Privacy Policy

Last updated: February 8, 2026

Zeitwerk ("we," "us," or "our") is committed to protecting the privacy and security of the personal information entrusted to us by our clients, prospective clients, and visitors to our website (collectively, "you" or "your"). This Privacy Policy describes our practices concerning the collection, use, disclosure, and safeguarding of personal information in connection with our website located at zeitwerk.ca (the "Site") and the professional services we provide (the "Services").

This Policy is drafted in accordance with the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) ("PIPEDA") and applicable provincial privacy legislation. By accessing the Site or engaging our Services, you acknowledge that you have read and understood this Policy.

1. Definitions

"Personal Information" means information about an identifiable individual, as defined under PIPEDA, but does not include the name, title, business address, or telephone number of an employee of an organization. "Processing" includes any operation performed on Personal Information, whether by automated means or otherwise.

2. Information We Collect

2.1 Information You Provide Directly

We collect Personal Information that you voluntarily submit to us in the course of:

  • Completing consultation request forms or other inquiry mechanisms on the Site;
  • Entering into or performing under a professional services engagement;
  • Corresponding with us via email, telephone, or other communication channels; and
  • Subscribing to newsletters, publications, or other communications.

The categories of Personal Information we may collect include your full name, professional title and role, business email address, telephone number, employer name and organizational size, and descriptions of your business processes and operational requirements.

2.2 Information Collected Automatically

When you access the Site, our systems may automatically collect certain technical and usage data, including but not limited to your Internet Protocol (IP) address (anonymized where technically feasible), browser type and version, operating system, referring URLs, pages viewed and navigation paths, and date and time stamps of access. This data is collected to facilitate the operation, security, and improvement of the Site.

2.3 Cookies and Similar Technologies

The Site may employ cookies, web beacons, and analogous tracking technologies to enhance functionality and gather analytical data. Cookies that are strictly necessary for the operation of the Site cannot be disabled. You may configure your browser settings to refuse optional cookies; however, doing so may impair certain features of the Site.

3. Purposes for Collection, Use, and Disclosure

We collect and use Personal Information for the following identified purposes:

  • Service Delivery. To respond to your inquiries, prepare proposals, and deliver, administer, and improve our automation consulting and implementation Services;
  • Communications. To send project updates, technical documentation, invoices, and other service-related correspondence;
  • Site Operations. To operate, maintain, secure, and optimize the Site, including monitoring for unauthorized access or abuse;
  • Analytics. To analyze usage patterns and trends in order to enhance the user experience and performance of the Site;
  • Legal Compliance. To comply with applicable laws, regulations, court orders, and lawful governmental requests; and
  • Legitimate Business Interests. To protect our rights, property, and safety, and those of our clients and the public.

4. Consent

We obtain your consent for the collection, use, and disclosure of Personal Information at the time of collection, unless an exception under PIPEDA applies. Consent may be express or, in certain circumstances, implied by your conduct (for example, by submitting an inquiry through the Site). You may withdraw your consent at any time by contacting us at the address below, subject to legal or contractual restrictions and upon reasonable notice.

5. Disclosure to Third Parties

We do not sell, rent, lease, or otherwise commercially transfer your Personal Information to third parties. We may disclose Personal Information in the following limited circumstances:

  • Service Providers. To third-party vendors who perform services on our behalf (such as hosting, analytics, and payment processing), who are contractually bound to use Personal Information solely for the purposes for which it was disclosed and to maintain appropriate security measures;
  • Legal Obligations. Where required or permitted by applicable law, regulation, legal process, or enforceable governmental request;
  • Protection of Rights. Where necessary to enforce our agreements, protect the safety of any person, or investigate suspected fraud or illegal activity; and
  • Corporate Transactions. In connection with a merger, acquisition, reorganization, or sale of all or substantially all of our assets, in which case you will be notified of any change to applicable privacy practices.

6. Security Safeguards

We implement organizational, physical, and technological security measures commensurate with the sensitivity of the Personal Information in our custody, including encryption of data in transit (TLS 1.2 or higher), access controls based on the principle of least privilege, and regular security assessments. Notwithstanding these measures, no method of electronic transmission or storage is entirely secure, and we cannot guarantee absolute security.

7. Data Retention

We retain Personal Information only for as long as reasonably necessary to fulfill the purposes for which it was collected, to satisfy applicable legal, regulatory, and accounting requirements, or as otherwise permitted by law. Upon expiry of the applicable retention period, Personal Information will be securely destroyed or de-identified.

8. Your Rights Under Canadian Privacy Law

Subject to certain exceptions prescribed by law, you have the right to:

  • Request access to the Personal Information we hold about you;
  • Request correction of any inaccurate, incomplete, or outdated Personal Information;
  • Request deletion or de-identification of your Personal Information, subject to our legal and contractual obligations;
  • Withdraw consent for the processing of your Personal Information, subject to legal or contractual restrictions; and
  • File a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated.

To exercise any of these rights, please contact us using the information set out in Section 10 below. We will respond to verified requests within thirty (30) days of receipt, or such longer period as may be permitted under applicable law.

9. International Transfers

Your Personal Information is stored and processed in Canada. In the event that Personal Information is transferred to a jurisdiction outside of Canada for processing by a service provider, we will ensure that contractual and other safeguards are in place to provide a comparable level of protection as required by PIPEDA.

10. Amendments to This Policy

We reserve the right to amend this Privacy Policy at any time. Any material changes will be reflected by an updated "Last updated" date at the top of this page. We encourage you to review this Policy periodically. Your continued use of the Site or Services following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Officer at:

Zeitwerk
Email: hello@zeitwerk.ca
Web: zeitwerk.ca