Privacy Policy
How we collect, use, protect, and respect your personal information
Effective: January 1, 2026 | Last Revised: May 2026
Digital Move IT & Telecom Inc. | ISO 27001 Certified | CASL Compliant
1. Who We Are
Digital Move IT & Telecom Inc. ("Digital Move", "we", "us", "our") is an IT consulting and managed services provider incorporated in Ontario, Canada. We serve small and mid-sized enterprises (SMEs), with a registered office at:
10 George St N, Suite 135, Brampton, ON L6X 1R2, Canada
Email: sales@digital-move.com
Phone: +1 (437) 535-8933
Digital Move is the data controller with respect to the personal information collected through this website and through the delivery of our services, including advisory & consultancy, data management, cloud services & solutions, and cybersecurity.
2. Scope & Jurisdiction
This Privacy Policy applies to all personal information collected by Digital Move through our website (www.digital-move.com), our service engagements, marketing activities, and any other interaction with our organization.
Our primary legal framework is Canadian federal and provincial privacy law. We also recognize the rights of visitors and clients from other jurisdictions and have structured this policy to address those requirements.
| Framework | Applies to | Key Obligations |
| PIPEDA (Canada) | All Canadian residents & cross-border transfers | Consent, access, accuracy, safeguards, accountability |
| Law 25 (Québec Bill 64) | Québec residents & companies serving them | Privacy impact assessments, explicit consent, right to de-indexing |
| GDPR (EU/EEA) | EU/EEA data subjects | Lawful basis, data minimisation, DPO contact, cross-border transfer safeguards |
| UK GDPR | UK data subjects | Substantially mirrors GDPR; separate ICO obligations |
| CCPA (California) | California residents | Right to know, delete, opt-out of sale; no discrimination |
3. Information We Collect
We only collect personal information that is necessary, proportionate, and relevant to the services we provide or the communication you initiate with us.
| Category | Examples | Source |
|---|---|---|
| Contact Information | Name, business email, phone number, company name, job title | Contact form, email, phone calls |
| Technical / Device Data | IP address, browser type, device OS, referring URL, pages visited, session duration | Automatically via website analytics (HubSpot) |
| Communication Records | Emails, meeting notes, support tickets, inquiry content | Direct interaction with Digital Move |
| Business & Service Data | IT environment details, project scope, technical requirements, vendor information shared during engagement | Client onboarding, service delivery |
| Marketing Preferences | Email subscription status, content engagement, opt-in records | Consent forms, HubSpot CRM |
What We Do Not Collect: We do not collect sensitive personal information such as social insurance numbers, health data, financial account credentials, biometric identifiers, or information about minors. We do not sell, rent, or trade personal information to third parties for their own marketing purposes.
4. How We Use Your Information
We use personal information only for the purposes it was collected and for compatible secondary purposes that a reasonable person would expect. Our legal bases for processing are:
- Performance of a contract — to deliver IT services, respond to inquiries, and fulfill service agreements.
- Legitimate interests — to improve our website and service offerings, maintain business records, and prevent fraud or security threats.
- Consent — to send marketing emails, newsletters, or promotional content. You may withdraw consent at any time.
- Legal obligation — to comply with applicable laws, court orders, or regulatory requirements.
Specific uses include: responding to contact form submissions and service inquiries; onboarding and delivering managed IT, cybersecurity, cloud, and data management services; sending relevant thought-leadership content and company updates (with consent); analyzing website usage to improve our digital experience; managing our CRM and business operations; and meeting our ISO 27001 security management obligations.
5. Disclosure of Information
We do not sell, rent, or disclose personal information to third parties for their independent use. We may share information in the following limited circumstances:
- Technology Vendors & Partners — We work with vendors including Microsoft, Lenovo, Fortinet, Veeam, Intel, HPE, and Palo Alto. Where delivering a solution requires sharing necessary contact or technical information with a vendor partner (e.g., licensing or deal registration), we do so only to the extent required and under appropriate data handling expectations.
- Service Providers (Sub-processors) — Trusted providers who assist us in operating our business, such as HubSpot (CRM & marketing automation) and cloud hosting providers. These parties process data on our behalf under contractual obligations.
- TD Synnex & Distribution Partners — For procurement and resale fulfillment, limited transactional data (company name, contact, shipping details) may be shared with distributors strictly for order processing.
- Legal & Regulatory Authorities — Where required by law, court order, or to protect the rights, property, or safety of Digital Move, its clients, or the public.
- Business Transfers — In the event of a merger, acquisition, or sale of assets, personal information may be disclosed to the acquiring entity, subject to equivalent privacy protections.
EU/EEA & UK Visitors — International Transfers: Where personal data originating from the EU, EEA, or UK is transferred outside those territories (including to Canada), Digital Move relies on Canada's adequacy recognition under GDPR Article 45 and, where required, standard contractual clauses (SCCs). You may request information about specific transfer safeguards by contacting us.
6. Cookies & Tracking Technologies
Our website is built on HubSpot and uses cookies and similar tracking technologies to operate the site and understand how visitors engage with our content.
| Cookie Type | Purpose | Opt-Out |
|---|---|---|
| Essential | Site functionality, session management, security | Cannot be disabled without breaking the site |
| Analytics | Page views, traffic sources, engagement metrics (via HubSpot) | Opt out via cookie banner or browser settings |
| Marketing | Tracking form submissions, content downloads, lead attribution | Consent required; revocable at any time |
You may control cookies through your browser settings or through the cookie preference centre on our website. Disabling non-essential cookies will not affect your ability to access our services. We do not use third-party advertising networks or share browsing data for cross-site advertising purposes.
7. Data Storage & Cross-Border Transfer
Personal information collected through our website and CRM is stored on HubSpot's infrastructure, which may be hosted in the United States. HubSpot, Inc. is certified under applicable privacy frameworks, and our agreement with HubSpot includes data processing terms that meet GDPR and PIPEDA requirements.
Client service data (technical documentation, project files) may be stored in Canadian-based cloud environments (such as Microsoft Azure Canada regions) depending on the engagement. Where applicable, we will confirm data residency arrangements with you as part of our service agreement.
Digital Move does not intentionally transfer personal data to countries that lack adequate data protection regimes without appropriate safeguards in place.
8. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, plus any additional period required by law or legitimate business need.
| Data Type | Retention Period | Basis |
|---|---|---|
| Website contact inquiries | 24 months from last interaction | Legitimate interest |
| Active client data | Duration of engagement + 7 years | Contractual & legal obligation |
| Marketing subscribers | Until opt-out + 30 days for processing | Consent |
| Cookies / analytics logs | Up to 13 months | Analytics integrity |
| Security logs | 12 months minimum | ISO 27001 obligation |
When data is no longer required, it is securely deleted or anonymized in accordance with our ISO 27001 certified data destruction procedures.
9. Security Measures
Digital Move IT & Telecom Inc. is certified to ISO/IEC 27001, the international standard for information security management systems. This certification reflects our systematic, independently audited approach to protecting the confidentiality, integrity, and availability of information.
Our security practices include:
- Encryption of data in transit (TLS 1.2+) and at rest for sensitive data stores
- Role-based access controls and least-privilege principles across all systems
- Regular security awareness training for all personnel
- Vulnerability management, patch cycles, and penetration testing
- Formal incident response procedures with defined notification timelines
- Third-party vendor security assessments for sub-processors
In the event of a privacy breach that poses a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada (OPC) as required under PIPEDA, and relevant supervisory authorities in other jurisdictions within legally required timeframes.
10. Your Privacy Rights
Depending on where you are located, you have the following rights over your personal information, which we honour at no cost:
- Right to Access — Request a copy of the personal information we hold about you.
- Right to Correction — Request correction of inaccurate or incomplete personal data.
- Right to Erasure — Request deletion of your data where there is no legitimate reason for continued processing.
- Right to Object — Object to processing based on legitimate interests or for direct marketing.
- Right to Restrict — Request that we limit how we use your data in certain circumstances.
- Right to Data Portability — Receive your data in a structured, machine-readable format (applies to EU/EEA data subjects under GDPR).
- Right to Withdraw Consent — Withdraw consent at any time without affecting prior lawful processing.
- Right to Know (CCPA) — California residents may request disclosure of categories and specific pieces of data collected about them.
To exercise any of these rights, please contact us at sales@digital-move.com with the subject line "Privacy Rights Request". We will acknowledge your request within 2 business days and respond fully within 30 days, extendable to 60 days for complex requests with prior notice to you.
We will never discriminate against you — including by withholding services or charging different prices — for exercising your privacy rights.
11. Commercial Electronic Messages (CASL)
Digital Move complies fully with Canada's Anti-Spam Legislation (CASL). We will only send commercial electronic messages (CEMs) to individuals who have provided express or implied consent as defined under CASL.
- Express consent is obtained when you subscribe to our newsletter, download a resource, or otherwise proactively opt in to communications.
- Implied consent may apply where you have an existing business relationship with Digital Move (e.g., as a current or recent client).
Every marketing email we send includes a clear, functional unsubscribe mechanism. Unsubscribe requests are processed within 10 business days, as required by CASL. You may also unsubscribe at any time by emailing sales@digital-move.com.
12. Children's Privacy
Our website and services are directed exclusively to business professionals and organizations. We do not knowingly collect personal information from individuals under the age of 16. If we become aware that we have collected personal information from a child under 16 without appropriate parental or guardian consent, we will take prompt steps to delete that information.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the services we offer, or applicable legal requirements. When we make material changes, we will update the "Last Revised" date at the top of this page and, where appropriate, provide more prominent notice such as a banner on our website or an email to known contacts.
Your continued use of our website or services after the effective date of an updated policy constitutes your acknowledgement of the changes. We encourage you to review this page periodically. Prior versions of this policy are available upon request by contacting us via sales@digital-move.com.
14. Contact & Complaints
For any privacy-related questions, concerns, or requests, please contact us:
Digital Move IT & Telecom Inc.
Email: sales@digital-move.com
Phone: +1 (437) 535-8933
Post: 10 George St N, Suite 135, Brampton, ON L6X 1R2, Canada
If you are not satisfied with our response, you have the right to file a complaint with the relevant authority in your jurisdiction:
- Canada: Office of the Privacy Commissioner of Canada — www.priv.gc.ca
- Québec: Commission d'accès à l'information (CAI) — www.cai.gouv.qc.ca
- EU/EEA: Your local Data Protection Authority (DPA) in your member state
- UK: Information Commissioner's Office (ICO) — ico.org.uk
- California: California Privacy Protection Agency (CPPA) — cppa.ca.gov
This Privacy Policy was prepared for Digital Move IT & Telecom Inc. and reflects Canadian privacy law (PIPEDA, CASL, Québec Law 25), GDPR, UK GDPR, and CCPA obligations as of the effective date above. For legal guidance specific to your situation, consult a qualified privacy lawyer.
© 2026 Digital Move IT & Telecom Inc. All rights reserved.