Privacy Policy

Introduction

This Privacy Policy explains how Conety collects, uses, discloses, stores, and protects personal information obtained through our website (the "Site"). This Policy is written to align with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and the European Union’s General Data Protection Regulation (GDPR) for EU/EEA residents.

1. Personal data we collect

• Information you provide directly: email address and name when subscribing or contacting us; any free-text information you provide.
• Automatically collected data: device and browser information, IP address, approximate location (city/region), referral source, time and date of visits, pages viewed, and cookies or similar tracking technologies.
• Third-party data: information provided by analytics, hosting, or other third-party service providers.

We do not knowingly collect sensitive personal data (such as health data, racial or ethnic origin, religious beliefs, or precise biometric identifiers) via the landing page unless you explicitly provide it.

2. Legal bases for processing (EU/EEA residents)

If you are located in the EU/EEA, our lawful bases for processing personal data include:

• Consent: when you opt into marketing communications or accept non-essential cookies.
• Contractual necessity: where processing is necessary to provide services you request.
• Legal obligation: to comply with legal or regulatory obligations.
• Legitimate interests: for our legitimate business interests where such interests are not overridden by your rights (e.g., site security, fraud prevention, improvements to the Site).

3. How we use personal data

We use personal data for the following purposes:

• To respond to inquiries and communicate with you (including support and informational emails).
• To send marketing or promotional communications where you have consented to receive them.
• To analyze, monitor, and improve the Site and our business offerings (analytics and performance measurement).
• To detect, investigate, and prevent security incidents, abuse, or fraud.
• To comply with legal obligations and to enforce our Terms of Service.

4. Sharing and disclosure of personal data

We may disclose personal data to the following categories of recipients:

• Service providers/Processors: companies that provide hosting, analytics, email delivery, customer support, and other services. We require processors to act only on our instructions and to use appropriate safeguards.
• Legal and regulatory authorities: where required by law or to protect our rights.
• Business transfers: if Conety is involved in a merger, sale, acquisition, or bankruptcy, personal data may be transferred as part of that transaction.

We do not sell personal data.

5. International transfers

Your data may be transferred to, and stored in, countries outside your jurisdiction (including the United States and other jurisdictions). When such transfers occur for personal data of EU/EEA residents, Conety will rely on appropriate safeguards such as:

• An adequacy decision issued by the European Commission (where applicable).
• Standard Contractual Clauses (SCCs) adopted by the European Commission.
• Certified frameworks where appropriate.

Where transfers are to recipients in jurisdictions without an adequacy decision, we will ensure appropriate contractual or technical measures are in place to protect your data.

6. Cookies and tracking technologies

We use cookies and similar technologies to make our Site work and to measure and improve it. Cookies fall into categories such as:

• Essential cookies required for site functionality.
• Analytical cookies used to understand how the Site is used.
• Marketing/Advertising cookies used to deliver targeted content (only used if you consent).

For EU/EEA users, we will obtain consent prior to placing non-essential cookies in accordance with applicable law. You can manage or withdraw cookie consent via the cookie banner or through your browser settings.

7. Data retention

We retain personal data only for as long as needed to fulfill the purposes described in this Policy, to comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods will vary depending on the category of data and the purpose for processing.

8. Security

We implement reasonable administrative, technical, and physical safeguards to protect personal data. These measures include access controls, encryption where appropriate, secure hosting, and regular security reviews. No internet or electronic transmission is completely secure; we cannot guarantee absolute security.

9. Data subject rights (EU/EEA residents)

If you are an EU/EEA resident, you may have the following rights regarding your personal data under the GDPR:

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate or incomplete data.
• Right to erasure (\"right to be forgotten\") — request deletion of personal data in certain circumstances.
• Right to restriction of processing — request limitation of processing in certain circumstances.
• Right to data portability — obtain and reuse your personal data for your own purposes across different services.
• Right to object to processing based on legitimate interests or direct marketing.
• Right to withdraw consent at any time where processing is based on consent.

To exercise these rights, please contact us at hello@conety.com. We will respond in accordance with applicable law (the GDPR generally requires responses within one month, with limited extensions in complex cases).

10. Access and correction (Canadian residents)

Under PIPEDA, Canadian residents may request access to the personal information we hold about them and may ask for corrections where the information is inaccurate or incomplete. To request access or correction, contact hello@conety.com.

11. Complaints and supervisory authorities

If you are located in the EU/EEA and you have concerns about our processing of your data, you have the right to lodge a complaint with a competent supervisory authority in your Member State.

If you are in Canada and have concerns about our handling of your personal information under PIPEDA, you may contact the Office of the Privacy Commissioner of Canada.

12. Data breach notification

If we become aware of a personal data breach that creates a risk to individuals’ rights and freedoms, we will notify the affected individuals and, where required by law, the relevant supervisory authority within the required statutory timeframes (for example, GDPR-level breaches are reported to the competent supervisory authority within 72 hours when feasible).

13. Minors

Our Site is not directed at children under the age of 13. If you are under the age required to consent in your jurisdiction (for EU/EEA users, that age may be higher — commonly between 13 and 16 depending on Member State), please do not submit personal information to us without parental or guardian consent.

14. Changes to this Policy

We may update this Privacy Policy periodically. We will post the updated policy on the Site and update the Effective Date. Significant changes affecting data protection for EU/EEA residents will be communicated in a clear manner when required by law.

15. Contact

For privacy-related questions, data requests, or complaints, email: hello@conety.com.