Security & Compliance

Overview

We respect the privacy and security of data entrusted to us. Our policies and practices are designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and corresponding provincial privacy acts.

If you have any concerns about how we handle personal information, contact our Privacy Officer (see below).

What data we collect and why

We may collect the following categories of information:

  • Identity and account data: names, email addresses, passwords, and other information you provide when creating an account or communicating with us.
  • Usage and technical data: login timestamps, browser type/version, IP address, device and operating system details, and other telemetry collected automatically to operate and improve the service.
  • Third-party / referral data: contact details for people you invite or reference through the platform.

We use data for account administration, communications, analytics and product development, and to comply with legal obligations.

You control a number of profile visibility settings and can update or deactivate your account in settings.

  • Our policy and practices are aligned with PIPEDA and applicable provincial privacy laws in Canada.
  • Personal information may be stored, processed, or used by us, our affiliates, or our service providers inside and outside Canada. When that happens, data may be subject to local laws in the jurisdictions where it is processed.

Hosting, subprocessors, and third-party services

We engage service providers to support hosting, analytics, payment processing, email delivery, and technical and customer support. These service providers may access, process, and store information on our behalf.

We require service providers to conform to our privacy standards and to permit audit for compliance.

Subprocessors list

We intend to maintain a customer-facing, up-to-date list of hosting providers and subprocessors (including the regions where customer data is stored/processed).

Security measures

We take reasonable steps to protect the security and confidentiality of personal information using organizational, technological, and physical safeguards.

Examples of controls we maintain include secure on-site and off-site storage, restricted access to records and processing equipment, password protocols, and the use of encryption and security software.

We conduct audits and monitor compliance with our privacy practices.

Data retention and account lifecycle

  • We retain personal information only as long as is necessary for the purposes for which it was collected, or longer when required by law.
  • When information is no longer needed, we destroy, erase, or de-identify it.
  • We may temporarily deactivate accounts that have not logged in for one year or more; accounts can be reactivated by contacting support.

Data transfers and international processing

Personal information may be transferred to and processed in jurisdictions outside Canada; that can expose data to the laws of those jurisdictions.

When we use third-party processors, they must conform to our privacy standards and are subject to confidentiality obligations.

Incident response and audits

We conduct audits and monitor compliance with our privacy practices, and our privacy policy commits to reasonable steps to protect personal information.

How to request access, correction, or to raise concerns

  • You can update or correct account information via your account settings or by emailing our Privacy Officer.
  • You may deactivate your account through account settings.
Privacy Officer contact: Ali Kokulu — hello@knowmeq.com — 416.831.2541

Where to find the full policy

See our full privacy policy on our site: https://knowmeq.com/privacy