Privacy Policy

4. Types of Personal Information We Collect
‍
4.1 Personal Information (Identifiable Data)
‍
“Personal Information” is information that identifies you, can be used to identify or contact you, or can be reasonably linked to you. We may collect the following types of Personal Information:

Account Registration Information: - Full legal name or business name - Email address(es) - Mailing address and phone number(s) - Company affiliation and business details - Username and password (hashed/encrypted) - Billing and payment contact information - Account preferences and profile settings

Payment and Billing Information: - Credit card numbers (processed only by third-party payment processors; we do NOT store these directly) - Billing address and invoice details - Transaction history and payment method information - Subscription plan details and upgrade/downgrade history - Failed payment attempts and related communications

Communication and Support Information: - Emails, chat messages, and support tickets - Call recordings (if applicable) - Customer inquiries and their content - Feedback, testimonials, and suggestions - Complaint details and resolution communications

Service Usage and Interaction Data: - Design requests, project briefs, and specifications - Project files, images, links, and content you provide - Revision history and feedback on deliverables - Timeline and scheduling information - Custom API calls and integration data

Professional and Business Information: - Client list and reference information - Portfolio or case study information - Industry and business classification - Approval authority and decision-making role - Professional certifications or credentials (if provided)

‍

4.2 Other Data (Non-Identifiable Information)
‍
We also collect and process “Other Data,” which does not directly identify you but provides insights about your interactions with our Services:

Log and Technical Data: - Internet Protocol (IP) address and ISP information - Device type, operating system, and browser information - Device identifiers and hardware model - Unique device identifiers (IDFA, Android ID, etc.) - Browser version, language, and locale settings - Mobile network information - Device screen resolution and display settings - Technical error reports and diagnostic data

Usage and Interaction Data: - Pages visited and time spent on each page - Clickstream data and navigation patterns - Search queries and content searches - Forms completed or initiated - Downloads and file interactions - Features used and frequency of use - Dates, times, and duration of interactions - Content viewed, requested, or interacted with - Performance metrics and system responses - Whether emails were opened (via pixel tags)

Behavioral and Analytics Data: - User journey and session history - Conversion events and funnel progression - Subscription plan interactions and upgrade triggers - Feature adoption and usage frequency - Churn indicators and account activity patterns - Geographic location (derived from IP address)

Cookies and Tracking Technologies: - Cookie identifiers and values - Local storage and session storage data - Web beacon and pixel tag data - Advertising identifiers - Tracking data from affiliated sites and services - Referral sources and attribution data

‍

4.3 How We Collect Information
‍
We collect Personal Information and Other Data through direct provision when you create an account, subscribe, fill out forms, contact us, or submit requests; automated collection through cookies, pixel tags, web beacons, and similar tracking technologies; service usage automatically recorded as you use our Site and Services; third-party partners from business partners, referral sources, or data providers; payment processors with limited data received from payment service providers; publicly available sources; log files from server logs that automatically capture access and usage data; and analytics services like Google Analytics, HubSpot Analytics, and similar tools.
‍

4.4 Sensitive Personal Information

We request that you do NOT provide to us any sensitive personal information, including Social Security Numbers or tax identification numbers, credit card numbers (payments use third-party processors only), bank account information (payments use third-party processors only), health or medical information, biometric or genetic information, information related to racial or ethnic origin, political opinions or affiliations, religious or philosophical beliefs, trade union membership, or criminal history or legal records. If you inadvertently provide sensitive information, please contact us immediately at hello@Augmen8.com and we will delete it.
‍

5. Lawful Basis for Processing Personal Information

Under PIPEDA and other applicable privacy laws, we process your personal information only for lawful purposes including service delivery and fulfillment (providing requested Services and features, creating and managing your account, delivering design, development, or consulting work, communicating about your projects and deliverables, processing subscriptions, billing, and payments, providing customer support and technical assistance, fulfilling legal and contractual obligations), business operations (improving, optimizing, and enhancing Services and features, understanding how customers use our Services, conducting research, analytics, and statistical analysis, testing new features and service improvements, developing marketing strategies and promotional plans, creating aggregated reports and insights, conducting internal audits and compliance reviews), legal and compliance (complying with applicable laws, regulations, and legal processes, responding to government requests and law enforcement inquiries, detecting, preventing, and addressing fraud, abuse, and security risks, protecting the rights, property, and safety of Augmen8, customers, and the public, enforcing our Terms of Service and other agreements, establishing, exercising, or defending legal claims, meeting data protection and privacy obligations), and marketing and communications (sending promotional emails about products, services, and offerings with consent, conducting surveys, contests, and promotional campaigns, analyzing campaign effectiveness and customer engagement, personalizing marketing content based on interests, updating you about service changes, policy updates, and announcements, sending administrative notifications required and cannot be opted out).

We obtain your consent before collecting, using, or disclosing personal information for purposes not reasonably expected or already authorized. Consent may be express (explicit written/verbal authorization) or implied (based on the nature of your interactions and our communications).

6. Cookies and Tracking Technologies
‍
6.1 What Are Cookies?
‍
Cookies are small data files placed on your device (computer, tablet, smartphone) by a website or service you access. Cookies are stored on your device and can be retrieved by the server that placed them. Cookies allow websites to remember information about your preferences and interactions.

6.2 How We Use Cookies
‍
We use cookies and similar technologies (pixel tags, web beacons, local storage, etc.) to facilitate account access and maintain your login session, remember your preferences and settings, track usage and interaction patterns for analytics, measure advertising effectiveness and serve targeted ads, prevent fraud and enhance security, improve our Services and user experience, and conduct research and analyze user behavior.

6.3 Cookie Categories
‍
We use Strictly Necessary Cookies essential for platform functionality that cannot be disabled (authentication, account access, security, session management, session-based or up to 12 months duration, no consent required as necessary for service operation); Functional Cookies to store your preferences and enhance user experience (remember language, account name, timezone, interface preferences, 1-2 years duration, no consent required as implied consent based on service use); Analytics and Performance Cookies to understand how users interact with our Site and Services (track page visits, usage patterns, feature adoption, errors, performance, 1-2 years duration, consent required in some jurisdictions, uses Google Analytics, HubSpot Analytics, Segment); Advertising and Marketing Cookies to display relevant advertising and measure campaign effectiveness (build audience segments, track user interests, optimize ad targeting, 6 months to 2 years duration, explicit consent required, uses Google Ads, Meta Pixel, LinkedIn Insight Tag); and Third-Party and Embedded Content Cookies to enable functionality from integrated third-party services (embedded forms, video players, chat widgets, integrations, varies by third party, may be required depending on third-party terms, uses YouTube, Vimeo, Typeform, Intercom, Zapier, Slack).

6.4 Pixel Tags and Web Beacons
‍
In addition to cookies, we use pixel tags, web beacons, and similar technologies (1x1 transparent images) to track email opens and click-through rates, measure conversion events, verify ad impressions and effectiveness, conduct analytics and user behavior studies, and gather performance and usage metrics. These technologies do not store data on your device but communicate with our servers to record an event.

6.5 Your Cookie Choices
‍
You can disable cookies in your browser settings. Most browsers provide options to automatically decline all cookies, accept cookies only from certain sites, clear cookies after each session, or be prompted before accepting cookies. Browser Controls: Chrome (Settings, Privacy and Security, Cookies and other site data), Firefox (Preferences, Privacy & Security, Cookies and Site Data), Safari (Preferences, Privacy, Manage Website Data), Edge (Settings, Privacy, search, and services, Cookies and other site data). Important Note: Disabling cookies may impair certain features and functionality of our Site and Services. You may not be able to access your account, view personalized content, or use certain features if you disable strictly necessary cookies.

Some third parties allow you to opt out of their tracking: Google Analytics (https://tools.google.com/dlpage/gaoptout), Google Ads (https://myadcenter.google.com), Meta Pixel (https://www.facebook.com/ads/preferences).

‍

7. Use and Disclosure of Personal Information
‍
7.1 How We Use Personal Information
‍
Permitted Uses include delivering Services and managing your account, responding to your inquiries and providing support, sending administrative and operational communications (cannot opt out), conducting research, analytics, and performance analysis, improving, optimizing, and enhancing our Services, marketing and promotional communications (with consent), detecting and preventing fraud, abuse, and security threats, complying with legal obligations and responding to legal requests, and enforcing our Terms of Service and protecting our rights. Restrictions on Use: We will not sell your personal information for monetary consideration, will not use your information for purposes incompatible with those originally stated, will not disclose your information without appropriate consent (with limited exceptions), and do not use behavioral data to make automated decisions with legal consequences.

7.2 Disclosure to Third Parties
‍
We may disclose your personal information to third-party service providers who assist in operating our Services including payment processors (Stripe, PayPal or similar - not retained by us), cloud infrastructure (Amazon Web Services, Google Cloud or similar), email and communication (SendGrid, Mailchimp, HubSpot), analytics services (Google Analytics, HubSpot Analytics, Mixpanel), security services (anti-fraud, DDoS protection, cybersecurity providers), customer support (Intercom, Zendesk or similar), and integrations (Zapier, Make or other third-party integrations with your authorization). We require all service providers to maintain appropriate security measures, process data only as instructed by Augmen8, comply with PIPEDA, GDPR, and other applicable privacy laws, and sign Data Processing Agreements (DPAs) where required.

We may also share information among affiliated companies (Seven IT Consulting Services Inc. and its current and future affiliates, subsidiaries, and parent companies) for marketing and promotional purposes, service delivery and support, product and service development, and compliance and legal matters. Legal process and emergencies disclosures occur when required by court orders, subpoenas, legal process, government requests, regulatory inquiries, law enforcement investigations, urgency protecting health, safety, or security, enforcement of our Terms of Service, or protection of our rights, property, or safety. Business transactions may involve transfer or disclosure during merger, acquisition, sale of assets, bankruptcy, insolvency proceedings, corporate reorganization, or restructuring with notice and consent where required by law. We may use and disclose publicly available information and aggregate and anonymized data (that cannot identify you) for any purpose without restriction including publishing statistical analyses and reports, sharing market research with third parties, creating anonymized datasets for research, benchmarking and performance analysis, and marketing and promotional purposes.

‍

8. Data Retention and Deletion
‍
8.1 Retention Periods by Data Type
‍
We retain personal information only as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law: Customer Account Information for duration of active subscription + 2 years post-cancellation (tax compliance, contractual records, dispute resolution); Transaction and Billing Records for 6 years from transaction date (CRA requirement in Canada - tax compliance, financial audit, fraud prevention); Support and Communication Records for 3 years from last interaction (quality assurance, dispute resolution, training); Analytics and Usage Data for 1-2 years then anonymized (service improvement, performance analysis); Marketing and Preference Data until opt-out or account deletion (campaign effectiveness, preference management); Payment Information with no retention by Augmen8 (retained by payment processor only); Project and Deliverable Files for duration of subscription + 30 days post-cancellation (customer backup window - service delivery, customer access).

8.2 Your Data Deletion Rights
‍
Under PIPEDA and other privacy laws, you have the right to request access to your personal information (we will provide this information within 30 days), correction of inaccurate information (we will update our records and confirm within 30 days), deletion of personal information (we will honor requests within 30 days unless legal requirements require retention), and data portability (we will provide data in CSV, JSON, etc. within 30 days). Opt-Out of Marketing is available by clicking “Unsubscribe” in promotional emails, logging into your account to change preferences, or contacting hello@Augmen8.com (processed within 5 business days). Administrative communications (billing, account changes, policy updates) cannot be opted out.

8.3 Limitations on Deletion
‍
Residual Data may remain in backup systems and archives, database logs and transaction history, server logs and technical records, and aggregated and anonymized datasets despite deletion requests - this residual data cannot identify you. Legal Requirements may prevent deletion when required by law or legal process, subject to litigation holds or government investigations, necessary to enforce our Terms of Service, necessary to protect security or fraud prevention, or required for dispute resolution or complaint handling. If we cannot delete information due to legal requirements, we will notify you of the reason and anticipated retention period.

‍

9. Security and Data Protection
‍
9.1 Security Measures
‍
We implement reasonable technical, administrative, and physical security measures including technical security (HTTPS/SSL encryption for data in transit, encryption at rest for sensitive data, firewalls and intrusion detection systems, regular security scanning and vulnerability assessments, secure authentication with multi-factor authentication options, access controls and role-based permissions, regular security updates and patch management), administrative security (employee privacy training and confidentiality agreements, limited access to personal information on need-to-know basis, data protection impact assessments, regular security audits and compliance reviews, incident response and breach notification procedures, third-party security requirements in vendor contracts), and physical security (secure data center facilities, access controls and surveillance, environmental controls, secure disposal of physical records).

9.2 Important Security Limitations
‍
No Perfect Security: We make no representation or warranty, express or implied, regarding the absolute security or integrity of our Site and your Personal Information. While we take reasonable steps to protect your information, no security measure is 100% effective. Internet-based communication and storage are inherently subject to risks including interception of data in transit, unauthorized access by third parties, malware and hacking attacks, insider threats and employee misconduct, third-party service provider breaches, and physical theft or loss. We cannot guarantee protection against sophisticated cyber attacks, zero-day security vulnerabilities, insider threats beyond our control, third-party breaches (cloud providers, integrations, vendors), or social engineering and phishing attacks.

Your Responsibility includes maintaining the confidentiality of your password and account credentials, enabling multi-factor authentication if available, updating your software and security patches, not using public Wi-Fi for sensitive transactions, monitoring your account for unauthorized access, and notifying us immediately of security concerns.

9.3 Breach Notification
‍
Our Commitment: If a breach of personal information occurs that poses a real risk of significant harm, we will notify affected individuals within 30 days (or as required by law), notify the Privacy Commissioner if required by PIPEDA, provide details of the breach, data affected, and recommended actions, and offer appropriate remediation. What is a Breach involves unauthorized access to, use of, or disclosure of personal information. What is NOT a Breach includes authorized access by Augmen8 employees, authorized third-party access per our data processing agreements, and compliance with legal process or law enforcement requests. If you believe your account or personal information has been compromised, contact us immediately at hello@Augmen8.com.

10. Third-Party Services and Integrations
‍
10.1 Third-Party Websites and Links
‍
Our Site may contain links to third-party websites, services, and platforms that are not controlled or operated by us including social media platforms (LinkedIn, Facebook, Twitter, Instagram), payment processors and financial services, cloud storage and file sharing services, communication and collaboration tools, and analytics and marketing platforms. Our Responsibility Limitations: We are not responsible for the privacy practices of third-party sites, do not endorse or control third-party content or services, and third-party terms of service and privacy policies apply to their services. Your Responsibility: Before providing personal information to any third party, review their privacy policy and terms of service.

10.2 Embedded Third-Party Content
‍
Our Services may include embedded content from third parties such as video players (YouTube, Vimeo), feedback forms (Typeform, SurveyMonkey), chat widgets (Intercom, Zendesk), social media feeds and buttons, and analytics trackers (Google Analytics, HubSpot). These embedded services may place their own cookies and collect data about your interactions. You can disable third-party cookies in your browser settings or use browser extensions that block tracking.

10.3 Your Integrations and Authorizations
‍
If you authorize integrations with third-party services (connecting Zapier, Slack, or other platforms), you are responsible for reviewing their privacy policies, we are not liable for their data practices, data shared with integrations is governed by their terms, and you can revoke integrations at any time in your account settings.

‍

11. Marketing Communications
‍
11.1 Promotional and Marketing Emails
‍
We may send you promotional emails about our Services, offers, features, and events if you have subscribed to our mailing list, have an active Augmen8 account, or have indicated interest in marketing communications. Your Consent: By creating an account or subscribing to our mailing list, you provide implied consent to receive marketing emails. You can withdraw this consent at any time. Opting Out: Click the “Unsubscribe” link in any marketing email, log into your account and manage communication preferences, or email hello@Augmen8.com with an unsubscribe request. We will process unsubscribe requests within 5 business days.

11.2 Administrative Communications
‍
We will send you administrative and service-related emails that are necessary for your subscription and account management including account creation and confirmation, billing receipts and invoices, payment failures and account suspensions, policy changes and updates to Terms of Service, security alerts and account activity notifications, service announcements and maintenance notices, and customer support responses. You Cannot Opt Out: These communications are essential and cannot be unsubscribed from. If you do not wish to receive any communications from us, you must delete your account.

11.3 Email Frequency and Preferences
‍
We will not send marketing emails more frequently than weekly promotional emails (unless you request daily), special offers and announcements as needed, and product updates and new features monthly or less. You can manage the frequency and types of marketing emails through your account preferences or by contacting us.
‍

12. Individual Privacy Rights
‍
Under PIPEDA and other privacy laws, you have the right to access all personal information we hold about you by contacting us at hello@Augmen8.com, logging into your account if available, or submitting a formal access request in writing (we will provide your information within 30 days in a clear, understandable format); right to correction if your personal information is inaccurate, incomplete, or outdated by updating information in your account or contacting us (we will acknowledge within 10 days and make corrections within 30 days); right to deletion (erasure) subject to legal and contractual obligations by contacting us (we will acknowledge within 10 days and delete within 30 days where legally permissible); right to data portability to receive a copy of your personal information in a portable format by contacting us (we will provide data in CSV, JSON, XML etc. within 30 days); right to opt-out of marketing communications, analytics and tracking, third-party data sharing, and use of personal information for certain purposes; and right to withdraw consent if you have provided consent for specific uses by contacting us or updating your account settings.

Effect of Withdrawal: We will cease using your information for the consented purposes, but past use based on prior consent will remain valid. Limitations: Opting out may affect your ability to use certain features of our Services.

13. Cross-Border Data Transfers
‍
13.1 International Data Storage and Processing
‍
Our Site and Services are operated from Canada. However, your personal information may be stored in the United States (Amazon Web Services, Google Cloud, or similar cloud providers), processed in multiple jurisdictions through third-party service providers, and transferred internationally for business operations and service delivery. By using our Services, you consent to the transfer of your personal information outside Canada to the United States and other jurisdictions where it will be subject to the laws of those jurisdictions.

13.2 Data Protection Standards
‍
When personal information is transferred outside Canada, we ensure comparable protection through transfers that comply with PIPEDA requirements, contractual safeguards through Data Processing Agreements (DPAs) requiring third-party processors to maintain PIPEDA-compliant protection, security measures with encryption and security standards equivalent to Canadian standards, and legal process transparency that your information may be subject to U.S. legal process, law enforcement requests, and government surveillance laws. We will resist U.S. government requests for your data when legally permissible and will challenge improper requests.

13.3 EU and GDPR Users
‍
If you are in the EU and your data is transferred to the United States, transfers comply with GDPR Chapter V (International Transfers), Standard Contractual Clauses (SCCs) or other legal mechanisms protect your information, you have rights under GDPR including the right to lodge a complaint with your supervisory authority, and we maintain appropriate safeguards for your fundamental rights.

14. Aggregate and Anonymized Data
‍
“Aggregate Data” is information that we combine from multiple users in a manner that prevents identification of any individual. Examples include “70% of our users are from the United States,” “Average session duration is 15 minutes,” and “5,000 design requests were processed last month.” We may use, analyze, publish, and disclose aggregate data for any purpose without restriction including creating statistical analyses and reports, publishing market research and industry benchmarks, sharing insights with business partners and third parties, marketing and promotional purposes, product development and optimization, and academic research and case studies.

“Anonymized Data” is information from which all identifiable elements have been removed and cannot reasonably be re-identified. Once data is properly anonymized through removal of direct identifiers, removal of quasi-identifiers, use of aggregation or statistical masking, no linkage to other databases, and irreversible removal, we may use it for any business purpose, share it with third parties without restriction, combine it with other datasets, publish it publicly, and retain it indefinitely.

15. Policy Updates and Changes
‍
15.1 Changes to This Privacy Policy
‍
We may update, modify, or amend this Privacy Policy at any time, for any reason, at our sole discretion. All updates are effective immediately upon posting to the Site. Material Changes for changes to how we use data will be notified through a prominent notice on our Site, email to your registered email address, or banner alert when you log in. Your Acceptance: Your continued use of our Site and Services following any update constitutes your acceptance of the updated Privacy Policy. If you do not agree with any changes, you must discontinue use of our Services and delete your account.

15.2 Version History
‍
Version Date Key Changes
1.0 January 23, 2026 Initial Privacy Policy for subscription-based Services
‍
15.3 Right to Review
‍
We encourage you to review this Privacy Policy regularly. We will post the last updated date at the top of this page.

16. Your Choices and Control
‍
Browser-Based Controls include cookie controls where most browsers allow you to disable cookies or be prompted before accepting (disabling may limit functionality); Do Not Track (DNT) where our Site does not respond to DNT browser signals and we continue to use cookies and tracking technologies even if DNT is enabled; and local storage where you can clear local storage and session storage in your browser settings (some features may not function properly if disabled).

Device-Level Controls include reviewing and adjusting app permissions in your device settings, disabling location services, camera, or microphone access, and limiting ad tracking (iOS: Settings > Privacy > Tracking; Android: Settings > Privacy > Ads). Account Controls include logging into your account to manage communication preferences, update privacy settings and data sharing options, and review and revoke third-party integrations.

17. Contact Us and Privacy Inquiries
If you have questions about this Privacy Policy, our privacy practices, your personal information, or to exercise your privacy rights, please contact us:

By Email: hello@Augmen8.com

By Mail: Augmen8 (Seven IT Consulting Services Inc.) Privacy Officer 23 Gloria Cres Whitby, ON Canada L1P 1V4.

Response Time: We will respond to all privacy inquiries within 10 business days. For complex requests, we may provide a timeline within that initial response.

Privacy Commissioner (Canada): If you have an unresolved privacy complaint, you may contact the Office of the Privacy Commissioner of Canada: Phone: 1-800-282-1376, Website: https://www.priv.gc.ca

18. Definitions
Personal Information: Information that identifies you or can be reasonably linked to you.
Other Data: Information that does not directly identify you (e.g., anonymized analytics).
Processing: Collecting, using, disclosing, storing, or otherwise dealing with information.
Service Provider: Third party that processes data on our behalf per our instructions.
Cookie: Small data file stored on your device by a website you visit.
Tracking Technology: Tools used to monitor and analyze user behavior (pixels, beacons, etc.).
Anonymized Data: Information from which all identifiers have been removed.
Aggregate Data: Information combined from multiple users that cannot identify individuals.
Breach: Unauthorized access to or disclosure of personal information.
PIPEDA: Personal Information Protection and Electronic Documents Act (Canadian privacy law).
GDPR: General Data Protection Regulation (EU privacy law).
Consent: Voluntary, informed, specific agreement to process personal information.

This Privacy Policy was last updated on January 23, 2026.

By accessing this Site and using our Services, you acknowledge that you have read, understood, and agree to this Privacy Policy and our Terms of Service.