Privacy Policy

Home Privacy Policy

Last updated: April 14, 2025

Applies to visitors and clients in Canada, the United States, and worldwide.

"Our commitment to privacy — your data fuels your business, not ours."

1. Our Commitment to Privacy

Your privacy is our priority. Weblounge Inc. ("Weblounge," "we," "us," or "our") is a Canadian AI and digital agency headquartered in Vancouver, British Columbia. This Privacy Policy explains how we collect, use, disclose, and protect personal information submitted to us through our website, services, and client engagements. We comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), British Columbia's Personal Information Protection Act (PIPA), and applicable U.S. state privacy laws including the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA).

2. Information We Collect

We collect personal information in the following ways:

  • Directly from you — when you fill out a contact form, request a quote, book a strategy call, register for a service, or communicate with us by phone or email. This may include your name, email address, phone number, company name, job title, and message content.
  • During service delivery — information exchanged during project onboarding, discovery sessions, and ongoing managed AI Operations engagements, including business process data you share with us.
  • Automatically via your browser — IP address, browser type, device type, pages visited, referral source, and session duration, collected through cookies and analytics tools.
  • From third parties — for example, if a colleague or partner refers you to our services and shares your contact details with us.
  • AI service interactions — if you interact with any AI agent, chatbot, or automated workflow we have deployed on your behalf, input data and conversation logs may be collected and processed as described in Section 5 below.

3. How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and deliver the services you have requested.
  • Analyze trends, track website visitor movements, administer the website, and gather demographic information about our customer base.
  • Provide billing, administration, and operational support for products and services we deliver.
  • Send administrative communications, project updates, and — with your consent — promotional information about our services. You may opt out of marketing emails at any time by clicking "Unsubscribe" or contacting us directly.
  • Improve our AI models, workflows, and service offerings (using aggregated, de-identified data only).
  • Comply with legal obligations and enforce our agreements.

We do not sell your personal information to third parties.

4. Disclosure of Your Information

We may share your information only in limited circumstances:

  • Sub-contractors and affiliates — In certain circumstances we contract services to trusted third parties (e.g., domain registrars, cloud hosting providers) in order to deliver a product or service. All affiliates and sub-contractors are contractually required to treat personal information in accordance with this Privacy Policy.
  • AI platform providers — When delivering AI services, your data may pass through third-party AI platforms (see Section 5). These platforms act as data processors under our instruction.
  • Legal requirements — We may disclose information if required to do so by law or in response to a valid legal request by public authorities.
  • Business transfers — In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of the business transaction. You will be notified via email and/or a prominent notice on our website.

5. AI Tools and Third-Party AI Services

As an AI agency, we integrate and deploy AI technologies on behalf of our clients and use them internally to deliver our services. This section is specific to our role as an AI service provider:

  • Third-party AI platforms — We may use services such as OpenAI, Anthropic (Claude), Google Gemini, or similar large language model (LLM) providers to power AI agents, workflow automations, and chatbots. Data submitted to these tools is governed by the respective provider's data processing agreements in addition to this policy.
  • Data minimization — We configure AI systems to process only the minimum data necessary for the intended task. We do not knowingly submit sensitive personal information (health, financial account numbers, government IDs) to AI platforms unless explicitly required and consented to.
  • No model training on your data — Unless you explicitly grant permission in writing, your business data and conversation logs will not be used to train or fine-tune any AI model.
  • AI-generated outputs — Outputs produced by AI tools we deploy (emails, reports, summaries) may be reviewed by our team before delivery. You acknowledge that AI-generated content may contain inaccuracies and should be reviewed before acting on it.
  • Automated decision-making — We may use AI to assist in qualifying leads, routing support queries, or drafting communications. These processes involve human oversight. If automated decisions produce significant legal or similarly significant effects, you have the right to request human review.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to analyze website traffic and understand where visitors come from. Types of cookies we use:

  • Essential cookies — Necessary for the website to function; cannot be disabled.
  • Analytics cookies — Help us understand how visitors interact with our site (e.g., Google Analytics). Data is aggregated and anonymized.
  • Marketing cookies — May be used to display relevant ads. Where required by law, these are only activated with your consent.

You can control or disable cookies through your browser settings at any time. Disabling cookies may affect certain features of the site.

7. Data Security

Weblounge has several systems in place to protect your personal information:

  • Your information is stored on secure servers with access controls and encryption in transit (TLS/HTTPS).
  • We implement appropriate technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction.
  • Access to personal data is restricted to team members who require it to perform their duties and who are bound by confidentiality obligations.
  • In the event of a data breach that poses a risk of significant harm, we will notify affected individuals and relevant regulatory authorities within the timeframes required by applicable law.

8. Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, or as required by law. Typical retention periods:

  • Contact inquiries — Up to 2 years from last contact.
  • Client project data — For the duration of the engagement plus 7 years for legal and tax compliance.
  • AI interaction logs — Up to 90 days unless a longer period is agreed with the client for audit or improvement purposes.
  • Website analytics — Aggregated data may be retained indefinitely; individual-level data for up to 26 months.

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access — Request a copy of the personal information we hold about you.
  • Correction — Request that we correct inaccurate or incomplete information.
  • Deletion — Request that we delete your personal information, subject to legal retention requirements.
  • Withdrawal of consent — Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Opt-out of sale / sharing (CCPA/CPRA — California residents) — We do not sell personal information. You may request that we not share your information for cross-context behavioral advertising.
  • Data portability — Request your data in a structured, machine-readable format where technically feasible.
  • Lodge a complaint (Canada) — You may file a complaint with the Office of the Privacy Commissioner of Canada (priv.gc.ca) or the BC Information and Privacy Commissioner if you believe we have violated PIPEDA or PIPA.

To exercise any of these rights, please contact us at info@webloungeinc.com. We will respond within 30 days.

10. Children's Privacy

Our services are not directed to individuals under the age of 13 (or 16 where required by applicable law). We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately and we will take prompt steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post the updated policy on this page with a revised "Last updated" date. For material changes, we will provide additional notice (e.g., via email or a prominent banner on our website). We encourage you to review this page periodically.

12. Contact Us

If you have any questions, requests, or concerns about this Privacy Policy or how we handle your personal information, please contact our Privacy Officer:

LET'S WORK TOGETHER

Have a project in mind? Let's talk about how we can help you grow digitally.

Get a Free Quote Book a Free Strategy Call