Skip to content
Contact Us

NTWIST Privacy Policy

Effective Date: May 2025
This Privacy Policy (“Policy”) describes how NTWIST Inc. (“NTWIST,” “we,” “us,” or “our”) collects, processes, stores, transfers, and protects personal information and enterprise data provided by website visitors, prospects, clients, vendors, and other stakeholders (collectively, “Users”) in connection with our business operations and digital services.

This Policy is intended to comply with applicable privacy legislation, including but not limited to the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL), the General Data Protection Regulation (EU) 2016/679 (GDPR), and the California Consumer Privacy Act (CCPA/CPRA), as well as other regional laws where required.

1. Scope

This Policy applies to personal information and business data collected through the NTWIST website (www.ntwist.com) and related services, including web forms, marketing systems, customer engagements, data processing activities, and any NTWIST-hosted software or platforms.

It also applies to NTWIST’s role as both a data controller (when determining processing purposes, e.g. marketing) and data processor (when handling customer-enterprise data under service agreements).

2. Definitions

For the purposes of this Policy:

  • Personal Information means any information that identifies or could reasonably identify a natural person, either directly or indirectly.

  • Enterprise Data means operational, strategic, or commercial data shared by business customers as part of NTWIST’s service delivery.

  • Data Controller means the entity that determines the purposes and means of processing personal data.

  • Data Processor means an entity that processes data on behalf of the controller.

  • Processing includes collection, use, disclosure, storage, transfer, and destruction of data.

  • Sensitive Personal Information includes data such as racial or ethnic origin, financial data, biometric identifiers, geolocation data, etc.

3. Information We Collect

NTWIST collects the following types of information:

a) Personal Information (Direct and Indirect)

  • Full name, email address, phone number, job title, employer name

  • Communication preferences and form responses

  • IP address, device information, geographic location

  • Browsing activity and analytics collected via cookies, pixels, and tracking scripts

b) Enterprise Data (Provided by Clients)

  • Operational data from manufacturing, mining, or energy systems

  • Real-time sensor data, scheduling, throughput, and process information

  • Performance metrics, predictive models, and reporting outputs

  • Any metadata or structured/unstructured datasets provided for use in NTWIST’s platform

We do not knowingly collect information from individuals under the age of 16.

4. Purpose of Collection and Use of Information

NTWIST collects and processes information for the following purposes:

  • To provide access to NTWIST’s software platforms and professional services

  • To analyze enterprise workflows and support customer outcomes

  • To fulfill contractual obligations and provide customer support

  • To conduct security monitoring and service reliability assurance

  • To improve product features, service usability, and user experience

  • To manage commercial relationships, send marketing communications (with consent), and perform audience segmentation

  • To comply with applicable legal, tax, contractual, or regulatory obligations

We do not engage in automated decision-making that produces legal or similarly significant effects without explicit consent.

5. Legal Basis for Processing

We rely on multiple legal bases under applicable privacy laws, including:

  • Consent: For newsletter opt-ins, cookies, downloadable assets, and outbound marketing

  • Contractual Necessity: To fulfill service agreements, SLAs, and support obligations

  • Legitimate Interests: To operate and improve services, prevent fraud, and conduct business development

  • Legal Obligation: To comply with financial reporting, tax, or recordkeeping requirements

  • Compliance with Jurisdictional Frameworks: Including GDPR (EU), PIPEDA (Canada), CASL (Canada), and CCPA/CPRA (California, USA)

You may withdraw consent at any time, which will not affect prior processing activities.

6. Cookies and Tracking Technologies

NTWIST uses cookies, pixels, and device/browser fingerprinting to:

  • Monitor website performance and user behavior

  • Improve visitor experience through personalized content

  • Understand user preferences and track conversions

  • Enable marketing automation and CRM segmentation

We currently use services including but not limited to:

  • Google Analytics

  • HubSpot CRM

  • Apollo.io for outbound tracking

You may configure your browser to reject or delete cookies at any time.

7. Disclosure and Sharing of Information

We may disclose personal or enterprise data under the following circumstances:

  • With authorized employees, contractors, or service providers operating under strict data protection agreements

  • With subprocessors providing infrastructure, analytics, or platform support (e.g., cloud hosting, CRM, or DevOps)

  • In connection with a merger, acquisition, or asset sale, where data forms part of transferred assets

  • Where legally required to comply with court orders, subpoenas, or lawful requests by public authorities

We do not sell personal information to third parties under any circumstance.

8. Data Transfers and International Processing

NTWIST operates primarily in Canada but may process or store data in other jurisdictions where our service providers are located. Where cross-border transfers are required, we implement:

  • Standard Contractual Clauses (SCCs) as approved by the European Commission

  • Data Processing Agreements (DPAs) with all subprocessors

  • Technical and organizational measures to ensure compliance with applicable laws

9. Data Retention

We retain personal and enterprise data only as long as is necessary to fulfill the purposes outlined in this Policy or to meet legal, regulatory, or contractual obligations.

Data retention periods may vary by category, jurisdiction, or sensitivity. Upon expiration of the retention period, data is securely deleted or anonymized.

10. Security of Information

NTWIST maintains industry-standard administrative, technical, and physical safeguards to ensure confidentiality, integrity, and availability of data, including:

  • Access control and role-based permissions

  • Network and endpoint protection (firewalls, antivirus, EDR)

  • Encryption at rest and in transit

  • Audit logging, change control, and incident response procedures

  • Regular vulnerability assessments and penetration testing

While we follow best practices, no system is 100% secure. You acknowledge that transmission of information over the internet carries inherent risk.

11. Data Subject Rights

Subject to applicable law, you may have the following rights:

  • Right to access, correct, or update your personal data

  • Right to object to or restrict certain processing activities

  • Right to withdraw consent or unsubscribe from communications

  • Right to data portability (where applicable)

  • Right to lodge a complaint with your regional data protection authority

To exercise your rights, please contact us at info@ntwist.com. We will respond within timelines required by applicable laws.

12. Children’s Privacy

NTWIST does not knowingly collect or process data from individuals under 16 years of age. If you believe such data has been submitted, please contact us and we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy periodically. Revisions will be posted to this page with a new effective date. Material changes will be communicated where required by law.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

NTWIST Inc.
9650 20 Ave NW
Edmonton, Alberta, Canada T6N 1G1
📧 info@ntwist.com