This page (“Privacy Policy” or “Policy”) outlines the policies and procedures of The Foundation Digital Marketing Agency Inc. (“The Foundation,” “we,” “us,” or “our”) with respect to the collection, use, processing, storage, and disclosure of your information. It also describes the security measures implemented to protect the data you provide while using our services, including those made available through this website and any software or platforms associated with The Foundation (collectively, the “Services”). By accessing or using the Services, you acknowledge that you have read this Privacy Policy. Where consent is required by law, The Foundation will obtain such consent through appropriate mechanisms.

What Information Does The Foundation Collect and Store?
Personal Information

When registering for the Services or seeking additional information, we may request personal contact information such as your name, company name, address, phone number, and email (“Personal Contact Information”). If you choose to subscribe to a paid plan, you may also be asked to provide billing details (e.g., billing address, payment method). All billing is securely processed through Stripe, and The Foundation does not store any financial information directly.

Data, Diagnostic & Login Information

By using our CRM platform, you may upload or generate data such as client contact information, calendar bookings, automated communications, and custom content (collectively, “Data”). If a technical issue arises, we may request diagnostic logs to help resolve errors. This may include operating system and browser details, or system crashes, collectively referred to as “Diagnostic Information.” Login credentials may be stored locally via cookies to streamline authentication (“Login Information”).

Where the Client uses VoIP telephony services through The Foundation's platform, data associated with those communications may be collected and retained. This may include call logs, call duration, originating and receiving phone numbers, voicemail recordings, and call recordings. Call recordings are retained for quality assurance, training, and operational purposes for a period of up to twelve (12) months following the date of the recording, unless a longer retention period is required by applicable law or requested in writing by the Client. Access to call data is restricted to authorized personnel and is protected in accordance with the safeguards outlined in this Privacy Policy.

Analytics and Website Navigational Information

We use standard analytics tools to gather information including your IP address, browser type, session duration, and website interactions. This “Analytics Information” is used to understand user behavior and improve performance. Cookies and similar tools are used to enhance navigation. Third-party vendors, such as Google, may use cookies to serve personalized ads based on your interactions.

You may opt out of personalized advertising through Ads Settings or www.aboutads.info

Geo-Location

The Foundation does collect your physical business or personal address (whichever you provide) when you complete the virtual pop-up form to register for a subscription Plan. No other GeoLocation data is collected, but The Foundation reserves the right to do so in the future with your express consent.

AI Receptionist, AI Chatbot, Client Deliverables, and Marketing Deliverables

The Foundation can and does provide a wide-ranging scope of work within its Services to its clients, which can include but is not limited to: access to its CRM, use of its AI Receptionist and/or AI Chatbot, the creation of digital site-building assets such as websites, landing pages, funnels, forms, surveys, e-commerce stores, and associated domains ("Client Deliverables"), and non site-building digital assets such as Google Ads, search engine optimization, social media content and advertising, pay-per-click campaigns, and email and SMS marketing ("Marketing Deliverables"). The following outlines how personal information may be collected, used, or processed in connection with each of these categories.

AI Receptionist and AI Chatbot

Where a client of The Foundation has deployed The Foundation's AI Receptionist or AI Chatbot as part of their Services, personal information may be collected from individuals who interact with these tools. This may include, but is not limited to, first and last name, phone number, email address, appointment details, and the reason for contact. This information is collected for the purpose of facilitating bookings, responding to inquiries, and providing a personalized experience on behalf of The Foundation's client. Call interactions with the AI Receptionist may be recorded for quality assurance, training, and operational purposes. Such recordings are retained and protected in accordance with the safeguards outlined in this Privacy Policy.

Individuals interacting with The Foundation's AI Receptionist or AI Chatbot through a third-party business should be aware that the business deploying these tools is independently responsible for their own privacy obligations with respect to their customers. The Foundation's role in these interactions is limited to providing the underlying technology and infrastructure.

Client Deliverables

The Foundation builds and hosts digital assets on behalf of its clients, including websites, landing pages, funnels, forms, and e-commerce stores. These assets may collect personal information from end users who visit or interact with them, including names, email addresses, phone numbers, and payment information. The Foundation provides the platform and infrastructure through which these assets operate but does not control the data collection practices of its clients with respect to their own end users. Clients of The Foundation are independently responsible for ensuring their data collection practices comply with all applicable privacy laws and for maintaining their own privacy policies governing their end users' information. The Foundation's access to data collected through Client Deliverables is limited to what is necessary to provide, maintain, and support the platform.

Marketing Deliverables

Where The Foundation manages digital advertising or marketing campaigns on behalf of a client, certain data collection and tracking practices may be employed as part of those campaigns. This may include the use of tracking pixels, cookies, and tags from third-party advertising platforms such as Google and Meta, which may collect information about users who interact with ads or visit associated landing pages. Such data may include browsing behavior, device information, and interaction data, and is subject to the privacy policies of the respective advertising platforms. The Foundation encourages individuals to review the privacy policies of Google, Meta, and any other relevant platforms through which they may be reached.

Where The Foundation manages email marketing campaigns on behalf of a client, email addresses and engagement data such as open rates and click activity may be processed for the purpose of delivering and optimizing those campaigns. All email marketing conducted through The Foundation's platform includes an unsubscribe mechanism, and opt-out requests are processed promptly.

Where The Foundation sends SMS communications on behalf of a client, phone numbers and message engagement data may be processed for the purpose of delivering those communications. SMS messaging may include marketing campaigns, as well as automated transactional notifications including but not limited to appointment confirmations, booking reminders, and review requests. All SMS marketing communications include an opt-out mechanism, and recipients may unsubscribe at any time by replying "STOP" to any message. Transactional SMS notifications are sent solely for the purpose of fulfilling a service interaction and are not used for unsolicited marketing.

All email and SMS communications conducted through The Foundation's platform comply with applicable anti-spam, privacy, and telecommunications legislation in the jurisdictions in which they are sent, including but not limited to Canada's Anti-Spam Legislation (CASL), the United States CAN-SPAM Act, and the United Kingdom's Privacy and Electronic Communications Regulations (PECR). Where the General Data Protection Regulation (GDPR) applies, communications are conducted in accordance with its requirements, including obtaining lawful basis for processing and providing clear opt-out mechanisms. Advertising accounts, campaign data, and audience data created or managed by The Foundation on behalf of a client across platforms including but not limited to Google or Meta remain the property of the respective client and are not retained or used by The Foundation following the termination of the applicable service agreement.

Data Controller and Data Processor Roles

Depending on the circumstances, The Foundation may act either as a data controller (or equivalent business/organization under applicable privacy laws) or as a data processor/service provider.

The Foundation acts as a data controller with respect to personal information collected directly from its clients, prospective clients, website visitors, and individuals who interact directly with The Foundation for purposes including account administration, billing, customer support, marketing, and business operations.

The Foundation generally acts as a data processor or service provider with respect to personal information processed on behalf of clients through Client Deliverables, Marketing Deliverables, CRM services, AI Receptionist services, AI Chatbot services, booking systems, and related platform functionality. In such cases, The Foundation processes personal information solely for the purpose of providing the Services and in accordance with the instructions of the applicable client.

Clients remain independently responsible for ensuring that their collection and use of personal information complies with all applicable privacy laws and for fulfilling any obligations owed to their customers, leads, patients, users, or other end users.

Automated Decision-Making and AI-Powered Processing

The Foundation's platform includes AI-powered tools, including the AI Receptionist and AI Chatbot, which involve automated processing of personal data. These tools use natural language processing to interact with individuals, collect information, facilitate bookings, respond to inquiries, and route communications on behalf of The Foundation's clients.

While these tools operate with a degree of automation, they are designed to support and facilitate human-managed workflows rather than to make final decisions that produce legal or similarly significant effects on individuals without human involvement. Booking confirmations, appointment scheduling, and similar outputs generated through these tools are subject to review and confirmation by The Foundation's clients and their staff.

Where automated processing is used in connection with your personal data, you have the right to request human review of any output that you believe has affected you. You also have the right to express your point of view and to contest any outcome arising from automated processing. To exercise this right, please contact us at [email protected].

The Foundation continuously evaluates its AI-powered tools to ensure they operate fairly, transparently, and in accordance with applicable privacy and AI governance frameworks, including where applicable the EU AI Act and any other emerging regulations governing automated processing.

Compliance with Canadian Privacy Legislation (PIPEDA)

Compliance and Purpose

The Foundation Digital Marketing Agency Inc. (“The Foundation”) is committed to protecting your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and all applicable provincial privacy laws.

We collect, use, and disclose your personal information for the purposes described in this Privacy Policy. We do so only with your knowledge and informed consent, except where otherwise permitted or required by law. Your personal information will not be used or disclosed for purposes beyond those for which it was collected, without your additional consent.

How We Obtain Your Consent

The Foundation obtains consent for the collection, use, and disclosure of personal information in a manner appropriate to the sensitivity of that information and the context in which it is collected. Consent may be obtained in the following ways:

-Express Consent: For sensitive personal information, or where required by applicable law, The Foundation obtains express consent through a signed Service Agreement, a written acknowledgment, or an affirmative action such as checking a consent box at the point of registration or data collection.

-Implied Consent: For less sensitive information collected in the ordinary course of delivering the Services — such as technical or diagnostic data generated through platform use — consent may be implied through the Client's decision to access and use the Services following review of this Policy.

-Consent at Point of Collection: Where personal information is collected from end users through Client Deliverables — such as forms, landing pages, or booking tools built and hosted by The Foundation on behalf of a Client — it is the responsibility of the Client to ensure that appropriate consent is obtained from those end users at the point of collection, in accordance with applicable law.

Individuals may withdraw their consent at any time, subject to legal or contractual restrictions, by submitting a written request to [email protected]. The Foundation will advise the individual of the implications of withdrawal prior to processing the request.

Your Rights Under Canadian Privacy Law

In accordance with PIPEDA, you have the following rights:

-Right to Access: You may request access to any personal information we hold about you.

-Right to Correction: You may request correction of inaccurate, outdated, or incomplete data.

-Right to Withdraw Consent: You may withdraw your consent to the use or disclosure of your information, subject to legal or contractual restrictions.

-Right to Be Informed: You have the right to know how and why your information is collected and used.

To exercise any of these rights, please submit a written request to: [email protected]

Electronic Communications and Anti-Spam Compliance

Where The Foundation sends or facilitates the sending of commercial electronic messages — including promotional emails, SMS messages, or other electronic communications — to individuals in Canada, The Foundation complies with Canada's Anti-Spam Legislation (CASL), S.C. 2010, c. 23.

In accordance with CASL:

-The Foundation will only send commercial electronic messages to individuals who have provided express or implied consent as defined under CASL.

-All commercial electronic messages sent by or through The Foundation's platform will clearly identify The Foundation (or the applicable Client on whose behalf the message is sent), provide accurate contact information, and include a functioning unsubscribe mechanism.

-Unsubscribe requests will be processed promptly and no later than ten (10) business days following receipt, in accordance with CASL requirements.

-Where The Foundation manages email or SMS marketing campaigns on behalf of a Client, it is the Client's responsibility to ensure that valid CASL consent has been obtained from all message recipients prior to campaign deployment. The Foundation's platform provides the technical infrastructure for delivery but does not independently verify the lawfulness of the Client's contact lists.

Where communications are sent to recipients outside Canada, applicable anti-spam and electronic communications legislation in the recipient's jurisdiction may also apply, including the United States CAN-SPAM Act and the United Kingdom's Privacy and Electronic Communications Regulations (PECR).

Safeguards and Data Security

The Foundation employs reasonable organizational, physical, and technological safeguards to protect your personal information against loss, theft, unauthorized access, disclosure, copying, use, or modification. These safeguards include:

-Encrypted storage through our CRM provider, GoHighLevel

-Secure user authentication and restricted access controls

-Internal privacy practices to ensure compliance

If a data breach occurs involving a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required by PIPEDA.

Accountability and Contact

The Foundation is accountable for the personal information under its control. We have designated a Privacy Officer responsible for overseeing our compliance with this Privacy Policy and applicable laws.

For questions, concerns, or privacy-related complaints, please contact:

Privacy Officer:

Rooni Rashid

Director of Privacy Compliance

The Foundation Digital Marketing Agency Inc.

[email protected]

How Does The Foundation Use the Information It Collects?

Personal Contact Information: Used to manage your account, deliver services, and provide updates or marketing content (subject to your consent). Billing Information: Used exclusively to process transactions via Stripe. We do not store this information.

Data, Diagnostic, and Login Information: Utilized to administer your CRM environment and ensure system functionality.

Analytics Information: Helps us monitor traffic, optimize user experience, and protect against unauthorized use.

AI Receptionist and AI Chatbot Data: Used to facilitate automated call handling, appointment bookings, inquiry responses, and personalized interactions on behalf of The Foundation's clients. Call recordings are retained for quality assurance, training, and operational purposes.

VoIP and Call Recording Data: Used for quality assurance, staff training, and operational improvement. Retained for up to twelve (12) months in accordance with the Retention and Deletion of Data section of this Policy.

Geo-Location Data: Used to associate your account with the appropriate subscription plan and service configuration. No additional geo-location data is collected without your express consent.

Electronic Communications Data: Used to deliver email and SMS communications, including transactional notifications and, where consent has been obtained, marketing campaigns, in accordance with applicable anti-spam legislation.

Marketing and Publicity

Where a client has separately authorized The Foundation to use its name, logo, trademark, or other branding materials for marketing or publicity purposes, The Foundation may display such materials on its website, marketing materials, proposals, presentations, or other promotional content in accordance with the terms of the applicable agreement.

With your permission, we may also contact you by email or SMS for marketing purposes. You may opt out by clicking the unsubscribe link in emails or replying “STOP” to SMS messages.

Sale of Personal Information

The Foundation does not sell, rent, or trade your personal or business information to third parties.

Disclosure of Information
Third-Party Service Providers

The Foundation engages third-party vendors and service providers to assist in delivering the Services. These providers operate under their own terms of service and privacy policies, which govern how they process personal data. A current list of sub-processors, along with a description of their role in delivering the Services, is set out under the Sub-Processors and Third-Party Service Providers section of this Policy.

Legal and Investigatory Disclosures

We may disclose personal information if required to comply with legal obligations, protect our rights or safety, or in response to lawful subpoenas or court orders. Where legally permissible, we will notify affected individuals of such disclosures.

Business Transfers

In the event of a business acquisition, merger, or sale of assets, your information may be transferred to the acquiring entity, subject to this Policy or an updated version with equivalent protection.

Co-Branded Services

If you register via a co-branded partner link, we may share your name and email with that partner. You can avoid this by signing up directly via our primary domain (onefoundation.net)

International Data Transfers and Hosting

The Foundation operates using a white-labeled version of GoHighLevel, a CRM platform. As such, all user data is stored and processed through GoHighLevel’s infrastructure, subject to GoHighLevel's terms of service and applicable data processing commitments. Our infrastructure may involve cross-border data transfers depending on server location.

Retention and Deletion of Data

We retain your information while your account is active. Upon cancellation of your Services (requested via [email protected]), your data will be deleted from our systems within 24–48 hours. A confirmation email will be sent upon successful deletion.

During the term of an active account, The Foundation retains personal data for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy. The following general retention periods apply:

-Client contact and account data: retained for the duration of the active subscription and deleted within 24–48 hours of confirmed cancellation.

-Customer support communications and logs: retained for a period of up to two (2) years following the date of the interaction.

-Call recordings and voicemail data: retained for a period of up to twelve (12) months following the date of the recording.

-Billing and transaction records: retained for a period of up to seven (7) years in accordance with applicable tax and financial recordkeeping obligations.

-Analytics and diagnostic data: retained for a period of up to twenty-four (24) months, after which it is aggregated or deleted.

Where applicable law requires a longer or shorter retention period, that requirement will prevail. Upon expiry of the applicable retention period, personal data is securely deleted or anonymized in a manner that prevents reconstruction.

Data Portability

You may export your client contact data, lead lists, and calendar bookings prior to account closure. Upon cancellation, access to associated features like your website, email domain, or custom VoIP number will be revoked.

Compliance with Quebec Privacy Law (Law 25)

Residents of the Province of Quebec may have additional rights under An Act to modernize legislative provisions as regards the protection of personal information (commonly referred to as "Law 25" or "Bill 64"), which supplements the requirements of PIPEDA with respect to the collection, use, and disclosure of personal information pertaining to Quebec residents.

In accordance with Law 25, The Foundation commits to the following:

-Privacy by Default: The Foundation's platform and Services are configured to collect only the personal information necessary for the purposes outlined in this Policy, without requiring individuals to take action to protect their privacy.

-Privacy Impact Assessments: Where The Foundation introduces new technologies, including AI-powered tools such as the AI Receptionist or AI Chatbot, that involve the collection or automated processing of personal information, The Foundation conducts or relies upon privacy impact assessments to evaluate and mitigate associated risks prior to deployment.

-Transparency Regarding Automated Processing: Where personal information is collected through automated means or processed using AI-powered tools, The Foundation discloses this practice in this Policy and, where required, at the point of collection.

-Right to Withdraw Consent: Quebec residents may withdraw their consent to the collection, use, or disclosure of their personal information at any time, subject to legal or contractual restrictions, by submitting a written request to [email protected]. Withdrawal of consent may affect The Foundation's ability to deliver certain Services.

For any privacy-related requests or complaints submitted by Quebec residents, The Foundation will respond within the timeframes required under applicable law.

Your Rights Under GDPR (If Applicable)
If you are a resident of the European Union, United Kingdom, Liechtenstein, Norway, Iceland, or Switzerland, you may have rights under the General Data Protection Regulation (GDPR) or applicable national implementation thereof. The Foundation processes personal data under the following legal bases:

-Contract Performance: processing necessary to deliver the Services, Client Deliverables, or Marketing Deliverables as agreed.

-Legitimate Interests: processing necessary for the operation, security, and improvement of the platform, including analytics, fraud prevention, and customer support, where such interests are not overridden by your rights.

-Consent: processing of personal data for marketing communications and non-essential cookies, where your express consent has been obtained.

-Legal Obligation: processing required to comply with applicable laws, regulations, or court orders.

Under the GDPR, you have the following rights with respect to your personal data:

-Right to Access: you may request access to any personal data we hold about you.

-Right to Correction: you may request correction of inaccurate, outdated, or incomplete data.

-Right to Erasure: you may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, or where you have withdrawn consent and no other legal basis applies.

-Right to Restriction: you may request that we restrict processing of your personal data in certain circumstances.

-Right to Data Portability: you may request a copy of your personal data in a structured, commonly used, and machine-readable format.

-Right to Object: you have the right to object at any time to the processing of your personal data where processing is based on legitimate interests or used for direct marketing purposes. Where you object to processing for direct marketing, we will cease such processing without requiring justification.

-Rights Related to Automated Decision-Making: you have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects, except where necessary for contract performance or where you have given explicit consent. See the Automated Decision-Making section of this Policy for further detail.

-Right to Withdraw Consent: where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.

All requests should be submitted in writing to [email protected]. We will respond within the timeframes required under applicable law.

Cross-Border Data Transfers

Where personal data is transferred outside of the European Economic Area (EEA) or United Kingdom, The Foundation ensures that appropriate safeguards are in place to protect that data. Such safeguards may include Standard Contractual Clauses (SCCs) as approved by the European Commission, reliance on adequacy decisions where applicable, or other transfer mechanisms recognized under the GDPR. The Foundation operates using GoHighLevel as its CRM and platform infrastructure, and all data stored and processed through GoHighLevel is subject to GoHighLevel's data processing agreements and applicable transfer safeguards. For further information regarding the safeguards applicable to your data, please contact us at [email protected].

Your Rights Under California Privacy Law (If Applicable)

If you are a resident of the State of California, you may have rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These rights apply to personal information as defined under California law and include the following:

-Right to Know: you have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared.

-Right to Delete: you have the right to request deletion of personal information we have collected from you, subject to certain exceptions permitted by law.

-Right to Correct: you have the right to request correction of inaccurate personal information we hold about you.

-Right to Opt-Out of Sale or Sharing: The Foundation does not sell personal information to third parties, nor does it share personal information for cross-context behavioral advertising purposes. If this practice changes, you will be notified and provided with a clear mechanism to opt out.

-Right to Limit Use of Sensitive Personal Information: where The Foundation processes sensitive personal information as defined under the CPRA, you have the right to limit its use to purposes permitted by law.

-Right to Non-Discrimination: you have the right not to receive discriminatory treatment for exercising any of your California privacy rights.

To exercise any of these rights, please submit a written request to [email protected]. We will respond within the timeframes required under California law. We may require verification of your identity before processing your request.

Cookies and Tracking Technologies

The Foundation and its platform use cookies and similar tracking technologies to operate and improve the Services, analyze usage, and deliver relevant content. A cookie is a small text file stored on your device when you visit a website or use a web-based platform. The following categories of cookies may be used:

-Strictly Necessary Cookies: required for the platform to function and cannot be disabled. These include cookies used for authentication, session management, and security.

-Functional Cookies: used to remember your preferences and settings to improve your experience.

-Analytics Cookies: used to collect information about how users interact with the platform, including pages visited, time spent, and errors encountered. This data is used in aggregate to improve performance. Analytics cookies may be provided by third parties including but not limited to Google Analytics.

-Marketing and Advertising Cookies: used to deliver relevant advertising and track the effectiveness of marketing campaigns. These cookies may be set by third-party advertising platforms including but not limited to Google and Meta.

Where required by applicable law, your consent will be obtained before non-essential cookies are placed on your device. You may withdraw or modify your cookie preferences at any time through your browser settings or the cookie management tool available on our website. Please note that disabling certain cookies may affect the functionality of the platform. Third-party cookies are subject to the privacy and cookie policies of the respective third parties. The Foundation is not responsible for the practices of third-party cookie providers.

In addition to cookies, GoHighLevel's platform infrastructure utilizes browser LocalStorage to retain session and operational data during your visit. This data is used solely for platform functionality purposes and is not transmitted to advertising platforms.

Pages on this website make standard backend requests to GoHighLevel's servers as part of the platform's operational infrastructure. These requests are an inherent function of the GoHighLevel platform and are governed by GoHighLevel's privacy policy and data processing commitments.

Sub-Processors and Third-Party Service Providers

The Foundation engages trusted third-party service providers and sub-processors to assist in delivering the Services. These third-party providers operate under their own terms of service and privacy policies, which govern how they process personal data. By engaging their services, The Foundation has accepted those terms and relies on each provider's published commitments regarding data security, processing limitations, and privacy compliance. Current sub-processors include but are not limited to:

-GoHighLevel: CRM platform, AI Receptionist and AI Chatbot infrastructure (including VoiceAI for voice processing and conversational AI), and data hosting.

-Stripe: payment processing. Billing information is processed exclusively through Stripe and is not stored directly by The Foundation.

-Google Analytics: website and platform analytics.

The Foundation may update its list of sub-processors from time to time as the Services evolve. Clients subject to GDPR who require an up-to-date list of sub-processors, or who wish to object to the engagement of a new sub-processor, may submit a written request to [email protected]. Where a new sub-processor is engaged that may affect the processing of personal data covered by a data processing agreement, The Foundation will provide reasonable advance notice to affected clients.

The AI Receptionist and AI Chatbot features are powered by third-party AI infrastructure providers. Depending on feature configuration, one or more of the following providers may process conversational and/or voice data on behalf of The Foundation:

-OpenAI: large language model (LLM) processing for Conversation AI and Voice AI language generation, and AI voice synthesis. May process conversational input data including names, phone numbers, appointment details, and the content of user messages.

-Anthropic: alternative LLM provider for Voice AI language processing. May process the same categories of conversational input data as described above.

-Google (Gemini): alternative LLM provider for Voice AI language processing. May process the same categories of conversational input data as described above.

-ElevenLabs: AI voice synthesis provider for the AI Receptionist feature, processing audio generation based on conversational inputs.

-Cartesia: alternative AI voice synthesis provider for the AI Receptionist feature, processing audio generation based on conversational inputs.

The specific provider or combination of providers active at any given time depends on account configuration. Clients who require confirmation of which providers are active within their specific account environment may submit a written request to [email protected].

Do Not Track Signals

Some browsers offer a Do Not Track (DNT) setting that signals to websites and platforms that you do not wish to be tracked across sites. The Foundation's platform does not currently respond to browser-initiated Do Not Track signals, as no universally accepted standard for how such signals should be interpreted or honored has been established. If a recognized standard is adopted, The Foundation will reassess and update this Policy accordingly. You may manage your tracking and cookie preferences through your browser settings or the cookie management tool available on our platform.

Community Content

Our services may include public forums or community platforms. Please note that any content posted in these areas may be read and used by others. Deleting your account does not automatically delete public content.

Children's Privacy

The Foundation's Services, platform, and website are not directed at, designed for, or intended to be used by individuals under the age of 16. The Foundation does not knowingly collect personal information from children under the age of 16. If you believe that a child under the age of 16 has provided personal information through our platform without appropriate parental or guardian consent, please contact us immediately at [email protected] and we will take prompt steps to delete that information from our systems.

Where Client Deliverables built by The Foundation on behalf of a client may be accessible to or directed at minors, the client is solely and independently responsible for ensuring that appropriate consent mechanisms, parental consent requirements, and age-appropriate privacy protections are in place in accordance with all applicable laws, including but not limited to the Children's Online Privacy Protection Act (COPPA) in the United States and applicable Canadian provincial legislation.

Changes to This Policy

We reserve the right to amend this Privacy Policy. If we make material changes, we will notify you by email at least 30 (thirty) days in advance. Your continued use of the Services after notice constitutes acceptance.

Data Breach Notification

In the event of a data breach that poses a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada without undue delay, and no later than required under applicable law. Notifications will include a description of the breach, the types of information involved, and steps you can take to mitigate risks.

The Foundation maintains records of security incidents and breaches as required by applicable law.

Third-Party Links and Integrations

Our Services may contain links to third-party websites or offer integrations with platforms such as Google, Facebook, or LinkedIn. These platforms are governed by their own privacy policies. We are not responsible for the privacy practices of third parties, and we encourage users to review the terms and privacy statements of any external site they visit.

Customer Support Logs

We may retain records of communications with customers, including support emails, chats, and call recordings, for quality assurance, training, and legal purposes. These records are protected with the same level of care as all personal data.

Questions or Complaints

For questions, requests, or complaints related to privacy, contact: [email protected]. We will respond within the period required by applicable law.

If you are dissatisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada.