Prosfora

Privacy Policy

Prosfora – Privacy Policy

Effective Date: August 20, 2025
Last Updated: August 20, 2025

Legal Entity Notice:
This Privacy Policy is adopted by Prosfora Marketplace Inc., incorporated in British Columbia, Canada, operating as Prosfora and theprosfora.com.
All references to "Prosfora," "we," "our," or "the Platform" in this document mean Prosfora Inc.

1. Introduction

This Privacy Policy governs the collection, use, storage, transfer, and disclosure of personal information by Prosfora (“the Platform,” “we,” “our,” or “us”).

By registering for, accessing, or using Prosfora, users (“you”) expressly consent to this Policy. If you do not agree, you must immediately cease use of the Platform.

Prosfora operates exclusively as a neutral online marketplace facilitating connections between service providers (“Providers”) and service consumers (“Consumers”). Prosfora is not responsible for, and expressly disclaims liability regarding, the quality, legality, or outcomes of services exchanged between users.

2. Geographic Scope

Prosfora is operated exclusively for users located in Metro Vancouver, British Columbia, Canada.

  • All accounts and transactions are deemed to occur in British Columbia.
  • Users outside this region are not authorized to use the Platform.
  • Prosfora reserves the right to restrict, suspend, or terminate accounts that operate outside this scope.

3. Compliance Framework

Prosfora processes personal information in accordance with:

  • the Personal Information Protection and Electronic Documents Act (PIPEDA),
  • the Personal Information Protection Act (BC PIPA),
  • Canada’s Anti-Spam Law (CASL),
  • and, where applicable, the General Data Protection Regulation (GDPR) and UK GDPR.

Where Canadian and foreign law conflict, Canadian law shall prevail unless superseded by mandatory foreign law in that jurisdiction.

4. Roles and Responsibilities

  • Data Controller: Prosfora determines the purposes and means of personal information processing.
  • Data Processor: Sharetribe provides the underlying infrastructure as processor under written contractual terms.
  • Sub-Processors: Stripe, hosting providers, analytics, and other vendors may process information solely under Prosfora’s instructions.
  • Prosfora is not liable for independent breaches by sub-processors outside contractual obligations.

5. Categories of Information Collected

  • Account Data: name, email, phone, profile details, credentials (hashed).
  • Verification Data: optional ID, licenses, certifications uploaded by Providers.
  • Transaction Data: invoices, booking records, payout information (payment card data handled exclusively by Stripe).
  • Technical Data: IP address, device type, OS, browser, session logs, approximate geolocation.
  • Precise Location Data: collected only with explicit opt-in.
  • Communications: messages, reviews, reports, and support tickets.
  • Optional Uploads: photos, files, or documents voluntarily provided.

Sensitive information (e.g., medical, SIN, biometric) must not be uploaded. If uploaded voluntarily, Prosfora disclaims liability.

6. Purposes of Processing

Personal information is processed strictly for:

  1. Provision and operation of the Platform.
  2. Secure payment processing through Stripe.
  3. Compliance with tax, accounting, and regulatory requirements.
  4. Prevention, investigation, and mitigation of fraud, abuse, and violations.
  5. Communications (transactional notices, security alerts, legal updates, marketing with consent).
  6. Analytics, service improvement, and lawful business reporting.
  7. Legal defense and enforcement of agreements.

7. Lawful Basis for Processing

Processing occurs under one or more lawful bases:

  • Consent: for marketing, geolocation, or optional uploads.
  • Contractual necessity: for bookings and transactions.
  • Legal obligations: for compliance with Canadian law, tax, audit, and reporting.
  • Legitimate interests: for fraud prevention, platform security, and quality improvements.

Consent may be withdrawn by contacting info@theprosfora.com.

8. Cookies and Tracking

Prosfora uses:

  • Essential cookies for authentication and security,
  • Analytics cookies for performance measurement,
  • Advertising cookies with explicit consent,
  • Email tracking pixels for service-related communications.

Users may disable cookies in browser settings; essential functionality may be impaired.

9. Automated Decision-Making

Prosfora may employ automated tools to detect fraud, spam, or policy violations. Automated decisions will not take effect without human oversight where required by law. Users may contest such decisions.

10. Data Sharing and Disclosure

Personal information may be disclosed only:

  • to authorized processors and sub-processors,
  • to regulators, courts, or law enforcement when legally required,
  • in connection with business transfers (merger, acquisition, restructuring),
  • when voluntarily made public by users (profiles, reviews, listings).

Prosfora does not sell or rent personal information.

11. International Data Transfers

  • Some sub-processors may process or store data outside Canada.
  • Transfers are governed by Standard Contractual Clauses (SCCs) or equivalent safeguards.
  • Users acknowledge foreign governments may lawfully access data.

12. Security Safeguards

Prosfora employs technical, administrative, and physical safeguards, including:

  • TLS/SSL encryption,
  • encryption at rest,
  • firewalls and intrusion detection,
  • role-based access controls,
  • staff confidentiality agreements and training,
  • security audits and continuous monitoring.

No system is immune from risk; users accept residual risks inherent to online services.

13. Breach Notification

Where a breach creates a real risk of significant harm:

  • Notification will be made to the Office of the Privacy Commissioner of Canada (OPC) and the BC OIPC,
  • Impacted users will be informed without undue delay,
  • Breach records will be retained for a minimum of 24 months.

Notification does not constitute admission of liability.

14. Data Retention and Disposal

  • Data is retained only as long as necessary.
  • Transaction data: up to 7 years for legal compliance.
  • Logs: typically 12–24 months.
  • Expired data: permanently deleted or anonymized.
  • Disposal methods include secure wiping, anonymization, or destruction of media.
  • Prosfora maintains audit trails of access, retention, and disclosures.

15. User Rights

Users may exercise the following rights under PIPEDA, BC PIPA, and (where applicable) GDPR/UK GDPR:

  • Access to personal information,
  • Correction of inaccurate data,
  • Deletion (subject to legal retention),
  • Restriction of processing,
  • Objection to processing,
  • Portability of data in machine-readable form,
  • Withdrawal of consent.

Requests must be submitted to info@theprosfora.com.

16. Request Verification and Limitations

  • Prosfora may require government-issued ID or equivalent verification before fulfilling requests.
  • Requests may be refused if manifestly unfounded, abusive, excessive, or unlawful.
  • Administrative fees may be charged for repetitive or burdensome requests.

17. CASL Compliance

Prosfora complies with the Canada Anti-Spam Law (CASL).

  • Marketing communications require valid consent.
  • All communications contain an unsubscribe mechanism.
  • Withdrawal of consent is effective immediately.
  • Mandatory service communications cannot be opted out.

18. Children’s Privacy

  • The Platform is not directed to persons under 18.
  • Prosfora does not knowingly collect data from minors.
  • Accounts identified as minors will be terminated.

19. Vendor and Sub-Processor Management

  • Sub-processors are contractually bound to confidentiality and compliance with applicable laws.
  • Data transfers outside Canada are covered by SCCs or equivalent safeguards.
  • Prosfora disclaims liability for independent vendor breaches outside contractual scope.

20. Limitation of Liability

Prosfora’s liability relating to privacy or data matters is limited to the greater of:

  • the total fees paid to Prosfora in the preceding 12 months, or
  • the minimum liability required by law.

Prosfora is not liable for indirect, incidental, consequential, or punitive damages.

21. Privacy by Design and Accountability

  • Prosfora appoints a designated Privacy Officer.
  • Privacy impact assessments (PIAs) are conducted for new features involving sensitive data.
  • Records of processing activities are maintained.
  • Policies and safeguards are reviewed and updated regularly.

22. Business Transfers

If Prosfora undergoes merger, acquisition, or restructuring, personal information may be transferred as business assets. Users will be notified.

23. Updates to Policy

  • Prosfora may amend this Policy as required by law or business needs.
  • Updates will be posted with a new Effective Date.
  • Material changes will be communicated via email or in-app notice.
  • Continued use constitutes acceptance of revisions.

24. Governing Law and Jurisdiction

This Policy is governed exclusively by the laws of British Columbia and Canada. All disputes fall under the exclusive jurisdiction of British Columbia courts.

25. Severability

If any provision of this Policy is deemed unenforceable, the remaining provisions remain in full force and effect.

26. Indemnification

Users agree to indemnify, defend, and hold harmless Prosfora, its directors, officers, employees, and affiliates from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable legal fees) arising out of or related to:

  • (i) the user’s violation of this Privacy Policy, Terms of Service, or applicable law;
  • (ii) the user’s content, actions, or omissions on the Platform; or
  • (iii) any dispute between the user and another party (including Providers or Consumers).

Prosfora reserves the right to assume the exclusive defense and control of any matter subject to indemnification.

27. Force Majeure

Prosfora shall not be liable or responsible for any failure or delay in performance resulting from events beyond its reasonable control, including but not limited to:

  • natural disasters,
  • power outages,
  • internet or telecommunications failures,
  • strikes, labor disputes,
  • governmental actions,
  • cyberattacks, or
  • other events of force majeure.

In such cases, obligations shall be suspended for the duration of the event, and Prosfora shall make reasonable efforts to resume operations as soon as practicable.

28. Communications and Message Monitoring

Prosfora values your privacy and is committed to protecting your personal information. Messages exchanged through the platform are considered private between users; however, to maintain the security and trust of the marketplace, we reserve the right to monitor and analyze such communications for limited purposes, including:

  • Detecting and preventing fraud, scams, harassment, or other prohibited activities;
  • Ensuring that payments and transactions are conducted through the secure Prosfora payment system;
  • Enforcing our Terms of Service and maintaining the safety of the platform.

Monitoring may be carried out using automated tools, keyword filters, and/or manual review by authorized staff. Prosfora does not sell or share the content of user communications with third parties for advertising or unrelated purposes.

We will only disclose message content outside the platform if:

  • required by applicable law, regulation, or legal process;
  • necessary to comply with lawful requests from government authorities; or
  • required to protect the rights, property, or safety of Prosfora, its users, or the public.

By using Prosfora, you acknowledge and agree that your communications on the platform may be subject to such limited monitoring strictly for the purposes described above.

29. Contact Information

Prosfora Privacy Officer
📧 info@theprosfora.com
📍 Vancouver, BC, Canada