1) Information we collect
We collect information you provide directly and data gathered automatically when you interact with our website and tools.
- Contact & Business Info — name, email, company, website, message content, preferences; submitted via forms, the calendar booking widget, or chat/AI agents.
- Operational Data — project details, files you share, account access you authorize (e.g., Google Ads, GA4, Search Console, Tag Manager, Meta, LinkedIn, TikTok, Shopify, Webflow, WordPress), and communication history.
- Analytics & Device Data — pages viewed, actions taken, timestamps, IP address, browser/OS, referral, approximate location; collected via cookies, pixels and similar technologies.
- AI Agent/Chat Interactions — prompts, responses and conversation context used to operate the feature and improve relevance. We do not use your content to train public models.
- Support & Logs — error and event logs, performance metrics, and diagnostics for reliability and security.
2) How we use information
- Respond to inquiries and provide proposals.
- Deliver and improve services (SEO, ads, automations, web).
- Set up and maintain integrations you authorize.
- Analyze website usage and improve user experience.
- Send service, security, and account communications.
- Comply with legal obligations and enforce agreements.
- With consent, send marketing updates. You can unsubscribe any time (CASL-compliant).
4) Legal bases we rely on
For visitors in the EEA/UK, we process personal data under:
- Consent (e.g., marketing, non-essential cookies).
- Contract (to provide requested services).
- Legitimate interests (site security, product improvement, non-intrusive analytics).
- Legal obligation (tax, compliance, law enforcement requests).
6) International transfers
We operate from Toronto, Ontario, Canada, and use providers with servers in Canada, the United States, the EEA/UK and other jurisdictions. Where applicable, we rely on contractual safeguards (e.g., Standard Contractual Clauses) and comparable mechanisms to protect your information.
7) Security
We use reasonable technical and organizational measures to protect data (HTTPS/TLS, access controls, least-privilege, audit/logging). No method is 100% secure; if we learn of a breach, we’ll notify affected parties as required.
8) Data retention
We retain personal information only as long as needed to provide services, meet legal/contractual obligations, resolve disputes and enforce agreements. We then delete or anonymize it.
9) Your privacy rights
- Access, correction, and deletion (PIPEDA/GDPR/CCPA/CPRA).
- Portability and restriction (GDPR).
- Withdraw consent (where processing is based on consent).
- Object to certain processing (e.g., direct marketing).
- California: right to know, delete, correct, and opt-out of “sharing” for cross-context behavioral advertising. We honor Global Privacy Control (GPC) signals for opt-out.
If you’re not satisfied, you may contact the Office of the Privacy Commissioner of Canada (OPC) or your local authority.
10) Children
Our services are not directed to children under 13 (or 16 in the EEA). We don’t knowingly collect personal information from children. If you believe a child provided data, contact us to delete it.
11) Contact
Questions or requests? Reach our Privacy Officer:
12) Changes to this policy
We may update this policy to reflect changes in law or our practices. We’ll post the new version here and update the “Last updated” date.