Privacy Policy

This page (“Privacy Policy” or “Policy”) outlines the policies and procedures of The Foundation Digital Marketing Agency Inc. (“The Foundation,” “we,” “us,” or “our”) with respect to the collection, use, processing, storage, and disclosure of your information. It also describes the security measures implemented to protect the data you provide while using our services, including those made available through this website and any software or platforms associated with The Foundation (collectively, the “Services”). By accessing or using our Services, you consent to the collection and use of your information as outlined in this Policy.

What Information Does The Foundation Collect and Store?
Personal Information

When registering for the Services or seeking additional information, we may request personal contact information such as your name, company name, address, phone number, and email (“Personal Contact Information”). If you choose to subscribe to a paid plan, you may also be asked to provide billing details (e.g., billing address, payment method). All billing is securely processed through Stripe, and The Foundation does not store any financial information directly.

Data, Diagnostic & Login Information

By using our CRM and/or AI Receptionist (OrionVoice) platform, you may upload or generate data such as client contact information, calendar bookings, automated communications, and custom content (collectively, “Data”). If a technical issue arises, we may request diagnostic logs to help resolve errors. This may include operating system and browser details, or system crashes, collectively referred to as “Diagnostic Information.” Login credentials may be stored locally via cookies to streamline authentication (“Login Information”).

Analytics and Website Navigational Information

We use standard analytics tools to gather information including your IP address, browser type, session duration, and website interactions. This “Analytics Information” is used to understand user behavior and improve performance. Cookies and similar tools are used to enhance navigation. Third-party vendors, such as Google, may use cookies to serve personalized ads based on your interactions.

You may opt out of personalized advertising through Ads Settings or www.aboutads.info

Geo-Location

The Foundation does collect your physical business or personal address (whichever you provide) when you complete the virtual pop-up form to register for a subscription Plan. No other GeoLocation data is collected, but The Foundation reserves the right to do so in the future with your express consent.

Compliance with Canadian Privacy Legislation (PIPEDA)

The Foundation Digital Marketing Agency Inc. (“The Foundation”) is committed to protecting your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and all applicable provincial privacy laws.

We collect, use, and disclose your personal information for the purposes described in this Privacy Policy. We do so only with your knowledge and informed consent, except where otherwise permitted or required by law. Your personal information will not be used or disclosed for purposes beyond those for which it was collected, without your additional consent.

Your Rights Under Canadian Privacy Law

In accordance with PIPEDA, you have the following rights:

-Right to Access: You may request access to any personal information we hold about you.

-Right to Correction: You may request correction of inaccurate, outdated, or incomplete data.

-Right to Withdraw Consent: You may withdraw your consent to the use or disclosure of your information, subject to legal or contractual restrictions.

-Right to Be Informed: You have the right to know how and why your information is collected and used.

To exercise any of these rights, please submit a written request to: [email protected]

Safeguards and Data Security

The Foundation employs reasonable organizational, physical, and technological safeguards to protect your personal information against loss, theft, unauthorized access, disclosure, copying, use, or modification. These safeguards include:

-Encrypted storage through our CRM and AI Receptionist provider, GoHighLevel

-Secure user authentication and restricted access controls

-Internal privacy practices to ensure compliance

If a data breach occurs involving a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required by PIPEDA.

Accountability and Contact

The Foundation is accountable for the personal information under its control. We have designated a Privacy Officer responsible for overseeing our compliance with this Privacy Policy and applicable laws.

For questions, concerns, or privacy-related complaints, please contact:

Privacy Officer :

The Foundation Digital Marketing Agency Inc.

[email protected]

How Does The Foundation Use the Information It Collects?

Personal Contact Information: Used to manage your account, deliver services, and provide updates or marketing content (subject to your consent). Billing Information: Used exclusively to process transactions via Stripe. We do not store this information.

Data, Diagnostic, and Login Information: Utilized to administer your CRM environment and ensure system

functionality.

Analytics Information: Helps us monitor traffic, optimize user experience, and protect against unauthorized use.

Marketing and Publicity

By using our Services, you agree to allow The Foundation to identify you as a client, including displaying your name or logo on our website or marketing materials. You may withdraw consent for this use by contacting us at [email protected].

With your permission, we may also contact you by email or SMS for marketing purposes. You may opt out by clicking the unsubscribe link in emails or replying “STOP” to SMS messages.

Sale of Personal Information

The Foundation does not sell, rent, or trade your personal or business information to third parties.

Disclosure of Information
Third-Party Service Providers

We engage trusted third-party vendors (e.g., Stripe, Google Analytics, and CRM hosting via GoHighLevel) to provide elements of our Services. These vendors are contractually obligated to protect your information and may only use it to perform tasks on our behalf.

Legal and Investigatory Disclosures

We may disclose personal information if required to comply with legal obligations, protect our rights or safety, or in response to lawful subpoenas or court orders. Where legally permissible, we will notify affected individuals of such disclosures.

Business Transfers

In the event of a business acquisition, merger, or sale of assets, your information may be transferred to the acquiring entity, subject to this Policy or an updated version with equivalent protection.

Co-Branded Services

If you register via a co-branded partner link, we may share your name and email with that partner. You can avoid this by signing up directly via our primary domain (onefoundation.net)

International Data Transfers and Hosting

The Foundation operates using a white-labeled version of GoHighLevel, a CRM platform. As such, all user data is stored and processed under GoHighLevel’s Privacy Policy, available

here. Our infrastructure may involve cross-border data transfers depending on server location.

Retention and Deletion of Data

We retain your information while your account is active. Upon cancellation of your Services (requested via [email protected]), your data will be deleted from our systems within 24–48 hours. A confirmation email will be sent upon successful deletion.

Data Portability

You may export your client contact data, lead lists, and calendar bookings prior to account closure. Upon cancellation, access to associated features like your website, email domain, or custom VoIP number will be revoked.

Your Rights Under GDPR (If Applicable)

If you are a resident of the EU, UK, Liechtenstein, Norway, Iceland, or Switzerland, you may have rights under the General Data Protection Regulation (GDPR), including: Access to your data, Correction of inaccurate data, Erasure (“right to be forgotten”), Restriction or objection to processing & Data portability

Requests should be submitted in writing to

[email protected]

Community Content

Our services may include public forums or community platforms. Please note that any content posted in these areas may be read and used by others. Deleting your account does not automatically delete public content.

Changes to This Policy

We reserve the right to amend this Privacy Policy. If we make material changes, we will notify you by email and post the updated policy on our homepage at least 60 (sixty) days in advance. Your continued use of the Services after notice constitutes acceptance.

Data Breach Notification

In the event of a data breach that poses a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada without undue delay, and no later than required under applicable law. Notifications will include a description of the breach, the types of information involved, and steps you can take to mitigate risks.

Third-Party Links and Integrations

Our Services may contain links to third-party websites or offer integrations with platforms such as Google, Facebook, or LinkedIn. These platforms are governed by their own privacy policies. We are not responsible for the privacy practices of third parties, and we encourage users to review the terms and privacy statements of any external site they visit.

Customer Support Logs

We may retain records of communications with customers, including support emails, chats, and call recordings, for quality assurance, training, and legal purposes. These records are protected with the same level of care as all personal data.

Questions or Complaints

For questions, requests, or complaints related to privacy, contact: [email protected]