Last Updated: 1 March 2025
We value your privacy and are committed to protecting any personal data shared with us through the Site or in direct communications.
We value your privacy and are committed to protecting any personal data shared with us through the Site or in direct communications.
Privacy policy
1.1 Data Controller
Graewolves, located in Montreal, Quebec, Canada, is the data controller responsible for your personal information collected through our Site or services.
1.2 Data We Collect
Personal Information: This may include:
Usage Data: Non-personal data such as:
By using our Site, you consent to this usage. You can manage cookie preferences through our cookie banner or your browser settings.
1.3 How We Use Your Data
Service Provision:
Business Operations:
Marketing Communications:
You can unsubscribe from marketing communications at any time via the unsubscribe link in our emails or by contacting us directly.
1.4 Legal Basis for Processing
Our processing relies on one or more of the following legal bases:
1.5 Data Storage and Retention
Storage Locations: Personal data is stored on secure servers located in Canada and the United States.
Retention Periods:
1.6 Data Sharing & Transfers
Service Providers: We share data with trusted third-party service providers, including:
International Transfers:
Some of our service providers are based outside Canada
For transfers to the US, we rely on appropriate safeguards, including standard contractual clauses
We ensure all third parties maintain adequate data protection measures
Legal Requirements:
We may disclose information if required by law. We may share information in connection with a business transaction We may protect our rights or property when necessary
1.7 User Rights
Depending on your jurisdiction, you may have the right to:
To exercise these rights, contact [jason@graewolves.com. We will respond within 30 days.
1.8 Case Studies and Testimonials
Consent: We only use client information in case studies with explicit written permission.
Anonymization: Where requested, we anonymize data used in case studies.
Withdrawal: You may request removal of testimonials or case studies featuring your information at any time.
1.9 Security Measures
We implement appropriate technical and organizational measures to protect your data, including:
Technical Protection:
Organizational Measures:
Limitations: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
1.10 Children's Privacy
Our Site and services are not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
1.11 PIPEDA Compliance
We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and similar provincial laws in Canada. This includes:
1.12 Updates to Privacy Policy
We may revise this Privacy Policy. All changes are effective immediately upon posting. Major changes will be notified via email or site notice. Continued use of the Site indicates your acceptance of any modifications.
Graewolves, located in Montreal, Quebec, Canada, is the data controller responsible for your personal information collected through our Site or services.
1.2 Data We Collect
Personal Information: This may include:
- Contact information (name, email address, phone number, job title)
- Business information (company name, industry, size)
- Communications with us (inquiries, feedback, testimonials)
- Service data (project requirements, preferences, objectives)
- Payment information (for clients)
Usage Data: Non-personal data such as:
- IP addresses and device information
- Browser types and settings
- Pages viewed and navigation patterns
- Referral URLs and time spent on site
- Geographic location (country/region level only)
- Cookies & Tracking Technologies:
- Essential cookies: Required for site functionality
- Analytics cookies: We use Google Analytics to understand site usage
- Marketing cookies: For retargeting through platforms like LinkedIn and Facebook
- Preference cookies: To remember your settings and preferences
By using our Site, you consent to this usage. You can manage cookie preferences through our cookie banner or your browser settings.
1.3 How We Use Your Data
Service Provision:
- To respond to your inquiries
- To prepare and deliver branding proposals
- To execute contracted services
- To process payments and maintain records
Business Operations:
- To analyze usage patterns and improve our Site
- To fix website errors and optimize user experience
- To create aggregated statistical data
- To maintain security of our systems
Marketing Communications:
- To send newsletters or updates about our services (with opt-in)
- To provide relevant content and offers
- To invite you to events or webinars
- To conduct market research
1.4 Legal Basis for Processing
Our processing relies on one or more of the following legal bases:
- Consent: When you explicitly agree to specific uses of your data
- Contractual Necessity: When processing is necessary to fulfill our contractual obligations
- Legitimate Interests: When we have a legitimate business interest in processing data
- Legal Obligation: When processing is necessary for compliance with a legal obligation
Storage Locations: Personal data is stored on secure servers located in Canada and the United States.
Retention Periods:
- Active clients: For the duration of our relationship plus seven (7) years
- Prospects: For three (3) years from last contact
- Marketing contacts: Until you unsubscribe or after two (2) years of inactivity
- Website data: For up to two (2) years
- Secure Disposal: When no longer needed, data is securely deleted or anonymized according to industry standards.
1.6 Data Sharing & Transfers
Service Providers: We share data with trusted third-party service providers, including:
- CRM systems (e.g., HubSpot)
- Email marketing platforms (e.g., Mailchimp)
- Analytics providers (e.g., Google Analytics)
- Project management tools (e.g., Asana)
- Financial processing services (e.g., Stripe)
International Transfers:
Some of our service providers are based outside Canada
For transfers to the US, we rely on appropriate safeguards, including standard contractual clauses
We ensure all third parties maintain adequate data protection measures
Legal Requirements:
We may disclose information if required by law. We may share information in connection with a business transaction We may protect our rights or property when necessary
1.7 User Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request copies of your personal data
- Rectification: Correct inaccurate information
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Limit the processing of your data
- Portability: Receive data in a structured format
- Objection: Object to certain processing activities
- Withdraw Consent: Revoke previously given consent
1.8 Case Studies and Testimonials
Consent: We only use client information in case studies with explicit written permission.
Anonymization: Where requested, we anonymize data used in case studies.
Withdrawal: You may request removal of testimonials or case studies featuring your information at any time.
1.9 Security Measures
We implement appropriate technical and organizational measures to protect your data, including:
Technical Protection:
- SSL/TLS encryption for data transmission
- Secure, password-protected hosting
- Regular security assessments
- Restricted access to personal information
- Staff training on data protection
- Confidentiality agreements
- Data processing policies
- Incident response plans
1.10 Children's Privacy
Our Site and services are not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
1.11 PIPEDA Compliance
We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and similar provincial laws in Canada. This includes:
- Accountability: We are responsible for personal information under our control
- Identifying Purposes: We identify the purposes for collecting information
- Consent: We obtain consent for collection, use, or disclosure
- Limiting Collection: We limit collection to what is necessary
- Limiting Use: We do not use information for purposes other than those for which it was collected
- Accuracy: We keep information as accurate, complete, and up-to-date as necessary
- Safeguards: We protect information with appropriate security measures
- Openness: We make our policies readily available
- Individual Access: We provide access to information upon request
- Challenging Compliance: We address concerns about compliance
1.12 Updates to Privacy Policy
We may revise this Privacy Policy. All changes are effective immediately upon posting. Major changes will be notified via email or site notice. Continued use of the Site indicates your acceptance of any modifications.