1. Information We Collect
1.1 Information You Provide
We collect information you voluntarily provide when you:
Contact us via forms or email (name, email address, phone number, company name, message content)
Request information about services or proposals (business details, operational information, system details)
Subscribe to newsletters, updates, or marketing communications (email address, preferences)
1.2 Automatically Collected Information
When you visit our Site, we automatically collect certain information through cookies and similar technologies:
Device information: IP address, browser type, operating system, device type
Usage information: pages visited, time spent on pages, links clicked, referral source
Location information: general geographic location based on IP address (city/region level, not precise location)
1.3 Information from Third Parties
We may receive information about you from:
Analytics providers (for example, Google Analytics)
Marketing platforms (for example, HubSpot, Mailchimp, if used)
Social media platforms (if you engage with Carve content on LinkedIn or other platforms)
2. How We Use Your Information
We use your information for the following purposes:
2.1 Service Delivery
Respond to inquiries and provide information about our services
Assess your business needs and propose automation solutions
Deliver contracted services (audits, implementations, managed services)
Communicate about projects, deliverables, and support
2.2 Site Improvement
Analyze Site usage to improve content, design, and user experience
Monitor Site performance and troubleshoot technical issues
Maintain Site security and prevent abuse
2.3 Marketing and Communications
Send newsletters, case studies, and educational content (where permitted)
Send information about events, offers, or services you might find relevant
Measure and improve the effectiveness of marketing campaigns
2.4 Legal and Compliance
Comply with applicable laws and regulations
Enforce our Terms of Service and other agreements
Protect our rights, property, and safety, and those of our users and third parties
3. Legal Basis for Processing (GDPR)
If you are located in the EEA, UK, or similar jurisdictions, we process your personal information based on:
Consent: For marketing communications and non-essential cookies
Contractual necessity: To respond to your requests or perform a contract with you
Legitimate interests: To operate and improve our Site, market our services to business users, and protect our business (balanced against your privacy rights)
Legal obligation: To comply with laws and regulations
4. Cookies and Tracking Technologies
4.1 What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help us recognize your device, remember preferences, and understand Site usage.
4.2 Types of Cookies We Use
Core functionality and security
Usage analytics and performance
Track engagement with campaigns
Remember language and other choices
4.3 Third-Party Cookies
We may use third-party services that set cookies, such as:
Google Analytics (site usage and traffic)
Email/marketing tools (for example, HubSpot/Mailchimp, if implemented)
Each provider has its own privacy policy and controls.
4.4 Cookie Consent and Management
EEA/UK visitors will see a cookie banner and can consent to or reject non-essential cookies.
You can also manage cookies using your browser settings. Disabling cookies may affect Site functionality.
4.5 Do Not Track
Our Site does not currently respond to “Do Not Track” signals. You can control tracking through cookie settings and browser tools.
5. How We Share Your Information
We do not sell or rent your personal information. We may share it in these situations:
5.1 Service Providers
With vendors that help us operate the Site and deliver services, such as:
Hosting providers
Analytics and marketing platforms
Communication and productivity tools (for example, Google Workspace)
Payment processors, if applicable
These providers are bound by confidentiality and data protection obligations.
5.2 Business Transfers
If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction, subject to this Privacy Policy.
5.3 Legal Obligations and Protection
We may disclose information where required by law, regulation, legal process, or to protect our rights, property, or safety.
5.4 With Your Consent
We may share your information with third parties when you ask us to or explicitly consent.
6. Data Retention
We retain personal information only as long as necessary for the purposes described above or as required by law:
Contact and inquiry data: up to 2 years after last contact
Client/project records: duration of engagement plus up to 7 years (for legal and tax reasons)
Marketing data: until you unsubscribe or request deletion
Analytics data: per provider settings (for example, up to 26 months for Google Analytics)
After retention periods, data is deleted or anonymized.
7. Your Privacy Rights
Your rights depend on your location.
7.1 EEA/UK (GDPR)
You may:
Request access to your personal information
Request correction of inaccurate data
Request deletion (“right to be forgotten”)
Request restriction of processing
Object to processing based on legitimate interests or for direct marketing
Request data portability
Withdraw consent where processing is based on consent
7.2 California (CCPA/CPRA)
You may:
Request to know what personal information we have collected about you in the past 12 months
Request deletion of your personal information (subject to legal exceptions)
Opt out of sale or sharing of personal information (we do not sell personal information)
Not be discriminated against for exercising your rights
7.3 Canada (PIPEDA)
You may:
Request access to personal information we hold about you
Request correction of inaccurate information
Withdraw consent to collection, use, or disclosure (subject to legal/contractual restrictions)
7.4 How to Exercise Your Rights
To submit a request, email:
Email: admin@CarveSolutions.co Subject line: “Privacy Request – [Your Region]”
Include your name, contact details, and what you are requesting. We may ask for additional information to verify your identity. We will respond within the time required by applicable law.
8. Data Security
We use commercially reasonable technical and organizational measures to protect your information, such as:
Encryption in transit (HTTPS/TLS)
Access controls and least-privilege principles
Secure storage and regular backups (where applicable)
Internal practices for handling and minimizing personal data
No method of transmission or storage is completely secure. You use the Site at your own risk.
9. International Data Transfers
Carve is based in Canada and uses service providers in other countries, including the United States and potentially the European Union.
If you access the Site from outside Canada, your information may be processed in those jurisdictions. Where required (for example, under GDPR), we use appropriate safeguards such as standard contractual clauses.
10. Children’s Privacy
Our Site and services are intended for business users and are not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
11. Third-Party Links
The Site may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We are not responsible for their content, policies, or practices. Review their privacy policies before providing any information.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes, we will:
Post the updated version on this page, and
Update the “Last Updated” date at the top
Material changes may also be communicated via prominent notice on the Site or email, where appropriate. Your continued use of the Site after changes take effect means you accept the updated policy.
13. Contact Us
If you have questions, concerns, or privacy requests, contact:
Carve Solutions Inc.
If you are in the EEA/UK and are not satisfied with our response, you may lodge a complaint with your local data protection authority.