Last Updated: June, 2026
Data Elephant Inc. respects your privacy and is committed to protecting the personal information entrusted to us. This Privacy Policy explains how we collect, use, disclose, retain and protect personal information when you:
Visit our website at www.dataelephant.com;
Contact or communicate with us;
Subscribe to our communications;
Register for or attend one of our events;
Apply for employment or contract opportunities; or
Otherwise interact with Data Elephant in a business context.
This Privacy Policy applies to individuals in Canada and the United States. It does not replace the terms of any contract, master services agreement, statement of work, data-processing agreement or other agreement between Data Elephant and a client.
Personal information we collect
“Personal information” means information about an identifiable individual. Depending on how you interact with us, we may collect the following information:
Information you provide to us
Your name, email address, telephone number and business address;
Your job title, employer and professional contact information;
Information included in inquiries, meeting requests, website forms or other communications;
Event registration and attendance information;
Marketing and communication preferences;
Information contained in proposals, contracts and other business records;
Resumes, employment history, qualifications and other information submitted in connection with employment or contractor opportunities; and
Any other information you voluntarily provide.
Information collected automatically
When you visit our website, we and our service providers may automatically collect limited technical and usage information, such as:
Your Internet Protocol address;
Browser and device type;
Operating system;
Approximate geographic location;
Referring website;
Pages visited and links selected;
Date, time and duration of your visit; and
Cookie and similar technology identifiers.
We may combine this information with other information when permitted by law.
Information received from other sources
We may receive professional or business information from:
Your employer or colleagues;
Clients, technology partners and referral partners;
Publicly available professional sources, such as corporate websites and LinkedIn;
Event organizers;
Recruitment platforms and professional networks; and
Service providers that support our sales, marketing, recruitment and business operations.
How we use personal information
We will not use personal information for a materially different purpose without obtaining consent where consent is required.We may use personal information to:
Respond to inquiries and communicate with you;
Provide, manage and improve our consulting and professional services;
Prepare proposals, contracts and statements of work;
Manage client, partner and supplier relationships;
Schedule meetings, demonstrations, workshops and events;
Send newsletters, event invitations and other business communications where permitted by law;
Understand how visitors use our website and improve its performance;
Maintain the security and integrity of our website, systems and business;
Recruit and evaluate prospective employees and contractors;
Administer our business, including invoicing, recordkeeping and legal compliance;
Establish, exercise or defend legal rights;
Investigate suspected fraud, security incidents or unlawful activity; and
Fulfil other purposes identified when the information is collected or otherwise permitted by law.
Consent
We collect, use and disclose personal information with consent, except where otherwise permitted or required by law. Consent may be express or implied depending on the nature of the information, the purpose for which it is collected and the circumstances of the interaction. You may withdraw your consent at any time, subject to legal and contractual restrictions and reasonable notice. Withdrawing consent may affect our ability to provide certain information or services to you.
Marketing communications
We may send you business communications where you have consented or where otherwise permitted by applicable law. You may unsubscribe from marketing emails by using the unsubscribe link included in the communication or by contacting us at marketing@dataelephant.com. Unsubscribing from marketing messages will not prevent us from sending necessary service, contractual, transactional, security or administrative communications. Data Elephant’s electronic marketing practices are intended to comply with Canada’s Anti-Spam Legislation and applicable U.S. requirements. Canadian commercial electronic messages generally require consent, sender identification and a working unsubscribe mechanism. CRTC guidance
How we disclose personal information
We do not sell or rent personal information. We may disclose personal information to:
Employees and contractors who require the information to perform their responsibilities;
Website hosting, analytics, CRM, communications, cloud infrastructure, security, recruitment and other technology service providers;
Professional advisers, such as legal counsel, accountants, auditors and insurers;
Business and technology partners when necessary to respond to a joint opportunity, deliver services or coordinate an event, and where permitted by law;
Government, regulatory, law-enforcement or judicial authorities where required or permitted by law; and
A purchaser, investor, successor or other party involved in a potential or completed financing, reorganization, merger, sale or transfer of all or part of our business.
Service providers may use personal information only to perform services for us or as otherwise permitted by their agreements with Data Elephant and applicable law.
Client information and consulting engagements
In delivering consulting services, Data Elephant may access or process personal information on behalf of its clients. When Data Elephant processes information on behalf of a client, the client generally determines why and how the information is processed. Our handling of that information is governed by the applicable client agreement, statement of work, confidentiality obligations and data-processing requirements. Individuals with questions about information controlled by a Data Elephant client should generally direct their request to that client. We will assist our clients with appropriate privacy requests as required by our agreements and applicable law.
Cookies and similar technologies
Our website may use cookies, pixels and similar technologies to:
Enable essential website functionality;
Remember preferences;
Understand website traffic and usage;
Measure the effectiveness of communications and campaigns;
Diagnose performance or security issues; and
Improve the website and visitor experience.
These technologies may be provided by third parties that support our website, analytics, CRM or marketing activities.You can manage or delete cookies through your browser settings. Disabling certain cookies may affect how the website functions. Where required, we will request consent before placing non-essential cookies. We do not use personal information collected through the website to sell personal information.
Cross-border processing
Data Elephant operates as a remote Canadian company and uses service providers that may process or store personal information in Canada, the United States or other jurisdictions. When information is processed outside your province, state or country, it may be subject to the laws of that jurisdiction and may be accessible to courts, law-enforcement agencies or government authorities in accordance with those laws. Data Elephant remains accountable for personal information transferred to service providers for processing and uses contractual, organizational or other appropriate measures to protect it. Canadian privacy guidance permits cross-border processing but expects organizations to remain accountable and be transparent about it. Office of the Privacy Commissioner of Canada
Data retention
We retain personal information only for as long as reasonably necessary to:
Fulfil the purposes for which it was collected;
Manage an ongoing business or client relationship;
Meet legal, tax, accounting and contractual requirements;
Resolve disputes; and
Establish, exercise or defend legal claims.
Retention periods vary depending on the type of information and the reason it was collected. When personal information is no longer required, we will delete, destroy or anonymize it using reasonable methods.
Information security
We use reasonable administrative, technical and physical safeguards appropriate to the sensitivity of the personal information we handle. These measures may include access controls, authentication requirements, confidentiality obligations, security monitoring and secure cloud-service providers. However, no system or method of electronic transmission is completely secure, and we cannot guarantee absolute security. If a privacy or security incident occurs, we will investigate and take appropriate steps, including providing notifications where required by law.
Your privacy rights
Depending on where you live and the laws that apply, you may have the right to:
Ask whether we hold personal information about you;
Request access to your personal information;
Request correction of inaccurate or incomplete information;
Withdraw consent to certain uses;
Object to or request restriction of certain processing;
Request deletion of personal information, subject to legal exceptions;
Opt out of marketing communications; and
Raise a concern about our privacy practices.
To make a request, contact us using the information below. We may need to verify your identity before completing the request.
These rights are subject to exceptions under applicable law. Canadian privacy legislation, including PIPEDA and British Columbia’s Personal Information Protection Act, establishes requirements concerning accountability, consent, limited collection and use, safeguards, retention and individual access. Office of the Privacy Commissioner of Canada, Office of the Information and Privacy Commissioner for British Columbia.
United States privacy rights
Certain U.S. state privacy laws provide additional rights to residents when an organization meets the law’s applicability thresholds.
Where an applicable U.S. privacy law applies to Data Elephant’s activities, eligible individuals may have rights such as access, correction, deletion, portability and the ability to opt out of certain sales, targeted advertising or profiling. Data Elephant does not sell personal information.
Third-party websites
Our website may contain links to third-party websites, platforms or services. Data Elephant does not control and is not responsible for those third parties’ privacy practices. We encourage you to review their privacy policies before providing personal information.
Changes to this Privacy Policy
We may update this Privacy Policy periodically to reflect changes to our practices, technologies or legal obligations. The “Last updated” date at the beginning of the policy indicates when it was most recently revised. Material changes may be communicated through our website or other appropriate means.
Contact us
Data Elephant has designated responsibility for overseeing its privacy practices. Questions, privacy requests or complaints may be directed to:
Email: info@dataelephant.com
Website: www.dataelephant.com
We will review and respond to privacy inquiries within a reasonable period and as required by applicable law.