ADSQUAD A Media Consultancy Company
Legal

Privacy Policy

Last updated: 17 May 2026

Adsquad Inc. ("Adsquad", "we", "us") takes the privacy of every site visitor seriously. This policy explains what personal data we collect, why, how long we keep it, and the rights you have under the EU General Data Protection Regulation (GDPR), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and Quebec's Loi 25.

1. Who is the controller?

The data controller is Adsquad Inc., a Canadian corporation based in Toronto. For privacy questions, use the contact form and tag your inquiry "Privacy" in the message.

2. What data do we collect?

  • Inquiry forms. Name, work email, organization, role, message, and the attribution data your browser sends (UTM parameters, referring page, the first page you landed on). Optional fields vary per landing page (publisher name, budget range, mission, etc.). We use your data only to respond to your inquiry. We do not sell or rent it.
  • Anonymous traffic analytics via Cloudflare Web Analytics — page views, referrers, country (not city), and Core Web Vitals timings. Cloudflare Web Analytics is cookieless and does not assign persistent identifiers.
  • With your consent, heatmap and session analytics via Microsoft Clarity, and B2B retargeting via the LinkedIn Insight Tag.

3. Lawful basis (GDPR Art. 6)

  • Inquiry forms — consent (Art. 6(1)(a)) given by submitting the form, or legitimate interest (Art. 6(1)(f)) in responding to a business inquiry you initiated.
  • Cookieless analytics — legitimate interest in understanding aggregate site usage, with no impact on individual rights.
  • Consent-gated analytics & marketing — consent (Art. 6(1)(a)), withdrawable anytime via the Cookie Policy page.

4. How long we keep your data

  • Inquiry records: up to 36 months from your last interaction, then deleted.
  • Cookieless analytics: 6 months in aggregate form.
  • Consented analytics & retargeting: per processor retention (Clarity 13 months by default; LinkedIn 13–18 months).

5. Who we share data with (sub-processors)

  • Brevo (Sendinblue SAS, France) — inquiry form processing + transactional email. EU data residency. Brevo privacy policy.
  • Cloudflare, Inc. (USA, with EU data-residency where supported) — hosting, CDN, cookieless analytics. SCCs in place. Cloudflare privacy policy.
  • Microsoft Corp. (Clarity) — only if you consent. Standard Contractual Clauses + supplementary measures per Schrems II.
  • LinkedIn Corp. (Insight Tag) — only if you consent.

6. International transfers

Brevo processes inquiry data on EU servers. Cloudflare may route requests through their global edge network; we rely on Cloudflare's Standard Contractual Clauses and EU-US Data Privacy Framework certification. If you would prefer your inquiry never leave Canadian jurisdiction, note that preference in the inquiry form and we will handle the conversation accordingly.

7. Your rights

You have the right to:

  • Access your data (GDPR Art. 15 / PIPEDA / Loi 25 §27)
  • Rectification (Art. 16)
  • Erasure / "right to be forgotten" (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing (Art. 21)
  • Withdraw consent at any time (Art. 7(3))
  • Lodge a complaint with a supervisory authority (your local DPA, or the OPC of Canada / CAI Quebec)

To exercise any of these rights, use the contact form and tag your inquiry "Privacy" in the message. We respond within 30 days (GDPR) or 30 days from the date our request acknowledgement is received (PIPEDA / Loi 25), whichever is sooner.

8. Cookies

See the dedicated Cookie Policy.

9. Changes to this policy

Material changes are notified via a banner on this site and, for active inquiries, by email. The "last updated" date above always reflects the current version.