DigiRegs - Privacy Policy

PRIVACY POLICY

Last Updated: 2025-12-16

This Privacy Policy (“Policy”) explains how DigiRegs Services Inc. (“Company,” “we,” “us,” or “our”) collects, uses, stores, and discloses personal information when Clients and their users interact with our automated, API-based content moderation platform (the “Services”).

By creating an account, accessing the API, or submitting data to the Services, the Client (“Client,” “you”) agrees to the practices described in this Policy.

1. Scope of this Policy

	1.1 This Policy applies to:
		a. personal information collected from Clients who create accounts;
		b. personal information transmitted by Clients through the API for automated processing; and
		c. technical and usage information collected during access to the Services.

	1.2 This Policy does not apply to:
		a. third-party websites or systems integrated by the Client;
		b. content or data collected directly by the Client from its users; or
		c. any processing that the Client performs independently of the Services.

	1.3 The Client is responsible for ensuring that its data submission practices comply with all applicable privacy laws.

2. Information We Collect
	2.1 Client Account Information

We collect information provided during registration or account management, including:
		a. name, organization, and contact details;
		b. billing and payment information;
		c. login credentials; and
		d. communications sent to support or sales channels.

	2.2 Information Submitted Through the API

The Client may transmit content or data for automated analysis, including:
		a. text, images, metadata, or URLs;
		b. user-generated content (“UGC”);
		c. identifiers or attributes provided by the Client;
		d. optional supplementary context or labels; and
		e. any other information the Client chooses to submit.

The Client determines the nature, scope, and legality of all submitted data.

	2.3 Technical and Usage Information

We automatically collect:
		a. IP address;
		b. device or API client information;
		c. timestamps related to API requests;
		d. system performance metrics;
		e. error logs and diagnostic data; and
		f. general analytics related to Service operation.

3. How We Use Personal Information

We use personal information to:
		a. operate, maintain, and improve the Services;
		b. authenticate users and manage accounts;
		c. process payments and billing;
		d. detect misuse, fraud, or technical issues;
		e. provide support and communicate with Clients;
		f. comply with legal obligations; and
		g. enforce the Company’s Terms & Conditions.

We do not use Client-submitted data to train public models unless expressly agreed to in writing.

4. Legal Basis for Processing (GDPR-Compatible Framework)

When applicable, we rely on:
		a. performance of contract (providing the Services);
		b. legitimate interests (security, troubleshooting, product improvement);
		c. compliance with legal obligations; and
		d. Client consent where required.

5. Data Retention

	5.1 The Company retains personal information only for as long as necessary to:
		a. deliver the Services;
		b. meet legal or regulatory requirements;
		c. resolve disputes;
		d. prevent fraud; and
		e. protect the Company’s interests.

	5.2 API-submitted content is retained by the Company because such data is essential and integral to reporting, analytics, service performance evaluation, and ongoing operational requirements. API-submitted content will not be retained longer than necessary for these purposes unless:
		a. the Client enables optional extended logging or archival features; or
		b. retention is required for troubleshooting, review, quality assurance, or security purposes; or
		c. retention is required for compliance with legal obligations or to protect the Company’s legitimate business interests; or
		d. retention is necessary to generate, maintain, or validate reporting provided to or made available for the Client.

6. Data Security

	6.1 The Company implements administrative, technical, and physical safeguards including:
		a. encryption of data in transit and at rest;
		b. access controls and authentication measures;
		c. secure server infrastructure; and
		d. routine security reviews and monitoring.

	6.2 The Client is responsible for:
		a. protecting its API keys;
		b. securing Client-side integrations; and
		c. ensuring that unauthorized parties do not access the Services.

	6.3 No system can guarantee absolute security. The Client assumes responsibility for the security of data before submission.

7. Disclosure of Information

	7.1 We do not sell personal information.

	7.2 We may disclose information to:
		a. trusted service providers who support hosting, billing, analytics, or infrastructure;
		b. legal authorities when required by law;
		c. parties involved in corporate transactions such as mergers or acquisitions; and
		d. the Client, regarding its own account or usage.

	7.3 All third-party service providers are bound by confidentiality and data protection obligations.

8. International Transfers

	8.1 Personal information may be processed or stored in jurisdictions including:
		a. Canada;
		b. the United States; and
		c. any region where the Company’s service providers operate.

	8.2 In all cases, we apply safeguards consistent with British Columbia’s Personal Information Protection Act (PIPA) and internationally recognized privacy principles.

9. Client Responsibilities for Personal Information

The Client is solely responsible for:
		a. determining the legality of collecting and transmitting user data;
		b. providing appropriate privacy notices and obtaining any required consents from users;
		c. ensuring that only necessary and relevant information is submitted to the API;
		d. complying with applicable privacy and data protection laws; and
		e. managing their users’ access, deletion, or correction requests.

10. Access, Correction, and Deletion Requests

Individuals may request:
		a. access to their personal information;
		b. correction of inaccuracies; and
		c. deletion of certain information when permitted by law.

All requests must be submitted to:
support@digiregs.net

We will respond within timelines required by PIPA and other applicable laws.

11. Children’s Information

	11.1 The Services are not directed toward children.
	11.2 The Company does not knowingly collect personal information from children.
	11.3 The Client must ensure compliance with age-related legal requirements.

12. Retention and Deletion Upon Termination

	12.1 Upon account closure, the Company may:
		a. delete or anonymize account data;
		b. retain necessary information for legal or audit purposes; and
		c. preserve logs as required for security and fraud prevention.

	12.2 API-submitted data will be deleted or anonymized unless retention is required for:
		a. compliance with law;
		b. resolving disputes; or
		c. preventing or investigating abuse.

13. Third-Party Services

The Client acknowledges that:
		a. third-party integrations are outside the Company's control;
		b. their use is subject to third-party privacy policies; and
		c. the Company bears no responsibility for third-party data handling practices.

14. Changes to this Policy

	14.1 The Company may update this Policy at any time.
	14.2 Updates take effect upon posting.
	14.3 Continued use of the Services constitutes acceptance of any changes.

15. Contact Information

For privacy matters, inquiries may be directed to:

DigiRegs Services Inc.
Email: support@digiregs.net