Privacy Policy

Last updated: August 9, 2025

Quick links

• What data we collect
• How we use your data
• Cookies & similar tech
• Sharing & international transfers
• Your rights & choices
• Children’s privacy
• Data breaches
• Changes to this policy
• Contact & complaints

1. What This Policy Covers

G1‑Buddy ("G1‑Buddy," "we," "us," or "our") operates the g1buddy.ca website and related services (collectively, the "Service"). This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you interact with the Service—regardless of where you live.

2. Legal Framework We Follow

• PIPEDA – Personal Information Protection and Electronic Documents Act, including its Ten Fair Information Principles.
• CASL – Canada’s Anti‑Spam Legislation for marketing communications.

We monitor legislative changes (e.g., future CPPA bills) and will update this Policy as needed.

3. What Data We Collect

3.1 Information you provide directly

• Email address
• Password (hashed and salted)
• Optional mailing address, postal code, province
• Messages you send to our support team

3.2 Payment information (via Stripe)

• Stripe customer ID
• Stripe subscription ID, status, billing period

Note: We never see or store your credit‑card number. Stripe acts as our payment processor and may process your data outside Canada. See their policy at stripe.com/privacy.

3.3 Information collected automatically

• IP address, browser type, operating system, and device identifiers
• Usage logs (pages viewed, date/time, referring URLs)
• Cookies and similar technologies (see Section 5)
• Google Analytics data: website interaction patterns, session duration, geographic location (city/region level), device and browser information for performance analysis

3.4 Optional demographic information

If you choose to add a profile photo, display name, or other optional fields, we store that information until you remove it.

4. How We Use Your Data & Lawful Basis

We only collect, use, and disclose information for purposes a reasonable person would consider appropriate, relying on the following legal bases:

Purpose	Examples	Basis
Provide the Service	Create your account, authenticate you, personalize dashboard	Contract
Process payments	Subscription billing and invoices via Stripe	Contract
Communicate with you	Transactional emails (password resets, renewal notices)	Contract
Marketing (optional)	Newsletters, promotions	Consent (CASL)
Improve & secure Service	Analytics, performance monitoring, fraud prevention	Legitimate interest
Website analytics	Google Analytics: track site usage, optimize user experience, identify popular content	Legitimate interest

We do not use your data for automated decision making that produces legal or similarly significant effects.

5. Cookies & Similar Technologies

We use cookies, local storage, and web beacons to:

• Keep you signed in;
• Remember preferences;
• Measure performance and diagnose errors;
• Collect website analytics through Google Analytics.

Google Analytics: We use Google Analytics to understand how visitors interact with our website. This service places cookies on your device and collects information such as pages visited, time spent on pages, and general geographic location. Google may use this data for its own purposes. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

You can adjust non‑essential cookies anytime via the Cookie Settings link in the site footer or through your browser. Essential cookies are required for the Service to function.

6. Sharing & International Transfers

We do not sell or rent your personal information. We share it only:

1. Service providers – securely with vendors who perform services for us (e.g., Stripe, Google Analytics, cloud hosting, email delivery). We require them to protect your data to standards comparable to PIPEDA.
2. Business transfers – in connection with a merger, acquisition, or asset sale. You will be notified of any such change.
3. Legal compliance & safety – when required by law or to protect our rights, property, or the safety of others.

Cross‑border transfers: Some providers operate in the United States and other jurisdictions. Your information may therefore be subject to lawful access requests by foreign courts, law‑enforcement, or national‑security authorities.

7. Your Rights & Choices

Under PIPEDA you may:

• Access the personal information we hold about you;
• Correct inaccuracies;
• Withdraw consent (marketing emails, optional cookies);
• Request deletion of unnecessary data;

Email support@g1buddy.ca to exercise any right. We aim to respond within 30 days.

7.1 Marketing choices (CASL)

Marketing emails are sent only with your express consent. Every message includes our contact details and a one‑click Unsubscribe link.

8. Children’s Privacy

The Service is not directed to children under 13. We do not knowingly collect information from children. If you believe a child has provided us personal information, contact us and we will delete it.

9. Data Breaches

If a breach of security safeguards creates a real risk of significant harm, we will:

1. Notify affected individuals as soon as feasible;
2. Report the breach to the Office of the Privacy Commissioner of Canada (OPC);
3. Keep an internal breach log for at least 24 months.

10. Changes to This Policy

We may revise this Policy periodically. We will post the updated version here and update the “Last updated” date. Significant changes will be announced by email or in‑app notices.

11. Contact

• Email: support@g1buddy.ca
• Address: G1 Buddy, 123 Example Street, Toronto, ON M1A 1A1, Canada