This Privacy Policy describes how DataGuards (“we,” “us,” “our”) collects, uses, discloses, and safeguards personal information in the course of providing Managed IT Services to clients across Ontario, Canada.We are committed to protecting privacy, confidentiality, and security in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and all other applicable Canadian and Ontario privacy regulations.
1. Scope & Application
This Privacy Policy applies to:
Clients and their authorized personnel
Users of our websites, support portals, and managed platforms
Individuals whose personal information may be processed as part of our services
This policy does not apply to information about corporate entities unless such information identifies an individual.
2. What Personal Information We Collect
2.1 Client & User Information
Names, job titles, and business contact details
Login credentials (e.g., usernames, authentication details)
Support tickets, communication history, and service interactions
2.2 Technical Information
Collected automatically from systems we manage or monitor:
Device identifiers, hardware details, and configuration data
IP addresses, network activity logs, and usage data
Security logs (intrusion alerts, failed login attempts, threat indicators)
System performance metrics
2.3 Billing & Administrative Information
Payment and invoicing information (processed through secure third-party payment providers)
Contract details and account management information
2.4 Sensitive Information
We do not intentionally collect sensitive information unless it is required to deliver our services and the client has expressly authorized such collection.
3. How We Use Personal Information
We use personal information only for purposes related to delivering, supporting, and improving our Managed IT Services, including:
Providing IT support and technical troubleshooting
Monitoring, protecting, and optimizing client systems and networks
Configuring and maintaining user accounts and access controls
Detecting, preventing, and responding to security threats
Managing service tickets and client requests
Conducting billing, invoicing, and administrative functions
Enhancing system performance and cybersecurity capabilities
Meeting legal, regulatory, or contractual obligations
We do not use personal information for marketing without explicit consent.
4. Legal Basis for Processing
We collect and process personal information based on:
Consent
Contractual necessity
Legitimate business interests, such as system security and service delivery
Legal and regulatory compliance
Clients may withdraw consent at any time, subject to contractual or technical limitations.
5. How We Share Personal Information
We do not sell personal information. We may share information only in the following circumstances:
5.1 Authorized Service Providers
Third-party vendors that support our services, including:
Cloud hosting and infrastructure providers
Cybersecurity and monitoring tools
Professional services such as accounting or auditing
All vendors are required by contract to protect personal information in compliance with PIPEDA.
5.2 Client-Authorized Recipients
We may share information with individuals or organizations explicitly designated by the client.
5.3 Legal & Compliance Requirements
We may disclose personal information when necessary to:
Comply with a court order, warrant, or other lawful request
Respond to government or regulatory authorities
Protect our legal rights or those of our clients
6. Cross-Border Data Transfers
Some information may be stored or processed outside Ontario or Canada. When cross-border transfers occur, we ensure that:
Appropriate contractual and technical safeguards are in place, and
Service providers adhere to privacy protections comparable to Canadian standards
Clients are notified whenever data is hosted or stored outside Canada.
7. Data Security Measures
We employ industry-standard security controls to protect personal information, including:
Multi-factor authentication (MFA)
Encryption in transit and, where applicable, at rest
Network monitoring and intrusion detection
Regular patching, updates, and vulnerability assessments
Strict access controls and role-based permissions
Secure backups and disaster recovery processes
While we maintain robust safeguards, no system is completely immune to cyber risks. If a privacy breach occurs, we will notify affected clients in accordance with PIPEDA’s breach reporting requirements.
8. Data Retention
We retain personal information only for as long as necessary to:
Deliver our services
Meet legal or contractual requirements
Resolve disputes or support audit obligations
Information may be securely archived before being destroyed or anonymized.
9. Your Rights
Individuals may request:
Access to their personal information
Correction of inaccurate or incomplete information
Withdrawal of consent
Details regarding how their information is used or disclosed
Requests can be submitted to our Privacy Officer (see Section 12).
10. Cookies & Website Tracking
Our website may use cookies and analytics tools to:
Enhance user experience
Analyze traffic and performance
Improve security
Users can adjust browser settings to manage or disable cookies.
11. Third-Party Links
Our websites and platforms may contain links to external sites.
We are not responsible for the privacy practices of third-party websites.
12. Contact Information
For questions, concerns, or requests regarding this Privacy Policy, please contact:
Andrew David
protector@dataguards.ca
13. Updates to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Updated versions will be posted on our website with the revised effective date. Continued use of our services constitutes acceptance of the updated policy.
