Privacy Policy

Privacy Policy

May 25th, 2018

Here at TROWBRIDGE we take your privacy seriously. This Privacy Policy is drafted with reference to the General Data Protection Regulation (EU) (GDPR) and describes how TROWBRIDGE collects and uses the personal information you provide on TROWBRIDGE.CA and all of our domains (“the Website”). This Privacy Policy applies only to the specific webpages of TROWBRIDGE.CA, which are referred to below as "this Website".​

TROWBRIDGE (also referred to below as “we”, “us” or “our”) is a global organization who puts a high priority on privacy. We provide this Website and this Privacy Policy to explain how we protect visitors’ information gathered via this Website.

By visiting or using the Website or the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy.

1. What does this Privacy Policy cover?

a. This Privacy Policy covers our treatment of personally identifiable information (“Personal Information”) that we gather or is provided to us by you when you are accessing or using our Website or the Services. This Privacy Policy also sets out the rights you have in relation to your Personal Information. This Privacy Policy does not apply to the practices of companies that we do not own or control, to individuals that we do not employ or manage or to any other third party websites whose links may appear on the Website. We do not knowingly collect or solicit Personal Information from anyone under the age of 13 or knowingly allow such persons to register for the Services (as that term is defined in our Terms of Use). No one under age 13 may provide any Personal Information to us or on the Services.

b. TROWBRIDGE are the “controller” (as such term is defined in the GDPR) of any Personal Information collected via the Website and our contact details are set out below in Section 7 below.

2. What information does TROWBRIDGE collect?
We collect the types of information below.

a. Information you provide to us

i. Your Personal Information: As a visitor, you do not have to submit any personal information in order to use the Website. This Website only collects personal information that is specifically and voluntarily provided by visitors. Such information may consist of, but is not limited to, your name, company name, email address, and telephone numbers.

We also collect information from you to administer events, surveys and the newsletter. We may also store and maintain any content that you provide, including but not limited to social media applications and services that we may provide.


b. Information collected automatically

i. Whenever you interact with our Website, we automatically receive and record information on our server logs from your browser including your, “cookie” information, and the page you requested. Please see our Cookie Policy for more information on what cookies are and how we use them.

c. E-mail, marketing and other communications

We may use your Personal Information to contact you, by email about your use of the Website or the Services. If you provide us with your consent to subscribe to our newsletter or marketing emails, we will use your name and email address to send the newsletter to you via email. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails. Please note that if you do not want to receive newsletter or marketing emails from us, we may still send you legal notices which will govern your use of the Website and you are responsible for reviewing such legal notices for any changes.

3. Where do we store your personal information?

a. Whether or not, you are a British or EU citizen and have informed us as such, your Personal Data will be processed on Tier 3 secure servers based in Canada that which comply with the European Commission’s adequacy decisions.

b. TROWBRIDGE uses various cloud-based systems and tools, including certain customer relationship management and marketing automation services to allow us to provide TROWBRIDGE services to our clients. As part of our services, certain limited client and user profile information is sent to the providers of the services, some of whom are based outside the EEA. Where clients Personal Information is sent by TROWBRIDGE service providers based outside the EEA, we ensure such transfers are conducted in accordance with TROWBRIDGE’s obligations under GDPR May 25th, 2018.

c. By accepting this Privacy Policy,clients acknowledge that their Personal Information will be sent outside the EEA in accordance with the practices described in this Privacy Policy. We will take all steps reasonably necessary to ensure that such Personal Information is kept confidential, secure and only used for the purposes that we have specified and informed you of in this Privacy Policy.

4. Will TROWBRIDGE share any of the Personal Information it receives?

a. We do not rent nor sell your Personal Information to anyone. However, we may share such Personal Information with third parties for the purposes described below.

i. To assist us in providing the Services and/or the Website

We employ other companies and people to perform tasks on our behalf and may need to share your Personal Information with them to provide the Services to you. Unless we tell you differently in this Privacy Policy, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary to assist us and they shall only process your Personal Information in accordance with this Privacy Policy. These third parties include third party companies and individuals employed by us to facilitate the Services and our Website, including the provision of maintenance services, database management, Web analytics and general improvement of the Services.

ii. Service Providers

If we are using a service provider who has signed agreements as one of our partners (e.g., their staff who act as accountant or bookkeeper), then all Personal Information uploaded by such users will be available to that partner and its authorized employees and agents who have access to the relevant partner portal site, with parameters set by us.

iii. Business sale or transfer

We may choose to buy or sell assets. In these types of transactions, customer information (including Personal Information) is typically one of the business assets that is transferred. Also, if we (or substantially all of our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information would be one of the assets transferred to or acquired by a third party. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

vi. Protection of TROWBRIDGE and others

We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or a court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of TROWBRIDGE, our employees, our clients, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. We also may be required to disclose Personal Information in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.

v. With your consent

Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and will be able to prevent the sharing of this information where we need your “consent” to share your Personal Information, unless we have to disclose your Personal Information in the circumstances set out in this Privacy Policy or required by law.

5. Is your Personal Information secure?

a. Your portal account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by protecting your password appropriately and limiting access to your computer or device and browser.

b. We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but we cannot guarantee complete security. The transmission of information via the Internet or over email is not completely secure. Although we will do our best to try to protect your Personal Information, unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of User information at any time. We cannot guarantee the security of the Personal Information you transmit to our Website and any transmission is at your own risk. We are not responsible for the privacy policies and/or practices on other websites. When following a link to another website you should read that site’s privacy policy and any other relevant policies or terms.

6. What happens if there is a data breach?

a. If we become aware of a data breach or are notified of a data breach, we shall notify the Information Commissioner’s Office (ICO) and provide details to them of the data breach where we are required to do so. In most cases we are not required to provide any Personal Information on our clients, however the ICO may request contact details for clients who are or may be affected. If we encounter a data breach clients will be notified where there is likely to be a high risk of any harm or damage to them as a result of the data breach. Should we be requested to provide Personal Information as part of the data breach process we will notify those clients who we believe are affected.

7. What data subject rights do I have?

a. Under the GDPR May 25th 2018 individuals have a number of rights in relation to the processing of their Personal Information. Brief details of these rights are set out below and where these rights only apply from May 25th 2018 this has been stated under each section and further details can be obtained from the sources set out in Section 7.2.

i. Right of access

You have the right to apply for a copy of the Personal Information we hold about you. This is called a data subject access request and you can make a request by writing to us at 1201 -1 1King St W Toronto, ON M5H 1A1 Canada or emailing . We may require you to verify your identity before we can disclose any Personal Information to you.


ii. Right to rectification

You have the right to have any Personal Information which is inaccurate that TROWBRIDGE hold rectified, or any incomplete Personal Information which TROWBRIDGE hold completed. Alternatively, through your account settings, you may access, and, in some cases, edit or delete the following information you’ve provided to us:

  • name and password

  • mailing or physical address

  • email address

  • company name

  • credit card information

The information you can view, update, and delete may change as the Website changes. If you have any questions about viewing or updating information we have on file about you, please contact us at We will respond to your request to access.


iii. Right to be forgotten

From GDPR May 25th 2018, you have the right to require TROWBRIDGE to delete all Personal Information held about you in certain circumstances, for example, where TROWBRIDGE no longer requires the Personal Information for the purposes for which it was collected.

iv. Right to restrict processing

From GDPR May 25th 2018, you have the right to request TROWBRIDGE restrict or block the Processing of your Personal Information in certain circumstances. If you exercise this right we will cease processing your Personal Information however we will still retain a copy of your Personal Information whilst we process your request. Once we have processed your request we will only retain the minimum amount of Personal Information to ensure we comply with our obligations under the GDPR, and to satisfy legal requirements within government regulations.

v. Right to data portability

From GDPR May 25th 2018, you have the right to request that TROWBRIDGE transfers certain Personal Information which you have provided to us where the Processing is based on consent it is necessary for the Performance of a Contract or where the Processing is carried out by automated means.

vi. Right to object

You have the right to object to the processing of your Personal Information by TROWBRIDGE where the Processing is based on TROWBRIDGE’s legitimate interests, direct marketing or if TROWRIDGE is processing Personal Information based on research or statistical purposes.


vii. Right relating to Profiling and automated decision making

From GDPR May 25th 2018, you have the right to not be subject to a decision if that decision is based on automated processing and it produces a legal effect or significantly affects you. This is not an absolute right and the right will not apply if the decision is necessary for TROWBRIDGE entering into a contract with you, is authorized by law or is based on your explicit consent.


a. For more information about your rights under the GDPR please see and Section 12 of this Privacy Policy.

b. You can find out more information about your rights under the GDPR by emailing:

c. You also have the right to apply or a copy of the information we hold about you. This is called a data subject access request and you can make a request by writing to us using the contact details above. We may require you to verify your identify before we can disclose any Personal Information to you. If your request is repetitive or excessive you may be required to pay a reasonable fee for this service.

8. Special categories of data

a. We ask that clients do not send us, and that clients do not disclose, or upload any special categories of data about themselves (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the portals or Services.

9. Testimonials

a. We post customer testimonials/comments/reviews on our Website which may contain Personal Information. We will use the reviews that you have posted on review websites in relation to our Services and by using the Services you consent to this usage. Alternatively, we will post the comments that you have supplied to us after we have obtained your consent in order for us to do the same. To request removal of your Personal Information from Testimonials or comments please contact us at with the subject ‘Data Protection’.


10. What choices do you have?

a. You can always choose not to disclose Personal Information to us, but keep in mind some Personal Information may be needed to engage with us or allow us to provide services to you.


b. You may be able to add, update, or delete information (including Personal Information) as explained in Section 7 above. When you update information, however, we may maintain a copy of the unrevised information in our records.


c. Except as set out in Section 7 above, we will retain your information (including Personal Information) for as long as your account is active or as needed to provide you Services or as required by government regulations.


d. You may request deletion of your account and Personal Information by contacting us at . Please note that some Personal Information may remain in our private records after your deletion of such information (including Personal Information) from your account due to our disaster recovery and backup purposes, and as per government regulations.  We will retain and use your information and Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements but barring legal requirements, we will delete your Personal Information within 90 days.


e. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally.


11. Changes to this Privacy Policy

a. We may amend or update this Privacy Policy from time to time and the date it was last updated will be shown at the top of the page. Use of Personal Information we collect now is subject to the Privacy Policy in effect at the time such Personal Information is used. If we make any significant changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or sending you an email prior to the change becoming effective. You are bound by any changes to the Privacy Policy when you use the Website after such changes have been first posted.

12. Questions or concerns

a. If you have any questions or concerns regarding our Privacy Policy, please send us a detailed message at We will make every effort to resolve your concerns.

b. You also have the right to complain to the:

GDPR (EU) - Information Commissioner’s Office in relation to the Processing of Personal Information. You can do this by visiting or calling 0303 123 1113.

PIPEDA (Canada) – Office of The Privacy Commissioner. You can do this by visiting or calling 1-819-994-5444.