1) Who We Are
TorontoBytes (“we”, “us”, “our”) is a digital agency providing websites, SEO & growth services. If you have questions about this policy or your data, contact: hello@torontobytes.com
2) Data We Collect
- Contact & Account: name, email, phone, company, role, billing details.
- Usage & Device: pages viewed, links clicked, IP address, browser, OS, approximate location (from IP), timestamps.
- Support & Sales: messages, briefs, files you share, meeting notes.
- Payment: handled by PCI-compliant processors (e.g., Stripe/PayPal). We store only limited billing metadata, not full card numbers.
- Client Sites: if we manage or host your site, we may process visitor analytics, logs and CMS user data as your processor under a services agreement/DPA.
3) How We Use Personal Data
- To provide and improve our services, websites and support.
- To communicate: proposals, onboarding, updates, invoices, service notices.
- To personalise content, measure performance and prevent fraud/abuse.
- To comply with law, enforce agreements and defend legal claims.
4) Lawful Bases (GDPR/UK-GDPR)
- Contract: to deliver the services you request.
- Legitimate Interests: website analytics, security, service improvements, reasonable marketing to business contacts.
- Consent: non-essential cookies/marketing where required; you can withdraw anytime.
- Legal Obligation: tax records, compliance requests.
5) Cookies & Tracking
We use cookies and similar tech to run the site and understand performance.
- Strictly Necessary: site security, session management.
- Analytics: aggregated usage, page performance.
- Functional: remembering preferences.
- Advertising: ad measurement/retargeting where enabled.
To change preferences, use your browser settings or our cookie banner (where shown). You may also opt out of interest-based advertising via YourAdChoices and NAI.
7) International Transfers
Where data moves outside your region, we use appropriate safeguards (e.g., standard contractual clauses) and work with providers who implement robust security and privacy controls.
8) Retention
We keep personal data only as long as necessary for the purposes set out in this policy and to meet legal/accounting obligations. When no longer required, data is securely deleted or anonymised.
9) Security
- Encryption in transit (HTTPS) and at rest with reputable vendors.
- Least-privilege access, MFA on critical systems, regular updates and backups.
- Vendor reviews and incident response procedures.
10) Your Privacy Rights
GDPR/UK-GDPR: you may request access, rectification, deletion, restriction, portability, and objection to processing based on legitimate interests or direct marketing. CCPA/CPRA (California): you may request to know, correct, or delete personal information and opt-out of “selling”/“sharing” for cross-context behavioural advertising (we do not sell data).
Submit a request by emailing hello@torontobytes.com. We may need to verify your identity. You can designate an authorised agent where permitted by law.
For EU/UK residents, you can lodge a complaint with your local supervisory authority; for Canada, with the Office of the Privacy Commissioner.
11) Analytics, Email & Advertising
- Analytics: we use aggregated metrics to improve our site and services.
- Email: you can unsubscribe from marketing at any time via the link in our emails.
- Ads: if we run campaigns, platforms may use cookies/IDs for measurement; manage preferences via the platform or your browser.
12) Children’s Privacy
Our services are intended for business users and are not directed to children under 13 (or the age required by local law). We do not knowingly collect data from children.
13) Changes to This Policy
We may update this Privacy Policy from time to time. We will post the new date above and, where appropriate, notify you by email or banner.
14) Contact Us
Questions or requests? Email hello@torontobytes.com or write to: TorontoBytes, Innisfil, Ontario, Canada.
Note: this policy provides general information and is not legal advice.