Privacy Policy

1. WHEN THIS PRIVACY STATEMENT APPLIES.

If a Service you use links to this Privacy Statement, this Statement governs your use of that Service.

Privacy Statement, this Statement governs your use of that Service. This Privacy Statement(“Statement” ) applies to our sites, products, and services (collectively, the “Services”) that reference or link to this Statement. is the controller of Personal Information processed under this Statement for Services of Freidin Canada. Certain Services may be tailored for other jurisdictions; where you access a non-Canadian version, the entity responsible for your Personal Information will be identified in that version’s privacy notice.

2. WHAT WE DO WITH YOUR INFORMATION.

We aim to be transparent about what we collect and how we use it to deliver the Services, enhance functionality, operate efficiently, and make the experience more useful and intelligent for you. We do not sell or share your Personal Information for third parties’ own commercial purposes without your consent.

a. Types of Information We Collect.

When you access or use the Services, we may collect information that identifies you (“Personal Information”), including your name, billing and shipping address, email address, telephone number, username, and password.

We collect information when you register or open an account, sign in, pay invoices, purchase a plan, use features, contact support, or provide feedback. We may also receive information from other companies or third parties—for example, when you connect a third-party account or service to the Services, or when service providers help us validate or enrich the Personal Information you supply (e.g., address verification) so we can maintain accuracy and provide better service. In addition, we collect content or other information that you supply or generate when interacting with the Services.

We also automatically collect certain usage information when you access the Services (“Usage Data”), such as Internet Protocol (IP) addresses, log files, unique device identifiers, pages viewed, browser type, links you follow within the Services, and other data gathered via cookies and similar technologies. For example, we may use IP addresses to analyse the regions from which users access the Services and to support sign-in and security controls. Where you enable location-based features, we may collect Global Positioning System (GPS) data and/or motion data.

The Services evolve over time. New features may collect new or different types of information, and we will update our disclosures accordingly.

b. How We Use Your Information.

We may use your information, including Personal Information, for the following purposes:

• Account Registration. We use your name, address, phone number, and email address to create and administer your account for Services and to deliver important notices (e.g., security, billing, policy updates). We may obtain updated contact details (e.g., address changes) from reputable sources to keep records current. If you configure an administrator role that others can access, those users may view and may be able to change or delete your Personal Information within your account settings.
• To Provide Our Services and Operate Our Business. We process information to deliver the Services you request, operate and maintain functionality, provide help and troubleshooting, and protect the platform (including fraud detection, abuse prevention, and safeguarding your information).
• Customer Service and Technical Support. We may use your name, address, phone number, email address, information about how you interact with the Services, and limited device/configuration data to resolve support requests and follow up on your experience. If we offer in-app or web chat, transmissions are encrypted; please do not provide more Personal Information than necessary to address your issue. We may retain chat transcripts to resolve questions, improve support quality, and for audit purposes.
• Communications and Notices About Services. We may contact you regarding our Services (e.g., feature changes, maintenance, security alerts) and, where permitted, provide offers or information about selected third-party products or services that may be relevant to your use of the Services. See Your Rights & Choices for how to manage marketing preferences.
• To Improve Services and Develop New Services. We use information to personalise and tailor your experience, to develop new features or Services, and to enhance reliability, accuracy, and performance across the platform.
• Feedback. If you choose to respond to surveys or provide feedback, we may use the information you volunteer and combine it with responses from other customers to better understand how the Services are used and where they can be improved. Participation is optional.
• Research and Sharing of Combined, Non-Identifying Information. We may prepare, publish, or share aggregated or de-identified information with third parties (e.g., research or analytics partners) for research, academic, marketing, and/or promotional purposes—only in forms that do not identify you or any other individual. For example, we might report the percentage of customers who access the Services from mobile devices or a given operating system. Any public reporting or partner sharing uses aggregated or de-identified data.

c. How We Share Your Personal Information.

From time to time, we may need to disclose Personal Information to others in order to operate the Services, comply with law, and protect users. We do not sell Personal Information.

• Third-Party Service Providers. We may share Personal Information and Usage Data with service providers that perform functions on our behalf—such as hosting and infrastructure, product support, email/SMS delivery, fraud detection and prevention, analytics, and site/application operations. These providers are bound by contracts requiring confidentiality, purpose limitation (act only on our documented instructions), appropriate safeguards, and a prohibition on using Personal Information for their own independent purposes.
• Response to Subpoenas and Other Legal Requests. We may disclose information to courts, law-enforcement, regulators, or other government bodies where we have a good-faith belief disclosure is required or permitted by law (including for national security or law-enforcement purposes), to comply with a subpoena, warrant, or order, or to protect our legal rights.
• Protection of and Others. We may share accounting information, Personal Information, and Usage Data when we believe it is necessary to enforce our Terms, protect the rights, property, or safety of, the Services, users, or the public, including exchanging information with organisations for fraud prevention and credit-risk reduction. This does not include selling, renting, or otherwise disclosing Personal Information for third parties’ commercial purposes in violation of this Statement.
• Reporting to Credit Bureaus. Where applicable to a product you elect to use (e.g., payments, credit, or risk-screening features), we may share information with credit bureaus, consumer reporting agencies, card networks/associations, or similar bodies. Late or missed payments, defaults, or chargebacks may be reflected in credit/consumer reports. We may also share information with other companies, counsel, agents, government agencies, and card associations in connection with fraud, credit, or debt collection matters.
• Information Sharing Between $$$ Entities. We may share Personal Information among our affiliates and subsidiaries (companies under common ownership or control) where permitted by law, for everyday business purposes such as processing transactions, maintaining accounts, operating and securing the Services, facilitating single sign-on across properties, improving products, and preventing fraud.
• Sale or Transfer of Our Business. In connection with a merger, acquisition, financing, reorganisation, or sale of all or part of our business or assets, Personal Information may be transferred as part of the transaction. Following a change of control, you will have the opportunity to adjust marketing preferences or opt out of promotional communications.
• With Your Consent. In circumstances other than those described above, we will provide notice and a choice (or obtain consent, where required) before sharing Personal Information with third parties.

d. Syncing, Linking, Connecting Your Bank Account or Other Third-Party Services with Your Services.

You may choose to connect the Services with information from financial accounts or other third-party products you use. To enable bank feeds, we use an approved, read only data aggregator or financial-institution flow does not collect or store your online-banking username, password, or security answers. Authentication occurs directly with the aggregator/financial institution, which issues scoped access tokens we use to retrieve account identifiers, balances, transactions, and related metadata for reconciliation and other features. Tokens are encrypted, periodically refreshed, and revoked if you disconnect the feed.

We also interoperate with selected third-party services (e.g., payments, payroll, document capture, storage, communications). If you choose to sync, link, or connect such services, you authorise $$$ to exchange information with the provider—limited to what is reasonably necessary to operate the integration, maintain functionality, support your configuration, and improve reliability (see How We Share Your Personal Information and Third-Party Links & Integrations). Depending on the integration, this may include account/profile data, usage signals, configuration settings, and contextual identifiers (e.g., workspace, transaction references). We require appropriate contractual safeguards from providers acting on our behalf; where a provider acts on its own behalf, its privacy policy and terms govern their handling of your information.

By requesting or enabling an integration, you confirm you have authority to share relevant information and you instruct $$$ to facilitate the data flow. You can disconnect an integration at any time in settings; we will revoke tokens going forward. Historical accounting entries and reconciliation artefacts remain to preserve ledger integrity (see Retention & Deletion). For assistance or questions about a specific integration, contact us or the third-party provider directly.

e. Single Sign-On

Single Sign-On lets you authenticate across eligible Services with onset of credentials. We collect limited information for security purpose for example, to over if you authorised access to an account, to enforce multi-factor authentication, or to assist with password reset if you cannot access your account. Certain Services may require enhanced verification, and you may be asked to provide additional information consistent with our security controls (see Security Measures).

The email address and password you register for your $$$ account are your credentials used to authenticate to our network. We assign a unique identifier to your credentials to associate your sessions, permissions, and related account information. Account sharing between individuals is not permitted. Administrators may provision or revoke user access in accordance with workspace policies (see Eligibility & Accounts and Roles & Responsibilities).

3. WHAT YOU CAN DO TO MANAGE YOUR PRIVACY.

You can view and edit information that identifies you through your $$$ Service. The specific controls available to you depend on the features you use. You have choices about how information that identifies you is used, which marketing communications you receive, and how cookies and similar technologies operate in your browser or app. See also Your Rights & Choices and Cookies & Analytics.

a. Updating Your Personal Information.

Consistent with your right to manage Personal Information, you may access, update, change, correct, or request deletion of your information either within the Service (e.g., profile, billing, and workspace settings) or by contacting customer support using the details in How to Contact Us. Where deletion is requested, we will act in accordance with applicable law and our Retention & Deletion commitments (e.g., legal holds, audit integrity). Administrators may also manage user access and role-based permissions.

b. Managing Marketing Communications From Us.

We will honour your choices regarding marketing communications.

If you are receiving marketing communications you no longer wish to receive, you may use any of the following options:

• Click the “unsubscribe” link in the email or newsletter you received.
• Adjust your marketing preferences in your $$$ account settings.
• For SMS messages, reply “STOP” or follow the instructions provided in the message or settings.
• Our mobile apps may send push notifications at your direction; if you no longer wish to receive these, you can disable push notifications at the device level.

Even if you opt out of marketing, we will continue to send service or transactional communications (e.g., security alerts, billing, account or policy updates) that are necessary Cookies & Analytics for additional controls. We comply with CASL and will process your choices without undue delay.

c. Cookies and Other Tracking Technologies.

The following is a high-level summary of our practices and your controls for cookies and similar technologies. For full details, see our Cookies Policy and Section 7 — Cookies & Analytics.

In accordance with applicable law, $$$ and our service providers use commonly used technologies to recognise your visit and understand how you interact with the Services—such as cookies, web beacons, pixels, local storage objects, SDKs, and similar technologies (collectively, “Cookies”). Some Cookies are essential to deliver the Services you request (e.g., sign-in, security, load balancing). Others help us measure performance, diagnose errors, and improve features by analysing aggregated Usage Data. You can control certain Cookies and how we use them through your browser/app settings and our Preferences Centre.

For advertising and measurement consistent with self-regulatory principles (e.g., Digital Advertising Alliance), we may work with advertising networks and measurement partners that place Cookies on our Services and unaffiliated sites/apps to display ads that may be more relevant to your interests and to assess their effectiveness. If you wish to opt out of interest-based advertising on browsers, visit the Canadian Ad Choices resource at youradchoices.ca or the Network Advertising Initiative/DAA opt-out pages. For mobile apps, you can use device settings (limit ad tracking) or install an industry app-level opt-out tool (e.g., “AppChoices”). Where supported, we also treat valid Global Privacy Control (GPC) signals as an opt-out for non-essential Cookies.

Additional choices (illustrative):

• Manage Cookies via your browser (block, delete, or clear history/cache). Essential features may not function if essential Cookies are blocked.
• Use our in-product Preferences Centre to toggle Analytics and Marketing Cookies.
• Adjust mobile device permissions or notifications for app-level identifiers and push notifications.

Please note: even if you opt out of interest-based advertising, you will still see ads; they will simply be less tailored. If you clear Cookies, switch browsers or devices, or reinstall apps, you may need to renew your preferences.

d. Do Not Track.

Like many online services, our Services are not currently configured to respond to browser “Do Not Track” (DNT) signals because no formal DNT standard has been adopted to date. Where supported, we treat valid Global Privacy Control (GPC) signals as an opt-out for non-essential cookies (see Cookies & Analytics and our Cookies Policy for controls).

e. Social Media Features.

Our Services may include social media features (the “Social Media Features”), such as sharing or embed widgets. These features may collect your IP address, record the page you visit within the Services, and set cookies or similar technologies to function properly. Social Media Features may be hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the provider offering the relevant Social Media Feature. See also Cookies & Analytics for controls over non-essential cookies.

4. DATA RETENTION AND YOUR ACCESS RIGHTS.

(See also Section 9 — Retention & Deletion and Section 8 — Your Rights & Choices.)

a. Data Retention.

Subject to applicable Canadian law, we retain information only as long as necessary to deliver the Services, maintain your account while it is active, operate and secure our business, and comply with legal, tax, and record-keeping obligations. When you close your account, we may continue to send service or transactional notices (e.g., policy or security updates) and, where permitted, marketing communications unless you opt out (see Managing Marketing Communications). We may also continue to use aggregated or de-identified information for business purposes, including improving and developing the Services.

We retain and use information as required by law and by $$$’s records and information management practices to: comply with reporting obligations; resolve disputes; enforce agreements; complete outstanding transactions; and detect, investigate, and prevent fraud, abuse, or security incidents. Specific retention schedules by data category and backup rotation are described in Section 9 — Retention & Deletion.

b. Your Access Rights.

As required by applicable Canadian law (including PIPEDA and, where relevant, Alberta PIPA, BC PIPA, and Québec Law 25), you may contact us to confirm whether we hold or process your Personal Information, and to access it in order to verify its accuracy and the lawfulness of our processing. If you determine that Personal Information, we hold about you is inaccurate, incomplete, or processed contrary to law, you may request that it be corrected, amended, or deleted (subject to legal and record-keeping obligations). You may also request additional information about our practices, including the categories of third parties to whom Personal Information has been disclosed. See also Section 8 — Your Rights & Choices.

Submit requests via privacy@$$$.ca or by mail to the address listed in Section 15 — Contact & Complaints. We will verify your identity using reasonable methods and respond within timelines required by law; where an extension is necessary, we will notify you and provide reasons. If you are an end client of a firm that uses the Services, please contact that firm first; we will assist them in responding, consistent with our DPA and this Policy.

5. SECURITY OF YOUR INFORMATION.

Keeping your information safe is fundamental to how we operate. For details about our controls, see Privacy Policy §10 — Security Measures and our Security Overview / Responsible Disclosure page (where published). For steps you can take to protect your $$$ account (e.g., MFA, role permissions), see Terms of Service §15 — Security, Account Credentials, and Audit Logs.

We implement reasonable and appropriate technical and organisational measures to secure the Personal Information we collect. For example, we:

• Continuously improve our safeguards, aligning with recognised practices, conducting periodic reviews, and enhancing controls as risks evolve.
• Comply with applicable law and security standards, and maintain documented policies, procedures, and oversight.
• Encrypt sensitive Personal Information in transit and at rest; apply strong key management and access controls (RBAC/least-privilege).
• Train personnel on security and confidentiality obligations and require adherence to internal policies and codes of conduct.
• Protect payment data by transmitting, storing, and accessing cardholder information only through tokenised flows and in accordance with the Payment Card Industry Data Security Standard (PCI DSS).
• Monitor and test: centralised logging/SIEM, vulnerability management, independent penetration tests, and incident response with notification without undue delay where required.

6. COUNTRY-SPECIFIC STATEMENTS.

Our Services are currently offered for use in Canada. This Privacy Statement applies to Canadian use of the Services. We provide privacy information in English and French upon request (see Section 15 — Contact & Complaints).

If we later make the Services available in additional jurisdictions, we will publish country- or region-specific notices and identify the $$$ entity responsible for Personal Information in those regions. Those addenda will be linked from our Regional Addenda (see Privacy Policy §16) and from the in-product legal footer.

• Canada (EN/FR): This Statement (English) • Version française disponible sur demanded
• Notices / Addenda (future): [Link placeholder — Regional Notices]
• Responsible Entity (future regions): Will be identified in the applicable regional notice

7. INTERNATIONAL DATA TRANSFERS.

Subject to applicable law, we may transfer, process, and store your information outside Canada (for example, where our vetted service providers operate). When we do so, we apply contractual, technical, and organisational safeguards designed to ensure a level of protection comparable to Canadian requirements (see Privacy Policy §11 — International Data Transfers). These measures include purpose-limited contracts, encryption, access minimisation/least privilege, and auditability. For transfers from Québec, we conduct/assist with privacy impact assessments and ensure recipients provide adequate protection by contract, consistent with Law 25. You can review processing regions on our Sub processor List and manage integrations that may process data in other jurisdictions (see §5 — Sharing & Sub processors and §13 — Third-Party Links & Integrations).

8. EU–US PRIVACY SHIELD.

This section is not applicable to the Services at launch. We do not rely on the EU–US Privacy Shield for data transfers. If we later receive or process EU/EEA or UK personal data, we will use recognised transfer mechanisms (e.g., EU Standard Contractual Clauses and the UK Addendum) together with technical and organisational safeguards described in International Data Transfers (Privacy Policy §11). If we later participate in a recognised adequacy programme (e.g., an EU/US framework), we will update this Statement and publish verification details. See also Regional Addenda (Privacy Policy §16).

9. HOW TO CONTACT US.

If you have questions or comments about this Privacy Statement, or wish to make a request or complaint, please contact us. We welcome your feedback.

a. Via Email.

For questions or concerns regarding this Privacy Statement or our privacy practices, contact privacy@$$$.ca.

b. Via Direct Mail.

You may also consult Section 15 — Contact & Complaints for additional details, including regulator contacts and appeals.

10. CHANGES TO OUR PRIVACY STATEMENTS.

We may update this Privacy Statement from time to time. We reserve the right to make changes or updates at any time. (See also Privacy Policy §14 — Changes to This Policy.)

If we make material changes to how we process your Personal Information, we will provide notice through the Services or by other reasonable means (e.g., email to Administrators or in-app notice). Please review such updates carefully. If you object to the changes and no longer wish to use the Services, you may close your account. Where required by Canadian law (e.g., for new non-essential analytics/marketing), we will seek express consent before proceeding.

Unless stated otherwise, all changes take effect upon posting with an updated Effective Date. Your continued use of the Services after notice of a material change or after posting of an updated Privacy Statement constitutes your acceptance of the changes.

11. COLLECTION AND USE OF CHILDREN’S PERSONAL INFORMATION.

Our Services are designed for businesses and professionals. They are not directed to minors, and we do not knowingly collect Personal Information from individuals under the age of majority in their province or territory.

If you believe a minor has provided Personal Information to **,pleasecontact**privacy@.ca. Upon verified notice, we will delete or de-identify such information without undue delay, except where retention is required by law (see Retention & Deletion). Administrators must ensure that only authorised adult users are provisioned with access to the Services.

12. ADDITIONAL SERVICE-SPECIFIC INFORMATION.

For details about how particular $$$ Services process information (e.g., feature-level data flows, retention, and settings), please refer to the Service-Specific Notices available from the in-product legal footer or our Regional Addenda & Notices page. These notices supplement this Privacy Statement and prevail for the covered features where they provide more specific terms.