Privacy Policy

Commandshift Marketing Inc.

Privacy Policy

Thank you for your interest in the information on our website!

With the help of this privacy policy, we would like to inform the users of our website about the nature, scope and purposes of the processing of personal data. Personal data in this context is all information with which you as a user of our website can be personally identified, including your IP address and information that is stored in cookies.

In a general section in this privacy policy, we still provide you with information on data protection that generally applies to our processing of data, including data collection on our website. In particular, you as data subjects will be informed about the rights to which you are entitled.

When you visit our website and online shop, we process personal data (any information relating to an identified or identifiable natural person) insofar as we are permitted to do so by law, the Personal Information Protection and Electronic Documents Act (PIPEDA) or with your consent. This privacy policy sets out below the details of how we process your personal data (hereinafter also referred to as just “data processing” or “processing”).

 Responsible party

CommandShift Marketing Inc.
10 George St N Unit 149,
Brampton, ON L6X 1R2

E: info@commandshift.ca
W: www.commandshift.ca
T:+1 905-782-6582

FB: https://www.facebook.com/commandshiftmarketing
In: https://www.instagram.com/command_shift/
LI: https://www.linkedin.com/in/dhruv61/


Our Principles:

CommandShift Marketing respects your right to privacy and is committed to the following key principles:

  • We protect your privacy and aim to provide you with a service that is tailored to your needs.
  • Personal data is collected for specific purposes based on your consent or a legitimate interest when you contact us.
  • You have the right to information and access to your personal data at any time and may request its correction or deletion.
  • We do not sell your personal data to third parties. However, if necessary and if explicitly mentioned afterwards or if you have consented, we may share your data with group companies, brand licensees, partners and other service providers. In this case, their own privacy policies may also apply.
  • We take all reasonable measures to ensure the security and protection of your data from misuse.

Legal basis

The term “personal data” under data protection law refers to all information relating to an identified or identifiable individual. 

We process personal data in compliance with the relevant data protection regulations, in particular the PIPEDA. Data processing by us only takes place on the basis of legal permission. We process personal data, 

  • only with your consent,
  • for the performance of a contract to which you are a party,
  • at your request for the performance of pre-contractual measures,
  • to comply with a legal obligation,
  • or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights or freedoms which require the protection of personal data override.

 Your PIPEDA Rights

If you are a Citizen or resident of Canada, you have the following rights:

  • to confirmation as to whether data relating to them is being processed,
  • to information about the data processed, to further information about the data processing and to copies of the data;
  • to correction or completion of incorrect or incomplete data;
  • to immediate erasure of the data concerning them;
  • to receive the data concerning them and provided by them and to transfer this data to other providers/controllers;
  • to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection provisions.

In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or restriction of processing that takes place. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients. 

Likewise,users and data subjects have the right to object to the future processing of data concerning them, insofar as the data is processed by the provider. In particular, an objection to data processing for the purpose of direct advertising is permissible.

The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information. 

Please direct all requests for information, requests for information or objections to data processing to us.

Data collection on our website

On the one hand, personal data is collected from you if you expressly inform us of it. On the other hand, data, in particular technical data, is collected automatically when you visit our website. Some of this data is collected to ensure error-free operation of our website. Other data may be used for analysis. However, you can generally use our website without having to provide any personal information. 

Information we collect

We may collect, store and use the following types of personal information:

  • Inventory Data (e.g., person master data, names or addresses).
  • Contact Data (e.g., email, phone numbers).
  • Content data (e.g.text input in our website, Demo Request)
  • Usage data (e.g., web sites visited, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).
  • Contract data (e.g., subject matter of contract, term),
  • Payment data (e.g., bank details, invoices). 

How we use information

The main reason we use your information is to provide and improve our services. We also use your information to protect you and to provide you with advertisements that may be of interest to you. Read on for a more detailed explanation of the various reasons we use your information, along with practical examples.

  • To provide our services to you
  • To provide you with customer support and respond to your inquiries
  • To complete your transactions
  • To communicate with you about our services
  • To improve our services and develop new services
  • To conduct research and analysis of user behaviour to improve our services and content (e.g., we may decide to change the look and feel or even substantially modify a particular feature based on user behaviour)
  • To develop new features and services
  • To prevent, detect and respond to fraud or other illegal or unauthorized activities
  • To address ongoing or perceived misconduct
  • To perform data analysis to better understand these activities and develop countermeasures
  • To retain data related to fraudulent activity to prevent recurrence
  • To ensure compliance with laws
  • To comply with legal requirements
  • To assist law enforcement
  • To enforce or exercise our rights, for example, our terms of use


What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behaviour and to provide our services

Cookies and local storage

We use cookies on our website to make our Internet presence more user-friendly and functional. Some cookies remain stored on your terminal device. 

Cookies are small data packets that are exchanged between your browser and our web server when you visit our website. They do not cause any damage and only serve to recognize the website visitor. Cookies can only store information supplied by your browser, i.e. information that you yourself have entered into the browser or that is present on the website. Cookies cannot execute code and cannot be used to access your terminal device.

The next time you visit our website with the same terminal device, the information stored in cookies may subsequently be sent back either to us (“first-party cookie”) or to a third-party web application to which the cookie belongs (“third-party cookie”). Through the stored and returned information, the respective web application recognizes that you have already called up and visited the website with the browser of your end device.  

Cookies contain the following information: 

  • Cookie Name
  • Name of the server from which the cookie originated
  • Cookie ID number
  • A date on which the cookie is automatically delete

Depending on their purpose and function, we divide cookies into the following categories: 

The legal basis for the use of technically necessary cookies is based on our legitimate interest in the technically flawless operation and smooth functionality of our website. Our website cannot function properly without these cookies. The use of statistics and marketing cookies requires your consent. You can revoke your consent for the use of cookies at any time in the future. The consent is voluntary. If it is not given, no disadvantages will arise. You can find more information about the cookies we actually use (especially about their purpose and storage period) in this privacy policy and in the information about the cookies we use in our cookie banner.

You can also set your Internet browser to generally prevent cookies from being stored on your end device or to ask you each time whether you agree to cookies being set. Once cookies have been set, you can delete them at any time. You can find out how all this works in detail in the help function of your browser.  

Please note that a general deactivation of cookies may lead to functional restrictions on our website.

On our website, we also use so-called local storage functions (also called “local storage”). In this case, data is stored locally in the cache of your browser, which continues to exist and can be read even after you close the browser – as long as you do not delete the cache or it is the session storage.

Third parties cannot access the data stored in the Local Storage. If special plug-ins or tools use the Local Storage functions, this is described with the respective plug-in or tool.

If you do not want plug-ins or tools to use local storage functions, you can control this in the settings of your respective browser. We would like to point out that this may result in functional restrictions.

For more information on cookies please refer to our Cookie Policy, If you wish to learn more about cookies in general, please visit www.allaboutcookies.org

Server log files

For technical reasons, in particular to ensure a functional and secure website, we process technically necessary data about accesses to our website in so-called server log files, which your browser automatically transmits to us.

The access data we process includes: 

  • name of the website accessed
  • type of browser used incl. version
  • the operating system used by the visitor
  • the previously visited page of the visitor (referrer URL)
  • time of the server request
  • amount of data transferred
  • host name of the accessing computer (IP address used)

 This data is not assigned to any natural person and is only used for statistical evaluations and for the operation and improvement of our website as well as for the security and optimization of our Internet offer. This data is only transmitted to our website hoster. This data is not linked or merged with other data sources. If there is any suspicion of illegal use of our website, we reserve the right to check this data retrospectively. The data processing is based on our legitimate interest in the technically error-free presentation and optimization of our website.

The access data is deleted again shortly after the purpose has been fulfilled, usually after a few days, insofar as no further storage is required for evidence purposes. Otherwise, the data is retained until final clarification of an incident.


As part of the hosting of our website, all data to be processed in connection with the operation of our website is stored. This is necessary to enable the operation of the website. We therefore process the data accordingly on the basis of our legitimate interest  in optimizing our website offering. To provide our online presence, we use services of web hosting providers to whom we provide the above-mentioned data as part of contract processing.


When contacting us, your data will be used to process the contact request and its settlement in the context of the fulfillment of pre-contractual rights and obligations. The processing of your data is necessary to process and respond to your request, otherwise we will not be able to respond to your request or at best only to a limited extent. The information may be stored in a customer and prospect database on the basis of our legitimate interest pursuant in direct marketing.

We will delete your inquiry and your contact data if your inquiry has been conclusively answered and the deletion does not conflict with any legal retention periods, e.g. in the context of subsequent contract processing. This is usually the case when there has been no further contact with you for three years.

Quote Requests

We use the services of Typeform, S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain (“Typeform”) to conduct your quote request The data processing is based on our legitimate interest in the technically error-free and optimized provision of our services. Typeform receives secure user IDs for this purpose. You can find more information about data processing by Typeform in Typeform’s privacy policy.

Blog and Comment Data

Within the Blog you may be able to display certain information, share certain details, engage with others, exchange knowledge and insights, post and view relevant content. Content and data is publicly view-able. You have choices about the information on your profile. You don’t have to provide additional information on your comment; however, profile information helps you to get more from our Services,. It’s your choice whether to include sensitive information on your comment and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be available. The legal basis for the storage is our legitimate interest.

Direct marketing

The legal basis for the processing of your personal data in the context of direct marketing measures is either your consent or our legitimate interest in marketing and promoting our courses and services. The purpose of processing your personal data in the context of direct marketing measures is to send information, offers and, if applicable, to promote sales.

Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected; this is the case in particular upon receipt of the revocation or objection. You can revoke your consent at any time for the future or object to the processing of your personal data in the context of direct marketing measures at any time for the future.

Contractual Relationship

In order to establish or implement the contractual relationship with our customers, it is regularly necessary to process the personal master, contract, and payment data provided to us. We also process customer and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of our legitimate interest and serves our interest in further developing our offer and informing you specifically about our offers. Further data processing may take place if you have consented or if this serves the fulfillment of a legal obligation.

Commercial and business services

We process data of our contractual and business partners, e.g., customers and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer inquiries.

We process this data to fulfill our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organization. We only disclose the data of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfillment of legal obligations or with the consent of the contractual partners (e.g., to participating telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisers, payment service providers or tax authorities).

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests.

Technical services

We process the data of our customers and clients in order to enable them to select, purchase or commission the selected services or works as well as associated activities and to pay for and deliver them or to execute or provide them. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information.

Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioural marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests.

Data transfer to payment service providers

In order to fulfill the contract, we pass on your data to the company commissioned with the payment, insofar as this is necessary for the payment of our services. Depending on which payment method you select, we pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to payment service providers commissioned by us or to the selected payment service provider. In some cases, the selected payment service providers also collect this data themselves. In this case, the privacy policy of the respective payment service provider applies.The legal basis for the data processing is contract.

Payment services

We integrate payment services from third-party companies on our services. When you make a purchase from us, your payment data (e.g. name, payment amount, account details, credit card number) is processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contract and data protection provisions of the respective providers apply. The payment service providers are used on the basis of contract processing and in the interest of a smooth, convenient and secure payment process. Insofar as your consent is requested for certain actions, consent is the legal basis for data processing; consents can be revoked at any time for the future.

The data processed by the payment services include the payment data mentioned above. The information is necessary to carry out the transactions. However, the customer data entered is only processed by the payment service providers and stored by them. Furthermore, we cannot exclude that data of the payment service provider is transmitted to credit agencies. This transmission is intended, for example, to check identity and creditworthiness. In this regard, we refer to the terms and conditions and privacy policies of the respective payment service providers.

Encrypted payment transactions

If there is an obligation to transmit your payment data to us (e.g. account number in the case of direct debit authorization) after the conclusion of a fee-based contract, this data is required for payment processing.

Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

Data processing for the purpose of fraud prevention and optimization of our payment processes

Where applicable, we provide our service providers with further data, which they use together with the data necessary for the processing of the payment as our processors for the purpose of fraud prevention and optimization of our payment processes (e.g. invoicing, processing of contested payments, accounting support). This serves to protect our legitimate interests in our protection against fraud or in efficient payment management, which outweigh our interests in the context of a balancing of interests.

Legal defence and enforcement of our rights

The legal basis for the processing of your personal data in the context of legal defence and enforcement of our rights is our legitimate interest. The purpose of processing your personal data in the context of legal defence and enforcement of our rights is the defence against unjustified claims and the legal enforcement and assertion of claims and rights.

Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. The processing of your personal data in the context of legal defence and enforcement is mandatory for legal defence and enforcement of our rights. Consequently, there is no possibility for you to object.

Online Meetings

We may use video teleconferencing software programs to conduct our online meetings and various types of data are processed when using an online platform for meetings. The scope of the data depends on the information you provide before or during participation in an online meeting. If you contact us in electronic form, we store and process the data you have provided us with. The legal basis for this is our legitimate interest in effective customer communication in accordance with your consent and, insofar as it concerns an inquiry to enter into or fulfill a contract, also contract. You can request information about the purpose of processing, origin and, if applicable, recipients of your personal data from us free of charge at any time.

Appointment Scheduling

We use the an appointment scheduling tool to make appointments easily, quickly and without complications and to improve our service for existing and new clients. This constitutes a legitimate interest within our legitimate interest. When using the tool, you will be asked to provide personal data such as your name, email address and telephone number. You also have the opportunity to present your request and provide us with further information. If you use the tool, your details including the information you provide will be saved and, of course, transmitted over the Internet. The data entered is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR).

SSL Encryption

For your visit to our website, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser. The use of this procedure is based on our legitimate interest in accordance with our legitimate interest in the use of appropriate encryption techniques.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved according to the technological development and kept at the state of the art.

Transfer of personal data

We will only disclose your personal data to third parties if:

  • you have given your express consent,
  • the disclosure is necessary in accordance with our legitimate interest for the protection of legitimate interests and for the assertion, exercise or defence of legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
  • there is a legal obligation, as well as this is legally permissible and / or
  • it is necessary for the processing of contractual relationships with you

Cooperation with contract processors

We carefully select our service providers who process personal data on our behalf. If we commission third parties with the processing of personal data on the basis of a contract processing agreement.

Transfer to third countries

Insofar as we process data in a third country or do so in the context of using third-party services or disclosing or transferring data to other persons or companies, this is only done for the reasons outlined above for the transfer of data. 

Subject to explicit consent or contractual necessity, we only process or allow data to be processed in third countries with a recognized level of data protection or on the basis of special guarantees, such as contractual obligation through so-called standard contractual clauses, the existence of certifications or binding internal data protection regulations.

Storage period

Unless an explicit storage period is specified at the time of collection (e.g. in the context of a declaration of consent), we are obliged to delete personal data as soon as the purpose for processing has been fulfilled. In this context, we would like to point out that legal retention obligations constitute a legitimate purpose for the processing of personal data.

Data is generally stored and retained by us in personal form until the termination of a business relationship or until the expiry of applicable guarantee, warranty or limitation periods, and beyond that until the termination of any legal disputes in which the data is required as evidence, or in any case until the expiry of the third year after the last contact with a business partner.

Assertion of data subject rights

You yourself decide on the use of your personal data. Therefore, if you wish to exercise any of your above-mentioned rights against us, you are welcome to contact us.

Protection of personal data

The security of your personal data is of particular concern to us. We therefore take appropriate technical and organizational measures, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects’ rights, deletion of data and response to data compromise. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware and software, in accordance with the principle of data protection through technology design and through data protection-friendly default settings. We also transfer our understanding of security to those processors used by us.

Social Media

The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not used or processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where applicable, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is our legitimate interest. The data processing is carried out in the interest of our public relations and communication.

If you wish to object to certain data processing over which we have an influence, please contact us. We will then examine your objection. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the response required. You always have the option of sending us confidential enquiries to our address stated in the imprint.

As already stated, where the social media platform provider gives us the opportunity, we take care to design our social media pages to be as data protection compliant as possible. With regard to statistics that the provider of the social media platform makes available to us, we can only influence these to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.

Data processing by the operator of the social media platform

The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we can unfortunately hardly influence the web tracking methods of the social media platform. We cannot, for example, switch this off.

Please be aware: It cannot be ruled out that the provider of the social media platform uses your profile and behavioural data, for example to evaluate your habits, personal relationships, preferences, etc. We have no influence on this. In this respect, we have no influence on the processing of your data by the provider of the social media platform.

Google Analytics

For the purpose of demand-oriented design and continuous optimisation of www.commandshift.ca, further processing of data collected on the basis of consent given is carried out by the basic version of Google Analytics. The basic version of Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies” (text files), which are stored on your computer and which enable an analysis of your use of the website.

On behalf of CommandShift Marketing Inc., Google will use this information for the purpose of evaluating your use of the website, and compiling reports on website activity. Google processes the data collected through the use of the “basic version” of Google Analytics exclusively on CommandShift Marketing Inc.’s instructions and for CommandShift Marketing Inc.’s purposes.

You can object to the further processing of data by Google Analytics here. If you object, Google Analytics will no longer collect any data on the terminal device used by you on www.commandshift.ca when you object.

Changes and updates of this privacy policy

Due to further developments or due to changed legal requirements, it may become necessary to adapt this privacy policy from time to time. You can access and print out the current privacy policy at any time here on this page.

If you have any questions regarding data protection, please contact us at info@commandshift.ca