data we collect from you and for what purposes we use that data.

  • What non-personal data do we collect? When you use the Websites, we and our analytics service providers automatically collect certain technical non-personal data about your use of the Websites. Although such non-personal data allows us to analyze your use of the Websites, it does not allow us to identify you. The non-personal data collected includes the following information:
    • The type of device that you use;
    • The operating system that you use;

    • The browser that you use;

    • Your log files;

    • URL addresses that you go to from the Websites;

    • Your country; and

    • Your other online behavior data.

  • Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and the response, if any. Where possible, we will de-identify your personal data. Please note that de-identified personal data is considered to be non-personal data.

  • How do we use non-personal data? We will use non-personal data for the following purposes:

    • To analyze what kind of users access and use the Websites;

    • To examine the relevance, popularity, and engagement rate of the content and services available on the Websites;

    • To investigate and help prevent security issues and abuse;

    • To develop new services and provide additional features to the Websites; and,

    • To personalize the Websites for your specific needs.

  • Aggregated and de-identified data. In case your non-personal data is combined with certain elements of your personal data in a way that allows us to identify you, we will handle such aggregated data as personal data. If your personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any business purpose.

Commercial communication and service notifications

From time to time, you may receive service-related notifications and commercial communication from us. In this section, we explain when you may receive notices from us and what you can do to decline our commercial communication.

Informational notices and service updates. To ensure the proper provision of our Services, we will send you important informational notices in a form of emails and notifications, such as service updates, technical or administrative messages, information about the LxT, your privacy and security, and other important matters. Please note that we will send such notices on an “if-needed” basis and they do not fall within the scope of direct marketing communication that requires your prior consent.

Commercial communication. To keep you updated about the latest developments related to LxT, our Services, additional features of the Websites, or our special offers, we may send you marketing messages, such as newsletters, brochures, promotions, and advertisements. You will receive such marketing messages or be contacted by us for marketing purposes only if:

  • We receive your express (“opt-in”) consent to receive marketing messages (please note that your voluntary subscription to our newsletters substitutes such consent); or

  • We decide to send you marketing messages about our new services that are closely related to the Services already used by you.

Opting-out. You can opt-out from receiving marketing messages at any time free of charge by clicking on the “unsubscribe” link contained in any of the messages sent to you, adjusting your Account settings, or by contacting us directly.

Storage period

We store your personal data only if it is necessary for its specific and limited purposes. In this section, we specify the time period for which we keep your personal and non-personal data in our systems.

Retention of personal data. We store personal data in our systems only as long as such personal data is required for the purposes described in this Privacy Policy or you request us to delete your personal data, whichever comes first. After personal data is no longer necessary for its purposes and there is no other legal basis for storing it, we will immediately securely delete such personal data from our systems.

Retention of the Files. We store the Files in our systems only as long as the Files are necessary for the provision of the Services. After the provision of the Services ceases or our client requests us to delete the Files and there is no other legal basis for storing the Files, we will immediately securely delete the Files from our systems.

Retention of non-personal data. We may retain non-personal data pertaining to your use of the Websites or the Services for as long as necessary for the purposes described in this Privacy Policy. This includes keeping non-personal data for the period of time needed for us to pursue legitimate business interests.

Retention as required by law. Please note that, in some cases, we may be obliged by law to store your personal data for a certain period of time (e.g., for accountancy purposes or business records). In such cases, we will store relevant personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires.

Disclosure of personal data to third parties

We share some personal data with external service providers. In this section, you can find information about third parties that have access to personal data and the instances when we make data transfers.

Instances of the disclosure. If necessary, we will disclose personal data to the service providers with whom we cooperate (our data processors). For example, we may share personal and non-personal data with entities that provide certain technical support services to us, such as data processing, business analytics, advertising, and email distribution services, or if you explicitly request us to disclose the personal data. To ensure that the recipient third parties ensure an appropriate level of security of personal data, we take safeguards for the disclosure and transfer of personal data (i.e., choosing third parties that are established in countries that have high-level data protection laws or concluding data processing agreements that ensure the security of personal data). We do not sell personal data to third parties. The disclosure of personal data is limited to situations when such data is required for the following purposes:

  • Ensuring the provision and delivery of the Services;

  • Ensuring the proper operation of the Websites;

  • Providing you with the requested information;

  • Pursuing our legitimate business interests;

  • Enforcing our rights, preventing fraud, and security purposes;

  • Carrying out our contractual obligations;

  • Law enforcement purposes; or

  • If you provide your prior consent to such disclosure.

Sharing personal data with our group of companies. To ensure the provision of the Services, your personal data can be transferred to our subsidiaries, including, but not limited to, Linguistix Tank Egypt having a registered business address at Mezzanine floor, 22 Gool Gamal St. Agouza, Giza, Egypt and the commercial registration number 9870.

List of data processors. We share personal data only with the data processors that agree to ensure an adequate level of protection of personal data that is consistent with this Privacy Policy and the applicable data protection laws. Our data processors include:

Sharing of non-personal data. Your non-personal data may be disclosed to third parties for any purpose because such data does not allow identifying you. For example, we may share it with prospects or partners for business or research purposes, for improving LxT, or developing new products and services.

Legal requests. If we receive a request from a public authority, we will disclose the requested personal data to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.

Successors. In case our business is sold partly or fully, we will provide personal data to a purchaser or successor entity and request the successor to handle your personal data in line with this Privacy Policy

International transfers of personal data

The personal data handled by us may be transferred outside the country where data subjects reside. In this section, we explain when we transfer personal data abroad and what safeguards we implement to ensure that the transferred personal data is properly protected.

Some of the third parties listed in section 6 above are located outside the country in which data subjects reside. For example, if a data subject resides in the country belonging to the European Economic Area (EEA), we may need to transfer his/her personal data to jurisdictions outside the EEA. In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located guarantees an adequate level of protection for personal data, the recipient is a Privacy-Shield certified entity, or we conclude an agreement with the respective third party that ensures such protection (e.g., a data processing agreement based pre-approved standard contractual clauses).

Security measures for the protection of personal data

We put our best efforts to keep your personal data safe and secure. In this section, we inform you about our technical and organizational measures that help us to protect personal data.

Our security measures. We implement organizational and technical information security measures to protect personal data from loss, misuse, unauthorized access, and disclosure. We are an entity certified under ISO 27001 and PCI DSS, which means that we comply with high-security standards when keeping our information assets secure, including securely managing financial information, intellectual property, employee details, and information entrusted by third parties. Other security measures taken by us include: (i) secured networks; (ii) SSL encryption; (iii) firewalls; (iv) strong passwords; (v) limited access to personal data by our staff; and (vi) anonymization of personal data (when possible).

Handling security breaches. Although we put our best efforts to protect personal data, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law.

Data subject rights

Data subjects have the right to control how we process their personal data. Below, we list the rights that data subjects can exercise with regard to their personal data and explain how those rights can be exercised.

What rights do you have? Subject to any exemptions provided by law, you may ask us to:

  • Get a copy of your personal data that we store;

  • Get a list of purposes for which your personal data is processed;

  • Rectify inaccurate personal data;

  • Move your personal data to another processor;

  • Delete your personal data from our systems;

  • Object and restrict processing of your personal data;

  • Withdraw your consent, if you have provided one; or

  • Process your complaint regarding your personal data.

How to exercise your rights? To submit a request to delete your personal data from our systems, please contact us at rtbf@lxt.ai and provide the details of your request. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we could identify you in our system and authorize your request. For remaining requests as listed above, please contact us at info@lxt.ai with the details of your request. Please allow up to two weeks for us to process your reques.

How to launch a complaint? If you would like to launch a complaint about the way in which we handle your personal data, we kindly ask you to contact us first and express your concerns. We will investigate your complaint and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.

Requests regarding the personal data in the Files. We act in the capacity of a data processor with regard to the personal data submitted by our clients via the Files. Therefore, we do not accommodate requests related to the access, rectification, and deletion of personal data in the Files and other rights the data subjects may have with regards to the Files. The persons that would like to exercise their rights with regard to the personal data processed by us via the Files are requested to contact our client that acts as a data controller. In case we receive such requests directly from data subjects, we will not take action and inform the respective data controller without undue delay so that it could act accordingly.

The term, termination, and amendments

Term and termination. This Privacy Policy enters into force on the effective date indicated at the top of the Privacy Policy and remains valid until terminated or updated by us.

Amendments. The Privacy Policy may be changed from time to time to address the changes in laws, regulations, and industry standards. We will publish the amended version of the Privacy Policy on this page and, if we have your email address, we will send you a notice about the changes implemented by us. We encourage you to review our Privacy Policy to stay informed. For significant material changes in the Privacy Policy or, where required by the applicable law, we may seek your consent.

Contact details

Please feel free to contact us if you have any questions about the Privacy Policy, our privacy and security practices, or if you would like to exercise your rights as outlined in the “Data subject rights” section of our privacy policy. You may contact us by using the following contact details:

Email for deletion of personal information: rtbf@lxt.ai

Email for all other inquiries: info@lxt.ai

Postal address for communication: LXT, 4312 Village Centre Ct, Mississauga, ON L4Z 1S2, Canada

Phone: +1 (905) 615-1598

Contact form: lxt.ai/contact