Privacy Policy
Overview
This Privacy Policy describes how AuxDynamics Inc. ("AuxDynamics," "we," "us," or "our") collects, uses, stores, and discloses personal information when you visit our website at auxdynamics.com, submit an inquiry, book a discovery call, apply for a role, or engage with our services.
We are committed to protecting your privacy and complying with the Personal Information Protection and Electronic Documents Act (PIPEDA), Alberta's Personal Information Protection Act (PIPA), and Canada's Anti-Spam Legislation (CASL). If you are located outside Canada, the privacy laws of your jurisdiction may also apply, and we will make reasonable efforts to comply with applicable requirements.
By using our website or submitting your information through any of our forms, you acknowledge that you have read and understood this Privacy Policy.
Who We Are
AuxDynamics Inc. is a technology services company incorporated under the federal laws of Canada (Canada Business Corporations Act) with its principal place of business in Calgary, Alberta. We provide AI, cloud, cybersecurity, software development, and data engineering services to enterprise and mid-market clients across Canada, the United States, and internationally.
Information We Collect
We collect personal information only when you actively provide it to us or when it is automatically generated through your use of our website. We do not purchase, rent, or acquire personal information from third-party data brokers.
| Category | Data Collected | How Collected |
|---|---|---|
| Contact Information | First name, last name, work email address, phone number (optional) | Contact form, booking form, email correspondence |
| Professional Information | Company name, job title, industry, project description | Contact form, discovery call intake, project briefs |
| Application Information | Resume, cover letter, employment history, skills, references | Careers page applications, email submissions |
| Communication Records | Email exchanges, call notes, meeting summaries | Email, video calls, internal CRM |
| Technical / Usage Data | IP address, browser type, OS, pages visited, referral source, session duration | Automatically via server logs and analytics tools |
| Cookie Data | Session identifiers, preference cookies, analytics cookies | Automatically on site visit (see Section 7) |
| Newsletter Subscription | Email address only; subscription timestamp and consent record | Newsletter sign-up form (blog page) — explicit opt-in (CASL-compliant) |
| Booking / Discovery-Call Data | Selected date, time, meeting type, primary topic, brief project description, timezone | Booking flow on the appointment page |
| Account Credentials (when client portal launches) | Username, hashed password, multi-factor-authentication settings, session tokens | Future client portal sign-up — collected only if and when this feature goes live |
| Financial Information | Payment method type, billing address (no raw card numbers stored) | Invoicing and payment processing for active clients only |
We do not intentionally collect sensitive personal information such as health data, government ID numbers, biometric data, or information about racial or ethnic origin, political opinions, or religious beliefs. If you inadvertently include such information in a form submission or email, we will delete it promptly and not retain it.
How We Use Your Information
We use personal information strictly for the purposes for which it was collected, or purposes that are consistent with those purposes. Specifically, we use your information to:
- Respond to inquiries, project briefs, and discovery call requests submitted through our website
- Schedule and conduct discovery calls, technical consultations, and meetings
- Prepare proposals, statements of work, and service agreements for prospective clients
- Deliver contracted services and communicate regarding active engagements
- Process invoices and manage billing for active client accounts
- Evaluate job applications and communicate with candidates during the hiring process
- Send transactional communications — booking confirmations, project updates, and invoices
- Send our monthly engineering insights newsletter, only where you have given explicit consent
- Analyze website usage to improve the performance and content of our site
- Comply with legal obligations, enforce our terms, and protect our rights
We do not use your personal information for automated decision-making or profiling that produces legal or significant effects on you.
Legal Basis for Processing
Under PIPEDA and Alberta's PIPA, we process personal information based on the following grounds:
- Consent — For newsletter subscriptions, marketing communications, and any non-essential data processing. Consent is obtained explicitly through checkboxes on our forms, and you may withdraw consent at any time.
- Contractual necessity — For processing required to fulfill our service agreements, including delivery, billing, and project communications with active clients.
- Legitimate interest — For responding to inquiries, evaluating job applications, improving our website, and conducting business development activities — where these interests are not overridden by your privacy rights.
- Legal obligation — Where we are required to process information to comply with applicable laws, regulations, or court orders.
Sharing & Disclosure
We do not sell, rent, trade, or share your personal information with third parties for their own marketing purposes. Period.
We may share your information only in the following limited circumstances:
- Service providers — We use a small number of trusted third-party tools to operate our business (email delivery, scheduling, analytics, payment processing). These providers are contractually bound to process your data only on our behalf and in accordance with this policy.
- Professional advisors — Lawyers, accountants, or auditors acting in a professional capacity, subject to confidentiality obligations.
- Legal requirements — Where required by law, regulation, court order, or government authority.
- Business transfers — In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity. You will be notified before your data is transferred and becomes subject to a different privacy policy.
- With your consent — For any purpose where you have explicitly authorized disclosure.
Cookies & Tracking
Our website uses a minimal set of cookies and does not use invasive tracking technologies. We do not use Facebook Pixel, Google Ads tracking, retargeting pixels, or cross-site advertising cookies.
| Cookie Type | Purpose | Duration | Opt-Out |
|---|---|---|---|
| Essential | Required for the website to function — form session tokens, navigation state, CSRF protection | Session | Cannot be disabled without breaking site functionality |
| Analytics (Google Analytics 4) | Pseudonymous page-view, session, and referral-source data via Google Analytics 4 (cookies named _ga, _ga_*). IP addresses are truncated by Google and we do not enable Google Signals or advertising features. |
Up to 24 months | Use a browser-level "Do Not Track" extension, the Google Analytics opt-out browser add-on, or block third-party cookies in your browser settings |
| Preferences | Remembers UI preferences (e.g. cookie consent acknowledgement, dark/light mode if applicable) | 12 months | Clear browser cookies |
| Cloudflare security | Bot management, DDoS protection, WAF (cookies set by Cloudflare on our behalf, e.g. __cf_bm) |
30 minutes (rolling) | Cannot be disabled without breaking security protections |
You can control cookies through your browser settings. Disabling essential or security cookies may impair the functionality of certain forms or our DDoS protection. Disabling analytics cookies has no impact on your experience.
Cookie consent (CASL / PIPEDA). The first time you visit our site we display a cookie-consent notice. By continuing to use the site after that notice, you consent to the use of cookies described in this section. You may withdraw consent at any time by clearing cookies or by changing your browser settings.
Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law.
Our default retention rule is simple: we retain personal information from contact-form submissions, discovery-call bookings, newsletter subscriptions, and any other voluntary inquiry until you request deletion. You can request deletion at any time, and we will action verified requests within 30 days (see Section 10).
The following category-specific retention rules also apply, in addition to the general rule above:
- Active client records — Duration of engagement plus 7 years for financial and contractual records (mandatory under Canada Revenue Agency record-keeping rules and the Income Tax Act)
- Newsletter subscribers — Until you unsubscribe (one-click in every email), after which your email is deleted from our mailing list within 10 business days
- Website analytics (Google Analytics 4) — Aggregated and anonymized; user-level analytics records are retained for the GA4-default 14 months and then automatically deleted by Google
- Job applications (unsuccessful) — 12 months from date of application, then securely deleted
When retention periods expire, or when you request deletion, we securely delete or anonymize personal information. See Section 10 for how to make a deletion request.
Security
We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the personal information we hold. Given that we are a cybersecurity services company, our internal security practices meet or exceed the standards we recommend to our clients.
- All data transmitted through our website is encrypted in transit using TLS 1.3
- Access to personal information is restricted to team members who need it to perform their role, governed by role-based access controls
- Internal systems are protected by multi-factor authentication, endpoint management, and zero-trust network access policies
- Third-party service providers are vetted for security practices before use and subject to contractual data protection obligations
- We conduct periodic security reviews of our own data handling practices
No transmission of data over the internet is 100% secure. While we take commercially reasonable measures to protect your information, we cannot guarantee absolute security. In the event of a data breach that poses a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada (OPC) as required under PIPEDA.
Your Rights
Under PIPEDA and Alberta's PIPA, you have the following rights with respect to your personal information held by AuxDynamics:
- Right of access — Request a copy of the personal information we hold about you, how it is being used, and to whom it has been disclosed
- Right to correct — Request correction of inaccurate or incomplete personal information
- Right to withdraw consent — Withdraw consent for non-essential processing at any time, without penalty (this will not affect processing already carried out)
- Right to erasure — Request deletion of your personal information, subject to our legal retention obligations
- Right to object — Object to processing of your personal information for legitimate interest purposes
- Right to complain — Lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca or Alberta's Office of the Information and Privacy Commissioner (OIPC) at oipc.ab.ca
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. In some circumstances we may need to verify your identity before processing a request. We will never charge a fee to access your own information.
CASL Compliance
Canada's Anti-Spam Legislation (CASL) governs commercial electronic messages (CEMs) sent to Canadians. AuxDynamics is fully committed to CASL compliance.
- Express consent — We send marketing and newsletter emails only to individuals who have given express, opt-in consent via a clearly worded checkbox. Pre-checked boxes are never used.
- Implied consent — Where we rely on implied consent (e.g. an existing business relationship), we document the basis of that consent and its expiry in accordance with CASL.
- Identification — Every commercial electronic message we send includes our full legal name, mailing address, and contact information.
- Unsubscribe mechanism — Every marketing and newsletter email includes a one-click unsubscribe link. Unsubscribe requests are processed within 10 business days.
- No third-party lists — We do not purchase, rent, or use third-party email lists for commercial messaging.
Transactional emails — such as booking confirmations, project updates, and invoices — are exempt from CASL consent requirements as they relate to an existing business relationship or completed transaction.
Third-Party Links
Our website may contain links to third-party websites, including LinkedIn, GitHub, Twitter/X, and partner or client websites. These sites operate independently of AuxDynamics and are governed by their own privacy policies.
We are not responsible for the content, privacy practices, or data handling of any third-party website. We recommend reviewing the privacy policy of any third-party site you visit. The presence of a link on our website does not constitute endorsement of that site's privacy practices.
Children's Privacy
Our website and services are directed exclusively at business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal information from anyone under 18 years of age.
If you believe a child under 18 has submitted personal information through our website, please contact us immediately at [email protected] and we will promptly delete that information.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Post a notice on our website homepage for 30 days following the update
- Where required, notify active clients and newsletter subscribers by email
Your continued use of our website or services following the posting of changes constitutes acceptance of the updated policy. If you do not agree with the changes, you may request deletion of your information and cease using our services.
We encourage you to review this page periodically. The current version will always be accessible at auxdynamics.com/privacy.html.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact our Privacy Officer:
Email: [email protected]
General inquiries: [email protected]
Mailing address: AuxDynamics Inc., Calgary, Alberta, Canada
Response time: We respond to all privacy inquiries within 30 calendar days.
If you are not satisfied with our response, you have the right to escalate your complaint to the Office of the Privacy Commissioner of Canada (priv.gc.ca) or the Office of the Information and Privacy Commissioner of Alberta (oipc.ab.ca).