Effective Date: [DATE]
Last Updated: [DATE]

Jackal Labs Inc. ("Jackal Labs," "we," "us," or "our") is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with our Respawn Disaster Recovery as a Service (DRaaS) platform and related services (collectively, the "Service").

This Privacy Policy applies to personal information we collect through our website, Service platform, customer communications, and other interactions with Jackal Labs. This Policy does not apply to personal information that we process on behalf of our customers as a service provider, which is governed by our customer agreements and our customers' own privacy policies.

BY USING OUR SERVICE, YOU CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY.

1. SCOPE AND APPLICATION

1.1 Information We Collect vs. Customer Data

It is important to distinguish between two categories of information:

Personal Information We Collect: This includes information we collect about individuals who visit our website, use our Service, or interact with Jackal Labs directly. This Privacy Policy governs our handling of this information.

Customer Data: This includes information that our customers store, backup, or process through our Service. We act as a service provider for Customer Data and process it only according to our customers' instructions and our service agreements. Our customers are responsible for their own privacy policies and compliance obligations regarding Customer Data.

1.2 Geographic Scope

This Privacy Policy applies to our processing of personal information from individuals worldwide. As a Canadian company providing services globally, we comply with applicable privacy laws in Canada, including the Personal Information Protection and Electronic Documents Act (PIPEDA), as well as international privacy regulations such as the European Union's General Data Protection Regulation (GDPR) where applicable.

2. PERSONAL INFORMATION WE COLLECT

2.1 Account and Registration Information

When you create an account or register for our Service, we collect:

  • Full name and job title

  • Business email address and phone number

  • Company name and business address

  • Username and encrypted password

  • Payment information (processed through third-party payment processors)

  • Account preferences and settings

  • Service plan and subscription details

2.2 Service Usage Information

When you use our Service, we automatically collect:

  • Login dates and times

  • IP addresses and device identifiers

  • Browser type, version, and operating system

  • Service features accessed and usage patterns

  • Performance metrics and error logs

  • Backup job statistics and completion status

  • Data transfer volumes and storage utilization

  • Support ticket history and communications

2.3 Website and Communication Information

When you visit our website or communicate with us, we collect:

  • Website pages visited and time spent

  • Referral sources and search terms

  • Cookie and tracking technology data

  • Email open rates and click-through data

  • Marketing communication preferences

  • Event attendance and webinar participation

  • Survey responses and feedback

2.4 Business Contact Information

We may collect business contact information from publicly available sources or third-party data providers to identify potential customers who may be interested in our services, including:

  • Professional contact details from business directories

  • Company information and industry data

  • Social media profiles and professional networking information

  • Conference attendee lists and industry publications

2.5 Audio and Visual Information

In certain circumstances, we may collect:

  • Photographs and video recordings from events or marketing activities

  • Audio recordings of support calls (with appropriate notice and consent)

  • Security camera footage at our facilities

  • Screenshots or screen recordings during support sessions (with consent)

3. HOW WE USE PERSONAL INFORMATION

3.1 Service Provision and Management

We use personal information to:

  • Create and manage user accounts and profiles

  • Authenticate users and maintain account security

  • Provide access to Service features and functionality

  • Process payments and manage billing

  • Monitor Service performance and availability

  • Provide technical support and customer service

  • Communicate about Service updates, maintenance, and changes

  • Enforce our Terms of Use and other policies

3.2 Service Improvement and Development

We use personal information to:

  • Analyze Service usage patterns and performance metrics

  • Identify areas for improvement and new feature development

  • Conduct research and development activities

  • Test new features and functionality

  • Optimize user experience and interface design

  • Develop and train artificial intelligence and machine learning models to enhance Service capabilities

3.3 Marketing and Communications

With appropriate consent where required by law, we use personal information to:

  • Send marketing communications about our services and industry insights

  • Provide information about new features, updates, and promotional offers

  • Invite you to events, webinars, and educational content

  • Conduct market research and customer satisfaction surveys

  • Personalize marketing messages and website content

  • Measure the effectiveness of our marketing campaigns

3.4 Business Operations and Legal Compliance

We use personal information to:

  • Comply with legal obligations and regulatory requirements

  • Respond to legal requests and court orders

  • Protect our rights and interests in legal proceedings

  • Prevent fraud, abuse, and security threats

  • Conduct internal audits and compliance assessments

  • Manage business relationships and partnerships

  • Support corporate transactions such as mergers or acquisitions

3.5 Analytics and Insights

We use personal information to:

  • Generate aggregated and anonymized analytics and reports

  • Understand customer demographics and usage trends

  • Benchmark Service performance against industry standards

  • Create business intelligence and strategic insights

  • Support sales forecasting and business planning

4. LEGAL BASIS FOR PROCESSING (GDPR)

For individuals in the European Union, we process personal information based on the following legal grounds:

4.1 Contractual Necessity

We process personal information necessary to perform our contract with you, including:

  • Providing access to the Service

  • Managing your account and subscription

  • Processing payments

  • Providing customer support

4.2 Legitimate Interests

We process personal information based on our legitimate business interests, including:

  • Improving and developing our Service

  • Ensuring Service security and preventing fraud

  • Conducting marketing activities for existing customers

  • Managing business operations and relationships

4.3 Consent

We process personal information based on your consent for:

  • Marketing communications to prospects

  • Non-essential cookies and tracking technologies

  • Participation in surveys and research

  • Audio recording of support calls

4.4 Legal Obligations

We process personal information to comply with legal requirements, including:

  • Tax and accounting obligations

  • Regulatory reporting requirements

  • Legal discovery and litigation support

  • Law enforcement requests

5. HOW WE SHARE PERSONAL INFORMATION

5.1 Service Providers and Vendors

We share personal information with trusted third-party service providers who assist us in operating our business and providing the Service, including:

  • Cloud infrastructure and hosting providers

  • Payment processing companies

  • Customer support and communication platforms

  • Marketing automation and analytics services

  • Security and monitoring services

  • Professional services providers (legal, accounting, consulting)

All service providers are contractually required to protect personal information and use it only for the purposes we specify.

5.2 Business Partners

We may share limited personal information with business partners for:

  • Joint marketing activities and events

  • Integration partnerships and technical collaborations

  • Referral programs and channel partnerships

  • Industry research and benchmarking studies

5.3 Corporate Transactions

In the event of a merger, acquisition, sale of assets, or other corporate transaction, personal information may be transferred to the acquiring entity, subject to appropriate confidentiality and data protection commitments.

5.4 Legal Requirements

We may disclose personal information when required by law or when we believe disclosure is necessary to:

  • Comply with legal obligations, court orders, or regulatory requirements

  • Protect our rights, property, or safety, or that of our customers or others

  • Investigate and prevent fraud, security threats, or illegal activities

  • Respond to emergency situations involving potential harm to individuals

5.5 Aggregated and Anonymized Information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify individuals for business purposes, research, or industry analysis.

6. INTERNATIONAL DATA TRANSFERS

6.1 Cross-Border Processing

As a global service provider, we may transfer personal information across international borders to our data centers, service providers, and business partners located in various countries, including the United States, European Union, and other jurisdictions.

6.2 Transfer Safeguards

When transferring personal information internationally, we implement appropriate safeguards to protect the information, including:

  • Standard contractual clauses approved by relevant data protection authorities

  • Adequacy decisions recognizing equivalent levels of protection

  • Binding corporate rules for intra-group transfers

  • Certification schemes and codes of conduct

  • Specific consent where required by applicable law

6.3 Data Residency Options

For customers with specific data residency requirements, we offer options to store and process Customer Data within specific geographic regions, subject to our service capabilities and customer agreements.

7. DATA RETENTION

7.1 Retention Principles

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

7.2 Retention Periods

Typical retention periods include:

  • Account Information: Retained for the duration of your account plus seven (7) years for business and legal purposes

  • Service Usage Data: Retained for up to three (3) years for service improvement and analytics

  • Marketing Communications: Retained until you withdraw consent or we determine the information is no longer needed

  • Support Communications: Retained for up to five (5) years for quality assurance and legal purposes

  • Financial Records: Retained for seven (7) years to comply with accounting and tax obligations

7.3 Secure Deletion

When personal information is no longer needed, we securely delete or anonymize it using industry-standard methods to prevent unauthorized recovery or reconstruction.

8. DATA SECURITY

8.1 Security Measures

We implement comprehensive technical, administrative, and physical security measures to protect personal information, including:

  • Encryption of data in transit and at rest using industry-standard algorithms

  • Multi-factor authentication and access controls

  • Regular security assessments and penetration testing

  • Employee security training and background checks

  • Incident response and breach notification procedures

  • Secure development practices and code reviews

8.2 Infrastructure Security

Our Service infrastructure includes:

  • Secure data centers with physical access controls

  • Network segmentation and firewall protection

  • Intrusion detection and prevention systems

  • Regular security monitoring and threat intelligence

  • Backup and disaster recovery capabilities

  • Compliance with industry security standards (SOC 2, ISO 27001)

8.3 Limitations

While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security of personal information and are not responsible for security breaches caused by factors beyond our reasonable control.

9. YOUR PRIVACY RIGHTS

9.1 Access and Correction

You have the right to:

  • Access personal information we hold about you

  • Request correction of inaccurate or incomplete information

  • Receive a copy of your personal information in a structured, commonly used format

9.2 Deletion and Restriction

You have the right to:

  • Request deletion of your personal information in certain circumstances

  • Restrict our processing of your personal information

  • Object to processing based on legitimate interests

9.3 Data Portability

Where technically feasible, you have the right to receive your personal information in a portable format and transmit it to another service provider.

9.4 Withdrawal of Consent

Where we process personal information based on your consent, you have the right to withdraw that consent at any time, though this will not affect the lawfulness of processing before withdrawal.

9.5 Marketing Opt-Out

You can opt out of marketing communications at any time by:

  • Clicking the unsubscribe link in marketing emails

  • Updating your communication preferences in your account settings

  • Contacting us directly using the information provided below

9.6 Exercising Your Rights

To exercise your privacy rights, please contact us using the information provided in Section 13. We will respond to your request within the timeframes required by applicable law, typically within 30 days.

10. COOKIES AND TRACKING TECHNOLOGIES

10.1 Types of Cookies

We use various types of cookies and similar tracking technologies:

  • Essential Cookies: Necessary for the Service to function properly

  • Performance Cookies: Help us understand how visitors use our website and Service

  • Functional Cookies: Remember your preferences and settings

  • Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness

10.2 Third-Party Tracking

We may use third-party analytics and marketing services that place cookies on your device, including:

  • Google Analytics for website analytics

  • Marketing automation platforms for campaign tracking

  • Social media plugins for content sharing

  • Customer support chat services

10.3 Cookie Management

You can control cookies through your browser settings, though disabling certain cookies may affect Service functionality. Most browsers allow you to:

  • View and delete existing cookies

  • Block cookies from specific websites

  • Block all cookies (not recommended for Service use)

  • Receive notifications when cookies are set

11. CHILDREN'S PRIVACY

Our Service is not intended for individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete such information promptly.

12. PRIVACY POLICY UPDATES

12.1 Notification of Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. We will notify you of material changes by:

  • Posting the updated Privacy Policy on our website

  • Sending email notification to registered users

  • Providing notice through the Service interface

  • Other appropriate communication methods

12.2 Effective Date

Changes to this Privacy Policy become effective on the date specified in the updated version. Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.

13. CONTACT INFORMATION

13.1 Privacy Officer

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:

Jackal Labs Inc.
Privacy Officer
[Address]
Ottawa, Ontario, Canada
Email: privacy@jackallabs.com
Phone: [Phone Number]

13.2 Data Protection Representative (EU)

For individuals in the European Union, our Data Protection Representative can be contacted at: [EU Representative Contact Information]

13.3 Regulatory Authorities

You have the right to lodge a complaint with relevant data protection authorities if you believe we have not handled your personal information in accordance with applicable privacy laws.

Canada: Office of the Privacy Commissioner of Canada (www.priv.gc.ca)
EU: Your local data protection authority or the lead supervisory authority
Other Jurisdictions: Contact the relevant privacy regulator in your jurisdiction

14. SUPPLEMENTAL PRIVACY NOTICES

14.1 California Privacy Rights

For California residents, additional privacy rights and disclosures are provided in our California Privacy Rights Statement, available at [URL].

14.2 European Privacy Statement

For individuals in the European Union, additional information about our GDPR compliance is provided in our European Privacy Statement, available at [URL].

14.3 Other Jurisdictions

We may provide additional privacy notices for specific jurisdictions as required by local privacy laws. These notices supplement this Privacy Policy and are available on our website.

This Privacy Policy is effective as of [DATE] and supersedes all previous versions.