Your Privacy

NightKey® treats the protection of personal information as a key responsibility and is committed to ensuring that patrons’ privacy is afforded the highest levels of protection. NightKey® is compliant with The Personal Information Protection Act ("PIPA") of Alberta.  You may visit the Information & Privacy Commissioner of Alberta’s website for information on PIPA and to learn more about Alberta’s privacy laws. ("OIPC")

About NightKey's services

NightKey® provides identity verification and entry authorization services to Canadian businesses that subscribe to the NightKey® system (venues), such as night clubs and hotels. Venues use fixed terminals provided by NightKey® to record and verify patrons' identities when they enter their premises, and to ensure that such patrons have not been previously banned from entering their venues. This assists Venues in ensuring that they provide patrons with safe and secure environments primarily by deterring individuals who intend to engage in inappropriate or illegal activities from entering their premises. The information collected through NightKey® terminals is stored by NightKey® on a central server. When entering a Venue, if you do not wish to enroll on the NightKey® system, you may experience longer waiting times in queues or possible denied entry. However NightKey® has no authority to dictate how each individual venue decides to conduct their business. Denial of entry and or longer wait times is at the sole discretion of the Venue that uses NightKey®.

Kinds of information we collect

When you complete an enrolment or entry process at a Venue using a NightKey terminal, we will collect the information you provide through the terminal. Generally, this will include:
Your FingerPIN® – When you opt to use the “fast access” feature on the NightKey terminal as your primary method of identification, the terminal will scan your fingerprint and instantly formulate a unique 300 digit binary number (e.g. 011010110001…) to represent your fingerprint (this number is calculated based on distances between various ridge and meridian points on your fingerprint). The resulting number is called a FingerPIN®. The NightKey terminal only stores the scanned image of your fingerprint momentarily (a few seconds at most) whilst the FingerPIN® is being formulated. As soon as the FingerPIN® is calculated, the NightKey® terminal automatically and permanently deletes your fingerprint image. The terminal does not keep an image of your fingerprint and it is not possible to reverse engineer your fingerprint from your FingerPIN®.
Identifying information – When you enroll for the first time on a NightKey® terminal, you will be asked to provide some form of ID which will be scanned. If you provide another form of ID, relevant information (generally, your name, date of birth and gender) will be recorded in the terminal by a Venue staff member.
Photograph and audio visual footage – When you enroll for the first time on a NightKey® terminal, your photo is taken by a camera in the terminal and stored with your name, date of birth etc.  The camera also takes an audio visual clip of approximately 5 seconds in length while you are enrolling and any time you interact with a NightKey® terminal.
Venues are able to maintain on the NightKey® server a “Banned Persons” database which they use to help them identify patrons that they have previously prohibited from entering their premises. The types of information that are recorded on this database include the patron's name, photo, date of birth, scanned ID, the reasons for which they have been banned and event summaries of the circumstances surrounding their ejection from the Venue.
We may hold other information about you that we have received or generated in the course of our day-to-day business activities, such as details contained in correspondence we have received from you.

How we collect your information

In almost all cases, information we collect about you is collected through NightKey® terminals and NightKey® server interface programs used by venues. From time-to-time, there may be other occasions on which we collect information about you via other means; for example, when you correspond directly with us via the NightKey® website at www.nightkey.ca.

Why and how we use your information

We use personal information contained on the NightKey®  system for the following purposes:

Where is your Personal Information being stored?

NightKey® holds the collection and protection of personal information as a key priority and responsibility of our business. For this reason NightKey® has chosen to store data of site from the location from where it was given.(i.e at the venue). This is done to remove concerns a patron may have that a staff member at the venue or any other person may have access to very sensitive personal information.  People’s personal information is stored on NightKey® central server which is housed in a highly secured data centre. The data center used by NightKey® shares the same security features any bank or government office would use that store people’s personal information.

How we secure your information

We hold all of your personal information in a secure manner to ensure that it is protected from unauthorized access, modification and disclosure. Our electronic databases are stored on a central server in a secure location which provides top-level physical security. Security measures regarding electronic records meet highest industry standards and include 1024 bit and 128 bit encryption, biometric verification for terminal access, usernames and passwords, firewalls and audit-trails. Access to electronic records is strictly limited to staff whose tasks require access, such as senior managers and security officers. When records containing personal information are no longer needed, we ensure those records are destroyed securely; for example, we degauss (i.e. demagnetize) electronic records so that information contained in them cannot be retrieved.

Who Has Access to Your Information?

NightKey® has developed its system of accessing personal information with the highest regard of privacy and protection. All of NightKey® staff members that are responsible for managing personal data are trained and assed to comply with the responsibility they will be undertaking. All of NightKey® staff goes through a strict background check and must provide a Police security clearance before being employed by NightKey®

All of the data stored in NightKey® secure servers are only accessible through a unique user ID and password. Each individual employee charged with the responsibility of managing the data will be assigned his or her own personal unique user ID and Password. This is so all interactions with NightKey® servers are audited and tracked so we know exactly who was logged into the system and which employee was looking at who’s information. NightKey® was built first and foremost with privacy as its primary foundation; you are always protected with NightKey®.

How we disclose your information

NightKey® only discloses your information in very limited circumstances and, when it does so, only provides parts of your information that are necessary for the recipient's purposes. This will generally only occur in the following situations:

We do not share information between venues, under any circumstances, sell or otherwise trade in your personal information. Generally, NightKey® will not disclose your personal information to any of its contractors or service providers. However, circumstances may arise where this is necessary at some point in the future. Should such circumstances arise, we will ensure that strict contractual measures are in place requiring the recipient to protect the privacy of your information, to only use the information for the purposes of their engagement and to destroy any copies of the information once their engagement is complete.

We may also disclose a person's personal information where we are legally required to do so (such as under a court order) or where the police inform us that they are investigating a particular individual and request information from us about that individual to assist them with their inquiries (in which case we will only provide details after making a record of the name and badge number of the police officer to whom the information is provided).

Removing your information

If you have enrolled on the NightKey® system, you may request for your information to be deleted at any time by visiting our website at www.nightkey.ca and following the prompts. Once your details are deleted, they will be stored in an archives database for 30 days in case we need to retrieve the information for any reason. After 30 days, the details will be automatically deleted. Please note that to regain entry to any NightKey® venue which you have requested deletion from will require you to fully enroll again. Please note that if you have been banned from a NightKey® venue then your details will not be deleted until such time as the ban has expired.

Accessing your information

You may request access to the personal information we hold about you by sending a written request to our Privacy Officer. You do not need to provide a reason for your request. Once our Privacy Officer has verified your identity, we will provide you with a print-out of information we hold about you within 14 days. Generally, we do not charge any fees for providing access; however, fees may be charged in special circumstances on a cost-recovery basis.

In rare circumstances, we may not be able to provide you with access to your information. This may occur where, for example, we are required by law to withhold the information, it relates to legal proceedings or would affect negotiations we are holding with you. If we are unable to provide you with access, we will provide reasons for this and consider whether the use of an intermediary would be appropriate to provide you with an explanation of your personal information.

Correcting your information

If your personal information is out-of-date or incorrect, you may inform us of this in writing and we will correct it for you. There is the ability to correct or amend your personal information through visiting our website at www.nightkey.ca. In the unlikely event that we disagree about the accuracy of the information and are unable to change it, you may provide us with a statement indicating that you dispute its accuracy and we will associate the statement with your information in such a manner that it will be brought to the attention of each person who subsequently uses the information.

Complaints

If you are not satisfied with how we handle your personal information, you can lodge a complaint in writing with our Privacy Officer. Your complaint will be treated confidentially. Our Privacy Officer will contact you within 14 days to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in an appropriate manner with which you are satisfied. You may contact our Privacy Officer to enquire about the progress, or any other aspect of your complaint at any time.

Changes to this policy

Due to changing business circumstances, we may need to make changes to this policy from time to time. However, we will endeavor to ensure that any such changes do not reduce your overall level of privacy protection. Any amended or new policy will be published on our website. Any actions that we have taken before the changes will continue to be regulated by the policy that existed before the changes were made. Persons enrolled in the NightKey® database will not be directly notified when changes to the NightKey® Privacy Policy are made, so please be sure to check our web site at www.nightkey.ca for the latest version. If you do not approve of the terms of any new policy, you will be able to remove your details from the NightKey® system at any time (see above).

Further information

If you have any queries or requests in relation to this policy, please contact our Privacy Officer whose contact details are available on the contact page at www.nightkey.ca