DeployPoint.ai — Privacy Policy

Effective date: November 1, 2025

DeployPoint.ai (“DeployPoint.ai,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our websites, contact us, or use our products and services. It is designed to align with Canada’s PIPEDA, and—where applicable—the GDPR (EU/UK) and CCPA/CPRA (California).

1) Who we are & how to contact us

Controller: DeployPoint.ai
Email: info@deploypoint.ai
Mailing address: 103-2727 Steeles Ave W, Toronto, ON, M3J 3G9, Canada

2) What information we collect

a) Information you provide

• Contact & account info: name, company, role, email, phone, billing address.

• Business communications: messages, SOWs, support requests, meeting notes.

• Payment details: limited billing info (we use third-party processors and do not store full card data).

• Content you upload/share: documents, data samples, prompts, and configuration files needed for implementation or support.

b) Information collected automatically

• Usage data: pages viewed, referring/exit pages, timestamps, feature interactions.

• Device & log data: IP address, browser type, OS, identifiers, error logs.

• Cookies & similar tech: session cookies, analytics, preference storage (see §9).

c) Third-party sources

• Partners & integrations: limited metadata from platforms you connect to our services.

• Public/enterprise directories: to verify identity, company affiliation, or prevent misuse.

3) Why we collect it (purposes) & legal bases

We process personal information to:

• Provide services and fulfill contracts (setup, integration, maintenance, support). (Contract / Legitimate interests)

• Communicate (onboarding, product updates, security or policy notices). (Legitimate interests / Legal obligation)

• Improve & secure services (debugging, analytics, fraud/abuse monitoring). (Legitimate interests)

• Billing & accounting (invoicing, tax compliance). (Contract / Legal obligation)

• Marketing to business contacts (with opt-out). (Consent where required / Legitimate interests)

• Compliance & defense (regulatory requests, dispute resolution, enforcing terms). (Legal obligation / Legitimate interests)

Where required by law, we will seek consent before processing; you may withdraw consent at any time (this does not affect prior processing).

4) How we share information

We share personal information only as necessary:

• Service providers/subprocessors: hosting, analytics, email delivery, customer support, payment processing, error monitoring, security—bound by confidentiality and data-processing terms.

• Business transfers: merger, acquisition, financing, or sale of assets (with notice where required).

• Legal & safety: to comply with law, respond to valid requests, or protect rights, property, and safety.

• With your direction: when you connect third-party integrations.

We do not sell personal information.

5) International transfers

We may process/store data in Canada, the U.S., the EU, or other countries where providers operate. When transferring personal information internationally, we use appropriate safeguards (e.g., contractual clauses).

6) Data retention

We retain personal information only as long as needed for the purposes in this Policy, to comply with legal obligations, resolve disputes, and enforce agreements. When no longer necessary, we delete, de-identify, or securely archive data per our retention schedule.

7) Security

We use administrative, technical, and physical safeguards designed to protect personal information (e.g., access controls, encryption in transit, secure development/change management). No system is 100% secure; if we detect a breach that poses a risk to you, we will notify you and regulators as required by law.

8) Your rights

Canada (PIPEDA). You may request access to, or correction of, your personal information we hold. You may also challenge our compliance with this Policy. To make a request, contact us at info@deploypoint.ai or by mail at 103-2727 Steeles Ave W, Toronto, ON, M3J 3G9, Canada. We will verify your identity and respond within a reasonable time. We may decline requests as permitted by law (e.g., where disclosure would infringe others’ privacy or legal privilege).

Québec (Law 25) — if applicable. Additional rights (e.g., de-indexing and certain portability) may apply. Contact us using the details above.

EU/UK (GDPR) — if applicable. You may have rights to access, rectify, erase, restrict, port, or object to processing, and to withdraw consent. You may also lodge a complaint with your supervisory authority.

California (CCPA/CPRA) — if applicable. You may have rights to know/access, correct, delete, and to opt-out of sale or sharing for cross-context behavioral advertising (we do not sell personal information). We do not discriminate for exercising these rights.

How to exercise your rights. Email info@deploypoint.ai with your request and sufficient detail to identify you and the data in question. We will verify your identity, explain any limitations, and complete eligible requests within required timelines.

9) Cookies & analytics

We use cookies and similar technologies to:

• keep you signed in and remember preferences,

• understand usage and improve performance,

• measure marketing effectiveness.

You can control cookies via your browser and, where offered, a site-level banner. Disabling cookies may affect functionality.

10) Children’s privacy

Our services are intended for business use and are not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us so we can take appropriate action.

11) Third-party links & integrations

Our websites/services may link to or integrate with third-party sites and platforms. Their privacy practices are governed by their own policies; we encourage you to review them. We are not responsible for third-party content or practices.

12) Automated decision-making & AI features

When our services use AI or automation:

• We typically process business contact and operational data to configure, run, and improve automations.

• We do not use your confidential project data for marketing without consent.

• If we enable AI outputs trained on aggregated or de-identified data, we apply safeguards to minimize re-identification risk.

• We do not make solely automated decisions that produce legal or similarly significant effects without appropriate human oversight where required by law.

Project-specific data handling (e.g., PHI or special categories) will be governed by your SOW and, if needed, additional agreements (e.g., DPAs, BAAs).

13) Do-Not-Track & global privacy controls

Our sites may not respond to every browser “Do-Not-Track” signal. Where applicable law recognizes Global Privacy Control (GPC) or similar signals, we will honor them to the extent required.

14) Changes to this Policy

We may update this Policy from time to time. We will post the updated version with a new effective date. Material changes will be highlighted or otherwise communicated as appropriate. Your continued use of our services after changes means you accept the updated Policy.

15) How to reach us

Email: info@deploypoint.ai
Mail: 103-2727 Steeles Ave W, North York, ON, M3J 3G9, Canada