At Salesfinder (Ethoventures Inc.), we are built on a foundation of trust and discretion. This Privacy Notice is designed to explain, in detail, how we handle the highly sensitive sales performance and compensation data entrusted to us, ensuring maximum anonymity for the candidate.

  1. Who We Are and Contact Information

    Legal Entity: Ethoventures Inc. (Operating as Salesfinder)

    Address: 12688 Highway 118, Haliburton ON K0M 1S0, Canada

    Website: getsalesfinder.com

    Privacy Contact: contact@getsalesfinder.com

2. Scope and Your Role in Our Processing

Applicable Privacy Principles

As a Canadian-based company, we primarily comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). We also adhere to the principles of the General Data Protection Regulation (GDPR) when processing the Personal Data of individuals residing in the European Union.


Our Roles in Processing Personal Data

Our service model places us in two distinct legal roles regarding your data:


Data Controller: Determines the purpose and means of processing Personal Data.

How it applies to Salesfinder: We are the Controller when processing data for internal business needs, platform improvement, and preventing fraud.


Data Processor: Processes Personal Data only on behalf of, and according to the instructions of, another Controller.

How it applies to Salesfinder: We are the processor when generating a specific Salesfinder Report (SFS Score) for a paying client (the prospective employer).


Crucially: The hiring company (our client) is the primary Data Controller for your job application. We act as a trusted, anonymous intermediary to process verification data solely for the purpose of generating the SFS Score.


Clarification: Controller vs. Data Flow

The hiring company determines the "why" (the hiring decision), making them the controller. Salesfinder determines the "how" (the secure verification method), making us the processor. We only receive the raw data because the controller requested the verification service.

3. Data We Collect and Process

The data collected is strictly limited to what is necessary for calculating and verifying performance.


A. Core Verification Data (Source of Value)

This data is used to calculate the Salesfinder Score (SFS) and Report:


Compensation and Attainment Data: Salary (base and variable), bonus structure, commission payouts, quota targets, attainment percentages, and the relevant performance period.

Source Data: Limited banking details (via Plaid, only for secure connection validation), or pay stubs/commission sheets (uploaded manually).


B. Identity and Contact Data (For Verification and Contact)


● General Personal Data: Full name, date of birth, email address, phone number, and location (city/country).

Verification Data: Facial image data (if required for liveness checks during document submission) and identity document metadata (type, expiry date).


C. Technical and Usage Data


● Technical Data: IP address, device type, date, time, and activity within the Salesfinder platform.

Device Behavioral Data: Used to detect automated or synthetic user behavior during the verification process.

4. How and Why We Process Data (As a Data Controller)

When we process data for our own purposes (as the Data Controller), we rely on the following reasons:


Processing Purpose: Platform Improvement

Data Used: Anonymized Attainment Data, Technical Data

Legal Basis (for GDPR): Legitimate Business Interest — To enhance the accuracy of the SFS scoring algorithm and service usability.

Retention Period: Up to 5 years, after which data is aggregated and permanently anonymized.


Processing Purpose: Fraud Prevention

Data Used: Source Data, Technical Data, Behavioral Data

Legal Basis (for GDPR): Legitimate Business Interest — To detect and prevent fraudulent claims or tampering with documents.

Retention Period: Data associated with confirmed fraud attempts may be retained longer for legal defense.


Processing Purpose: Compliance & Record Keeping

Data Used: Transactional Logs, Unique Identifier

Legal Basis (for GDPR): Necessity for Legal Compliance — To meet Canadian and international record-keeping obligations.

Retention Period: As required by applicable law (typically 7 years).

5. Our Anonymity Commitment (Data Processor Activities)

When we generate an SFS Report for your prospective employer (our client), we are acting as a Data Processor. Our processing is governed by strict contractual and technical protocols to ensure your privacy is never compromised.


The Anonymity Protocol (Current Manual Review Process)


1. Data Ingestion: Candidate provides sensitive data via a highly secure link (powered by Plaid). This connection utilizes bank-level encryption for the transfer of data into Salesfinder's segregated environment.

2. Scoring & Internal Review: The Salesfinder team securely accesses and manually reviews the verified data (compensation, quotas, etc.) to authenticate its validity and calculate the SFS Score. The Salesfinder team must view the raw data to perform this service, meaning we know the candidate's identity and their compensation figures. This raw data is held in a strictly segregated environment under strict access controls.

3. Reporting: Only the SFS Score and the anonymous, synthesized narrative report are delivered to the hiring company.

4. Raw Data Isolation: We do not share your raw financial data, bank balances, specific commission numbers, or account logins with the hiring company under any circumstances. This raw data is destroyed after the report generation cycle is complete, limiting our long-term retention of highly sensitive data.


The hiring company is ultimately the Data Controller for the hiring decision, but they are legally prohibited by contract from attempting to derive raw data from the Salesfinder Report.

6. Data Sharing and Third Parties

We only share your Personal Data with third parties when necessary for the service and in compliance with this policy.


Our Customers (Hiring Companies): Data is shared only in the form of the final, anonymous Salesfinder Report and the SFS Score.

Technical Service Providers (Subprocessors): We use third-party providers for hosting, secure encryption, and payment processing (Stripe). They are bound by strict data processing agreements.

Verification Partners (e.g., Plaid): When you use our verification link, Plaid acts as a secure intermediary to transfer data from your financial institution to Salesfinder. Your use of this verification link is subject to Plaid's own End User Services Agreement and Privacy Policy, which govern their use and protection of the data during the secure connection. Plaid is responsible for the encryption and integrity of the connection, and does not share your access credentials with us or the recruiter.

7. International Data Transfers

Salesfinder (Ethoventures Inc.) is headquartered in Canada, which is recognized by the European Commission as providing an adequate level of data protection.


● We primarily store data in secure facilities within Canada and the European Union (EU).

● If we transfer data outside the EU, we rely on standard contract clauses and implement robust technical safeguards to ensure your data remains protected.

8. Data Security and Retention

Security


We rely on Plaid for bank-level encryption during data transfer. Once the data is in our environment, we use internal access controls, technical safeguards, and strict protocols to protect your personal data.


DISCLAIMER: Salesfinder does not warrant that the use of its platform will be uninterrupted or error-free. To the extent permitted by law, Salesfinder, its affiliates, and suppliers will not be responsible for any lost or inaccurate data, financial losses, or any indirect or consequential damages of any kind arising from the reliance on third-party verification partners.


Retention


● Data Processor Role: We delete or return the data based on the instructions of the hiring company (our client), consistent with the duration of our contract with them.

Data Controller Role: We retain data only for the periods specified in Section 4, primarily for platform improvement and fraud detection, after which it is securely deleted or permanently anonymized.

9. Your Data Rights

You have rights regarding your Personal Data, including the right to access, correct, or request deletion of your data, subject to legal limitations.


Exercising Your Rights


● If we are the Data Processor (most cases): You must direct your request (e.g., to delete your SFS Report) to the company you were applying to (the Data Controller). We will comply with their verified instructions.

If we are the Data Controller (e.g., internal platform data): You can contact us directly at the email provided below.

10. Contact Us

For any privacy-related questions or to exercise your data rights, please contact our privacy team:

Email: contact@getsalesfinder.com

Address: Ethoventures Inc., 12688 Highway 118, Haliburton ON K0M 1S0, Canada