Privacy Policy
Privacy Policy
Effective Date: September 2025
Who We Are
CapOptix ("we", "us", or "our") is committed to protecting your privacy. This policy explains how we collect, use, and protect your personal data when you interact with our website, services, and communications.
Scope
This Privacy Policy applies to personal data collected through:
-Our website and web applications
-Customer support and communications
-Our products and services
-Events, and marketing campaigns
It does not apply to data we process on behalf of our clients as part of our service delivery. For such data, our clients are the data controllers, and we act as a data processor under applicable laws.
What We Collect
We may collect:
- Contact details: Name, email, phone, company
- Account info: Login credentials, preferences
- Usage data: IP address
- Communication data: Emails, support messages
- Marketing data: Event participation, newsletter interactions
How We Use Your Data
We use your data to:
- Provide and improve our services
- Respond to inquiries and support requests
- Send updates and marketing communications (with your consent)
- Ensure security and compliance
Legal Basis (GDPR) For Processing
Under the General Data Protection Regulation (GDPR), we process personal data based on:
- Your consent
- Our contractual obligations
- Legal compliance
- Our legitimate interests (e.g., service improvement, fraud prevention)
You have the right to withdraw consent at any time.
PIPEDA Compliance
We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's federal privacy law. Under PIPEDA, individuals have the right to access their personal information and request corrections. We collect, use, and disclose personal data only for purposes that a reasonable person would consider appropriate in the circumstances.
We ensure transparency in our data practices and obtain meaningful consent before collecting personal information. If you are a Canadian resident and have questions or concerns about how your data is handled, please contact us at privacy@capoptix.com
Cookies and Tracking
We use cookies and similar technologies to:
- Improve site performance
- Analyze usage patterns
- Personalize content and ads
You can manage cookie preferences via your browser settings or our cookie banner.
Sharing Your Data
We may share your data with:
- Legal authorities when required
- Affiliates for internal business purposes
We do not sell your personal data.
Data Transfers
If we transfer your data outside your country of residence, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent protection.
Your Rights
You have the right to:
- Access, correct, or delete your data
- Object to or restrict processing
- Lodge a complaint with a data protection authority
To exercise your rights, contact us at: privacy@capoptix.com
Data Protection
We have taken strong measures to ensure the security and confidentiality of your Personal Information. It is also important that you take all necessary precautions as well to help always keep your Personal Information safe and secure. Our offices and dual data centers are located exclusively in Ontario, Canada.
Client information is housed in ISO27001 certified datacenter facilities that are regularly audited in accordance with SSAE-18, SSAE-16, ISAE-3402, CSAE-3416, and SOC 1,2,3 Type 2. This ensures controls for security of information, human resources, and physical assets, among others, are properly designed and operating as expected. It will be maintained during the agreement duration. Controls are implemented to provide reasonable assurance that access to Data center facilities, computer equipment, media, storage areas and documentation is restricted to authorized personnel, and measures are in place and maintained for protection of computer equipment from environmental hazards.
Data Retention
We retain personal data only as long as necessary for the purposes described or as required by law. After that, data is securely deleted or anonymized.
Security
We use industry-standard security measures to protect your data in transit and at rest, including encryption, access controls, and regular audits.
Security software and devices (firewalls, monitoring & logging, etc.) are used to detect and prevent unauthorized access. Firewall rules are set to deny traffic with http/https as the only default open ports. Firewalls are configured in a hardened state, and formal change control processes are in place for all firewall configuration changes.
Fault Tolerance
Our Data Centre Network Infrastructure is both redundant and fault tolerant. All routers, switches, and firewall devices are redundant with failover. The high-performance network infrastructure provides high availability with multiple connections to all major Internet backbones.
Disaster Recovery
A formal, documented, executive management approved disaster recovery plan is in place. In the event of a disaster at the primary data centre, traffic is re-routed to the recovery data centre where data is being continuously replicated at block level. Our recovery targets include a 15-minute RPO (Recovery Point Objective) and a 2-hour RTO (Recovery Time Objective).
Third Party Privacy Audits
We conduct regular third-party data security audits of our applications and infrastructure using leading information security service organizations. To date, no significant violations have been identified, and architecture has been categorized as being very secure and resilient against attack.
Communicating Breach Notification
We will notify your employer in any event of privacy breach in accordance with the severity mentioned in our service level agreement.
Updates
We may update this policy from time to time. Changes will be posted on this page with the updated date.
Contact Us
CapOptix has designated a senior management executive to oversee the company's compliance with Global Data Privacy and Information Security Principles. If you have questions or concerns regarding your privacy or Personal Information, you may contact us at the address listed below:
Chief Privacy Officer
CapOptix
Email: privacy@capoptix.com