2274638 Ontario Inc. ("we," "us," "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the GRATEIC platform and associated services ("Service").
1. Information We Collect
1.1 Account Information
- Name, email address, company name
- Account credentials (encrypted)
- Billing information (processed by third-party payment processor)
1.2 Usage Data
- IP addresses, browser type, device information
- Pages visited, features used, time spent
- Framework processes accessed
- Documents created and downloaded
1.3 Your Content
- Data you input into the platform
- Documents you create
- Project and compliance program information
- Custom configurations and assessments
2. How We Use Your Information
We use collected information to:
- Provide and maintain the Service
- Process transactions and send notices
- Improve and personalize the Service
- Analyze usage patterns and trends
- Detect and prevent fraud or abuse
- Comply with legal obligations
3. How We Share Your Information
We do NOT sell your personal information.
We may share information with:
- Service Providers: Payment processors, hosting providers (Microsoft Azure)
- Legal Requirements: When required by law or legal process
- Business Transfers: In case of merger, acquisition, or sale
- With Consent: When you explicitly authorize sharing
4. Data Security
We implement industry-standard security measures including:
- Encryption in transit (TLS/SSL)
- Encryption at rest (Azure encryption)
- Access controls and multi-factor authentication
- Regular security audits and vulnerability assessments
- Intrusion detection and monitoring
- Activity logging with 30-day retention
5. Data Retention
We retain your data:
- While your account is active
- As required for legal or regulatory compliance
- For up to 90 days after account termination (unless longer required by law), or less than 90 days based on the contracted term
- Anonymized usage data indefinitely for service improvement
6. Your Rights
Depending on your location, you may have rights to:
- Access your personal information
- Correct inaccurate information
- Request deletion of your information
- Object to or restrict processing
- Request data portability
- Withdraw consent
7. International Data Transfers
Your data may be transferred to and processed in Canada, the United States, or other countries where our service providers operate. We ensure adequate protections for international transfers through appropriate safeguards in compliance with applicable data protection laws including PIPEDA, GDPR, and CCPA.
8. Children's Privacy
Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors.
9. Cookies and Tracking
We use cookies and similar technologies as described in our Cookie Policy. You may control cookies through your browser settings, though disabling essential cookies may affect Service functionality.
10. Third-Party Links
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and, where appropriate, by email. Changes are effective 30 days after notice is provided.
12. Contact Us
Privacy Officer — 2274638 Ontario Inc.
Email: privacy@grateic.com
General: support@grateic.com
Website: www.grateic.com