Global Privacy Policy – 9546-3105 Quebec Inc d/b/a Marea

3.1 Account & Profile Information (Controller)

• Name, email address, authentication credentials, user roles.

3.2 Usage & Device Information (Controller)

• IP address, location, browser details, device identifiers, pages visited, performance logs.

3.3 Customer‑Uploaded Data (Processor)

• Donor records, images, listings, business workflow data, inventory items, product descriptions.

3.4 Integration Data (Processor / Controller)

• Data pulled from third‑party systems at customer direction.
• Metadata logs and API operational information handled as Controller.

3.5 Cookies & Tracking Technologies (Controller)

• Our Site does not store cookies. We do not use advertising cookies.

3.6 Contract and Marketing Information (Controller)

We collect personal information that can identify you, such as your name, email address, phone number, and any additional information that you choose to provide when you contact us, use our Services.

Where required by Canadian law, we collect and process this information with your express or implied consent, depending on the nature of the interaction and the sensitivity of the information.

4.1 Service Provision & Operation (Controller & Processor)

• Enable access to the platform, synchronize data, provide support.

4.2 Improving the Services (Controller)

• Enhance functionality, improve AI systems, analyze usage, test new features.

4.3 Security & Fraud Prevention (Controller)

• Monitor suspicious activity, protect accounts, enforce Terms of Use.

4.4 AI Training & Outputs (Controller)

• Use de‑identified data to improve AI models. Identifiable data is never used without explicit consent.

4.5 Communications and Marketing (Controller)

We use contact and marketing information to:

• Respond to inquiries, requests, or communications;
• Provide product updates, service information, and operational notices; or
• Send communications relating to features, releases, or offerings that may be of interest to You.

Where required by applicable law, we obtain your consent before sending marketing communications. You may opt out of marketing communications at any time by using the unsubscribe mechanism included in such communications or by contacting us directly.

For individuals located in Canada, marketing and commercial electronic communications are sent in accordance with Canada’s Anti-Spam Legislation (CASL), and you may withdraw your consent at any time.

4.6 Legal Bases for Processing

Where applicable, for individuals located in Canada, we collect, use, and disclose personal information in accordance with the consent and reasonableness requirements set out in the Personal Information Protection and Electronic Documents Act (PIPEDA).

5.1 Subprocessors

We use cloud hosting, analytics, monitoring, and support vendors. All subprocessors are contractually required to follow strict privacy and security obligations.

5.2 Legal Compliance

We may disclose data to comply with laws, court orders, or to protect rights and safety.

5.3 Business Transfers

In mergers or acquisitions, data may be transferred to the successor entity.

5.4 Aggregated Data

We may use de‑identified data for benchmarking, analytics, or product development.

8.1 Cross-Border Processing For Canadian Personal Information

Personal information of individuals located in Canada may be processed or accessed outside of Canada, including in the United Kingdom, the United States, or other jurisdictions where our service providers operate. When personal information is transferred outside of Canada, it remains subject to appropriate safeguards and contractual protections, and foreign governments, courts, or law enforcement authorities may be able to access the information under their local laws.