Skip to content

NorthMap Digital Insights

Canada-focused platform explainers
Privacy, cookies, and data rights

Privacy Policy

This Privacy Policy explains what information NorthMap Digital Insights Ltd. collects through this website, how we use it, and the choices available to you. We publish neutral educational content about digital trends and online platforms in Canada, and we aim to be clear about our own data practices.

Last Updated: January 15, 2026

1. Introduction and who we are (Data Controller)

NorthMap Digital Insights Ltd. is responsible for the processing of personal information described in this Privacy Policy when you use our website. For the purposes of applicable privacy and data protection laws, including the EU/UK General Data Protection Regulation (GDPR) where it applies, we act as the “data controller” because we determine the purposes and means of processing.

Company

NorthMap Digital Insights Ltd.

200 Bay Street, Suite 1300, Toronto, ON M5J 2J2, Canada

Contact

General: [email protected]

Privacy: [email protected]

Phone: +1 (416) 362-4000

This site is informational. We do not require users to create accounts to read content. We do offer optional email subscription on the home page. If you choose to subscribe, we explain below what information is collected and how to request deletion.

2. Personal data we collect

The types of information we may collect depend on how you use the website. We aim to collect the minimum needed to operate, secure, and improve the site. The categories below describe what we may process.

A. Information you provide directly

  • Email address (newsletter subscription, when provided).
  • Full name and phone number (only if you choose to include them in an email to us; we do not require them for website browsing).
  • Message content and any attachments you send to our support or privacy address.

B. Information collected automatically

  • IP address and approximate location derived from IP (city/region level in many cases).
  • Browser and device information such as device type, operating system, browser version, language preferences, screen size, and referrer URL.
  • Usage and behavioral data such as pages viewed, time on page, scroll depth, and interactions with buttons (aggregated where possible).
  • Cookie identifiers and similar technologies used to remember your preferences or measure site performance, depending on your cookie choice.
  • Server logs (timestamps, requested URLs, error codes) used for security and troubleshooting.

We do not intentionally collect sensitive categories of personal data through this website (such as health, political opinions, or precise location). If you voluntarily include sensitive details in a message to us, we will process them only for the purpose of responding and handling your request, and we recommend you avoid sharing unnecessary sensitive information.

3. How we collect personal data

We collect information using the following methods. Some are initiated by you (such as sending an email); others occur automatically as part of operating a modern website (such as server logs and cookies).

Web forms (newsletter)

If you use the optional newsletter form on the home page, we collect the email address you enter and your consent choice. The on-page message explains that you can unsubscribe and request deletion.

Cookies and similar technologies

We use a cookie consent banner and store your choice in local storage on your device. Depending on your selection, analytics or marketing technologies may be enabled or disabled.

Analytics tools (GA4)

We may use Google Analytics 4 to understand which pages are used and how the site performs. Analytics are intended to be aggregate and help us improve clarity and usability. Where required, analytics are enabled only after consent.

Marketing pixels (Meta Pixel)

If we run awareness campaigns, we may use Meta Pixel for measurement of ad performance. When used, it is intended for aggregated reporting and retargeting based on cookie consent in jurisdictions where consent is required.

Server logs and security monitoring

Our hosting and security tools automatically record technical log data to maintain site reliability and protect against abuse (such as scanning, bot traffic, and denial-of-service attempts). This data may include IP address, timestamps, and requested URLs.

4. Legal bases for processing (GDPR Art. 6)

Where the GDPR applies, we process personal data only when we have a lawful basis. The legal basis depends on the context and the type of data involved. The main bases we rely on are:

Consent (Art. 6(1)(a))

We rely on consent where required for certain cookies and similar technologies (for example, analytics or marketing cookies) and for newsletter subscription. You can withdraw consent at any time by changing cookie settings via the banner or by unsubscribing from emails. Withdrawing consent does not affect the lawfulness of processing before withdrawal.

Contract or steps prior to a contract (Art. 6(1)(b))

This site does not provide paid subscriptions through the website at this time. If you contact us with a request that involves providing a service (for example, a speaking request or editorial inquiry), we may process contact details to take steps at your request and communicate with you.

Legitimate interests (Art. 6(1)(f))

We process certain technical and usage data because it is in our legitimate interest to maintain a secure website, prevent abuse, troubleshoot errors, and improve readability and site performance. When we rely on legitimate interests, we consider your rights and expectations and implement safeguards such as data minimization and limited retention.

Legal obligation (Art. 6(1)(c))

In limited cases, we may need to retain or disclose certain information to comply with applicable laws, respond to lawful requests, or protect the rights and safety of our organization and users.

5. Purposes of processing

We use personal data for the following purposes. We do not sell personal data, and we do not publish paid endorsements. If we ever introduce a new feature that changes how data is used, we will update this policy and provide notice as described below.

Website delivery and functionality

To deliver pages, remember basic preferences, and ensure the site works on different browsers and devices. This includes strictly necessary cookies or local storage entries that support consent choice storage and essential features.

Customer support and communications

To respond to emails or requests sent to our contact addresses. We use the information you provide to address your question, confirm your identity when appropriate, and maintain a record of the interaction.

Analytics and improvement

To understand which pages are most useful, which devices are common, and where people may encounter errors. These insights help improve navigation, accessibility, and content organization.

Marketing measurement (consent-based)

If marketing technologies are enabled, they may be used to measure ad performance and help us understand whether people find our educational content relevant. Where required, this is based on your consent and can be declined.

Fraud prevention and security

To protect the website and visitors from malicious activity, spam, scraping that harms service stability, and other security threats. This may involve monitoring logs and using rate limits or automated defenses provided by our hosting partners.

6. Data retention periods

We keep personal data only as long as necessary for the purposes described above, unless a longer period is required by law. Retention depends on the type of data:

Retention summary

  • Form submissions (newsletter): 2 years, unless you unsubscribe earlier, plus up to 30 days to complete deletion workflows and backups.
  • Analytics data (GA4): 14 months (typical configuration), then automatically deleted or anonymized by the analytics provider, subject to their system behavior.
  • Server logs: 90 days for routine security and troubleshooting, with longer storage only when investigating security incidents or abuse.
  • Email correspondence: up to 2 years after the final message to maintain context for follow-ups, unless a longer period is necessary for legal reasons.
  • Cookie consent storage: up to 6 months (stored on your device via local storage), or until you clear site data or reset via the Cookie settings button.

Backups may retain certain data for a limited additional period. We restrict access to backups and use them for disaster recovery. When a deletion request is fulfilled, we ensure that active systems are updated promptly, and backups cycle out according to our backup retention schedule.

7. Data sharing, service providers, and no sale of data

We share personal data only as needed to operate this website and deliver the services you request. We do not sell personal data. When we use third-party service providers (“processors”), we aim to limit the data shared and require appropriate contractual protections.

Website hosting and delivery

Our hosting and infrastructure providers may process IP addresses, request logs, and technical data to deliver content and protect the site from abuse. Access is restricted and monitored.

Analytics provider (Google Analytics 4)

If enabled, GA4 processes event data to generate aggregated reports. Google may process data as a processor or controller depending on configuration and features. We encourage users to review Google’s own privacy documentation for details of their processing.

Advertising measurement (Meta Pixel)

If enabled, Meta Pixel can send event data (such as page views) to Meta for conversion measurement and audience insights. Where required, we rely on consent via the cookie banner for this processing.

Email service for newsletters

Newsletter emails may be sent using an email delivery provider. That provider processes your email address and delivery metrics (such as whether an email bounced). You can unsubscribe at any time via the link in messages or by contacting us.

We may disclose information if required to comply with a legal obligation, to respond to lawful requests, or to protect the security and integrity of our website. If we receive a request that is overly broad, we may challenge it or seek clarification where permitted.

8. International data transfers

We are based in Canada, and our service providers may process data in other countries (for example, the United States or the European Economic Area), depending on where their infrastructure is located. International transfers can occur when you access the site from outside Canada or when our vendors store or process data in multiple regions.

Where the GDPR applies and personal data is transferred to a country without an adequacy decision, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) and additional protections where necessary. We also aim to limit the personal data involved and apply access controls.

9. Your rights (GDPR and similar laws)

Depending on your location and applicable law, you may have rights related to your personal data. Where the GDPR applies, these include:

Access

You can request confirmation of whether we process personal data about you and obtain a copy of that data, along with information about how it is used.

Rectification

You can request that we correct inaccurate personal data or complete incomplete data, where applicable.

Erasure

You can request deletion of your personal data in certain situations, such as when data is no longer needed or when you withdraw consent.

Restriction

You can request that we limit processing in certain cases, for example while we verify the accuracy of data or consider an objection.

Data portability

For data you provided to us and that we process by automated means based on consent or contract, you may request a copy in a structured, commonly used, machine-readable format.

Objection

You can object to processing based on legitimate interests. We will stop processing unless we have compelling legitimate grounds or the processing is needed for legal claims.

How to exercise your rights

To make a request, email [email protected] with the subject line “Privacy Request”. Please describe what you want to do (access, deletion, correction, objection) and provide sufficient information for us to locate relevant records. For security, we may ask you to verify your request using the same email address used to contact us or subscribe.

We aim to respond within 30 days. Complex requests may require additional time, in which case we will explain the reason for the delay.

Right to complain

If you are in the European Union and believe we have not addressed your concern, you have the right to lodge a complaint with your local supervisory authority. If you are in the UK, you can contact the Information Commissioner’s Office (ICO). In Canada, privacy complaints may be directed to the Office of the Privacy Commissioner of Canada (OPC), depending on the situation.

10. Cookie policy and consent

Cookies are small text files stored on your device. Similar technologies include local storage, pixels, and SDK-like scripts that can record events. This website uses a cookie consent banner so you can accept or reject optional cookies. Strictly necessary items are used to maintain basic site operation and remember your cookie choice.

Strictly necessary

These support essential functionality and security. On this site, a key example is storing your cookie consent choice locally so the banner does not keep reappearing.

Typical duration: up to 6 months (stored on your device) or until cleared.

Analytics

Analytics cookies and event tags help us understand site traffic and improve usability. When enabled, we may use GA4 to collect aggregated usage insights such as page views and basic device information.

Typical duration: up to 14 months (provider setting), depending on configuration.

Marketing

Marketing cookies may be used to measure ad performance and, in some cases, to show relevant reminders about our content across platforms. When used, they are enabled only where consent is obtained through the banner.

Typical duration: varies by provider; you can reject or reset consent at any time.

How to manage cookies

You can accept or reject optional cookies using the banner. To change your choice later, open “Cookie settings” in the footer. You can also control cookies through your browser settings, including clearing stored site data. If you disable cookies broadly, some website features may not work as expected.

11. Children’s privacy

This website is not directed to children under 16, and we do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, please contact [email protected] and we will take reasonable steps to delete the information from our active systems.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in the website, legal requirements, or our service providers. When we make changes, we will update the “Last Updated” date at the top of this page. For material changes, we may also provide a notice on the website and, where appropriate, notify subscribers by email.

We encourage you to review this page periodically, especially before submitting information through the newsletter form or contacting us by email.

13. Contact and Data Protection point of contact

If you have questions about this Privacy Policy, want to exercise a privacy right, or would like to request deletion of newsletter data, contact us using the details below. We do not designate a formal Data Protection Officer for this informational website, but we do provide a dedicated privacy contact point that handles privacy requests.

Privacy contact

Email: [email protected]

Mail: NorthMap Digital Insights Ltd., 200 Bay Street, Suite 1300, Toronto, ON M5J 2J2, Canada

Phone: +1 (416) 362-4000

For general questions about our editorial content, you can also reach us at [email protected]. If your message is a privacy request, using the privacy email address helps route it faster.

Related pages

Learn more about site use and limitations.

Terms About NorthMap