Privacy
Privacy Policy
Last updated: 7 July 2026
Data Forge Inc. ("Data Forge," "we," "us") respects your privacy and is committed to protecting personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, British Columbia's Personal Information Protection Act (PIPA BC). This policy explains what we collect, why we collect it, how we use and disclose it, and the rights available to you.
1. Organization identity
Data Controller / Organization: Data Forge Inc.
980 Howe Street, Suite 900, Vancouver, BC V6Z 0C8, Canada
Business Number: 82640 1975 RC0001
General contact: [email protected]
Privacy Officer: [email protected]
Phone: +1 (604) 646-3980
Data Forge is a data-engineering and applied-AI studio. We engineer client data into pipelines, warehouses and analytics systems. We do not operate as a data broker and do not buy or sell personal information datasets.
2. Scope of this policy
This policy applies to personal information collected through:
- Our website at dataforge.life (the "Site")
- Contact forms, email correspondence and phone enquiries
- Client engagements, statements of work and contracts
- Newsletter or event registrations where offered
Client project data processed on behalf of organizations is governed by separate Data Processing Agreements and client instructions. This policy focuses on personal information of site visitors, prospects and client contacts.
3. What personal information we collect
3.1 Information you provide directly
When you contact us or engage our services, we may collect:
- Full name, job title and organization name
- Email address, phone number and mailing address
- Enquiry details, project requirements and messages you send
- Billing and payment information for contracted work
- Consent records (including PIPEDA consent checkbox submissions)
3.2 Information collected automatically
When you visit the Site, we may automatically collect:
- IP address, browser type, device type and operating system
- Pages visited, referral source, date and time of access
- Cookie identifiers and analytics events (if you consent to analytics cookies)
We do not collect sensitive personal information through the Site unless you voluntarily provide it and we have a lawful basis to process it.
3.3 Client project data
During engagements we process data controlled by our clients — which may include personal information about their customers, employees or users. We act as a service provider / processor for that data under contract. We do not use client project data to train models for other clients or for resale.
4. Purposes of collection and use
We collect and use personal information for purposes that a reasonable person would consider appropriate, including:
- Responding to enquiries: To reply to contact form submissions, schedule data assessments and provide proposals.
- Contract performance: To deliver data engineering, analytics and AI-ready data services under signed agreements.
- Billing and administration: To invoice, process payments, maintain accounts and meet tax obligations.
- Communication: To send project updates, status reports and service-related notices.
- Site operation and security: To maintain the Site, prevent fraud and protect our infrastructure.
- Analytics (with consent): To understand aggregate traffic patterns and improve the Site.
- Legal compliance: To comply with applicable laws, regulations and lawful requests.
We will identify additional purposes at or before the time of collection where required. We do not use your personal information for automated decision-making that produces legal or similarly significant effects without human review.
5. Legal bases and consent
Under PIPEDA, we rely on your knowledge and consent for the collection, use and disclosure of personal information, except where the law permits otherwise. Implied consent may apply for information that is clearly necessary to respond to your enquiry. Express consent is required for:
- Contact form submissions (PIPEDA consent checkbox)
- Non-essential analytics cookies
- Cross-border transfers where required
- Marketing communications, where offered
You may withdraw consent at any time by contacting [email protected], subject to legal or contractual restrictions. Withdrawal may limit our ability to provide services.
For BC residents, PIPA BC imposes additional obligations on how organizations collect, use and disclose personal information within the province. We align our practices with both PIPEDA and PIPA BC requirements.
6. Disclosure of personal information
We do not sell or rent your personal information. We may disclose information to:
- Service providers: Hosting providers, email services, analytics vendors (if consented) and payment processors — bound by confidentiality and data protection obligations.
- Professional advisers: Lawyers, accountants and insurers where necessary.
- Legal authorities: When required by law, court order or to protect rights and safety.
- Business transitions: In connection with a merger, acquisition or asset sale, with notice where practicable.
Client project deliverables are disclosed only to the client and persons authorized under contract.
7. Cross-border storage and transfers
Personal information may be stored or processed in Canada or in other jurisdictions where our service providers operate (including the United States). When information is transferred outside Canada, we implement contractual safeguards — such as standard contractual clauses and vendor security assessments — and obtain consent where required by PIPEDA.
Client engagement data is stored in Canadian or client-approved regions as specified in the statement of work. We document transfer mechanisms in Data Processing Agreements for enterprise clients.
8. Retention
We retain personal information only as long as necessary for the purposes described or as required by law:
- Contact enquiries: up to twenty-four months after last meaningful contact, unless a contract follows
- Client contract records: duration of engagement plus seven years for financial and legal records
- Cookie consent preferences: six months (stored locally in your browser)
- Server logs: up to ninety days unless needed for security investigation
When retention periods expire, we securely delete or anonymize information.
9. Security safeguards
We implement administrative, technical and physical safeguards appropriate to the sensitivity of information, including:
- Access controls and role-based permissions for staff
- Encryption in transit (TLS) and encryption at rest where supported
- Secure development practices for client pipelines and dashboards
- Vendor security review for subprocessors
- Incident response procedures and breach notification protocols
No method of transmission or storage is completely secure. We commit to notifying affected individuals and regulators of breaches involving real risk of significant harm, as required by PIPEDA and applicable provincial law.
10. Your rights
Under PIPEDA and PIPA BC, you have the right to:
- Access: Request access to personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete information.
- Withdrawal of consent: Withdraw consent for future processing where applicable.
- Complaint: File a complaint with our Privacy Officer or a supervisory authority.
To exercise these rights, email [email protected] with sufficient detail to identify your request. We respond within thirty days or inform you of any lawful extension.
11. Office of the Privacy Commissioner of Canada
If you are unsatisfied with our response, you may contact:
Office of the Privacy Commissioner of Canada
30 Victoria Street, Gatineau, QC K1A 1H3
Toll-free: 1-800-282-1376
Website: www.priv.gc.ca
BC residents may also contact the Office of the Information and Privacy Commissioner for British Columbia regarding matters under PIPA BC.
12. Cookies and similar technologies
We use essential cookies for site functionality and, with your consent, optional analytics cookies. Details — including categories, durations, vendors and opt-out instructions — are in our Cookie Policy. You may manage preferences through our cookie banner (Accept all / Reject all / Customise).
13. Children's privacy
Our Site and services are directed at business professionals. We do not knowingly collect personal information from individuals under sixteen. If you believe we have collected such information, contact us for prompt deletion.
14. Third-party links
The Site may link to third-party websites. We are not responsible for their privacy practices. Review their policies before providing personal information.
15. Changes to this policy
We may update this policy to reflect legal, technical or business changes. The "Last updated" date at the top will change. Material changes will be noted on the Site. Continued use after changes constitutes acceptance of the revised policy where permitted by law.
16. Contact the Privacy Officer
Data Forge Inc. — Privacy Officer
980 Howe Street, Suite 900, Vancouver, BC V6Z 0C8, Canada
Email: [email protected]
Phone: +1 (604) 646-3980