top of page
Adaptis-logon-2048x704.webp

Privacy Policy

Adaptis Technologies, Inc. and Adaptis Technologies Canada, Inc.

Effective Date: June 20, 2025
1. Introduction 

Adaptis Technologies, Inc., a United States company, and its Canadian entity, Adaptis Technologies Canada, Inc. (collectively "Adaptis," "we," "us," or "our"), are committed to protecting the privacy and security of your information and the data you provide to us related to the buildings you own, operate, or manage (the "Building Data"). This Privacy Policy ("Policy") describes how we collect, use, disclose, and protect personal information and your Building Data in connection with our services. The specific categories of Building Data we collect are detailed in Section 2.1 under "Building Data".

This Policy applies to information we collect when you interact with us, use our services, or visit our websites. By using our services, you agree to the collection, use, disclosure, and procedures this Policy describes. Our practices concerning data security and how long we keep information are detailed in our separate Data Protection & Retention Policy.

2. Information We Collect

We collect various types of information to provide and improve our services:

2.1. Building Data

We collect detailed Building Data related to building characteristics, performance, and infrastructure. This Building Data includes, but is not limited to:

  • Assessments and Reports:

    • Building Condition Assessments (BCAs)

    • Depreciation reports

    • Energy audit reports

    • Energy modelling reports

  • Building Specifications:

    • Drawings or specifications

    • Building type (e.g., commercial, residential, industrial)

    • Building address

    • Year built

    • Number of floors above and below grade

    • Building shape (e.g., L-shape, rectangular)

    • Gross Floor Area (GFA)

  • Utility Data:

    • Monthly utility consumption (e.g., electricity, natural gas, water) and associated costs for the past 12-36 months.

  • Architectural Details:

    • Window types and specifications

    • Wall types and construction

    • Roof types and materials

  • Electrical Details:

    • Lighting type in each space (e.g., LED, fluorescent, incandescent)

    • Lighting controls (e.g., occupancy sensors, daylight sensors, timers)

  • Mechanical Details:

    • Heating equipment types and capacities

    • Cooling equipment types and capacities

    • Ventilation equipment types and capacities

    • Domestic Hot Water (DHW) equipment types and capacities

    • Installation years of major equipment and envelope elements (roof, windows, etc.)

  • Performance Targets:

    • Carbon or energy reduction targets and associated target years.

Important Note on Building Data: While the Building Data we collect is detailed and pertains to specific properties, it relates to the characteristics and performance of the buildings themselves. We do not collect information through these means that directly identifies individual occupants or residents within those buildings, such as their personal activities or identities.

2.2. Personal Information

In the course of conducting business and providing our services, we may collect the following personal information from our clients, partners, or individuals interacting with our services:

  • First Name

  • Last Name

  • Company Email Address

2.3. Organizational Information

We may also collect information that you provide to us about your organization. This may include:

  • Company name and legal structure

  • Business address(es)

  • Industry or sector

  • General company size or scale

  • Your organization's broader sustainability goals, operational objectives, or specific business needs as they relate to the services we provide.

2.3. How We Collect Information

  • Directly from You: When you provide it to us, such as when you sign up for our services, request information, or communicate with us. We may further collect Building Data and Organizational Information through the following methods:

    • Data Input Forms: We provide customers with data input forms, which may include Google Forms, for direct submission of Building Data and organizational information.

    • CSV Uploads: Customers may directly send us their Building Data in CSV file format.

    • SFTP and Scripts: For more advanced customers, we may utilize secure file transfer protocol (SFTP) sites and automated scripts to transfer Building Data

  • Through Our Services: When you use our platforms or services, we may collect Building Data and usage information.

  • From Third Parties: We may receive information from third-party partners or publicly available sources, in compliance with applicable laws.

3. How We Use Your Information

We use the information we collect (which includes Personal Information, Organizational Information, and Building Data) for various purposes, including:

  • Providing and Improving Services: To operate, maintain, and enhance our services, including analyzing building performance, data input to our simulation engines, generating reports, insights, and presentation on our dashboard, as well as developing new features.

  • Enable Decision-Making: To provide you with the analytical outputs necessary for you to make informed decisions regarding your buildings.

  • Business Delivery: To fulfill our contractual obligations and deliver the services requested by our clients.

  • Communication: To communicate with you about your account, service updates, technical notices, security alerts, and to respond to your inquiries and requests.

  • Analytics and Product Development: To understand how our services are used, to improve them, and to develop new products and services. This may involve using aggregated and anonymized data.

  • Personalization: To personalize your experience with our services.

  • Legal and Compliance: To comply with applicable legal or regulatory obligations, and to enforce our terms and protect our rights.

4. How We Share Your Information

We do not sell your personal information. We may share information, including personal information, under the following circumstances:

4.1. Third-Party Service Providers

We engage third-party service providers to perform functions and provide services to us. We may share your information with these providers subject to obligations consistent with this Policy and any other appropriate confidentiality and security measures, and on the condition that the third parties use your information only on our behalf and pursuant to our instructions. These include:

4.2. Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:

  • Comply with a legal obligation or a request from law enforcement or other government officials.

  • Protect and defend the rights or property of Adaptis.

  • Prevent or investigate possible wrongdoing in connection with the services.

  • Protect the personal safety of users of the services or the public.

  • Protect against legal liability.

4.3. Business Transfers

In the event of a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.

5. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information. These rights may include:

  • Access: The right to request access to the personal information we hold about you.

  • Correction (Rectification): The right to request correction of inaccurate or incomplete personal information.

  • Withdrawal of Consent: The right to withdraw your consent to our processing of your personal information, where consent is the basis for processing. Withdrawing consent may affect your ability to use some of our services.

  • Deletion (Erasure): The right to request the deletion of your personal information, subject to certain exceptions (e.g., where retention is necessary for legal or contractual reasons).

  • Information about Disclosures: The right to request information about how your personal information has been used and disclosed.

To exercise any of these rights, please contact us using the contact information provided in Section 10 ("Contact Us"). We will respond to your request in accordance with applicable data protection laws. We may need to verify your identity before processing your request.

6. International Data Transfers

Adaptis Technologies, Inc. is based in the United States, and Adaptis Technologies Canada, Inc. operates in Canada. The third-party service providers we use are located in the United States and other countries. As such, your information, including personal information, may be transferred to, stored, and processed in the United States and other countries outside of where you reside.

These countries may have data protection laws that are different from the laws of your country. However, we take measures to ensure that any such transfers comply with applicable data protection laws and that your information remains protected to the standards described in this Policy. For example, we rely on the contractual commitments of our third-party providers regarding data protection.

7. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the relevant age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child, we will take steps to delete such information as soon as possible. If you believe we might have any information from or about a child, please contact us.

8. Links to Other Websites

Our Platform may contain links to other websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any website you visit.

9. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by posting the updated Policy on our website and updating the "Effective Date" at the top of this Policy. We encourage you to review this Policy periodically to stay informed about our collection, use, and disclosure of information. Your continued use of our services after any changes or revisions to this Policy shall indicate your agreement with the terms of such revised Policy.

10. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, or if you wish to exercise your rights, please contact us at:

Adaptis Technologies, Inc

10 Dundas St E Suite 600, Toronto, ON, Canada, M5B 2G9

privacy@adaptis.ai

Data Protection and Retention Policy

Adaptis Technologies, Inc. and Adaptis Technologies Canada, Inc.

Effective Date: May 15, 2025

1. Introduction

Adaptis Technologies, Inc., a United States company, and its Canadian entity, Adaptis Technologies Canada, Inc. (collectively "Adaptis," "we," "us," or "our"), are committed to protecting the security and integrity of the data we handle and to transparently outlining our data retention practices. This Data Protection & Retention Policy ("Policy") describes the measures we take to safeguard information and our approach to data retention.

This Policy should be read in conjunction with our Privacy Policy, which details the types of information we collect and how we use and share it.

2. Data Protection and Security

We implement reasonable and appropriate administrative, technical, and physical security measures designed to protect the information we collect and manage from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Our commitment to data security includes:

  • Technical Safeguards:

    • Encryption: Utilizing encryption for data at rest and in transit where appropriate and feasible (e.g., SSL/TLS for data transmission, encryption of database backups).

    • Access Controls: Implementing strict access controls, including role-based access and the principle of least privilege, to ensure that information is accessible only by authorized personnel with a legitimate business need.

    • Secure Infrastructure: Partnering with reputable third-party hosting providers (such as Google Cloud Platform and MongoDB Atlas) that maintain robust security certifications and practices for their infrastructure.

    • Network Security: Employing firewalls, intrusion detection/prevention systems, and other network security measures.

    • Vulnerability Management: Regularly scanning for vulnerabilities and applying patches and updates in a timely manner.

  • Administrative Safeguards:

    • Security Awareness Training: Providing regular security awareness training to our employees.

    • Policies and Procedures: Maintaining internal policies and procedures related to data security and incident response.

    • Third-Party Vendor Management: Conducting due diligence on third-party vendors who may handle our data to ensure they meet appropriate security standards.

  • Physical Safeguards:

    • Implementing measures to secure physical access to our premises and data centers (primarily managed through our cloud service providers who maintain high physical security standards).

While we strive to protect your information, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. We will notify affected individuals and relevant authorities of data breaches as required by applicable law.

3. Data Retention

We retain information for as long as necessary to fulfill the purposes for which it was collected, as outlined in our Privacy Policy, to provide our services, and to comply with our legal, contractual, and regulatory obligations. Our retention periods vary depending on the type of information and the context in which it is used:

  • Building Information:

    • Data such as Building Condition Assessments (BCAs), depreciation reports, energy audit reports, energy modelling reports, drawings, specifications, building characteristics (type, address, year built, GFA, architectural, electrical, mechanical details), and utility data are generally retained for the duration of our active business relationship with the client associated with that building.

    • Following the termination of a client relationship, this information may be retained for an additional period as necessary for:

    • Analytical and research purposes (often in an aggregated or de-identified form).

    • Archival and historical record-keeping.

    • Supporting the long-term lifecycle management analysis of buildings.

    • Compliance with any contractual or legal obligations that extend beyond the client relationship.

    • We aim to retain detailed building information for up to 7-10 years after the end of a project or client relationship, unless specific legal or business requirements necessitate a longer period.

  • Personal Information:

    • Personal Information (such as first name, last name, company email address of client contacts) is retained for as long as an individual's account is active, as needed to provide services, or as necessary to manage our business relationship.

    • We will typically retain personal information for a reasonable period after our direct business relationship with the individual or their company ends, generally not exceeding 7 years, to allow for follow-up, dispute resolution, or as required for legal and compliance purposes (e.g., financial record-keeping).

  • Analytics Data:

    • Data collected for product analytics purposes by third-party services like PostHog and Segment is retained according to their respective data retention policies or as configured by Adaptis within those services. We periodically review these settings to ensure retention is appropriate for our needs.

  • Log Data:

    • System and application logs (e.g., from Google Cloud Platform) are retained for a period necessary for security monitoring, troubleshooting, and auditing, typically ranging from 90 days to 1 year, unless a longer period is required for an active investigation or legal hold.

 

3.1. Data Disposal

When information is no longer needed for its specified purpose and its retention period has expired, we will take reasonable steps to securely destroy or de-identify it. Methods of disposal may include:

  • Electronic Data: Secure deletion, overwriting, or cryptographic erasure.

  • Physical Media (if any): Shredding, degaussing, or physical destruction.

  • De-identification/Anonymization: Where appropriate, data may be de-identified or anonymized for continued use in research or statistical analysis without retaining personal identifiers.

4. Data Subject Rights Related to Protection and Retention

Individuals may have rights concerning their data, including access and deletion, as detailed in our Privacy Policy. Requests related to data retention or security can be made via the contact information below.

5. Changes to This Policy

We may update this Data Protection & Retention Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will notify you by posting the updated Policy on our website and updating the "Effective Date" at the top of this Policy. We encourage you to review this Policy periodically.

6. Contact Us 

If you have any questions, concerns, or complaints about this Data Protection & Retention Policy or our data security and retention practices, please contact us at:

Adaptis Technologies, Inc

10 Dundas St E Suite 600, Toronto, ON, Canada, M5B 2G9

privacy@adaptis.ai

bottom of page