This Privacy Policy explains how GoCanopy (“we,” “our,” or “us”) collects, uses, shares, and protects personal data when you use our website gocanopy.tech (“Site”) or interact with us through our services, forms, or communications.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the UK GDPR, and other relevant regulations. We do not use your personal data to train external AI or machine learning models.

1. Who We Are

The Data Controller is:
GoCanopy
Station F, 5 Parv. Alan Turing, 75013 Paris
Email: privacy@gocanopy.tech

We act as the Data Controller for all personal data collected through this Site and related services.

If you have questions about this Privacy Policy or how we handle your data, please contact us at privacy@gocanopy.tech.

2. Personal Data We Collect

We collect the following categories of information:

a. Information you provide directly:

• Name, business email, company, role, firm type, and region (through our demo form).
• Any additional details provided in the free-text field.

b. Information collected automatically:

• Technical information: IP address, browser type and version, device type, operating system.
• Usage data: pages visited, time on site, referral source, and clickstream data.

c. Information from cookies and similar technologies:

• Analytics cookies via Google Analytics.
• Essential cookies required for site and form functionality.

3. How We Use Personal Data

We use your personal data only for legitimate business purposes, including:

• Consent: for optional analytics cookies and marketing communications (where applicable).
• Contractual necessity: to process demo requests submitted via the Site.
• Legitimate interests: improving our services, preventing fraud, maintaining IT security.
• Legal obligation: to comply with applicable laws and regulations.

We will not process your data for purposes incompatible with these without your consent.

4. Lawful Bases for Processing

We rely on the following GDPR legal bases:

• Consent: for optional analytics cookies and marketing communications (where applicable).
• Contractual necessity: to process demo requests submitted via the Site.
• Legitimate interests: improving our services, preventing fraud, maintaining IT security.
• Legal obligation: to comply with applicable laws and regulations.

5. How We Share Personal Data

We do not sell or rent your data. We may share it with:

• Service providers (cloud hosting, analytics, email).
• Professional advisors (legal, compliance, accounting).
• Authorities where required by law.

All third parties are bound by GDPR-compliant Data Processing Agreements, ensuring they use your data only for specified purposes and maintain confidentiality.

6. International Data Transfers

Your personal data may be transferred to and processed outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission.
• Transfers to countries with an adequacy decision by the EU.

Details of applicable safeguards are available upon request.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined:

• Demo form submissions: retained for 12 months to allow appropriate follow-up and conversion tracking.
• Analytics data: retained in accordance with Google Analytics’ standard retention settings.
• Legal obligations: certain records may be held longer where required to comply with statutory or regulatory requirements.

When data is no longer required, it will be securely deleted or anonymized.

8. Data Security

We implement technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These include:

• Encryption of data in transit and at rest.
• Role-based access controls to ensure only authorized users have access.
• System monitoring and activity logging to detect unusual behavior.
• Regular data backups and recovery procedures.
• Secure infrastructure through our trusted hosting providers with physical safeguards in place.
• Periodic reviews of our security controls to maintain ongoing effectiveness.

9. Your Rights

Under GDPR, you have the following rights:

• Access: obtain confirmation whether we process your data and request a copy.
• Rectification: correct inaccurate or incomplete data.
• Erasure: request deletion of your data (“right to be forgotten”).
• Restriction: limit processing under certain conditions.
• Portability: receive your data in a structured, machine-readable format.
• Objection: object to processing based on legitimate interests or direct marketing.
• Withdrawal of consent: withdraw consent at any time without affecting prior processing.
• You also have the right to lodge a complaint with your local Data Protection Authority if you believe we have not complied with applicable laws.

To exercise these rights, contact us at privacy@gocanopy.tech.

10. Cookies

We use cookies and similar technologies to operate our Site:

• Essential cookies: required for core site functions, such as submitting demo forms.
• Analytics cookies: provided by Google Analytics, to understand how visitors use the Site and improve user experience.

On your first visit, you will see a cookie banner allowing you to manage or withdraw consent.

11. Children's Privacy

Our Site is intended for business professionals and not directed to children under 16. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted here with a revised “last updated” date. Where changes are material, we will notify users where appropriate.

13. Contact Us

If you have questions or wish to exercise your rights, please contact:
GoCanopy
Station F, 5 Parv. Alan Turing, 75013 Paris
Email: privacy@gocanopy.tech