Your data, handled with the rigor we apply to our clients' systems.

Information you provide

• Contact information, name, business email, phone number, company, role, and country, when you submit a contact form, request information, subscribe to our newsletter, or otherwise communicate with us.
• Recruiting information, résumé, work history, references, and similar information when you apply for a role with us.
• Engagement information, information shared during the course of a client engagement, governed by the relevant agreement.

Information collected automatically

• Device and usage information, browser type, operating system, referring URL, pages visited, and approximate location derived from IP address, collected to operate and improve our website.
• Cookies and similar technologies, essential cookies required for the website to function, and analytics cookies used to understand aggregate site usage. We do not use third-party advertising cookies.

Information from third parties

Where permitted by law, we may receive limited business contact information from publicly available sources or business intelligence providers for prospecting and account research purposes.

We use personal information to:

• Respond to your inquiries and provide information you request.
• Operate, maintain, and improve our website and marketing programs.
• Provide and improve our services under client agreements.
• Communicate with you about engagements, events, and updates you have opted into.
• Evaluate candidates for employment and recruiting purposes.
• Comply with legal obligations, enforce our terms, and protect the rights, property, and safety of NetScale, our clients, and the public.
• Detect, prevent, and respond to fraud, security incidents, and abuse.

We do not use personal information to train AI models, neither our own nor third-party models, and we do not sell personal information.

For individuals in jurisdictions that require a legal basis for processing (including the EEA, UK, and Canada), we rely on the following bases depending on the activity:

• Performance of a contract, to deliver services you or your organization has engaged us for.
• Legitimate interests, to operate our business, market our services to organizations, secure our systems, and improve our offerings, where those interests are not overridden by your rights.
• Consent, for marketing communications and other purposes that require it; you may withdraw consent at any time.
• Legal obligation, where processing is necessary to comply with applicable law.

We share personal information only as described in this policy, and only with the categories of recipients listed below. We do not sell personal information.

• Service providers and sub-processors, vetted vendors who help us operate our business (e.g., cloud hosting, email, analytics, CRM, recruiting tools), bound by contract to confidentiality and security obligations.
• Clients, when you contact us about an engagement at your organization, we may share your inquiry with the relevant client account team.
• Professional advisors, auditors, accountants, and legal counsel under confidentiality obligations.
• Authorities, where required by law, regulation, legal process, or governmental request, or to protect rights, property, or safety.
• Successors, in connection with a merger, acquisition, or sale of assets, subject to standard protections.

NetScale operates globally, with our headquarters in Canada and engineering teams across multiple regions. Personal information may be transferred to and processed in countries other than your country of residence, including Canada, the United States, India, and members of the European Economic Area.

Where required, we put in place appropriate safeguards for cross-border transfers, including the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and equivalent mechanisms, and assess the legal regime of recipient jurisdictions.

We retain personal information for as long as needed to fulfill the purposes described in this policy and to meet our legal, regulatory, audit, and contractual obligations. When information is no longer required, we securely delete or anonymize it.

• Marketing contacts, until you unsubscribe or request deletion, plus a short suppression-list retention to honor your preference.
• Engagement records, for the duration of the client engagement and a defined period thereafter for audit and dispute purposes.
• Recruiting records, for a reasonable period after a hiring decision is made, in accordance with applicable law.

Depending on your jurisdiction (including under Canada's PIPEDA, Québec's Law 25, the EU/UK GDPR, and applicable U.S. state privacy laws), you may have rights regarding personal information we hold about you:

• Access, request a copy of personal information we hold about you.
• Correction, request that we correct inaccurate or incomplete information.
• Deletion, request that we delete personal information, subject to legal and contractual exceptions.
• Restriction or objection, restrict or object to certain processing activities.
• Portability, receive a copy of certain information in a portable format.
• Withdraw consent, where processing is based on consent.
• Lodge a complaint, with your local data protection authority, including the Office of the Privacy Commissioner of Canada.

To exercise these rights, contact us at info@netscaleteck.com. We will respond within the timeframes required by applicable law.

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. Highlights include encryption in transit (TLS 1.2+) and at rest (AES-256), least-privilege access, MFA-enforced SSO, audited change control, and continuous monitoring.

Visit our Trust Center for a detailed summary of our security program and to request documentation.

Our website uses a minimal set of cookies. Essential cookies are required for the site to function. Analytics cookies (where used) help us understand aggregate site usage in a privacy-respecting way. We do not run third-party advertising cookies on this site.

Most browsers allow you to control cookies through settings. Disabling certain cookies may affect the functionality of the site.

Our website and services are directed to businesses and are not intended for children under the age of 16. We do not knowingly collect personal information from children. If we learn we have collected such information, we will delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, provide additional notice (such as a banner on the website or an email to active contacts).

If you have questions about this Privacy Policy or how we handle personal information, please contact us:

• Email, info@netscaleteck.com
• Mail, NetScale Technologies, 9850 King George Blvd, 3rd Floor, Surrey, British Columbia V3T 0P9, Canada

For data protection requests in the EEA or UK, you may also reach our representative through the same address.