Last Updated: September 3, 2025
Important: This Privacy Policy explains how Guilds Painting Inc. (“Guilds Painting”, “we”, “us”, “our”) collects, uses, discloses, retains, and protects Personal Information in Canada under the Personal Information Protection and Electronic Documents Act (PIPEDA) and, for commercial electronic messages, Canada’s Anti‑Spam Legislation (CASL). It applies to our website and our online/offline interactions about our painting services (the “Services”). This document is informational and not legal advice.
BY PROVIDING PERSONAL INFORMATION TO US OR USING THE SERVICES, YOU CONSENT TO OUR COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED IN THIS POLICY. We may also present real‑time notices explaining privacy practices for specific features (e.g., a form or widget). Those notices supplement this Policy and may offer additional choices.
We generally obtain consent before or at the time we collect personal information, but may seek consent after collection if we want to use or disclose information for a new purpose not previously identified. Consent may be express (oral, electronic, or written) or implied from the circumstances (for example, when you submit information to request a quote and we use it to respond). If you do not consent to certain uses or disclosures, we may not be able to provide some aspects of the Services.
“Personal Information” means information about an identifiable individual and excludes de‑identified or aggregated information. Below are the main categories we handle, set out in three professional sections for clarity.
Category | Typical Examples | How we collect | Why we use it | Disclosure/Sharing |
|---|---|---|---|---|
Personal identifiers & contact details | Name, email, phone, service address | Quote/contact forms, email, phone/SMS, in‑person | Provide quotes, schedule jobs, deliver Services, customer support | Service providers (hosting/email), limited sharing with subcontractors only as needed to perform work (under confidentiality) |
Service location & geographic info | Service address, city/region, preferred dates | Forms, communications | Routing crews, scheduling, job planning | Internal teams, subcontractors (confidentiality) |
Project & property details | Surfaces/rooms, finishes, photos/videos you send or we capture on‑site | Forms/uploads, email/SMS, site visits | Estimating, planning, documentation, quality control, warranty | Subcontractors (confidentiality); job management tools |
Public/lead sources | Limited contact & property info from municipal permit listings/open‑data; reputable lead vendors | Public sources; third party lead providers | Identify potential customers and offer relevant services; maintain suppression/opt‑out lists | Email/SMS platforms for compliant outreach; opt‑out honoured at any time |
Testimonials/portfolio media (opt-in) | Before/after photos/videos that identify a property | Written consent (contract checkbox/email) | Display portfolio and marketing materials | Our website/social channels; can be withdrawn going forward |
Category | Typical Examples | How we collect | Why we use it | Disclosure/Sharing |
|---|---|---|---|---|
Device & usage data (analytics) | Pages viewed, time on page, device/browser type, approximate location | Cookies/pixels/scripts (e.g., Google Analytics 4) | Understand site usage, improve performance/content | Analytics vendors (configured not to receive personal identifiers) |
Cookies & advertising pixels | Cookie IDs, ad click/attribution data | Cookies/pixels (e.g., Google/Meta/LinkedIn/Microsoft) | Measure and personalize ads/remarketing where permitted | Ad platforms and measurement partners per their terms |
Security & anti‑abuse signals | IP/device fingerprinting, interaction patterns | Cloudflare (CDN/WAF), Google reCAPTCHA v3 | Keep the site reliable and protect forms from spam/abuse | Security vendors processing limited technical data |
Embedded content & review widgets | Third‑party scripts to display reviews/maps | Embedded widgets/plugins | Show dynamic content like reviews or maps | Respective providers may receive technical/usage data to render content |
Category | Typical Examples | How we collect | Why we use it | Disclosure/Sharing |
|---|---|---|---|---|
Payment & transaction data | Invoice number/amount, payment confirmations; no full card numbers stored | Billing (e‑transfer, cheque, cash, or card via third‑party processors) | Process payments, accounting, tax/audit | Payment processors; accountants/auditors |
Communications & support | Emails, SMS, call notes; voicemail recordings held by our telecom provider | Email/SMS/phone; we do not record calls for training | Respond to inquiries, schedule, document requests, quality assurance | Email/SMS and telecom providers |
Marketing preferences | Opt‑ins/opt‑outs; suppression lists | Forms, consent logs (Sendy/SES) | Send permitted marketing and honour unsubscribes | Email/SMS vendors; consent/unsubscribe records retained (see CASL) |
Applicant data (ad hoc) | Resume, work history if you email us | Directly from you | Evaluate qualifications | Internal use; service providers if needed |
We do not sell your Personal Information.
We use cookies and similar technologies to operate the site, understand usage, improve performance/security, and (where applicable) personalize/measure advertising.
Google Analytics 4. GA4 helps us understand site usage (e.g., pages viewed, device/browser, general location). GA4 does not store IP addresses in reports. We configure GA4 not to send personal identifiers (names/emails) and apply a 14‑month user‑level retention period.
Advertising & Remarketing. We may use Google/YouTube, Meta (Facebook/Instagram), LinkedIn, Microsoft Ads to reach relevant audiences and run remarketing consistent with platform terms and Canadian law.
Security & Performance. We use Cloudflare (CDN/firewall) and reCAPTCHA v3 to protect forms and distinguish bots from people; these services collect limited device and interaction data.
Your choices: You can manage cookies in your browser settings and through platform ad‑preference tools. We currently do not provide an on‑site cookie preferences tool and do not respond to Do Not Track (DNT) or Global Privacy Control (GPC) signals.
We send marketing email/SMS only with consent (express or implied) and include our contact info and an unsubscribeoption. We honour unsubscribe requests within 10 business days. We maintain records of marketing consents and unsubscribe actions for at least three (3) years after the last commercial electronic message or as required by law. Transactional communications (e.g., estimates, invoices, project updates) may be sent regardless of marketing consent.
We share Personal Information only as reasonably necessary to provide and improve the Services, comply with law, and protect rights and safety:
Service providers/contractors. Hosting (Hostinger), security/CDN (Cloudflare), analytics/ads (GA4/Google Ads, Meta, LinkedIn, Microsoft), email/SMS (Sendy with Amazon SES), payment processors, accountants and similar vendors — each under confidentiality and limited‑use obligations.
Subcontractors. Limited project details (e.g., address, scope) only as needed to perform work, under confidentiality.
Business transfers. In a merger, acquisition, financing, or sale of assets, information may be transferred as permitted by law.
Legal. Where required or permitted by law (e.g., court order, to investigate or prevent fraud or security issues).
We do not sell Personal Information.
Program Tiers & Commissions | ||
|---|---|---|
Bronze | Start earning immediately | 2.5% |
Silver | Unlock at $50,000 total referred project value | 3% |
Gold | Unlock at $150,000 total referred project value | 3.5% |
What We Collect for the Program
How We Collect & Track
Why We Use This Information
Sharing & Confidentiality
CASL (Commercial Messages) & Referrals
International Transfers & Retention (Affiliates)
Some of our service providers may process or store Personal Information outside Canada (for example, in the United States). Examples include Cloudflare (security/CDN), Google (Analytics/Ads), and Amazon Web Services / Amazon SES (email delivery). When we transfer information internationally, we take steps designed to ensure a comparable level of protection as required by Canadian law. However, foreign laws may allow government, courts, or law‑enforcement access to information in those jurisdictions.
We retain Personal Information only as long as necessary for the purposes described or as required by law:
Leads with no project: up to 24 months, then deleted or de‑identified.
Customer/job records & invoices: 7 years (tax/audit).
Analytics data: per GA4 settings (currently 14 months for user‑level data).
Voicemail recordings (if any): no longer than 90 days per telecom provider’s standard retention.
Marketing lists: until you unsubscribe or after a period of inactivity, then suppressed or deleted.
We use administrative, technical, and physical safeguards appropriate to the sensitivity of the information we handle. These include HTTPS/TLS, least‑privilege access controls, multi‑factor authentication for administrator and email accounts, regular software updates and patching, and use of reputable service providers under confidentiality obligations. Payments are processed by third‑party providers; we do not store full payment card numbers. We maintain encrypted backups, monitor for suspicious activity, and provide staff guidance on privacy and security practices. No method of transmission or storage is 100% secure; if you believe your information has been compromised, contact us immediately at [email protected].
If we determine that a breach of security safeguards has occurred and it presents a real risk of significant harm, we will report the breach to the Office of the Privacy Commissioner of Canada (OPC) and notify affected individuals as soon as feasible. We also maintain records of all breaches for a minimum of 24 months, as required by Canadian law.
Subject to limited exceptions, you may request to access, correct, or delete your Personal Information, or to withdraw consent for future use.
How to make a request. Email [email protected] with your name, contact details, and the nature of your request. We may ask you to verify your identity (e.g., match email/phone on file, provide an invoice number, or government ID where necessary).
Response time. We aim to respond within 30 days and may extend where permitted by law; if extended, we will notify you of the reason and the new deadline.
Limits & refusals. We may refuse or limit access where permitted by law (e.g., if disclosure would reveal another person’s information, confidential commercial information, or information collected for an investigation). If we refuse your request, we will explain the reasons unless prohibited by law.
Complaints: If you have an unresolved privacy concern, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) (toll‑free 1‑800‑282‑1376) or via the OPC website: https://www.priv.gc.ca/.
Our Services are intended for adults and general audiences. We do not knowingly collect Personal Information from children under 13. If you believe a child provided us information, contact us so we can delete it.
Some browsers send Do Not Track (DNT) or Global Privacy Control (GPC) signals. Our site does not currently respond to these signals. You can manage cookies via your browser and ad‑platform settings.
Our site may contain links to third‑party websites or services. Their privacy practices are governed by their own policies. We are not responsible for those practices; review their policies before providing Personal Information.
Please do not provide another person’s Personal Information unless you have their permission or are otherwise permitted by law to do so.
We may update this Policy from time to time. The “Last Updated” date above shows the latest revision. For material changes, we will provide additional notice (e.g., a prominent notice on this page and/or a blog post, and email notice where appropriate).
We are committed to accessible communications. On request, we will provide this Policy in an accessible or alternate format. Contact [email protected].
Guilds Painting Inc.
Email: [email protected]
Phone: 416‑435‑2697
Mailing address: Suite 173 – 16715 Yonge St, Newmarket ON L3Y 7X3