Privacy Policy

Privacy Policy

Effective Date: September 2025


Who We Are

CapOptix ("we", "us", or "our") is committed to protecting your privacy. This policy explains how we collect, use, and protect your personal data when you interact with our website, services, and communications.


Scope

This Privacy Policy applies to personal data collected through:

-Our website and web applications

-Customer support and communications

-Our products and services

-Events, and marketing campaigns


It does not apply to data we process on behalf of our clients as part of our service delivery. For such data, our clients are the data controllers, and we act as a data processor under applicable laws.


What We Collect

We may collect:
- Contact details: Name, email, phone, company
- Account info: Login credentials, preferences
- Usage data: IP address
- Communication data: Emails, support messages
- Marketing data: Event participation, newsletter interactions


How We Use Your Data

We use your data to:
- Provide and improve our services
- Respond to inquiries and support requests
- Send updates and marketing communications (with your consent)
- Ensure security and compliance


Legal Basis (GDPR) For Processing

Under the General Data Protection Regulation (GDPR), we process personal data based on:
- Your consent
- Our contractual obligations
- Legal compliance
- Our legitimate interests (e.g., service improvement, fraud prevention)

You have the right to withdraw consent at any time.


PIPEDA Compliance

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's federal privacy law. Under PIPEDA, individuals have the right to access their personal information and request corrections. We collect, use, and disclose personal data only for purposes that a reasonable person would consider appropriate in the circumstances.

We ensure transparency in our data practices and obtain meaningful consent before collecting personal information. If you are a Canadian resident and have questions or concerns about how your data is handled, please contact us at privacy@capoptix.com


Cookies and Tracking

We use cookies and similar technologies to:
- Improve site performance
- Analyze usage patterns
- Personalize content and ads

You can manage cookie preferences via your browser settings or our cookie banner. 


Sharing Your Data

We may share your data with:
- Legal authorities when required
- Affiliates for internal business purposes

We do not sell your personal data.


Data Transfers

If we transfer your data outside your country of residence, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent protection.


Your Rights

You have the right to:
- Access, correct, or delete your data
- Object to or restrict processing
- Lodge a complaint with a data protection authority

To exercise your rights, contact us at: privacy@capoptix.com


Data Protection

We have taken strong measures to ensure the security and confidentiality of your Personal Information. It is also important that you take all necessary precautions as well to help always keep your Personal Information safe and secure.  Our offices and dual data centers are located exclusively in Ontario, Canada.

Client information is housed in ISO27001 certified datacenter facilities that are regularly audited in accordance with SSAE-18, SSAE-16, ISAE-3402, CSAE-3416, and SOC 1,2,3 Type 2.  This ensures controls for security of information, human resources, and physical assets, among others, are properly designed and operating as expected. It will be maintained during the agreement duration. Controls are implemented to provide reasonable assurance that access to Data center facilities, computer equipment, media, storage areas and documentation is restricted to authorized personnel, and measures are in place and maintained for protection of computer equipment from environmental hazards.


Data Retention

We retain personal data only as long as necessary for the purposes described or as required by law. After that, data is securely deleted or anonymized.


Security

We use industry-standard security measures to protect your data in transit and at rest, including encryption, access controls, and regular audits.

Security software and devices (firewalls, monitoring & logging, etc.) are used to detect and prevent unauthorized access. Firewall rules are set to deny traffic with http/https as the only default open ports. Firewalls are configured in a hardened state, and formal change control processes are in place for all firewall configuration changes.


Fault Tolerance

Our Data Centre Network Infrastructure is both redundant and fault tolerant. All routers, switches, and firewall devices are redundant with failover. The high-performance network infrastructure provides high availability with multiple connections to all major Internet backbones.


Disaster Recovery

A formal, documented, executive management approved disaster recovery plan is in place. In the event of a disaster at the primary data centre, traffic is re-routed to the recovery data centre where data is being continuously replicated at block level. Our recovery targets include a 15-minute RPO (Recovery Point Objective) and a 2-hour RTO (Recovery Time Objective).


Third Party Privacy Audits

We conduct regular third-party data security audits of our applications and infrastructure using leading information security service organizations. To date, no significant violations have been identified, and architecture has been categorized as being very secure and resilient against attack.


Communicating Breach Notification
We will notify your employer in any event of privacy breach in accordance with the severity mentioned in our service level agreement.


Updates

We may update this policy from time to time. Changes will be posted on this page with the updated date.


Contact Us
CapOptix has designated a senior management executive to oversee the company's compliance with Global Data Privacy and Information Security Principles. If you have questions or concerns regarding your privacy or Personal Information, you may contact us at the address listed below: 

Chief Privacy Officer
CapOptix
Email: privacy@capoptix.com