Effective Date: June 15, 2020
What Personal Information Do We Collect?
"personal information" means sensitive personal data and information as defined in the Personal Information Protection Act, SBC 2003, ch. 63, or such other law applicable to such personal information.
We collect personal information as necessary to provide any Services you request and otherwise operate our business.
We generally collect personal information directly from you. For example:
- In order to register for Services you will need to provide your name, username, email address, and (depending on the Services) your mailing address and your industry or corporate affiliation. If you are registering on behalf of a business (for example, your employer) you will also be required to provide the name of the business on whose behalf you are registering.
- We collect payment card information or other billing information as necessary and send it to our payments processor to process payments for Services on our behalf. We do not store payment card information or use it for any other purpose.
- We may, as part of the Services, offer you the opportunity to communicate with us or with other users, such as by participating in a community forum or sending questions, comments, or support requests to us. We may collect any additional information you provide in connection with these communications, such as your contact information and the contents of your communications.
- We may, as part of the Services, offer you the opportunity to link your account to third-party software-hosting services, like GitHub. If you do, we may collect your username for that service and information about your public repositories and commit history.
- We may collect personal information in other circumstances with your consent, or as permitted or required by law.
We may also collect certain information automatically when you access or use our Services. We collect this information using various means, such as cookies and other tracking technologies. The information we collect may include usage statistics, unique device identifiers, IP addresses, version numbers of relevant software, and information on which tools and services are being used in connection with Services. We use this information to recognize and authenticate you when you use Services, to monitor your use of Services, to enforce the terms of our contracts with you, to detect and prevent fraud, and for safety and security purposes.
How Do We Use Personal Information?
We use personal information:
- For our legitimate interests, namely:
- To provide our Services;
- To process payments and collect amounts owing to us;
- To respond to your requests and questions and provide customer support;
- To manage everyday business needs;
- To analyze or improve our Services and our tools, software and products;
- To detect and prevent fraud and for safety and security purposes;
- To protect D-Wave, its affiliates, our Services and users; and
- To monitor your use of our Services and your compliance with any contracts you have with us and to enforce the terms of any contracts you have with us;
- To perform a contract to which you are subject;
- To comply with our legal obligations, including to comply with all applicable laws and regulations; and
- Where you have provided your consent, for example where you have agreed to us sending you promotional materials.
Sharing of Information
We may share personal information with our affiliates, including D-Wave Commercial Inc., D-Wave Quantum Services Europe Limited, D-Wave UK Ltd. and D-Wave Japan Co., Ltd. and our service providers (including our affiliates acting in this capacity) that perform services on our behalf, such as marketing, analytics, payment processing, website hosting, customer support, information technology and/or data hosting or processing services or similar services. We may do so where necessary for our legitimate interests in providing Services or for performance of a contract.
We, and our service providers and affiliates, may disclose personal information where required by law, including as required by the laws applicable to our service providers and affiliates located outside of your country of residence.
We may disclose personal information in other circumstances, with your consent. If you have given your consent for us to use your personal information in a particular way, but later change your mind, you should contact us and we will stop doing so.
If you are a user in the European Economic Area (EEA), we may transfer your personal information to Canada pursuant to an adequacy decision. We may transfer your personal information to Privacy Shield-certified processors in the United States. In any case where an adequacy decision or Privacy Shield-certified processor is not available, we will only transfer your personal information outside of the European Union in accordance with the European Commission's Model Clauses.
If you are a user in Australia, we will only transfer your personal information to a third party in a country which has equivalent privacy laws to Australia, where we have your consent, or where we have otherwise taken reasonable steps in the circumstances to ensure that the overseas recipient does not breach Australian privacy laws.
We collect and retain personal information in an identifiable format for the amount of time necessary for the purposes for which it was collected, including providing any Services you request and otherwise meeting our legal and regulatory obligations, unless it is in our legitimate business interests and not prohibited by law to maintain the personal information for longer periods. All personal information collected by us will be retained only so long as it is necessary for the purposes for which such information was collected.
Under certain jurisdictions, you may benefit from certain rights granted by applicable law but subject to limitations therein to the extent permitted by law. These rights may include a right of access, rectification, restriction, opposition, erasure or portability, or the right not to be subjected to automated decision-making.
If you are a user in India, you will be provided with the right to access and review your personal information, to the full extent required by law.
If you want to exercise any of the rights available to you or find out more, please contact us. We handle requests in line with the timeframes set by applicable laws. We may need to request additional information from you for the purpose of identifying you. Certain exemptions may apply to your request; if so, we will inform you when responding to your request.
Personal information is maintained on our servers or those of our service providers and is accessible to our authorized employees, representatives and agents. We maintain technical, physical, and administrative security measures designed to provide appropriate protection for your information against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls.
We do not knowingly collect information from individuals under the age of 18 or other individuals who are not legally able to use Services. If we obtain actual knowledge that we have collected information from a minor who is under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data. If you believe that we have mistakenly or unintentionally collected information from a child, please contact us.
You have the right to lodge a complaint with the Supervisory Authority, Commissioner or other applicable authorities for data protection in your country of residence, should you find that we did not appropriately address your question or concern.