ESPACE InfoTech Canada Inc. (“we”, “our”, “us”) respects your privacy and is committed to protecting personal information in compliance with:
- Personal Information Protection and Electronic Documents Act (PIPEDA)
- Quebec Law 25 (formerly Bill 64)
- GDPR-aligned global privacy principles (where applicable)
This Privacy Policy explains what we collect, why we collect it, how we use it, and how we protect it.
Who We Are
ESPACE InfoTech Canada Inc. is a Canadian custom software development company providing:
- Custom Software & SaaS Development
- Mobile App Development
- AI & Automation Solutions
- UI/UX Design
- IT Advisory & Staff Augmentation
Important note:
Our leadership and engineering foundation is closely connected to Workspace Infotech Ltd., a long-established global technology company. However, ESPACE InfoTech Canada Inc. operates as a Canadian legal entity and follows Canadian and Quebec privacy laws.
Data Controller & Processing Roles
ESPACE InfoTech Canada Inc. acts as the Data Controller for all personal information collected through this website and related communications.
In the context of client engagements, ESPACE InfoTech may process personal information on behalf of its clients. In such cases, the client remains the Data Controller, and ESPACE InfoTech acts as a Data Processor, processing personal information strictly in accordance with the client’s documented instructions and applicable contractual obligations.
When applicable, clients may formally request a list of ESPACE InfoTech’s authorized sub-processors by contacting us at privacy@espaceinfotech.com.
Records of Processing Activities (ROPA)
We maintain documented Records of Processing Activities, as required under PIPEDA and Quebec Law 25, covering:
- What personal information we collect
- Why we collect it
- How it is used
- Where it is stored
- Who can access it
- How long it is retained
Personal Information We Collect & Why
Website Contact Forms
Data Collected
- Full name
- Email address
- Company name (optional)
- Message content
Purpose
- Respond to inquiries
- Provide consultation or service information
- Pre-contract communication
Legal Basis
- Explicit user consent
Consultation & Project Inquiry Forms
Data Collected
- Name
- Business details
- Project requirements
Purpose
- Scope assessment
- Proposal preparation
- Business communication
Legal Basis
- Explicit consent
- Legitimate business interest
Email Communications
Data Collected
- Email address
- Communication content
Purpose
- Business correspondence
- Project coordination
- Contractual and legal communication
Legal Basis
- Legitimate business interest
Cookies & Tracking Technologies
Data Collected
- Device identifiers
- IP address (anonymized where applicable)
- Browser type and version
- Pages visited and interaction data
Purpose
- Enable core website functionality and security
- Analyze website usage to improve performance and user experience
Legal Basis
- Essential cookies: Legitimate interest
- Analytics cookies: User consent
Legal Basis for Processing
We process personal information only where a lawful basis exists. Depending on the context, processing may be based on one or more of the following grounds:
- Consent – where you have voluntarily provided personal information (e.g., contact forms, inquiries, or marketing communications);
- Contractual necessity – where processing is required to respond to inquiries, provide services, or fulfill contractual obligations;
- Legitimate interests – where processing is necessary to operate, secure, and improve our website and services, provided such interests do not override your fundamental rights and freedoms;
- Legal obligations – where processing is required to comply with applicable laws or regulatory requirements.
Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations.
Retention periods are determined based on:
- The nature and purpose of the information collected;
- Legal, regulatory, or contractual requirements;
- Our legitimate business needs.
When personal information is no longer required, it is securely deleted, anonymized, or otherwise disposed of in accordance with our internal retention and destruction policies.
Cookies & Tracking Technologies
Tools We Use
Google Analytics (GA4)
Used strictly to:
- Measure website performance
- Understand traffic patterns
- Improve usability
Safeguards
- IP anonymization enabled
- No advertising profiling
- No personal identification
Cookie Consent Management
- Non-essential cookies are disabled by default
- Users can accept, reject, or customize cookies
- Consent records are stored securely
- Preferences can be changed anytime
This complies with PIPEDA, Quebec Law 25, and GDPR-style consent requirements.
Cross-Border Data Transfers
We avoid cross-border data transfer by default.
- Client data hosted by ESPACE InfoTech Canada Inc. remains in Canada
- No personal or sensitive data is transferred outside Canada without explicit client consent
- If offshore development is ever required:
- Access is restricted
- Logged and monitored
- PII is excluded unless authorized
Data Processing Location
All personal information collected by ESPACE InfoTech Canada Inc. is processed and hosted exclusively in Canada.
We do not knowingly transfer personal information outside of Canada. All hosting providers, infrastructure, and data storage locations are based within Canadian jurisdiction and are subject to applicable Canadian privacy laws.
Third-Party Access & IP Protection
- No third-party vendor receives access to client data without consent
- No reuse of client code or intellectual property
- All staff and partners operate under confidentiality agreements
Data Security Measures
We implement:
- Role-based access control
- Secure hosting environments
- Internal privacy policies
- Incident response procedures
- Regular compliance reviews
Your Rights & Withdrawal Consent
You have the right to:
- Access your personal data
- Request correction
- Withdraw consent
- Request deletion (subject to legal obligations)
Where processing is based on your consent, you may withdraw that consent at any time, subject to legal or contractual restrictions.
To withdraw consent, you must submit a formal request by email to privacy@espaceinfotech.com. Withdrawal of consent will not affect the lawfulness of any processing carried out prior to the withdrawal.
Upon receipt of a valid request, we will act promptly and in accordance with applicable legal requirements.
Updates to This Policy
We may update this policy periodically. Updates will be posted on this page with a revised effective date.