Privacy policy
Last updated: December 5, 2025
In this privacy policy (the "Policy") for the JygaTech Platform (defined below), operated by Jyga Concept Inc. and its affiliated companies (referred to as "JYGA", "we", "us"):
Customer means a customer of JYGA who is a natural person, a company, or another organisation, expressly excluding individual consumers (the "Consumers");
Business Contact Information is information that relates to the performance of a function within a company, such as a person's name, title and position, as well as their work address, email address and telephone number. "Performance of a function" means that this information must have been collected, used or disclosed for the purpose of communicating with the person in connection with their employment, business or profession;
Platform means the JygaTech Platform accessible via the www.jygatech.com;
Product means the products, services and software made available to Customers by JYGA through the Platform, including, without limitation, the products available in the Platform catalogue, the support services provided to Customers and the renewal of subscriptions to software that may be integrated into the products;
Personal Information refers to information that identifies a person, directly or indirectly. This excludes Business Contact Information, except in cases where privacy laws consider it to be Personal Information. Anonymized information within the meaning of the law is not Personal Information;
Authorized Users means any natural or legal person expressly authorized by the Customer to access and use the Products directly. Authorized Users may include, but are not limited to, employees, agents, subcontractors, affiliates, licensees or any other party involved in the operation, management or use of the Products. Authorized Users specifically exclude Consumers.
Scope and Application
JYGA must collect and process certain Personal Information about you in order for you to use our Platform and Products. JYGA is committed to respecting your privacy and protecting your Personal Information. We have implemented a privacy policy, and appointed a person responsible for the protection of Personal Information.
This Policy has been developed to inform you about how your Personal Information is collected, used, disclosed, stored, managed, shared and protected. JYGA only collects Personal Information from Customers and Authorized Users and users of its Platform. When we collect your Personal Information, we ensure that we only collect information that is necessary to achieve one of our purposes, which will have been disclosed to you in advance, for example, in this Policy. We use Personal Information in accordance with the privacy laws that apply to our activities.
By acting as a Customer, Authorized User or submitting Personal Information to us through the Platform, you agree to the terms of this Policy and consent to our collection, use, disclosure, communication, retention, and management of your Personal Information as described in this Policy.
Customers, Authorized Users and Platform users from the United States are invited to read Appendix 1 to this Policy in addition to the present document. Customers, Authorized Users and Platform users from Europe and the United Kingdom are invited to read Appendix 2 to this Policy in addition to the present document.
Customers, Authorized Users, and Platform users outside Canada agree to comply with the laws applicable in their jurisdiction regarding Personal Information and data sharing.
What Personal Information do we collect?
When you use the Platform, we may collect the following Personal Information:
· Personal Information related to the creation of your account and use of the Platform: Your contact details such as your name, address, email address or telephone number;
· Financial information, such as billing address, bank details or payment system data;
· Personal Information related to your use of the Platform: including the date and time of visits, geolocation data (with your consent), the duration of your presence on the Platform, the pages clicked on and the IP address used to connect);
· Personal Information related to the use of your devices: including device type, unique identifier, IP address, operating system and physical location of the device (geolocation, beacon location);
· Personal Information related to feedback when you fill out one-off forms;
· Information generated during the provision of the Platform and services that could be considered Personal Information;
· Marketing information and communication preferences, such as comments or responses to queries;
· Information relating to the use of our Platform, including technical information about visits or other information collected through Cookies or similar tools;
· Any other Personal Information provided by you or on your behalf.
Given the importance of protecting children's privacy, we do not target the Platform or Products to minors.
JYGA does not knowingly process Personal Information from minors. In cases where JYGA discovers that Personal Information from minors has been processed, we will require the explicit consent of the parent, guardian, or minor, as applicable, or destroy such Personal Information.
If a parent or guardian discovers that their minor child has provided us with Personal Information without our obtaining the appropriate consent, that parent or guardian has the right, upon request, to view the Personal Information provided by the child and/or to require that it be deleted from our records. In this case, we ask the child's parent or guardian to contact us using the contact details provided in the "Privacy Officer" section.
When do we collect Personal Information?
You provide us with information:
· When you provide or offer to provide us with a product or service;
· When you create a user account on the Platform;
· When you use the Platform;
· When you communicate with us by email, telephone or written correspondence;
· When you enter into a contract with us;
· When you have consented to third parties sharing it with us, including our suppliers, service providers and other business partners.
Why do we collect Personal Information?
We only collect Personal Information that is necessary to achieve the following purposes:
· To offer our Products or services via the Platform;
· To respond to your questions, requests, comments or complaints;
· To achieve our business objectives, including the development, improvement, or modification of our Products and services;
· To perform data analysis, identify usage trends and evaluate the effectiveness of our promotional campaigns and commercial activities;
· To send you administrative information, such as updates to our services or changes to our terms, policies, and conditions;
· To send you marketing communications that may be of interest to you, such as newsletters, promotional emails, direct mail, newsletters, or commercial offers;
· To send you notifications on your device, as well as email or SMS notifications;
· To conduct audits, monitor, and prevent fraud;
· To comply with applicable laws and regulations, including (i) to respond to requests from public or governmental authorities, including those outside your country of residence; (ii) to protect our operations and our legitimate interests, as well as those of our affiliates; (iii) to exercise our legal remedies or limit potential damages;
· To monitor the general use of our Products and Platform, prevent abuse, identify bugs or technical issues, and determine which features to improve;
· To facilitate and optimise the user experience on the Platform or our Products, to the extent that Personal Information is used in a manner proportionate to these purposes;
· Any other use for which you have consented.
Retention and destruction
We strive to maintain a program for managing Personal Information and policies for retaining and destroying Personal Information in our custody. We will not retain Personal Information longer than is necessary or relevant for the identified purposes, unless otherwise provided for in contracts with the Customer, or legal, or regulatory requirements. Once these periods have expired, we will return or destroy the Personal Information in accordance with the contract with the Customer, the Law or internal Personal Information management policies.
How do we protect your information?
Your Personal Information is hosted by our service providers who are committed to using reasonable security measures to preserve the integrity and confidentiality of your Personal Information.
All credit card transactions are processed through a gateway provider and are not stored or processed on our servers. A PCI-compliant external payment gateway handles all credit card transactions. It is also possible to make payments through our external payment service providers, such as PayPal and Shopify Payment, in which case the transactions are processed by them and are not stored or processed on our servers.
Your Personal Information is contained in secure networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all credit and sensitive information is treated in accordance with its sensitivity. We also conduct regular malware scans.
We implement a variety of security measures when you enter, submit, or access your Personal Information to maintain its security.
Connection cookies and other similar technologies (hereinafter referred to as "Cookies")
Our Platform allow us to collect information about visitors and users through certain tracking technologies, such as Cookies. This information may include, but is not limited to: IP address, web browser, operating system, click streams.
We use certain cookies, in particular to:
· Remember your settings and preferences. Cookies provide us with information about your preferences, such as your province or language;
· Produce statistical compilations. We use cookies to determine the popularity of our Platform's pages, the average number of pages visited, and the average time spent by each user on the Platform in order to improve our services;
· Analyse our performance in order, among other things, to learn more about the features our users enjoy and those that may need to be modified.
Please note that the use of Cookies only identifies you as a user and does not recognise you by name or address.
Cookies may be used for functional, statistical, marketing, and tracking purposes. The full list of cookies used for the Platform's shop is available by visiting the page <https://www.shopify.com/legal/cookies>. You can choose to have your computer warn you each time a cookie is sent, or you can choose to disable all cookies via your browser settings or by visiting the page <https://www.shopify.com/legal/cookies>.
We may use Google Inc.'s ("Google") reCAPTCHA service to verify whether data entered on the Platforms has been entered by a human or an automated program. The reCAPTCHA service may collect information about you, including your Personal Information, for security purposes. The information collected by reCAPTCHA is stored in accordance with Google's privacy policy. By using the reCAPTCHA service, you consent to the processing of your Personal Information by Google in the manner and for the purposes described in its privacy policy.
Disclosure to third parties
We do not sell or trade your Personal Information with third parties. However, we may need to disclose your Personal Information in the following circumstances:
With our employees
In the course of their work, our employees and managers may have access to your Personal Information; for example, when you contact us. Their access is limited to what is necessary for the performance of their duties.
With our service providers
Our business partners may sometimes need to receive or access certain Personal Information in order to perform their services (payment providers, cloud data hosts, maintenance, analysis, fraud detection and development). In such cases, we implement reasonable contractual and technical safeguards, including privacy impact assessments, to ensure that these third parties keep all Personal Information they process strictly confidential.
Please note that these third parties may be located outside your country, province, or territory of residence. For more information on this subject, please refer to the section entitled "Transfers of Personal Information."
With our Customers
Your personal file may be visible to your employer (our Customer) when necessary for the purposes of managing and monitoring your Authorized User accounts of the Platform at large.
Our Customers undertake not to use your Personal Information for any other purpose, including promotional purposes.
With authorities or persons authorized by law
We may share your Personal Information if required by law or if we believe in good faith that such action is necessary to:
· Comply with the law;
· Comply with the order of a competent judicial authority in any jurisdiction;
· Comply with legal process;
· Protect and defend the rights or property of JYGA;
· Enforce or verify your compliance with any part of the agreements you have entered into with us, if applicable;
· Prevent fraud or other illegal activities perpetrated through the service;
· Act in urgent circumstances to protect the personal safety of users of our services or the general public;
With potential purchasers of our business.
We may need to share your Personal Information without your consent in the event of a merger, acquisition or sale of all or part of the business, for example, as part of due diligence. In such a case, we limit sharing to what is necessary to assess the feasibility or appropriateness of the transaction.
Transfers of Personal Information
Your Personal Information may be disclosed and stored outside your province, state, territory, or country of residence.
Our business partners and service providers are sometimes located elsewhere in Canada or in other countries. Please be aware that we have contractual agreements with these third parties and suppliers to ensure that your Personal Information is processed in accordance with the laws applicable to us. Where applicable, we conduct privacy impact assessments prior to transferring Personal Information to another jurisdiction, such as outside Quebec.
Links to third parties
It is important to understand that this Policy does not apply to third-party websites that may be accessed through links on our Platforms. We are not responsible for these third-party sites, their content, or their access. Therefore, any Personal Information you transmit through these sites is subject to their privacy policies. It is your responsibility to review those policies to ensure the protection of your Personal Information.
In accordance with applicable laws, our personal information management program, and our internal policies, you may exercise certain rights with respect to your Personal Information, including:
· The right to access, correct, and delete your data;
· The right to withdraw your consent, where required;
· The right not to be discriminated against in connection with the exercise of your rights.
If you reside in Quebec, you have additional rights, including:
· The right to be informed when a decision concerning you is based solely on automated processing, if applicable;
· The right to restrict or object to the use and processing of your Personal Information;
· The right to data portability, allowing you to obtain a copy of your Personal Information in a structured, commonly used, and machine-readable format.
Furthermore, you may file a complaint with JYGA's Privacy Officer if you are dissatisfied with our handling of your Personal Information or with our compliance with this Policy. This complaint will be handled in accordance with our internal policies. You are also permitted by law to file a complaint with a privacy commissioner or any other competent supervisory authority for the protection of Personal Information.
You may contact us to exercise your rights or if you have any questions about our Personal Information protection practices. You may also contact us if you need assistance in exercising your rights or understanding your choices regarding the protection of your Personal Information.
The person responsible for ensuring compliance with and implementation of this Privacy Policy, including the handling of rights and complaints, is:
Roxanne Lefebvre
Email: legal@jygatech.com
We are committed to responding to your requests promptly.
Changes to this Privacy Policy
We reserve the right to modify this Policy at any time. We therefore encourage you to review it regularly. Changes to this Policy will be posted on our Platform in the form of a Policy update and will take effect upon posting. If we make any material changes to this Policy, we will notify you by posting a notice on our Platform or by email. However, in all other circumstances, the publication of a new version of the Policy on our Platform or your continued use of the Platform will be sufficient to notify you of the changes to the Policy and to obtain your consent to them.
This appendix applies only to the collection and processing of "personal information" as defined by United States law. This term refers to any personal information relating to a person located in the United States, including California, whether or not they are a citizen of that country. This section applies to you if you are located in the United States. It does not apply if you are located outside the United States, even if you are a United States citizen. This appendix is current as of December 1st, 2025.
1. What personal information is collected?
Although our processing of personal information varies depending on our relationship and interactions with you, this section describes in general terms how we have collected and disclosed personal information in the twelve (12) months prior to the last update of this Appendix. For more information, please see the sections "What Personal Information do we collect?" "When do we collect Personal Information?", and "Why do we collect Personal Information?" Below, we identify the categories of personal information (as defined by applicable United States laws) that we collect about United States residents.
Identifiers: includes direct identifiers, such as name, username, account number or unique personal identifier; email address, telephone number, address and other contact details; IP address and other online identifiers.
User Accounts: includes personal information, such as name, account name, contact details, professional information, account number, and financial or billing information, that individuals provide to us in order to purchase or obtain our Products.
Commercial Information: includes records of Products purchased, obtained or considered, or other purchase or usage history or trends.
Usage Data: includes browsing history, navigation path data, search history, access logs, and other usage data and information regarding interaction with our Products and Platform, our marketing emails, and our online advertisements.
Geolocation Data: includes precise information about the Authorized User's device.
Professional Information: includes professional and employment-related information, including your employer (our Customer).
2. Is your personal information sold?
In accordance with United States laws regarding the protection of personal information, your Personal Information will never be sold to third parties.
Our Platform is not intended for minors, and we do not knowingly collect, or sell, any personal information from minors under the age of sixteen (16) through our Platform. However, if the parent or guardian of a minor under the age of sixteen (16) believes the minor has provided us with personal information, they should contact us at legal@jygatech.com to request the deletion of that information from our files.
3. Your rights
Under United States law, you may have certain rights regarding your personal information, including the rights listed below. To exercise these rights, please contact us at legal@jygatech.com.
Access: You have the right to request, in accordance with applicable laws, that we provide you with the personal information we have collected, used, shared, and sold (if applicable) about you in the past twelve (12) months. You may request information prior to this period, and we are required to provide it to you, provided that it is possible to obtain it and does not require disproportionate effort.
Deletion: You have the right to request that we delete certain personal information we have collected about you.
Opt-out of sale or sharing: You have the right to opt out of the sale or sharing of your personal information.
Transparency request (or Shine the Light): You may also have the right to request that we provide you with (i) a list of certain categories of personal information that we have disclosed to third parties for direct marketing purposes during the previous calendar year and (ii) the identities of those third parties.
Correction of inaccurate personal information: You have the right to request the correction of any inaccurate personal information, taking into account the nature of the personal information and the purposes of its processing. We will make reasonable efforts to correct inaccurate personal information in accordance with your instructions, in accordance with applicable United States laws.
Freedom from discrimination: You have the right not to be discriminated against in connection with the exercise of your rights.
3. How does our Platform handle "Do Not Track" signals?
We honour "Do Not Track" signals, we do not plant cookies, and we do not use advertising when a browser "Do Not Track" mechanism is in place.
4. Does our Platform allow third-party behavioural tracking?
No. It is also important to note that we do not allow third-party behavioural tracking.
5. Fair information practices
The principles of fair information practices form the backbone of privacy legislation in the United States, and the concepts they include have played an important role in the development of data protection laws around the world. Understanding the principles of fair information practices and how they should be implemented is essential to complying with the various privacy laws that protect Personal Information.
In order to comply with fair information practices, we will take responsive action. In the event of a data breach, we will notify you by email within two (2) weeks of the breach.
We also accept the principle of individual redress, which requires that individuals have the right to legally enforceable rights against data collectors and processors who fail to comply with the law. This principle requires not only that individuals have enforceable rights against data users, but also that they have recourse to courts or government agencies to prosecute and/or investigate non-compliance by data processors.
This appendix applies only to the collection and processing of "personal data" in the European Union ("EU"). This term refers to any personal information relating to a person located in the EU, whether or not they are a citizen of a member state. This section applies to you if you are located in an EU country. It does not apply if you are outside the EU, even if you are a citizen of a member state.
For the purposes of this appendix, the term "processing" has the meaning given by the General Data Protection Regulation (the "GDPR") and includes any operation or set of operations performed on EU personal data, such as: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The EU personal data we process may come directly from you, from a third party (e.g. our European partners) or result from your use of our services.
We process this data in accordance with this appendix and our Policy. In the event of any discrepancy between this appendix and other sections of the Policy concerning the processing of EU personal data, this appendix shall prevail. It is current as of December 1st 2025.
1. GDPR Principles
All EU personal data will be:
· Processed lawfully, fairly and in a transparent manner;
· Collected only for the purposes identified in the Policy or for any other agreed purpose, without further processing incompatible with those purposes;
· Adequate, relevant and limited to what is necessary in relation to the purposes pursued;
· Kept up to date in accordance with the section "How do we protect your information?" of the Policy;
· Kept in a form which permits identification for no longer than is necessary for the purposes for which the personal data are processed;
· Stored and processed securely to prevent unauthorized access, loss, damage or accidental disclosure, in accordance with the Policy.
2. Legal bases for processing
We collect and process EU personal data only if we have a legal basis, including:
· Your consent;
· The necessity of processing to perform a contract with you (e.g., providing the requested services);
· The necessity of processing for the "legitimate interests" of JYGA, provided that these interests do not override your rights and freedoms. Certain legitimate interests are specified in the "Why do we collect Personal Information" section of the Policy.
When we rely on your consent, you may withdraw, restrict or refuse it at any time. When we rely on a legitimate interest, you may object to it. For questions about legal bases, see the "Your Rights" section of the Policy.
We do not use automated decision-making, including profiling, for decisions that produce legal effects concerning you.
3. Rights of data subjects
In addition to the rights provided for in the Policy, you have the following rights regarding your EU personal data:
· Access and portability: you may request a copy of your data (as well as any information provided for in Article 15 of the GDPR) and obtain this data in a structured, commonly used and machine-readable format, including for transfer to a third party.
· Restriction and objection: you may request the restriction or cessation of the processing of your data, in particular if you consider that its processing is unlawful or if it is used for direct marketing purposes.
4. Responsibilities as data controller
In general, we act as the "data controller" for EU personal data. As such, we:
· Explain in the Policy how we collect, store, disclose and process such data;
· Only appoint processors under agreements that comply with the GDPR;
· Keep a record of processing activities where required;
· Cooperate with the competent authorities;
· Implement appropriate technical and organisational measures to protect the data and report any breaches in accordance with the "How do we protect your information?" section of the Policy.
5. Disclosure to third parties
If we need to disclose your data to third parties (including subcontractors), we require them to comply with the GDPR. In the event of a transfer outside the EU, this will be carried out in the context of the lawful performance of our services.
6. Consent to transfer
By providing us with your data, you consent to its transfer to third parties located outside the EU. You acknowledge that we are not responsible for these third parties' compliance with their obligations under the GDPR.
For any comments, questions or complaints regarding the processing of your EU personal data, or to exercise your rights, please use the contact details provided in the "Privacy Officer" section of the Policy. Your requests will be handled in accordance with the "Your Rights" section.
7. European Representative
You may also use the contact details of our representatives in Europe:
legal.eu@jyagtech.com