Effective date: August 26, 2025

Privacy Policy

This Privacy Policy explains how InfiltrateIQ (“InfiltrateIQ”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal information in connection with our websites, products, and services, including the InfiltrateIQ security testing platform and related support (collectively, the “Services”).

In this Policy, InfiltrateIQ refers to InfiltrateIQ Inc., with its principal place of business at 77 City Centre Drive, Suite 501 Mississauga, ON L5B 1M5. Our Privacy Officer can be reached at support@infiltrateiq.com.

Our Services are intended for business users. We primarily collect business contact information about our customers’ personnel (e.g., work email, name, role) and technical/usage data from business devices and networks.

We do not sell personal information or disclose it to third parties for their independent marketing. We share with service providers/processors (hosting, security, analytics, payments, support, communications) under contracts that restrict their use to our instructions. We may disclose information to comply with law, protect rights, safety, or prevent fraud/abuse.

Data retention

We retain personal information only as long as needed for the purposes above and to meet legal/accounting requirements. Examples: account/billing records while your account is active and a reasonable period after; security logs for shorter operational periods unless needed for investigations. We may anonymize data for statistics and retain anonymized data.

Stripe Payments: We use Stripe, a third-party payment processor, to handle payments on our website. Stripe uses cookies to remember payment information and ensure the security and functionality of the payment process. These cookies are essential for the operation of our website and enable us to process your payments securely and efficiently.

Authentication Tokens: We use authentication tokens to manage user logins and sessions. These tokens are stored in cookies and help us to verify your identity and keep you logged in as you navigate through our website.

Services are intended for a general audience and are not directed at children under (13) years of age. We do not target or knowingly collect personal information from children. If you are a parent or guardian and you believe we have collected information from your child in a manner not permitted by law, contact us at support@infiltrateiq.com. We will remove the data to the extent required by applicable laws.

We implement administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, role‑based access controls, least‑privilege principles, logging and monitoring, and secure development practices. If we discover a privacy breach that presents a real risk of significant harm, we will notify affected individuals and the appropriate regulator in accordance with PIPEDA and Québec’s Law 25. If you have reason to believe your interaction with us is no longer secure, notify us immediately.

Changes to Our Privacy Policy

We are always improving our products and services, and we create new features regularly. These updates sometimes require us to collect new information or use what we already have differently. Further, the laws regarding personal information and privacy frequently change. As a result, we must periodically update this Privacy Policy. We will post the updated version and change the effective date; for material changes, we will provide additional notice.

Contact Details

For questions and/or comments about our Privacy Policy and this statement, please contact us by using the following contact details: support@infiltrateiq.com