1. 
   
   
   INTRODUCTION

Knights of Repair, operated by 2677854 Ontario Inc. (“Knights of Repair”, “we”, “us”, or “our”), is committed to protecting the privacy and security of personal information in accordance with applicable Canadian privacy laws and industry best practices. This Privacy Policy sets out the principles and practices governing the collection, use, disclosure, and safeguarding of personal information in connection with our business operations.

‍

This Privacy Policy applies to all personal information collected, used, or disclosed by us through our website, customer relationship management systems (CRM), service engagements, and any related communications or interactions, whether conducted online or offline. This includes information collected through website forms, telephone communications, email correspondence, in-person interactions, and through our technicians and authorised representatives in the course of providing services.

‍

This Privacy Policy is intended to ensure transparency in how personal information is handled and to inform individuals of their rights and choices in relation to their personal information. By accessing our website, engaging our services, or otherwise interacting with us, individuals acknowledge that their personal information will be handled in accordance with this Privacy Policy, subject to applicable legal requirements.

‍

We manage personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable federal and provincial privacy laws in Canada. Where personal information is collected, used, or disclosed in connection with cross-border activities, we also take reasonable steps to ensure that such information is protected in a manner consistent with applicable legal standards.

‍

2. DEFINITIONS

For the purposes of this Privacy Policy, the following terms shall have the meanings set out below:

‍

“Personal Information” means any information about an identifiable individual, as defined under applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA). Personal Information may include, without limitation, an individual’s name, contact details, billing information, and any other information that can be used to identify an individual, either alone or in combination with other data.

‍

“Services” means the mobile heavy machinery repair, diagnostics, maintenance, fabrication, inspection, and related mechanical services provided by Knights of Repair, including any associated customer support, scheduling, billing, and operational activities.

‍

“User”, “you”, or “your” means any individual who accesses our website, communicates with us, requests or receives our Services, or otherwise interacts with us in a personal or professional capacity.

‍

“Website” means any website or online platform operated by or on behalf of Knights of Repair, including any associated web pages, forms, and digital interfaces used for customer engagement, service requests, or information dissemination.

‍

“Applicable Laws” means all applicable federal and provincial laws, regulations, and legal requirements relating to privacy, data protection, and electronic communications in Canada, including PIPEDA, and, where relevant, applicable laws of other jurisdictions in which we operate or provide Services.

‍

“Business Contact Information” means information used to communicate with an individual in relation to their business, professional, or employment capacity, including name, position, business address, business telephone number, and business email address, which may be subject to different treatment under applicable laws.

‍

“Service Providers” means third parties engaged by Knights of Repair to support its operations, including technicians, subcontractors, payment processors, IT service providers, hosting providers, and marketing or analytics partners.

‍

3. ACCOUNTABILITY AND PRIVACY OFFICER

Knights of Repair is responsible for personal information under its custody or control and has established policies and procedures to ensure compliance with applicable privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA).

‍

We have designated a Privacy Officer who is accountable for overseeing our privacy compliance program, including the development and implementation of policies and practices, responding to inquiries and requests, and addressing any complaints relating to the handling of personal information.

‍

If you have any questions, concerns, or requests regarding this Privacy Policy or the manner in which your personal information is handled, you may contact our Privacy Officer using the details below:

‍

Privacy Officer: Andrew Leblanc

Email: info@knightsofrepair.com

‍

We will respond to all privacy-related inquiries within a reasonable timeframe in accordance with applicable legal requirements.

‍

4. ‍CATEGORIES OF PERSONAL INFORMATION COLLECTED

We collect personal information that is necessary for the provision of our Services, the operation of our business, and compliance with applicable legal and regulatory requirements. The categories of personal information we may collect are set out below:

‍

Category of Personal Information

Description

Examples

‍

Identity and Contact Information

Information used to identify and communicate with individuals

Name, phone number, email address, mailing address

‍

Business and Account Information

Information relating to an individual’s business or organisational affiliation

Company name, job title, business address, service history

‍

Billing and Payment Information

Information required to process payments and manage invoicing

Billing address, payment method details, transaction records, credit card details (where applicable)

‍

Equipment and Service-Related Information

Information relating to equipment, machinery, and service requirements

Equipment type, model, serial number, condition, service requests, diagnostic details

‍

Technical and Usage Information

Information collected automatically through digital interactions

IP address, browser type, device information, website usage data, analytics data

‍

Communication Information

Information contained in communications with us

Emails, call records, service inquiries, customer support interactions

‍

Marketing and Preference Information

Information relating to marketing communications and preferences

Subscription preferences, consent records, responses to marketing campaigns

‍

We collect personal information directly from individuals, as well as through interactions with our website, communications, and service engagements. In certain circumstances, we may also collect information from third parties acting on behalf of a customer or in connection with the provision of our Services.

‍

We limit the collection of personal information to that which is reasonably necessary for the purposes identified in this Privacy Policy and do not collect information indiscriminately.

‍

5. SOURCES OF PERSONAL INFORMATION

We collect personal information from a variety of sources in the course of operating our business and providing our Services. The sources from which we collect personal information include the following:

‍

Source

Description

Examples

‍

Directly from Individuals

Information provided voluntarily by individuals when interacting with us

Website forms, service requests, account or inquiry submissions

‍

Communications

Information collected through direct communications with us

Telephone calls, emails, text messages, and in-person interactions with our personnel or technicians

‍

Service Delivery Interactions

Information collected in the course of providing Services

Information provided on-site, equipment details shared during diagnostics or repair, technician notes and service records

‍

Automated Technologies

Information collected automatically through digital tools and systems

Cookies, website analytics (e.g., Google Analytics), IP address, device and browser data

‍

Third Parties

Information received from third parties acting on behalf of a customer or supporting our operations

Referrals, authorised representatives, subcontractors, payment processors, marketing or analytics providers

‍

We primarily collect personal information directly from the individual concerned. However, where personal information is provided to us by a third party, we rely on that party to ensure that such disclosure is authorised and compliant with applicable laws.

‍

Where appropriate, we may combine personal information collected from different sources for the purposes described in this Privacy Policy, in order to effectively deliver our Services and manage our operations.

‍

6. PURPOSES FOR COLLECTION, USE, AND DISCLOSURE

We collect, use, and disclose personal information for purposes that are reasonable and necessary in the circumstances, having regard to the nature of our Services and our operational requirements. The purposes for which personal information is processed are set out below:

‍

Purpose

Description

Examples of Use

‍

Service Delivery and Fulfilment

To provide, perform, and manage our Services

Processing service requests, performing diagnostics and repairs, maintaining service records

‍

Scheduling and Dispatch

To coordinate service appointments and deploy technicians

Scheduling site visits, dispatching personnel, managing work orders

‍

Billing and Payment Processing

To invoice customers and process payments

Issuing invoices, processing payments, maintaining billing records, charging payment methods on file

‍

Customer Support and Communications

To respond to inquiries and provide support

Responding to service inquiries, follow-ups, resolving issues or complaints

‍

Operational Management

To manage and improve business operations

Internal record-keeping, service tracking, performance analysis

‍

Marketing and Promotional Communications

To provide updates, offers, and marketing content (where consent is obtained)

Sending newsletters, promotional emails, service updates

‍

Legal and Regulatory Compliance

To comply with applicable laws and legal obligations

Maintaining records for tax purposes, responding to legal requests, enforcing contractual rights

‍

Risk Management and Security

To protect our business, personnel, and systems

Fraud prevention, security monitoring, protecting against unauthorised access or misuse

‍

We will not use personal information for purposes other than those identified above, unless we obtain additional consent or are otherwise permitted or required by applicable law.

‍

Where personal information is disclosed to third parties, such disclosure is limited to what is reasonably necessary to fulfil the identified purposes, including supporting service delivery, processing payments, and complying with legal obligations.

‍

7. CONSENT

We obtain consent for the collection, use, and disclosure of personal information in accordance with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA). The form of consent may be express or implied, depending on the sensitivity of the information and the reasonable expectations of the individual.

‍

Consent may be obtained in the following ways:

‍

1. Express Consent: Where required, we obtain clear and explicit consent, such as through website forms, subscription checkboxes, or written agreements.
2. Implied Consent: In many cases, consent is implied where an individual voluntarily provides personal information for the purpose of receiving our Services, making an inquiry, or engaging with us in a business context. For example, when a customer requests a repair service, we may reasonably infer consent to collect and use the information necessary to fulfil that request.
3. In-Person and Verbal Interactions: Consent may also be implied through in-person discussions, telephone communications, or interactions with our technicians or representatives.

‍

Where we intend to use personal information for marketing or promotional purposes, we obtain consent in accordance with applicable laws, and individuals are provided with the opportunity to opt in where required.

‍

Individuals may withdraw their consent at any time, subject to legal or contractual restrictions and reasonable notice. To withdraw consent, individuals may contact us using the details set out in this Privacy Policy. Please note that withdrawing consent may affect our ability to provide certain Services or continue an existing engagement where the use of personal information is necessary for operational or legal purposes.

‍

We do not, as a condition of supplying a product or service, require individuals to consent to the collection, use, or disclosure of personal information beyond that which is reasonably necessary to fulfil the explicitly specified purposes.

‍

8. COOKIES AND TRACKING TECHNOLOGIES

‍

We use cookies and similar tracking technologies to enhance the functionality of our website, analyse usage patterns, and support our marketing and advertising activities.

‍

Cookies are small data files that are stored on a user’s device when they visit a website. These technologies enable us to recognise user preferences, improve user experience, and gather information about how our website is accessed and used.

‍

The types of cookies and tracking technologies we may use include:

1. Essential Cookies: Necessary for the operation of our website and to enable core functionality such as form submissions and basic navigation.
2. Analytics Cookies: Used to collect information about how users interact with our website, including pages visited, time spent on pages, and user behaviour. We may use third-party tools such as Google Analytics for this purpose.
3. Performance Cookies: Used to improve the performance and functionality of our website by understanding usage trends and identifying areas for improvement.
4. Advertising and Marketing Cookies: Used to deliver relevant advertisements and measure the effectiveness of marketing campaigns.

‍

Information collected through cookies may include technical and usage data such as IP address, browser type, device information, and website interaction data.

‍

Users can control or disable cookies through their browser settings. However, disabling certain cookies may affect the functionality and performance of our website.

‍

By continuing to use our website, users consent to the use of cookies and similar technologies in accordance with this Privacy Policy, subject to any preferences they may set through their browser or applicable consent mechanisms.

‍

9. DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES

We may disclose personal information to third parties where such disclosure is necessary for the purposes identified in this Privacy Policy, including the provision of our Services, operation of our business, and compliance with legal obligations. We take reasonable steps to ensure that any third parties with whom we share personal information are subject to appropriate confidentiality and data protection obligations.

‍

The categories of third parties to whom personal information may be disclosed are set out below:

‍

Category of Recipient

Purpose of Disclosure

Examples

‍

Technicians and Subcontractors

To perform and support the delivery of Services

Field technicians, subcontracted service providers, on-site personnel

‍

Payment Processors and Financial Institutions

To process payments and manage billing

Credit card processors, payment gateways, banks

‍

IT, Hosting, and CRM Providers

To support our technology infrastructure and data management systems

Cloud storage providers, CRM platforms, website hosting services

‍

Marketing and Analytics Providers

To support marketing campaigns and analyse website usage

Advertising agencies, analytics providers such as Google Analytics

‍

Professional Advisors

To obtain professional services and advice

Legal counsel, accountants, auditors

‍

Regulatory Authorities and Law Enforcement

To comply with legal obligations or lawful requests

Courts, regulators, government authorities

‍

We do not sell personal information to third parties, including telephone numbers, and we do not share such information with third parties for their own marketing or promotional purposes.  Any disclosure of personal information is limited to what is reasonably necessary for the relevant purpose and is carried out in accordance with applicable legal requirements.

‍

Where third parties process personal information on our behalf, we require them to implement appropriate safeguards and to use such information solely for the purposes for which it was disclosed.

‍

10. CROSS-BORDER TRANSFERS OF PERSONAL INFORMATION

In the course of operating our business, personal information may be transferred to, stored, or processed in jurisdictions outside of Canada, including through the use of third-party service providers, cloud-based systems, or data hosting infrastructure.

‍

Such cross-border transfers may occur, for example, where our service providers, technology platforms, or data centres are located in other jurisdictions. As a result, personal information may be subject to the laws of those jurisdictions, which may differ from the privacy laws applicable in Canada and may permit access by foreign courts, law enforcement, or regulatory authorities.

‍

Where personal information is transferred outside of Canada, we take reasonable steps to ensure that it is protected by safeguards that are appropriate in the circumstances. This may include contractual protections, confidentiality obligations, and security measures designed to ensure a level of protection comparable to that required under applicable Canadian privacy laws.

‍

By engaging with us or providing personal information, individuals acknowledge and consent to the transfer, storage, and processing of their personal information outside of Canada in accordance with this Privacy Policy, subject to applicable legal requirements.

‍

11. RETENTION OF PERSONAL INFORMATION

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including for the provision of our Services, compliance with legal and regulatory obligations, and the establishment, exercise, or defence of legal claims.

‍

The retention of personal information is determined based on the nature of the information, the purposes for which it is used, and applicable legal requirements, including tax, accounting, and record-keeping obligations.

‍

The general retention periods applied by us are set out below:

‍

Category of Information

Retention Period

Rationale

‍

Service and Operational Records

Up to 7 years from completion of Services

To maintain service history, support follow-up services, and address disputes or claims

‍

Billing and Financial Records

Up to 7 years or as required by applicable tax laws

To comply with legal, accounting, and tax obligations

‍

Customer Communications

As long as necessary to manage the relationship and resolve inquiries

To ensure continuity of service and customer support

‍

Marketing Data and Preferences

Until consent is withdrawn or no longer required

To manage communications and comply with consent requirements

‍

Technical and Usage Data

Retained for a limited period or as required for analytics purposes

To analyse and improve website performance and services

‍

Where personal information is no longer required for the purposes identified, we will securely delete, destroy, or anonymise such information in accordance with our internal policies and applicable legal requirements.

‍

We may retain certain information for longer periods where required or permitted by law, or where necessary to resolve disputes, enforce agreements, or protect our legal rights.

‍

12. SAFEGUARDS AND SECURITY MEASURES

We implement reasonable administrative, technical, and physical safeguards to protect personal information against loss, theft, unauthorised access, disclosure, copying, use, or modification, in accordance with applicable Canadian privacy laws and industry standards.

‍

The nature of the safeguards applied depends on the sensitivity of the personal information and the context in which it is collected and used. Our safeguards include, but are not limited to:

‍

1. Policies and procedures governing the handling of personal information, staff training and awareness, confidentiality obligations, and access controls to ensure that only authorised personnel have access to personal information on a need-to-know basis.
2. Use of secure systems, encryption (where appropriate), password protection, firewalls, and monitoring tools designed to protect electronic data against unauthorised access and cyber threats.
3. Measures to protect physical records and systems, including restricted access to offices, equipment, and storage locations where personal information may be held.

‍

Where personal information is processed by third-party service providers, we take reasonable steps to ensure that such providers implement appropriate safeguards and maintain the confidentiality and security of the information.

‍

While we take reasonable measures to protect personal information, no method of transmission over the internet or method of electronic storage is completely secure. Accordingly, we cannot guarantee absolute security, and individuals acknowledge that they provide personal information at their own risk to the extent permitted by applicable law.

‍

13. INDIVIDUAL RIGHTS: ACCESS AND CORRECTION

Individuals have the right to request access to their personal information held by us and to request corrections where such information is inaccurate, incomplete, or outdated, subject to applicable legal limitations and exceptions.

‍

Upon receiving a written request, we will provide access to the individual’s personal information within a reasonable timeframe, in accordance with applicable Canadian privacy laws. We may request sufficient information to verify the identity of the individual before fulfilling any access or correction request.

‍

Where an individual demonstrates that their personal information is inaccurate or incomplete, we will take reasonable steps to correct or update the information as appropriate. Where applicable, we may also communicate such corrections to third parties to whom the information has been disclosed.

‍

In certain circumstances, access to personal information may be limited or denied where permitted or required by law, including where the information contains references to other individuals, is subject to legal privilege, or cannot be disclosed for legal, security, or commercial reasons. Where access is denied, we will provide reasons for the refusal, subject to legal restrictions.

‍

Requests for access or correction of personal information may be submitted to our Privacy Officer using the contact details set out in this Privacy Policy.

‍

14. MARKETING COMMUNICATIONS AND OPT-OUT

We may use personal information to send marketing and promotional communications relating to our Services, updates, offers, or other information that may be of interest, in accordance with applicable laws, including Canada’s Anti-Spam Legislation (CASL).

‍

Where required, we obtain consent prior to sending commercial electronic messages. Such consent may be express (e.g., through subscription forms or opt-in checkboxes) or implied, where permitted by law and in the context of an existing business relationship.

‍

Individuals have the right to opt out of receiving marketing communications at any time. This may be done by:

1. Clicking the “unsubscribe” link included in our email communications; or
2. Contacting us directly using the contact details provided in this Privacy Policy.

‍

Upon receiving an opt-out request, we will take reasonable steps to ensure that the individual is removed from our marketing distribution lists within a reasonable timeframe, subject to applicable legal requirements. 

‍

Please note that even where an individual opts out of marketing communications, we may continue to send transactional or service-related communications where necessary, including communications relating to ongoing services, billing, or contractual obligations.

‍

15. COMMUNICATIONS (CALLS AND SMS)

We may use personal information, including telephone numbers, to communicate with individuals in connection with the provision of our Services and the operation of our business. Such communications may include telephone calls and text messages (SMS), including messages sent manually or through automated systems where applicable.

These communications may be used for purposes such as service coordination, appointment scheduling and reminders, dispatch updates, job-related notifications, customer support, and, where consent has been obtained, marketing and promotional communications.

‍

By providing a telephone number and engaging with our Services, individuals consent to receiving communications from us via telephone and SMS for the purposes described above, in accordance with applicable laws, including Canada’s Anti-Spam Legislation (CASL). Where required, express consent will be obtained prior to sending marketing or promotional messages.

‍

Individuals may opt out of receiving SMS communications at any time by following the instructions provided in the message, including replying “STOP” where applicable, or by contacting us using the details set out in this Privacy Policy. Opting out of certain communications may affect our ability to provide Services or respond to requests where such communications are operationally necessary.

‍

We do not sell or share telephone numbers or related personal information with third parties for their own marketing or promotional purposes. Any disclosure of such information to service providers is limited to what is necessary to support our communications and service delivery functions and is subject to appropriate safeguards. Standard message and data rates may apply to communications sent via SMS, depending on the individual’s mobile service provider.

‍

16. DATA BREACH AND INCIDENT RESPONSE

We maintain policies and procedures to address the unauthorised access to, loss of, or disclosure of personal information (a “data breach”) in accordance with applicable Canadian privacy laws.

‍

In the event of a data breach involving personal information under our control, we will take reasonable steps to:

1. Contain and assess the incident, including identifying the nature and scope of the breach;
2. Mitigate any potential harm to affected individuals; and
3. Determine whether the breach creates a real risk of significant harm, as defined under applicable law.

‍

Where a breach meets the applicable legal threshold, we will provide notification to affected individuals and, where required, to the Office of the Privacy Commissioner of Canada or other relevant authorities, in accordance with legal requirements.

‍

We also maintain records of data breaches as required under applicable law.

‍

Individuals who have reason to believe that their personal information may have been compromised are encouraged to contact us promptly using the contact details provided in this Privacy Policy.

‍

17. THIRD-PARTY WEBSITES AND EXTERNAL LINKS

Our website or communications may contain links to third-party websites, services, or platforms that are not owned or controlled by Knights of Repair. These links are provided for convenience and informational purposes only.

‍

We do not have control over, and are not responsible for, the privacy practices, policies, or content of such third-party websites or services. Any personal information that individuals provide to third parties is subject to the privacy policies of those third parties and not this Privacy Policy.

‍

We encourage individuals to review the privacy policies and terms of use of any third-party websites or services before providing personal information or engaging with them.

‍

The inclusion of any links to third-party websites does not imply endorsement, approval, or responsibility for the content or practices of those websites.

‍

18. CHILDREN’S PRIVACY

Our Services are not directed to individuals under the age of majority in their jurisdiction, and we do not knowingly collect personal information from children or minors.

‍

If we become aware that personal information has been inadvertently collected from a minor without appropriate consent, we will take reasonable steps to delete such information as soon as practicable, in accordance with applicable legal requirements.

‍

Parents or legal guardians who believe that a minor has provided personal information to us without their consent are encouraged to contact us using the contact details provided in this Privacy Policy, and we will take appropriate steps to investigate and address the matter.

‍

19. CHANGES TO THIS PRIVACY POLICY

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs.

‍

Any updates to this Privacy Policy will be posted on our website, and the “Last Updated” date at the top of this Policy will be revised accordingly. Changes will become effective as of the updated date unless otherwise specified.

We encourage individuals to review this Privacy Policy periodically to stay informed about how we collect, use, and protect personal information.

‍

Where required by applicable law, we will provide additional notice or obtain consent in relation to material changes affecting the handling of personal information.

‍

20. GOVERNING LAW

This Privacy Policy and any matters arising out of or relating to the collection, use, or disclosure of personal information shall be governed by and construed in accordance with the laws of the Province of Ontario and the federal laws of Canada applicable therein.

‍

Any disputes relating to privacy matters shall be subject to the exclusive jurisdiction of the courts located in the Province of Ontario, Canada, unless otherwise required by applicable law.

‍

21. ADDITIONAL JURISDICTIONAL CONSIDERATIONS

While Knights of Repair operates primarily within Canada, our Services may be accessed or used by individuals located in other jurisdictions, including the United States.

‍

Where personal information is collected, used, or disclosed in connection with individuals located outside Canada, such information may be subject to the laws of those jurisdictions. We take reasonable steps to handle personal information in a manner consistent with the principles set out in this Privacy Policy and applicable Canadian privacy laws; however, individuals acknowledge that the legal protections applicable to their personal information may differ depending on their location.

‍

Nothing in this Privacy Policy is intended to create rights or obligations beyond those provided under applicable laws. Where specific rights are granted to individuals under the laws of their jurisdiction, such rights shall apply to the extent required by law.

‍

Individuals accessing our Services from outside Canada do so on their own initiative and are responsible for ensuring that their use of our Services complies with applicable local laws.

‍

This Privacy Policy is effective as of 21/04/2026.