Roots in Tech Logo

Websites SEO CRM Ads

Privacy Policy

PRIVACY POLICY

Last Updated: January 29, 2026

Roots in Tech Inc. (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (rootsintech.com), use our application (app.rootsintech.com), or engage our services (web design, hosting, marketing, and software resale).

By using our Services, you agree to the collection and use of information in accordance with this policy.

Roots in Tech Inc. Address: 1303 Canning Rd, Severn Bridge, Ontario, Canada P0E 1N0 Email: [email protected] | Phone: (705) 330-2326


1. INFORMATION WE COLLECT

We collect information that identifies, relates to, describes, or could reasonably be linked to you (“Personal Information“) in the following ways:

1.1. Information You Provide to Us

  • Account Information: Name, email address, phone number, business name, and billing address when you request a quote, sign up for services, or create an account.

  • Payment Information: Credit card details or banking information necessary to process payments. Note: We do not store full credit card numbers on our servers; payments are processed via secure third-party payment gateways (e.g., Stripe).

  • Client Materials: Login credentials (usernames/passwords) for your existing accounts (hosting, registrars, social media) that you share with us to allow us to perform the Services.

  • Communications: Records of your emails, support tickets, SMS messages, and phone calls with our team.

1.2. Information We Collect Automatically

  • Usage Data: IP address, browser type, operating system, referring URLs, and pages visited on our website or app.

  • Cookies & Tracking: We use cookies, pixels (e.g., Meta Pixel), and analytics tools (e.g., Google Analytics) to track activity on our site and improve our marketing efforts.

1.3. Information Processed on Your Behalf (SaaS/App Data) If you use app.rootsintech.com or our marketing services, we may process data about your customers (e.g., leads, contact lists) that you upload to our system. We process this data solely as a Data Processor acting on your instructions. You are responsible for ensuring you have the legal right/consent to share this data with us.


2. HOW WE USE YOUR INFORMATION

We use your Personal Information for the following purposes:

  • Service Delivery: To build your website, host your data, manage your ad campaigns, and provision software licenses (e.g., Google Workspace, NordPass).

  • Billing: To process invoices and collect payments.

  • Communication: To send you technical alerts, renewal notices, project updates, and support responses.

  • Marketing (with consent): To send you newsletters or offers about our services, in compliance with CASL (Canada’s Anti-Spam Legislation). You may opt-out at any time.

  • Security: To detect and prevent fraud, spam, malware, and security incidents (e.g., blocking suspicious IP addresses).


3. DISCLOSURE OF YOUR INFORMATION

We do not sell your Personal Information.

We will not share your personal information with third parties for the third parties direct marketing purposes unless you have agreed to such disclosure.

We will verify your request using your name and email. Depending on the nature of your request, we may need additional information to verify your identity. You may authorize an agent to make a request on your behalf to exercise your privacy rights under applicable privacy laws.

Certain U.S. states provide the right to appeal Roots in Tech’s denial of an individual rights request.

To exercise your rights or to allow your authorized agent to exercise your rights, please submit, or have your authorized agent submit, a ticket through our Data subject access request portal, or contact our Privacy Team at https://rootsintech.com/privacy-policy/

3.2. Legal Requirements We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).


4. DATA RESIDENCY & INTERNATIONAL TRANSFERS

4.1. Hybrid Storage Model (Canada & USA) Roots in Tech Inc. utilizes a hybrid infrastructure to ensure data redundancy and performance:

  • Primary Hosting: Our live web servers and application infrastructure are primarily located in the United States.

  • Operational Data & Backups: We maintain working copies of data, backups, and development files on secure local infrastructure located within Canada (including our secure office servers and encrypted Canadian cloud backups via Backblaze).

  • Consent to Transfer: By using our Services, you acknowledge that your data will be transferred to, stored, and processed in both Canada and the United States.

4.2. Payment Processing (Stripe) We use Stripe to process payments. We do not store your full credit card information on our servers. Your payment data is transmitted directly to Stripe, where it is stored and processed securely in accordance with PCI-DSS standards. Stripe may process data in the United States or other jurisdictions where they operate.

4.3. Global Content Delivery (Cloudflare) To ensure fast load times, we utilize Cloudflare as a Content Delivery Network (CDN). Cloudflare caches public website content (images, scripts) on servers located in over 300 cities worldwide. While sensitive customer databases generally remain in the US/Canada, public-facing content is distributed globally.

4.4. Law Enforcement Access Because portions of your data are stored in the United States, they may be subject to US laws, including those that allow US law enforcement and national security agencies to access data (e.g., the CLOUD Act).


5. SECURITY OF DATA

We use commercially reasonable security measures to protect your Personal Information, including:

  • Encryption: Using SSL/TLS for data in transit.

  • Access Controls: Restricting access to client credentials to authorized staff only.

  • MFA: Enforcing Multi-Factor Authentication on our internal administrative accounts.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security.


6. YOUR RIGHTS (ACCESS & CONTROL)

Under Canadian privacy laws, you have the right to:

  • Access: Request a copy of the Personal Information we hold about you.

  • Correction: Request that we correct inaccurate or incomplete information.

  • Deletion: Request that we delete your Personal Information (subject to our legal obligation to retain certain records for tax/accounting purposes).

  • Withdraw Consent: Unsubscribe from our marketing emails at any time by clicking the “unsubscribe” link.

To exercise these rights, please contact our Privacy Officer at [email protected].


7. COOKIES & TRACKING TECHNOLOGY

We use cookies to enhance your experience.

  • Essential Cookies: Required for the website to function (e.g., keeping you logged in).

  • Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics).

  • Marketing Cookies: Used to show you relevant ads on other platforms (e.g., Facebook/Google Remarketing). You can instruct your browser to refuse all cookies, but some portions of our Service may not function properly without them.


8. THIRD-PARTY LINKS & TOOLS

Our website and services may contain links to third-party sites or tools (e.g., NordPass, Vistaprint). We are not responsible for the privacy practices or content of these third parties. We encourage you to read the privacy policies of every site you visit.


9. INCIDENTAL ACCESS (HOSTING & MAINTENANCE)

As your hosting and maintenance provider, Roots in Tech Inc. may have incidental access to the data stored on your website or server (e.g., your customer database). We generally do not access this data unless required for technical support, migration, or security maintenance. We treat all such data as strictly confidential.


10. CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. You are advised to review this Privacy Policy periodically for any changes.


11. EUROPEAN RESIDENTS (GDPR COMPLIANCE)

If you are a resident of the European Economic Area (EEA), you have specific data protection rights under the General Data Protection Regulation (GDPR).

11.1. Legal Basis for Processing We process your personal data under the following legal bases:

  • Contractual Necessity: To fulfill our service agreement with you (hosting, billing).

  • Legitimate Interests: To secure our network, prevent fraud, and improve our services.

  • Consent: For marketing purposes where you have explicitly opted in.

  • Legal Obligation: To comply with tax and accounting laws.

11.2. International Transfers Roots in Tech Inc. is located in Canada, which the European Commission recognizes as providing an “Adequate” level of data protection. However, we use sub-processors (hosting providers) located in the United States.

  • Transfer to Canada: Data transferred from the EEA to Roots in Tech Inc. is covered by the EU-Canada Adequacy Decision.

  • Onward Transfer to USA: When we transfer your data to our US servers, we rely on Derogations for Specific Situations (Article 49 GDPR), specifically that the transfer is necessary for the performance of a contract between you and us (i.e., we cannot host your website without storing it on our servers). By entering into a contract with us, you explicitly consent to this transfer.


12. UNITED STATES RESIDENTS (CALIFORNIA & OTHERS)

While Roots in Tech Inc. may not meet the revenue thresholds to be strictly bound by the California Consumer Privacy Act (CCPA), we voluntarily provide the following disclosures to our US clients:

12.1. We Do Not Sell Your Data We do not sell, rent, or trade your Personal Information to third parties for money or valuable consideration. We are not a data broker.

12.2. Service Provider Designation When we act as a “Service Provider” (e.g., hosting your website or managing your CRM), we process consumer data solely on your behalf and in accordance with your written instructions. We do not retain, use, or disclose that data for any purpose other than performing the specific services defined in our contract.

12.3. “Shine the Light” Law Under California Civil Code Section 1798.83, California residents may request information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us.


13. SMS Terms of Service

By opting into SMS from a web form or other medium, you are agreeing to receive SMS messages from Roots in Tech. This includes SMS messages for customer care. We will not share your personal information with third parties for the third parties direct marketing purposes unless you have agreed to such disclosure. Message frequency varies. Message and data rates may apply. See privacy policy at https://rootsintech.com/privacy-policy/. Message HELP for help. Reply STOP to any message to opt out.

We will verify your request using your name and email. Depending on the nature of your request, we may need additional information to verify your identity. You may authorize an agent to make a request on your behalf to exercise your privacy rights under applicable privacy laws.

Certain U.S. states provide the right to appeal Roots in Tech’s denial of an individual rights request.

To exercise your rights or to allow your authorized agent to exercise your rights, please submit, or have your authorized agent submit, a ticket through our Data subject access request portal, or contact our Privacy Team at https://rootsintech.com/privacy-policy/


14. CONTACT US

If you have any questions about this Privacy Policy, please contact us:

  • By Email: [email protected]

  • By Phone: (705) 330-2326

  • By Mail: Roots in Tech Inc., 1303 Canning Rd, Severn Bridge, ON P0E 1N0