Business Terms

Last Updated: 2025-12-01

1. Application

These Business Terms apply to you if you use Hivi-x (the "Service") as a business user—for example, as a realtor, lawyer, healthcare provider, financial advisor, or any other professional or organization that collects documents, forms, or personal information from your clients or end-users through the Service.

These Business Terms are in addition to our general Terms of Service and Privacy Policy. By using the Service as a business, you agree to these Business Terms, the Terms of Service, the Privacy Policy, and the Data Processing Agreement (DPA) where applicable.

2. Your Role as Data Controller

2.1 When you use the Service to collect personal data (including names, contact details, identification documents, health information, or other personal information) from your clients or end-users, you are the data controller for that data. Hivi (Hivi-x) processes that data on your behalf as a data processor.

2.2 As the data controller, you are responsible for:

  • Having a lawful basis for collecting and using your clients' or end-users' personal data (e.g., consent, contract, legal obligation, or another applicable basis under PIPEDA, GDPR, or other applicable law).
  • Providing a clear privacy notice to your clients or end-users before or at the time you collect their personal data through the Service. Your notice should explain what data you collect, why, how long you keep it, and how they can exercise their rights.
  • Complying with all applicable privacy and data protection laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), the Personal Health Information Protection Act (PHIPA) where applicable, the Health Insurance Portability and Accountability Act (HIPAA) where applicable, and the General Data Protection Regulation (GDPR) where applicable.
  • Not using the Service to collect personal data in a way that violates applicable law or the rights of data subjects.

3. Identification Documents and Sensitive Data

3.1 If you collect government-issued identification (e.g., passport, driver's licence) or photos of ID from your clients through the Service, you must:

  • Clearly state why you are collecting this information and use it only for that purpose.
  • Collect only the minimum necessary information.
  • Ensure you have a lawful basis and, where required, explicit consent from the individual.
  • Apply appropriate safeguards (the Service provides technical safeguards; you are responsible for your own policies and handling).

3.2 If you collect health information or protected health information (PHI):

  • You must comply with PHIPA (Ontario), HIPAA (U.S.), or other applicable health privacy laws.
  • If you are a HIPAA-covered entity (U.S.) or a health information custodian under PHIPA (Ontario), you may need to enter into a separate Business Associate Agreement (BAA) or PHIPA-compliant terms with Hivi (Hivi-x) before using the Service for PHI. Contact us at support@hivi.ca to request such terms.

4. Data Processing Agreement (DPA)

4.1 Our Data Processing Agreement (DPA) describes how we process personal data on your behalf as a processor. By using the Service as a business to collect data from your clients or end-users, you agree to the DPA. You must ensure that your use of the Service and your instructions to us are consistent with the DPA and applicable law.

4A. Calendar Features and Google Calendar Sync

4A.1 If you use calendar features in the Service, you are responsible (as controller) for ensuring you have a lawful basis to process calendar event data (including reminders and recurrence details) for your clients or end-users.

4A.2 If you enable Google Calendar synchronization, you instruct us to process calendar data to synchronize events between the Service and Google Calendar. You are responsible for disclosing this synchronization in your own privacy notice where required by applicable law.

5. Notice for Your Clients and End-Users

5.1 We recommend that you direct your clients or end-users to our short notice "For clients of businesses using Hivi-x", which explains that you are the data controller and we process data on your behalf. You should also provide your own privacy notice or policy that explains your specific practices.

6. Limitation of Liability

6.1 To the extent permitted by law, Hivi (Hivi-x) shall not be liable for any claims, losses, or damages arising from your failure to comply with your obligations as a data controller (including providing notice, obtaining consent, or complying with PHIPA, HIPAA, or other laws). You agree to indemnify and hold Hivi (Hivi-x) harmless from such claims to the extent they arise from your conduct or instructions.

7. Changes

7.1 We may update these Business Terms from time to time. We will notify you of material changes by posting the updated terms and updating the "Last Updated" date. Your continued use of the Service as a business after the effective date of changes constitutes acceptance of the updated Business Terms.

8. Contact

For questions about these Business Terms, the DPA, or to request a BAA or PHIPA-compliant terms, contact us at support@hivi.ca.

Effective Date: 2025-12-01
Last Updated: 2025-12-01

Fill forms in seconds – hiviTerms of ServiceData Processing AgreementBusiness TermsFor Clients of BusinessesPrivacy PolicyTrustData RequestsContact Privacy Officer