Boost Local Business

Privacy & Information Security Policy

Effective date: October 2, 2023

Last updated: July 13, 2026

1. Purpose and Scope

Veena Rita Vivian Dmello, carrying on business as Social Master and BoostLocalBusiness (“Boost Local Business,” “we,” “us,” or “our”), values privacy. This Policy provides a general description of how personal information may be collected, used, disclosed, retained, and protected when individuals visit our website, contact us, request an audit or proposal, purchase or use our services, interact with our advertising, or otherwise communicate with us.

This Policy applies to personal information handled during our commercial activities. It does not apply to anonymized or aggregated information that cannot reasonably identify an individual, or to information handled independently by third parties under their own terms and privacy policies.

Canadian privacy laws may apply to some of our activities. This Policy is intended to provide transparency about our general practices; it is not a representation of certification, independent assessment, or compliance with any particular privacy or information-security standard. Legal requirements continue to apply where they cannot be limited by this Policy.

Privacy questions and requests may be directed to Veena Rita Vivian Dmello at [email protected].

3. Personal Information We May Collect

3.1 Information You Provide

  • Identity and contact information: name, business name, title, email address, telephone number, mailing address, and service area.
  • Inquiry and onboarding information: website address, domain, social profiles, business description, project goals, service requirements, budget, timelines, and communications.
  • Account and service information: usernames, account identifiers, preferences, support requests, approvals, and information needed to configure or administer a requested service.
  • Client materials and access: content, files, settings, and credentials where reasonably necessary to provide a service. Clients should use delegated access, temporary passwords, and secure transfer methods where available.
  • Billing and transaction information: billing contact, billing address, invoice information, transaction identifiers, payment status, and limited payment details received from a payment provider.
  • Communications: emails, chat messages, call notes, form submissions, feedback, testimonials, survey responses, and communication preferences.
  • Other information that an individual voluntarily provides or authorizes us to receive.

3.2 Information Collected Automatically

  • IP address, browser type, operating system, device type, language, referring page, and approximate location derived from an IP address.
  • Pages viewed, links selected, visit date and duration, form interactions, campaign attribution, and technical, error, or security logs.
  • Cookie and similar-technology identifiers used for functionality, preferences, analytics, fraud prevention, or advertising measurement where enabled.

3.3 Information From Other Sources

We may receive information from a Client’s authorized representatives, referral sources, publicly available business listings, social and advertising platforms, analytics providers, payment providers, domain and hosting providers, and other service providers. Such information may be used for the purposes described in this Policy, subject to applicable legal requirements.

4. How We May Use Personal Information

Personal information may be used to:

  • respond to inquiries and provide consultations, audits, estimates, proposals, or requested information;
  • verify identity, create accounts, onboard Clients, and deliver, administer, support, maintain, secure, or improve services;
  • process transactions, issue invoices and receipts, collect amounts owing, and maintain business, accounting, and tax records;
  • communicate about projects, approvals, support, subscriptions, renewals, service changes, privacy, billing, or security;
  • analyze website and campaign performance, understand demand, diagnose errors, and improve user experience;
  • prevent or investigate suspected fraud, abuse, unauthorized access, security incidents, or violations of our terms;
  • establish, exercise, or defend legal claims and respond to legal, regulatory, insurance, or contractual requirements;
  • send promotional communications where consent or another permitted basis is believed to exist; and
  • carry out another purpose disclosed during the interaction, with consent, or as otherwise permitted by law.

Depending on the circumstances and applicable law, we may rely on express consent, implied consent, contractual necessity, or another legally permitted basis for handling information. Providing information through a form, purchase, onboarding process, consultation, or direct communication generally indicates consent to use it for the reasonably apparent purpose of that interaction.

An individual may ask to withdraw consent or change communication preferences. A request may affect our ability to provide a service and may be subject to legal, contractual, billing, security, backup, technical, or recordkeeping limitations. Withdrawal does not necessarily require deletion of information already processed or information that may lawfully be retained.

6. Service and Marketing Communications

We may send transactional or service messages concerning inquiries, purchases, projects, billing, accounts, renewals, support, privacy, or security. These communications may be necessary to respond to a request or provide a service and may not include a marketing unsubscribe option.

Promotional messages may be sent where consent or another permitted basis is believed to exist. Marketing messages are intended to identify the sender and provide an unsubscribe method. An unsubscribe request may be submitted through the link in a message or by contacting us. Non-promotional service or transactional messages may continue where appropriate.

7. Cookies and Similar Technologies

Our website may use cookies, pixels, tags, local storage, scripts, and similar technologies. Depending on the current website configuration, these may include:

  • Essential technologies for security, forms, sessions, accessibility, load balancing, and core website functions.
  • Preference technologies that remember selected settings or choices.
  • Analytics technologies used to understand traffic, navigation, campaign attribution, and performance.
  • Advertising technologies used to measure campaigns, build audiences, limit repetition, or deliver more relevant advertisements where enabled.

Browser settings may allow an individual to block or delete cookies. Blocking essential technologies may affect website operation. A cookie preference tool may be made available where appropriate; however, browser, device, provider, and regional settings may also affect how choices are applied.

8. When Information May Be Disclosed

We do not ordinarily sell or rent personal information as a business activity. Information may be disclosed:

  • to providers of hosting, domains, cloud storage, email, forms, CRM, analytics, advertising, communications, cybersecurity, software, accounting, payment processing, and technical support;
  • to platforms, contractors, advisers, collaborators, or representatives selected or authorized by the Client;
  • as part of a proposed or completed financing, reorganization, merger, acquisition, sale, transfer, insolvency, or other business transaction;
  • where required or permitted by law, legal process, a regulator, a court, or a lawful authority;
  • to collect debts, enforce agreements, investigate wrongdoing, or protect rights, safety, systems, users, or property; or
  • for another purpose to which the individual has consented.

Service providers and independent third parties operate under their own systems, agreements, security practices, terms, and privacy policies. We do not control every aspect of their collection, use, disclosure, retention, or protection of information.

9. Payment Information

Online payments, where offered, are processed through the third-party payment provider presented during checkout or invoicing. We generally do not receive or store complete payment-card numbers or card security codes. We may receive transaction identifiers, payment status, card brand, partial card details, billing information, fraud indicators, or other information needed for accounting, dispute handling, and customer support.

A payment provider processes information under its own terms, privacy policy, systems, and security practices.

10. Cross-Border Processing

We and our service providers may process or store information in Canada, the United States, or other jurisdictions. Information handled outside an individual’s province or country may be subject to the laws of that jurisdiction and may be accessible to courts, law-enforcement agencies, regulators, or other lawful authorities there.

Cross-border processing is also subject to the practices, infrastructure, availability, and terms of the relevant provider.

11. Retention and Deletion

Information may be retained for as long as it is reasonably useful or necessary for service delivery, support, business and tax records, consent records, fraud prevention, dispute resolution, legal claims, security, backups, or other legitimate operational purposes.

Retention varies according to the type of information, the service involved, provider settings, technical limitations, contractual arrangements, and legal considerations. When information is no longer considered necessary, we may delete, destroy, overwrite, or anonymize it.

Copies may remain in backups, archives, email systems, logs, devices, or third-party platforms for additional periods. Immediate or complete deletion from every location cannot always be guaranteed.

12. Our Information-Security Approach

We make practical, risk-based efforts to reduce unauthorized access, loss, misuse, alteration, or disclosure. The measures used depend on the system, provider, information, and service involved.

Measures may include:

  • antivirus or anti-malware tools on supported systems;
  • operating-system, software, theme, and plugin updates;
  • TLS encryption supplied by the website, hosting, email, or service platform;
  • passwords, access restrictions, and multifactor authentication where available;
  • firewall, filtering, monitoring, backup, and security features supplied by hosting or technology providers;
  • limiting access to accounts and information where reasonably practicable; and
  • changing credentials, removing access, or applying updates when a potential issue is identified.

13. Security Limitations and Client Responsibilities

No security measure, method of transmission, software, device, backup, or third-party service is completely secure or continuously available. Security measures may not be available, enabled, effective, current, compatible, or error-free in every circumstance.

We do not represent that our practices meet a particular certification or compliance standard, and we do not guarantee that information will always remain secure, confidential, available, complete, accurate, or recoverable.

Clients and users should use unique passwords, enable multifactor authentication where available, restrict credential sharing, remove unnecessary users, maintain independent backups, keep their own devices updated, and promptly report suspected unauthorized access. Clients remain responsible for their own users, devices, accounts, data, access decisions, and post-handover website or system administration unless those functions are expressly included in a managed service.

14. Privacy and Security Incidents

If we become aware of suspected unauthorized access, use, disclosure, alteration, loss, malware, or destruction of information, we may investigate and take steps considered reasonable in the circumstances. These steps may include changing credentials, contacting a provider, applying an update, restricting access, restoring an available backup, or seeking technical or legal assistance.

Notifications or regulatory reports will be considered where required by applicable law. Our ability to identify, investigate, contain, recover from, or remediate an incident may depend on available information, provider cooperation, backup availability, system access, and other circumstances outside our control.

15. Access, Correction and Deletion Requests

Subject to applicable law, an individual may ask whether we hold personal information about them or request access, correction, or deletion. A request should be sent to [email protected].

We may request information reasonably necessary to verify identity and authority. Requests will be considered subject to applicable law, technical feasibility, provider capabilities, legal restrictions, billing and dispute requirements, backup limitations, and legitimate recordkeeping needs. We may not be able to locate, disclose, correct, or delete every record requested.

16. Information Handled for Clients

When information is handled through a service supplied to a Client—for example, website forms, hosting, email services, CRM integrations, advertising audiences, or analytics—the Client may be responsible for determining why and how that information is used. Individuals should generally direct requests concerning that information to the relevant Client first.

Clients are responsible for their own privacy notices, consent practices, account configurations, instructions, content, legal obligations, and use of information. Any assistance we provide is subject to the applicable service arrangement, provider capability, technical feasibility, and legal requirements.

17. Children’s Privacy

Our website and business services are intended for business users and are not directed to children under 13. We do not intentionally request personal information directly from children under 13. If you believe a child has submitted personal information, contact us so that we can review the circumstances and determine what action may be appropriate.

18. Third-Party Websites and Platforms

Our website and services may link to or integrate with social networks, maps, videos, booking systems, payment providers, email tools, chat services, analytics, advertising platforms, hosting providers, or other third parties. Their handling of information is governed by their own policies and terms.

A link or integration does not mean that we control or guarantee the third party’s availability, accuracy, privacy, security, content, or practices. Individuals should review the relevant policies before providing information.

19. Automation and Artificial Intelligence

We may use automation or artificial-intelligence-assisted tools to support drafting, analysis, customer service, reporting, design, security, or service delivery. Information entered into such tools may be processed under the provider’s terms, account settings, systems, and retention practices.

Clients should not provide highly sensitive information unless its proposed use has been specifically discussed. Automated or AI-assisted output may contain errors and should be independently reviewed before use. It is not professional legal, financial, medical, or other regulated advice.

20. Questions and Complaints

Questions, concerns, or complaints may be sent to [email protected]. We will review the matter and determine what response or action is reasonably appropriate in the circumstances. An individual may also contact a privacy regulator that has jurisdiction.

21. Changes to This Policy

We may update this Policy to reflect changes in law, technology, services, providers, or business practices. The current version will display an updated revision date. Additional notice or consent may be considered where a material change requires it under applicable law.

How to Contact Our Privacy Team

Veena Rita Vivian Dmello

Carrying on business as Social Master and BoostLocalBusiness

New Tecumseth, Ontario, Canada

Privacy email: [email protected]

Telephone: +1 (647) 472-7823

Website: https://www.boostlocalbusiness.ca/