PRIVACY
Privacy Policy
Effective date: 7 July 2026 · Last reviewed: 7 July 2026
DataFlux Inc. (“DataFlux,” “we,” “us,” or “our”) respects your privacy and is committed to protecting personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation in Canada. This Privacy Policy explains what information we collect, how we use it, when we disclose it, and the choices available to you.
1. Who we are
DataFlux Inc. is a British Columbia corporation operating a real-time AI data pipeline platform. Our registered office is at 1955 Alpha Way, Suite 120, Burnaby, BC V5C 0K6, Canada. Our business number is BN 865317492BC0001. For privacy-related enquiries, contact us at [email protected] or +1 (587) 555-3491.
2. Scope of this policy
This policy applies to personal information collected through dataflux.life, our contact forms, programme enrolment processes, client service engagements, and related communications. It does not apply to third-party websites linked from our pages, or to personal information processed solely on behalf of clients within their own pipeline environments under separate data processing agreements.
3. Information we collect
We may collect the following categories of personal information depending on how you interact with us:
- Contact and identity information: name, email address, telephone number, job title, organisation name, and mailing address when you submit our contact form, request a Flux demo, enrol in a programme, or engage our services.
- Communication content: messages you send through forms or email, including pipeline requirements, technical context, and scheduling preferences.
- Consent records: timestamps and scope of PIPEDA consent provided through our contact form or service agreements.
- Website usage data: IP address, browser type, device identifiers, pages visited, referring URLs, and interaction timestamps collected through cookies and similar technologies as described in our Cookie Policy.
- Client engagement data: project notes, workshop attendance, billing contacts, and support correspondence when you become a client.
We do not intentionally collect sensitive personal information such as health records, government identifiers, or financial account numbers through our public website. If you voluntarily include such information in a message, we will handle it with heightened care and delete it when no longer required for the stated purpose.
4. How we collect information
We collect personal information directly from you when you complete forms, send email, visit our studio, participate in programmes, or sign service agreements. We collect certain technical information automatically when you browse our website, subject to your cookie preferences. We do not purchase personal information lists for marketing purposes.
5. Purposes for collection and use
We collect and use personal information only for purposes that a reasonable person would consider appropriate in the circumstances, including:
- Responding to enquiries, demo requests, and pilot programme applications;
- Delivering programmes, professional services, and managed operations under contract;
- Scheduling studio visits and coordinating workshops at our Burnaby location;
- Issuing invoices, processing payments, and maintaining financial records;
- Improving website performance, security, and user experience;
- Complying with legal obligations, responding to lawful requests, and enforcing our Terms of Use;
- Maintaining internal records of consent and communication history for accountability under PIPEDA.
We will not use your personal information for materially different purposes without obtaining fresh consent, except where permitted or required by law.
6. Legal basis and consent
Under PIPEDA, we rely on your knowledge and consent for the collection, use, and disclosure of personal information, except where the law permits collection without consent. Our contact form requires an explicit, unchecked consent checkbox before submission. You may withdraw consent for future processing by contacting [email protected], subject to legal or contractual restrictions and reasonable notice. Withdrawal may limit our ability to provide ongoing services.
7. Disclosure to third parties
We do not sell personal information. We may disclose personal information to:
- Service providers: hosting providers, email delivery services, analytics platforms, and payment processors who process data on our behalf under contractual confidentiality and security obligations;
- Professional advisers: lawyers, accountants, and insurers where necessary for compliance or risk management;
- Authorities: regulators, courts, or law enforcement when required by applicable law or valid legal process;
- Corporate transactions: acquirers or successors in the event of a merger, acquisition, or asset sale, with notice where required.
Some service providers may store or process data in Canada, the United States, or other jurisdictions. When personal information crosses borders, we apply contractual safeguards and assess risks consistent with PIPEDA accountability requirements.
8. Retention
We retain personal information only as long as necessary to fulfil the purposes for which it was collected, meet legal and contractual obligations, and resolve disputes. Contact form submissions are typically retained for twenty-four months unless a client relationship develops. Client project records are retained according to contract terms and applicable limitation periods. Cookie preference records are stored for six months as described in our Cookie Policy. When information is no longer required, we securely delete or anonymise it.
9. Security safeguards
We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the information we hold. Measures include access controls, encrypted transport (HTTPS), staff confidentiality obligations, and vendor security reviews. No method of transmission or storage is completely secure; we cannot guarantee absolute security but we investigate suspected breaches and notify affected individuals and regulators where required by law.
10. Your rights under PIPEDA
Subject to limited exceptions, you have the right to:
- Request access to personal information we hold about you;
- Request correction of inaccurate or incomplete information;
- Withdraw consent where processing is consent-based;
- Challenge our compliance with PIPEDA by contacting us first, and if unresolved, file a complaint with the Office of the Privacy Commissioner of Canada.
Access requests should be sent to [email protected] with sufficient detail to verify your identity. We respond within thirty days unless an extension is permitted.
11. Children
Our website and services are directed at business professionals and organisations. We do not knowingly collect personal information from individuals under sixteen years of age. If you believe we have collected information from a minor, contact us and we will delete it promptly.
12. Automated decision-making
We do not use personal information collected through our website to make solely automated decisions that produce legal or similarly significant effects on individuals. Pipeline automation within client environments is governed by separate client agreements and is not covered by this website policy.
13. Changes to this policy
We may update this Privacy Policy to reflect changes in law, technology, or business practices. Material changes will be posted on this page with an updated effective date. Continued use of our website after changes constitutes acceptance of the revised policy for website-related processing, except where further consent is required.
14. Pipeline client data
When we deliver professional services, programmes, or managed operations, we may process data on behalf of clients within their pipeline environments. That processing is governed by separate service agreements and data processing addenda that define roles, subprocessors, retention, and breach notification obligations. This website Privacy Policy does not replace those contractual terms. Clients remain responsible for ensuring they have appropriate authority to provide source data for ingestion into Flux channels.
15. Marketing communications
We do not operate as a marketing agency and we do not sell contact lists. If you become a client or request information, we may send transactional messages related to your engagement — workshop schedules, invoice notices, incident updates, or programme materials. We will not send unsolicited promotional email without consent where consent is required. You may opt out of non-essential communications by replying to any message or contacting [email protected].
16. Breach notification
If we become aware of a breach of security safeguards involving personal information under our control that creates a real risk of significant harm, we will take reasonable steps to contain the incident, assess scope, notify affected individuals as required by PIPEDA, and report to the Office of the Privacy Commissioner of Canada where mandatory. We maintain an internal incident response procedure reviewed annually and tested through tabletop exercises with engineering and leadership stakeholders.
17. Provincial and sectoral laws
Depending on your location and industry, additional privacy laws may apply — including British Columbia’s Personal Information Protection Act for employee information in some contexts, Alberta’s PIPA, Quebec’s Law 25 for Quebec residents, and sector-specific rules for health or financial data. Where conflicts arise, we apply the standard that affords greater protection to individuals when feasible. Contact us if you require a jurisdiction-specific data processing addendum for a service engagement.
18. Contact our privacy office
DataFlux Inc.
1955 Alpha Way, Suite 120
Burnaby, BC V5C 0K6, Canada
Email: [email protected]
Telephone: +1 (587) 555-3491
BN 865317492BC0001