Privacy Policy

Fieldstone ("we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This policy explains how we collect, use, disclose, and safeguard your information when you visit fieldstone.digital or use our services.

We operate in compliance with Canada's Anti-Spam Legislation (CASL) and the Personal Information Protection and Electronic Documents Act (PIPEDA).

Information you provide directly:

• Website URL submitted for a check or report
• Contact name, email address, and phone number (if provided)
• Messages submitted through our contact form
• Billing details when you purchase a paid report or monitoring (processed by our payment provider)

Information collected automatically:

• Browser type and version, device type, and screen resolution
• Pages visited and time spent on pages
• Referring URL
• IP address (anonymized where possible)

Information from our audit tools:

• Website URLs you submit for analysis
• Publicly available content from submitted URLs (fetched server-side)
• Audit scores and findings generated by our tools

We use the information we collect to:

• Generate and deliver your report card
• Provide monitoring and alerts if you subscribe
• Respond to inquiries and provide support
• Process payments and refunds
• Improve our tools, scoring methodologies, and services
• Send periodic updates or marketing communications (only with your consent under CASL)
• Analyze aggregate, anonymized usage to improve our website

We will only send you commercial electronic messages if:

• You have given express consent (e.g., checking a consent box on our forms)
• We have implied consent through an existing business relationship
• The message is transactional (e.g., delivering your report)

Every marketing email includes an unsubscribe mechanism. You can withdraw consent at any time via the unsubscribe link or by contacting us.

We do not sell, trade, or rent your personal information. We may share information with:

• Service providers: third parties that operate our platform (e.g., Supabase for storage, Vercel for hosting, Resend for email, and our payment processor), under contractual obligations to protect your data.
• Legal requirements: where required by law, regulation, or legal process.
• Anonymized data: aggregated data that cannot identify you, for research, benchmarking, or marketing.

Your data is stored on servers operated by our infrastructure providers, which maintain industry-standard security including encryption in transit and at rest. We implement reasonable administrative, technical, and physical safeguards, though no method of transmission or storage is 100% secure.

We retain personal information only as long as necessary to provide our services and meet our obligations:

• Audit and report data: retained for the report's useful life plus a reasonable records period
• Contact submissions: retained until resolved and for a reasonable period thereafter
• Marketing consent records: retained for the duration of consent plus the period required by CASL

You may request deletion of your personal information at any time by contacting us.

Under Canadian privacy law, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your personal information
• Withdraw consent for marketing at any time
• File a complaint with the Office of the Privacy Commissioner of Canada

We may use cookies and similar technologies to improve your experience:

• Essential cookies: required for the site to function.
• Analytics cookies: help us understand how visitors use our site (with IP anonymization where available).

You can control cookies through your browser settings; disabling them may affect some features.

Our website and reports may link to third-party sites. We are not responsible for their privacy practices and encourage you to review their policies.

Our services are designed for businesses and are not directed at individuals under 18. We do not knowingly collect personal information from children.

We may update this policy from time to time. Changes are posted here with an updated date; please review it periodically.

Questions, or want to exercise your privacy rights? Email hello@fieldstone.digital or visit fieldstone.digital/contact.