Privacy Policy

Clause 1 Introduction

Gep Amalgamation Inc. — developed by GEP Amalgamate — is committed to protecting the privacy and security of every individual who interacts with our services. This Privacy Policy describes in clear terms how we collect, use, disclose, and safeguard information when you visit our website at www.gepamalgamate.buzz, engage with our computer systems design and integrated systems design services, or otherwise communicate with us through any channel.

We understand that the nature of our work — which often involves access to proprietary system architectures, confidential business processes, and technical infrastructure data — demands the highest standards of data stewardship. This policy reflects that commitment. By accessing or using our services, you acknowledge that you have read and understood the practices described in this document. If you do not agree with any part of this policy, you should discontinue use of our website and services immediately.

Throughout this policy, the terms we, us, and our refer to Gep Amalgamation Inc., a corporation organized under the laws of Canada with its principal place of business at the address listed in Clause 13 of this document. The terms you and your refer to any individual or entity that accesses our website, uses our services, or otherwise provides personal information to us.

Clause 2 Information We Collect

We collect information across several categories, each serving a distinct purpose in our ability to deliver, improve, and secure our services. The categories described below apply regardless of whether the information is provided directly by you, collected automatically through your interaction with our systems, or obtained from trusted third-party sources with appropriate authorization.

Personal Information You Provide Directly

When you contact us through our website forms, send us email correspondence, engage us for consulting or design services, or participate in a project engagement, we may collect information that identifies you personally. This includes your full name, email address, telephone number, job title, company affiliation, physical mailing address, and any other information you choose to include in your communications. If you enter into a business relationship with us, we may also collect billing information, project specifications, and technical documentation that you share as part of the engagement.

Usage and Device Information Collected Automatically

When you visit our website, our servers automatically record certain technical information transmitted by your browser or device. This includes your Internet Protocol address, browser type and version, operating system, device type and screen resolution, referring and exit page URLs, date and time stamps of your visit, pages viewed and time spent on each page, and interaction events such as clicks, scroll depth, and form submissions. We collect this information to understand how visitors engage with our website, to diagnose technical issues, to defend against malicious activity, and to improve the overall user experience.

Cookies and Similar Technologies

Our website uses cookies — small text files stored on your device by your web browser — and similar tracking technologies such as local storage objects and session identifiers. These technologies allow us to recognize returning visitors, remember user preferences, analyze site traffic patterns, and measure the effectiveness of our communications. A detailed explanation of the specific cookies we deploy, their purposes, and how you can manage your preferences is set out in Clause 6 of this policy.

Analytics Information

We use privacy-respecting analytics tools to measure aggregate usage patterns on our website. These tools process anonymized or pseudonymized data to generate statistical reports about visitor behavior, traffic sources, content popularity, and technical performance metrics. We configure our analytics implementation to minimize the collection of personally identifiable information — for example, by enabling IP address anonymization, disabling data sharing with the analytics provider's advertising network, and limiting data retention periods to the shortest practical durations.

Communication Records

When you communicate with us via email, telephone, or through our website contact mechanisms, we maintain records of those communications. This includes the content of your messages, our responses, the date and time of each exchange, and any attachments or supplementary materials shared during the correspondence. We retain these records to provide continuity of service, to maintain an accurate history of our business relationship, and to comply with applicable legal and regulatory obligations.

Clause 3 How We Use Your Information

The information we collect serves specific, legitimate purposes connected to the operation of our business and the delivery of our computer systems design and integrated systems design services. We do not use your personal information for purposes that are incompatible with those described in this policy without first providing you with notice and, where required by applicable law, obtaining your consent.

We use personal information to provide, operate, and maintain our services — including responding to inquiries, preparing proposals, executing project engagements, delivering technical documentation, and providing ongoing support. We use contact information to communicate with you about your projects, send service-related notifications, and share information that you have requested about our capabilities and expertise.

We use usage data and analytics to understand how visitors interact with our website, to identify areas for improvement, to optimize content and navigation, and to make informed decisions about our online presence. We use technical and device information to ensure the security and integrity of our systems — including detecting, preventing, and responding to fraud, unauthorized access, and other malicious or illegal activity. We may also use aggregated, de-identified data derived from the information we collect for research, product development, and business planning purposes. Such aggregated data cannot reasonably be used to identify any individual.

If you have provided your email address and have consented to receive marketing communications, we may send you periodic updates about our services, industry insights, case studies, and event invitations. You may opt out of marketing communications at any time by using the unsubscribe link included in every such message, or by contacting us directly using the information provided in Clause 13.

Clause 4 Legal Basis for Processing (GDPR)

For individuals located in the European Economic Area, the United Kingdom, or other jurisdictions whose data protection laws require a specified legal basis for processing personal data, we rely on the following legal grounds under the General Data Protection Regulation and equivalent legislation.

Contractual Necessity: When you engage us for services — whether through a formal service agreement, statement of work, or other contractual arrangement — we process your personal information as necessary to fulfill our obligations under that contract. This includes using your contact details to manage the engagement, processing billing information, and communicating about project deliverables and timelines.

Legitimate Interests: We process certain personal information on the basis of our legitimate business interests, provided that those interests are not overridden by your data protection rights. Our legitimate interests include: improving our website and services based on usage analytics; responding to inquiries and providing information about our expertise; maintaining the security of our systems and preventing fraud; and managing our business operations effectively. You have the right to object to processing based on legitimate interests under the circumstances described in Clause 8.

Consent: Where we rely on your consent as the legal basis for processing — for example, when you subscribe to marketing communications or when we deploy non-essential cookies — we will request that consent clearly and separately. You may withdraw your consent at any time using the mechanisms described in this policy. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

Legal Obligation: We may process your personal information where necessary to comply with applicable laws, regulations, court orders, or other legal processes to which we are subject. This includes obligations related to tax reporting, financial record-keeping, and responding to lawful requests from government authorities.

Clause 5 Information Sharing and Disclosure

Gep Amalgamation Inc. does not sell, rent, or trade your personal information to third parties for their own marketing purposes. We share personal information only in the limited circumstances described below, and we require all recipients to provide at least the same level of protection for your data as we do.

Service Providers: We engage trusted third-party companies and individuals to perform functions on our behalf — including website hosting, email delivery, analytics, payment processing, and IT infrastructure management. These service providers have access to personal information only to the extent necessary to perform their designated functions and are contractually bound to process data solely in accordance with our instructions and applicable data protection law.

Professional Advisors: We may share information with our legal counsel, auditors, accountants, and insurance providers as necessary for the operation of our business and to protect our legitimate interests. These disclosures are governed by professional obligations of confidentiality.

Business Transfers: In the event of a merger, acquisition, reorganization, asset sale, or other corporate transaction involving Gep Amalgamation Inc., personal information may be transferred as a business asset. We will provide notice before your personal information is transferred to a different entity or becomes subject to a different privacy policy, and we will use reasonable efforts to ensure that the transferee honors the commitments in this policy.

Legal Compliance and Protection: We may disclose personal information when we believe in good faith that disclosure is necessary to comply with applicable law, regulation, legal process, or governmental request; to enforce our agreements and terms of service; to protect the rights, property, or safety of Gep Amalgamation Inc., our clients, or the public; or to detect, prevent, or otherwise address fraud, security, or technical issues.

With Your Consent: We may share your information for purposes not described in this policy when we have obtained your explicit consent to do so.

Clause 6 Cookies and Tracking Technologies

Our website employs a minimal set of cookies and tracking technologies, configured to respect user privacy by default. We categorize our cookie usage into three tiers: strictly necessary cookies that are essential for the website to function; performance and analytics cookies that help us understand how visitors use our site; and functional cookies that remember your preferences to improve your experience.

Strictly necessary cookies — sometimes called essential cookies — enable core website functionality such as page navigation, secure form submission, and load balancing. These cookies do not store personally identifiable information and are set by default. Because they are required for the website to operate, they cannot be disabled through our cookie preferences mechanism; however, you may configure your browser to block them, though doing so may impair certain features of the site.

Performance and analytics cookies collect aggregated, anonymized information about how visitors use our website — which pages receive the most traffic, how users navigate between sections, and whether they encounter error messages. We use this data exclusively to improve site performance and content relevance. These cookies are deployed only after you have provided your consent through our cookie banner.

Functional cookies allow the website to remember choices you make — such as your preferred language or your cookie consent preferences — so that we can provide a more personalized experience on subsequent visits. Information collected by functional cookies is not used for advertising purposes and is not shared with third-party advertising networks.

You have full control over non-essential cookies through our on-site cookie preference center, which you can access at any time via the cookie icon in the footer of every page. Additionally, most web browsers provide settings that allow you to block, delete, or receive warnings before cookies are stored. Instructions for managing cookie settings are available in the help documentation for your specific browser. Please note that disabling cookies entirely may affect the functionality and appearance of our website.

Clause 7 Data Security

Protecting the confidentiality, integrity, and availability of your personal information is a fundamental priority for Gep Amalgamation Inc. We implement and maintain administrative, technical, and physical safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Our technical security measures include: encryption of data in transit using Transport Layer Security protocols; encryption of data at rest where technically appropriate; network segmentation and firewall protection; regular vulnerability scanning and penetration testing conducted by qualified security professionals; access controls that limit data access to personnel with a legitimate business need; multi-factor authentication for administrative systems; and comprehensive logging and monitoring of system access and data processing activities.

Our organizational measures include: mandatory data protection and security training for all personnel who handle personal information; documented data handling procedures and incident response protocols; contractual data protection obligations imposed on all service providers and subcontractors; regular review and updating of security policies to address evolving threats; and physical security controls at our premises including access-restricted work areas.

While we implement robust security measures, no method of electronic storage or transmission over the Internet is entirely secure. We cannot guarantee absolute security, but we commit to notifying affected individuals and relevant supervisory authorities without undue delay in the event of a data breach, in accordance with applicable legal requirements.

Clause 8 Your Rights and Choices

Depending on your jurisdiction of residence, you may have certain rights regarding the personal information we hold about you. Gep Amalgamation Inc. respects these rights and will respond to verified requests in accordance with applicable law. The rights described below may be subject to limitations and exceptions under local data protection legislation.

Right of Access: You have the right to request confirmation of whether we process your personal information and, if so, to obtain a copy of that information along with details about how it is being processed. We will provide this information in a structured, commonly used, and machine-readable format where feasible.

Right of Rectification: If you believe that personal information we hold about you is inaccurate or incomplete, you have the right to request that we correct or supplement it. We will respond to rectification requests promptly and, where appropriate, will communicate the correction to any third parties to whom the data has been disclosed.

Right of Erasure: In certain circumstances — for example, when the personal information is no longer necessary for the purposes for which it was collected, or when you withdraw consent and there is no other legal basis for processing — you may request the deletion of your personal information. We will evaluate each erasure request against our legal obligations and legitimate interests, and we will explain our determination in writing.

Right to Restrict Processing: You may request that we limit the processing of your personal information in specific situations, including while we verify the accuracy of contested data or while we assess an objection to processing based on legitimate interests.

Right to Data Portability: Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your personal information in a portable format and, where technically feasible, to have it transmitted directly to another data controller.

Right to Object: You have the right to object to processing based on legitimate interests, including any profiling derived from those interests. Upon receiving a valid objection, we will cease processing unless we demonstrate compelling legitimate grounds that override your rights.

California Residents — CCPA Rights

Under the California Consumer Privacy Act and the California Privacy Rights Act, residents of California are entitled to specific disclosures and rights regarding their personal information. As a California resident, you have the right to know what categories of personal information we have collected about you in the preceding twelve months, the sources from which we collected it, the business purpose for collection, and the categories of third parties with whom we shared it. You have the right to request deletion of your personal information, subject to certain exceptions. You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising — although we do not currently engage in such practices. You have the right to correct inaccurate personal information. You have the right to non-discrimination for exercising any of your CCPA rights. To exercise any of these rights, please contact us using the information in Clause 13. We will verify your identity before processing your request, which may require you to provide information sufficient to confirm that you are the individual about whom we have collected personal data.

Canadian Residents — PIPEDA Rights

Under the Personal Information Protection and Electronic Documents Act and applicable provincial privacy legislation, Canadian residents have the right to access their personal information held by an organization, to challenge its accuracy and completeness, and to have it amended as appropriate. You also have the right to withdraw consent to the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions and reasonable notice. You may file a complaint with the Privacy Commissioner of Canada if you believe your rights under PIPEDA have been violated.

Clause 9 Children's Privacy

Our website and services are directed at business professionals and are not intended for use by individuals under the age of sixteen. We do not knowingly collect, solicit, or maintain personal information from children. If we become aware that we have inadvertently collected personal data from a child under the age of sixteen without verifiable parental consent, we will take steps to delete that information from our systems as quickly as reasonably possible.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately using the information set out in Clause 13 so that we can take appropriate action. We encourage parents and guardians to monitor their children's online activities and to instruct them never to provide personal information through websites or online services without permission.

Clause 10 International Data Transfers

Gep Amalgamation Inc. is headquartered in Canada, and personal information we collect is primarily processed and stored on servers located in Canada and the United States. If you are located outside of Canada, please be aware that by using our services or providing personal information to us, your data will be transferred to, processed, and stored in Canada and potentially other jurisdictions where our service providers operate.

When we transfer personal information across international borders, we implement appropriate safeguards consistent with applicable data protection law. For transfers from the European Economic Area, the United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we rely on standard contractual clauses approved by the relevant regulatory authorities, or on other lawful transfer mechanisms such as binding corporate rules or explicit consent. We remain responsible for the processing of personal information we transfer to third-party service providers acting on our behalf.

You may request additional information about the specific safeguards we apply to international data transfers by contacting us using the details provided in Clause 13.

Clause 11 Third-Party Links

Our website may contain links to third-party websites, plugins, and applications that are not owned or controlled by Gep Amalgamation Inc. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices or content.

We encourage you to review the privacy policy of every website you visit and every service you use. The inclusion of a link on our website does not imply endorsement of the linked site or service by Gep Amalgamation Inc. Your interactions with third-party websites are governed by their own terms and policies, and any personal information you provide to them is collected directly by them and subject to their practices. We disclaim any liability for the actions of third parties with respect to your personal information.

Clause 12 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or the features and functionality of our services. When we make material changes, we will revise the effective date at the top of this policy and provide prominent notice on our website at least thirty days before the changes take effect. For significant changes — such as those affecting the purposes for which we process personal information or the categories of data we collect — we may also notify you directly via email if you have provided your email address and have an ongoing relationship with us.

Your continued use of our website or services after the effective date of any updated policy constitutes your acknowledgment of the changes and your agreement to be bound by the revised terms. We encourage you to review this policy periodically to stay informed about how we protect your privacy. Archived versions of previous policies are available upon request by contacting us through the information in Clause 13.

Clause 13 Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data handling practices, we invite you to contact us through any of the channels listed below. We are committed to addressing your inquiries promptly and transparently.

If you believe that your data protection rights have been infringed, you have the right to lodge a complaint with the supervisory authority in your jurisdiction — such as the Office of the Privacy Commissioner of Canada, the Information Commissioner's Office in the United Kingdom, or your local data protection authority within the European Union. We would, however, appreciate the opportunity to address your concerns directly before you escalate to a regulatory body.