Aleop Solution Inc.
1. Identity
Who is the tech company?
Aleop Solution Inc.
What products, platform, or services within the tech company are certifying as Ag Data Transparent?
Aleop Solution Inc. (SAI) has a business solution offered via the Internet allowing the automatic entry and processing of digitized accounting documents, the extraction of technical, economic and financial information, the creation of personalized indicators, the transfer of this information to an accounting system on the CLIENT's computer and to host these scanned documents in a cloud online filing cabinet.
Who are the primary users of the product, platform, or services?
Agricultural and commercial businesses across Canada. Users are accountants, business owners or various stakeholders. Using Aleop on a daily basis is simple and user-friendly. No specific accounting knowledge is necessary, the platform makes accounting accessible and efficient.
2. Categories of Ag Data Collected
What categories of data does the data platform collect?
Agronomic Data
Farm Management Data
Aleop collects: Personal data such as the contact details of the business and those of the person responsible for user access; Accounting and financial data; Digitized invoices and sales receipts; and Few technical data (quantities, weight, volume, types of products)
Learn More: Aleop User Agreement
3. Ownership
Do the tech company’s agreements with the user address ownership of user data?
Yes. The subscription contract contains the following provisions:
7.1. As part of the use of ALEOP online services, the CLIENT holds all rights of ownership, title and interest in all its data hosted on ALEOP.
7.2. SAI has no right to access or use the CLIENT’s data except: i) to provide online services and in particular to prevent or resolve technical problems; ii) to detect emerging threats; iii) at the CLIENT’s request regarding customer support issues.
Learn More: Aleop User Agreement
4. Transparency in Aggregation
Does the tech company allow the user to opt out of inclusion in anonymized and aggregated datasets that are accessible by other users?
Yes. Permission from the data owner, who is the subscriber, is absolutely necessary for the data to be included in an anonymized and aggregated dataset for research or industry indicator purposes. With our access management module the data owner can decide anytime if he wants to stop to transfer data. The following one provision of the subscription contract address this issue:
7.3. SAI reserves the right to collect analytical or statistical data such as usage or transmission patterns data, in aggregate form. This information will not include personally identifiable data of an individual or company.
Learn More: Aleop User Agreement
5. Vendor Access to Data
Does the tech company require outside contractors that have access to user data to follow the tech company’s data policies?
Yes. The subscription contract commits ASI to require that its subcontractor Sherweb complies with the company's policies including data protection, confidentiality and storage in Canada with provisions 10.1:
10.1. Subcontractors and Suppliers: SAI assures access, availability and security of ALEOP online services and quality control of the extraction of CLIENT data by its subcontractors and certified suppliers, who are subject to strict confidentiality agreements for any access to CLIENT data that is limited solely for the purpose of providing the services provided herein.
Learn More: Aleop User Agreement
6. Consent
Does the tech company obtain a user’s consent before sharing user data with third parties? (E.g. integrations, government and others)
Yes. Article 7.4 of the subscription contract is as follows:
7.4. SAI will not communicate or give access to CLIENT data unless: (i) having received a request or authorization to do so from the CLIENT; or (ii) to be required to do so by applicable law, including a warrant, subpoena or court order. Unless prohibited by law, SAI will give reasonable prior notice to the CLIENT to enable it to judicially contest any warrant or subpoena seeking access or disclosure of its data.
Learn More: Aleop User Agreement
7. Consent
By signing up, does the user give the tech company the right to sell aggregated data to third parties without obtaining further consent?
No. The subscription contract does not include the sale of data and SAI could not do so without the client's consent.
Learn More: Aleop User Agreement
8. Portability
Does the tech company maintain an original copy of user data that can be retrieved or deleted upon a user’s request?
Yes. Our web host has redundancy in three different cities in Quebec; and at the request of the customer, the data can be deleted.
Regarding the deletion of documents or data, the following provisions state that it is the customer's responsibility to do so or to request it:
8.6. Responsibility for the Destruction of Accounting Documents: The CLIENT alone assumes all responsibility with the tax or other authorities, resulting from its decision, if any, to destroy its accounting or financial documents in paper form in order to rely solely on the hosting of its data in digital form. Similarly, the CLIENT is solely responsible for its decision to delete digitized data hosted on ALEOP after having received an automated reminder notice about the impact of a deletion of data.
16.2. At the CLIENT’s request, SAI will make available to the CLIENT for a maximum period of thirty (30) days after the expiry or termination of the agreement, a file of the CLIENT’s data in original format, for download. The CLIENT must notify SAI of the recovery of its data within the aforementioned period. At the end of this thirty (30) day period, SAI shall have no obligation to retain or make available the CLIENT’s data and may delete all CLIENT’s data present on ALEOP systems or otherwise under its control.
Learn More: Aleop User Agreement
9. Data Security
Will the tech company notify the user if a breach of data security causes disclosure of the user’s data to an outside party?
Yes. Users will be informed in the event of data theft or phishing. Since 2023 September 22th, a new law (Law-25) in the province of Quebec, oblige organizations to notify users if there a data theft or phishing.
10.4. Security: SAI uses encryption techniques for the CLIENT’s data during transport and on storage sites that comply with industry standards, including a 2048-bit SSL certificate to ensure the security of data transport. However, the CLIENT acknowledges that, despite commercially reasonable security measures being taken to prevent unauthorized access to ALEOP and the CLIENT’s data, unauthorized third parties may use the Internet to circumvent these measures and illegally obtain access to ALEOP and the CLIENT’s data. Consequently, SAI cannot and does not guarantee the confidentiality, security or authenticity of the information thus transmitted over the Internet. However, in the event of a security breach that could result in disclosure to unauthorized third parties, users will be immediately informed and kept informed of the measures taken by the company.
Learn More: Aleop User Agreement
10. Notice
Will the tech company notify the user when data agreements are changed and summarize how the agreements were changed?
Yes. In the event of changes to the subscription contract, the subscriber's account manager must resign the contract. In addition, the changes are highlighted. Any change to the contract must be presented to the CLIENT. Information is under item 19 in the user agreement.
Learn More: Aleop User Agreement
11. Changes in Company Ownership
Do the tech company’s data agreements address what happens to user data if the tech company is sold to another company?
Yes. The following clauses provide for actions that will be taken.
24.2. SAI may assign its rights or obligations under this Agreement, in whole or in part, without the prior written consent of the CLIENT and in particular to one of its affiliates or in connection with a merger, acquisition, restructuring or transfer of all or substantially all of its assets to a third party.
24.3. The assignee will therefore be entitled to all of SAI’s rights, privileges or remedies under this Agreement. SAI will notify the CLIENT within thirty (30) days of said sale, transfer or assignment.
Learn More: Aleop User Agreement