Legal

Privacy Policy

This policy explains how ToyBox Chatting collects, uses, stores, and protects personal information.

Effective Date: 05/06/2026 Company: ToyBox Digital Solutions Inc. Website: ToyBoxChatting.com

1. Introduction

ToyBox Digital Solutions Inc. (“ToyBox,” “we,” “us,” or “our”) respects your privacy and is committed to handling personal information in a responsible manner.

This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you visit our website, submit a contact form, book a consultation, communicate with us, or use our services.

This policy is intended to reflect applicable Canadian privacy requirements, including British Columbia’s Personal Information Protection Act (PIPA) where applicable, and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) where applicable, including situations involving cross-border or interprovincial handling of personal information in commercial activities.

2. What Personal Information We Collect

Depending on how you interact with us, we may collect personal information such as:

  • your name;
  • email address;
  • phone number or messaging contact details;
  • company, agency, or creator/business name;
  • account or platform-related onboarding information you choose to provide;
  • consultation details and service-related inquiries;
  • billing or payment-related information;
  • technical information such as IP address, browser type, device information, and website usage data;
  • documents, files, or other materials you voluntarily submit to us.

We only aim to collect information that is reasonably necessary for the purposes identified in this policy or at the time of collection, consistent with the principle of limiting collection.

3. How We Collect Personal Information

We may collect personal information:

  • directly from you when you fill out forms, contact us, book a call, or otherwise communicate with us;
  • during onboarding or service setup;
  • through cookies or similar website technologies;
  • from service providers that support website hosting, scheduling, payments, analytics, CRM, or communication tools;
  • from third-party platforms where you authorize or direct us to interact with them as part of the services.

Where required, we collect, use, or disclose personal information with your knowledge and consent, except where permitted or required by law.

4. Why We Collect and Use Personal Information

We may collect, use, and disclose personal information for purposes such as:

  • responding to inquiries and communicating with you;
  • scheduling and conducting consultations;
  • evaluating whether our services are a suitable fit;
  • onboarding clients and delivering services;
  • managing accounts, workflows, and internal operations;
  • processing payments and maintaining financial records;
  • improving our website, systems, and services;
  • maintaining security, preventing misuse, and investigating technical or operational issues;
  • complying with legal, regulatory, contractual, or record-keeping obligations.

We identify our purposes for collection before or at the time of collection, and we limit our use of personal information to purposes a reasonable person would consider appropriate in the circumstances.

5. Consent

By submitting your information to us, contacting us, booking a consultation, or using our website or services, you consent to our collection, use, and disclosure of your personal information as described in this Privacy Policy, except where a different legal basis applies.

You may withdraw consent to certain uses of your personal information, subject to legal, contractual, and operational restrictions. Withdrawing consent may affect our ability to provide certain services or respond to certain requests.

Canadian privacy law generally requires meaningful consent for the collection, use, and disclosure of personal information, subject to limited exceptions.

6. How We Share Personal Information

We do not sell personal information.

We may disclose personal information only where reasonably necessary, including to:

  • employees, managers, and contractors who need the information to perform their duties;
  • service providers that help us operate our website, CRM, communications, scheduling, payment processing, storage, analytics, or security systems;
  • professional advisors such as accountants, auditors, insurers, or legal counsel;
  • law enforcement, regulators, courts, or other parties where required or permitted by law;
  • third-party platforms or tools where disclosure is necessary to provide services you have requested or authorized.

We expect service providers handling information on our behalf to protect it appropriately. Under Canadian private-sector privacy law, organizations remain accountable for personal information under their control, including where third parties process it on their behalf.

7. CRM, Access Controls, and Operational Systems

To help deliver our services in a more organized and secure way, we may use CRM, message-management, workflow, and related operational systems. These systems help us manage communication, assign responsibilities, maintain internal notes, and apply role-based access controls.

Where possible, access is restricted based on operational need so that personnel only receive the level of access reasonably required for their role. We use this type of structure as part of our broader safeguards and internal privacy practices. Canadian privacy law requires organizations to maintain safeguards appropriate to the sensitivity of the information.

8. Cookies and Website Analytics

Our website may use cookies, pixels, analytics tools, and similar technologies to:

  • remember preferences;
  • understand website traffic and usage patterns;
  • improve performance and design;
  • support security and fraud prevention;
  • measure the effectiveness of pages or campaigns.

You may be able to control cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

9. Retention of Personal Information

We retain personal information only for as long as reasonably necessary to fulfill the purposes for which it was collected, or as otherwise required or permitted by law, contract, taxation rules, dispute resolution needs, or legitimate business record-keeping practices.

When personal information is no longer reasonably required, we will delete it, anonymize it, or securely destroy it as appropriate. Limiting retention is part of the fair information principles under Canadian privacy law.

10. Safeguards and Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, use, disclosure, loss, theft, or modification.

These measures may include:

  • access controls and permission restrictions;
  • password protection and authentication procedures;
  • internal role-based access practices;
  • secure storage tools and service providers;
  • staff and contractor confidentiality expectations;
  • monitoring and review of operational access where appropriate.

No system can be guaranteed to be completely secure, and internet-based services always involve some level of risk. Still, both PIPA and PIPEDA expect organizations to maintain safeguards appropriate to the sensitivity of the information they handle.

11. Cross-Border or Interprovincial Processing

Some of our service providers or systems may store or process personal information outside British Columbia or outside Canada. In addition, some personal information may cross provincial or national borders in the course of commercial activity.

Where that occurs, the information may be subject to the laws of the jurisdiction where it is processed or stored. PIPEDA generally applies to cross-border handling of personal information in commercial activities, even where a province has its own substantially similar private-sector law.

12. Accuracy

We make reasonable efforts to keep personal information as accurate, complete, and up to date as necessary for the purposes for which it is used.

You are responsible for informing us if your contact details or other information changes.

13. Access and Correction Requests

Subject to legal exceptions, you may request access to personal information we hold about you and request corrections if you believe it is inaccurate.

To make an access or correction request, please contact us using the contact details below. We may need to verify your identity before responding.

Openness, individual access, and the ability to challenge compliance are established principles under Canadian private-sector privacy law.

14. Children and Minors

Our website and services are not intended for individuals under the age of majority who cannot lawfully enter into a binding service relationship in their jurisdiction. We do not knowingly collect personal information from children in connection with our commercial services.

If you believe a minor has provided personal information improperly, please contact us so we can review and address the issue.

15. Third-Party Websites and Platforms

Our website may contain links to third-party websites, platforms, or tools. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices, content, or terms.

You should review the privacy policies of those third parties before submitting information to them.

16. Privacy Officer / Accountability

We are responsible for personal information under our control and maintain policies and practices intended to support compliance with applicable privacy requirements. Canadian privacy law expects organizations to have accountability measures in place, including a person responsible for compliance.

Privacy Contact / Privacy Officer

ToyBox Digital Solutions Inc.

[Name or Title]

[Email Address]

[Mailing Address]

[Phone Number, if applicable]

17. Complaints and Questions

If you have a question, concern, or complaint about how we handle personal information, please contact us first and we will review the matter.

You may also have the right to raise concerns with the relevant privacy regulator, depending on which law applies. In British Columbia, the OIPC oversees PIPA matters, and the OPC oversees compliance with PIPEDA.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, services, legal obligations, or operational needs. The updated version will be posted on this page with a revised effective date.

Your continued use of the website or services after changes are posted indicates acceptance of the revised policy, to the extent permitted by law.

Scroll to Top