1. INTRODUCTION

RAXO Group Inc. ("RAXO," "we," "us," or "our") is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you:

Visit our website (raxogroup.ca)
Request quotes or service information
Enter into service agreements with us
Interact with us as a client, vendor, or business contact

This policy applies to personal information collected in Canada and is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation in Manitoba.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

2. SCOPE AND APPLICATION

2.1 Who This Policy Covers

This Privacy Policy applies to:

Prospective clients requesting quotes or information
Active clients receiving commercial cleaning services
Facility contacts (building managers, property managers, authorized representatives)
Website visitors browsing raxogroup.ca
Vendors and suppliers with whom we do business

2.2 Business-to-Business Context

We primarily provide services to businesses and commercial entities. In some circumstances, "business contact information" may be excluded from PIPEDA when collected, used, or disclosed solely to communicate with an individual in relation to their employment, business, or profession. However, we still apply appropriate safeguards and handle business contact information responsibly.

3. DEFINITIONS

"Personal Information" means information about an identifiable individual, including but not limited to name, email address, phone number, business title, and facility details.

"Client" means any business, organization, or entity that has entered into a service agreement with RAXO.

"Authorized Contact" means an individual designated by a Client to communicate with RAXO regarding service matters.

"Service Information" means information related to the provision of cleaning services, including facility details, access arrangements, service schedules, and quality documentation.

4. INFORMATION WE COLLECT

4.1 Information You Provide Directly

When you request a quote, schedule a walkthrough, or become a client, we may collect:

Contact Information:

Full name
Job title/role
Business name/organization
Email address
Phone number(s)
Business address

Facility Information:

Building/facility address
Square footage and layout details
Facility type (office, medical clinic, property management, etc.)
Specific cleaning requirements and preferences
Access information (hours, key/code requirements)
Special considerations (allergens, sensitive areas, etc.)

Service-Related Information:

Service schedules and frequencies
Quality inspection results
Incident reports and corrective actions
Communication history (emails, phone calls, site visit notes)
Billing and payment information
Insurance certificate requests and documentation

Site-Specific Documentation:

Site condition assessments
Safety Data Sheet (SDS) access logs (when required by client)
Facility-specific protocols or requirements

4.2 Information Collected Automatically

When you visit our website, we may automatically collect:

Technical Information:

IP address (used briefly for geolocation, then discarded by analytics tools)
Browser type and version
Device type and operating system
Pages visited and time spent on pages
Referring website/source
Date and time of visit
Approximate location (derived from network information)

Cookies and Tracking Technologies:

We use essential cookies for website functionality and analytics cookies to understand website usage. For more information, see Section 11 (Cookies and Tracking Technologies).

4.3 Information from Third Parties

We may receive personal information from:

Clients: When they provide contact information for facility managers, building representatives, or other authorized contacts
Property management companies: When they provide tenant or building contact information
Referral partners: When they introduce prospective clients (with appropriate consent)
Service providers: Such as accounting, legal, or insurance providers acting on our behalf

5. HOW WE USE PERSONAL INFORMATION

5.1 Primary Purposes

We use personal information for the following purposes:

Quote and Proposal Development:

Responding to service inquiries
Conducting site walkthroughs and assessments
Preparing customized proposals and service matrices
Providing pricing and contract terms

Service Delivery:

Coordinating service schedules and site access
Performing commercial cleaning services per contract terms
Conducting quality inspections and documentation
Managing key and access control systems
Responding to service requests and concerns
Providing incident response and corrective actions

Client Communication:

Sending service confirmations and updates
Providing inspection reports and documentation
Addressing questions, concerns, or complaints
Coordinating schedule changes or service modifications

Compliance and Documentation:

Maintaining records for compliance with service agreements
Providing documentation for client audits (safety, quality, compliance)
Retaining records as required by law or regulation
Supporting insurance claims or WCB reporting if required

Business Operations:

Processing payments and managing accounts
Maintaining customer relationship management (CRM) records
Training staff on facility-specific requirements
Improving service quality and processes

Website Analytics:

Understanding how visitors use our website
Improving site performance, navigation, and content
Analyzing traffic patterns and user behavior

Legal and Safety Obligations:

Complying with legal obligations (WCB, CRA, insurance requirements)
Protecting the safety and security of our staff and your facility
Investigating incidents or allegations
Defending against legal claims

We collect, use, and disclose personal information only with your consent, except where permitted or required by law. Consent may be express (written or verbal) or implied based on the circumstances.

Express Consent: When you submit a contact form, sign a service agreement, or explicitly authorize us to share information with specific parties, you provide express consent.

Implied Consent: When you provide your business contact information in the context of requesting a quote, we reasonably infer consent to use that information for quote preparation and follow-up.

Withdrawal of Consent: You may withdraw consent at any time, subject to legal or contractual restrictions. Withdrawal may affect our ability to provide services. Contact us at info@raxogroup.ca to withdraw consent.

We do not sell personal information to third parties for marketing purposes. We may share personal information only in the following circumstances:

With Your Consent:

When you authorize us to share information with building management, property managers, or other facility representatives
When you request that we coordinate with specific contacts or vendors

Service Providers:

Accounting and bookkeeping services (for billing and payment processing)
Insurance providers (to maintain coverage and process claims)
Legal counsel (for contract review or legal matters)
Technology providers (website hosting, email services, CRM software, analytics providers)

All service providers are contractually obligated to maintain confidentiality and use personal information only for specified purposes.

Business Transfers:

In the event of a merger, acquisition, sale of assets, or business transition, personal information may be transferred to the acquiring entity. We will provide notice and ensure continued protection of personal information.

Legal Requirements:

We may disclose personal information when required or permitted by law, including:

In response to a court order, subpoena, or legal process
To comply with regulatory requirements (WCB Manitoba, CRA, health authorities)
To protect the rights, property, or safety of RAXO, our clients, or the public
To investigate fraud, security issues, or violations of our terms of service

6.2 Client-Authorized Contacts

When providing services, we may communicate with individuals you designate as authorized contacts (facility managers, property managers, building superintendents, etc.). By providing their contact information, you represent that you have authority to do so and that they have been informed of our privacy practices.

6.3 Subcontractors and Referral Partners

In limited circumstances, we may engage subcontractors or refer clients to specialty service partners (e.g., carpet extraction, floor stripping). We share only the information necessary for service coordination and require all partners to maintain confidentiality.

7. DATA RETENTION

7.1 Retention Periods

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, or as required by law.

Prospective Clients (Quote Requests):

Contact information and quote details: Up to 2 years from last contact
After this period, information is securely deleted unless you become a client

Active Clients:

Service records, communication history, and facility documentation: Duration of service agreement plus 7 years
Financial records (invoices, payments): 7 years (as required by CRA)

Former Clients:

Essential service records: 7 years from contract termination
After 7 years, records are securely destroyed unless legal holds apply

Legal and Safety Records:

Incident reports, WCB claims, insurance documentation: As required by applicable regulations (typically 7-10 years)

Website Analytics Data:

We configure Google Analytics user-level data retention to the shortest period that meets our analytical needs (typically 2-14 months, depending on data type and configuration).

7.2 Secure Destruction

When personal information is no longer required, we securely destroy it using methods appropriate to the sensitivity and format:

Paper records: Shredding or secure disposal
Electronic records: Secure deletion or de-identification

8. YOUR PRIVACY RIGHTS

Under Canadian privacy law (PIPEDA), you have the following rights regarding your personal information:

8.1 Right to Access

You have the right to request access to the personal information we hold about you. We will provide this information in an understandable format within 30 days of your request (or notify you if an extension is needed).

How to Request: Email info@raxogroup.ca with "Access Request" in the subject line.

8.2 Right to Correction

If you believe personal information we hold about you is inaccurate or incomplete, you may request correction. We will correct or annotate records as appropriate.

8.3 Right to Withdraw Consent

You may withdraw consent for certain uses of personal information at any time, subject to legal or contractual restrictions. Note that withdrawal may affect our ability to provide services.

8.4 Right to File a Complaint

If you have concerns about our privacy practices, you may file a complaint with:

Office of the Privacy Commissioner of Canada
Email: info@priv.gc.ca
Phone: 1-800-282-1376
Website: priv.gc.ca

We encourage you to contact us first at info@raxogroup.ca so we can address your concerns directly.

9. SECURITY MEASURES

9.1 Administrative Safeguards

Privacy training: Staff receive training on privacy obligations and handling personal information
Access controls: Personal information is accessible only to employees who need it to perform their duties
Confidentiality agreements: All employees and contractors sign confidentiality agreements

9.2 Technical Safeguards

Encryption: Sensitive data transmitted electronically is encrypted (e.g., contact forms use SSL/TLS)
Password protection: Electronic records are password-protected with strong authentication
Secure storage: Digital files are stored on secure, password-protected systems with regular backups
Website security: Our website uses industry-standard security measures (HTTPS, secure hosting)

9.3 Physical Safeguards

Secure facilities: Paper records containing personal information are stored in locked filing cabinets
Controlled access: Only authorized personnel have access to areas where personal information is stored
Document disposal: Paper records are shredded when no longer required

9.4 Breach Notification

In the event of a privacy breach that poses a real risk of significant harm, we will:

Notify affected individuals as soon as feasible
Notify the Privacy Commissioner of Canada as required by law
Take steps to mitigate harm and prevent future breaches

We maintain records of all breaches of security safeguards for at least 24 months, as required by applicable law.

10. SITE ACCESS AND KEY MANAGEMENT

10.1 Access Information

As part of service delivery, clients provide us with facility access information (keys, access codes, security procedures). This information is treated as highly confidential and:

Stored securely with restricted access
Used only for authorized service delivery
Not shared with unauthorized parties
Returned or deleted upon contract termination

10.2 Key and Code Logs

We maintain logs of key and access code assignments to ensure accountability. These logs are retained in accordance with our retention policy and client security requirements.

11. COOKIES AND TRACKING TECHNOLOGIES

11.1 Essential Cookies

Our website uses essential cookies required for basic functionality (session management, security, form submissions). These cookies do not track personal information and are necessary for the website to operate properly. Disabling essential cookies may affect website functionality.

11.2 Analytics (Google Analytics)

We use Google Analytics (including Google Analytics 4) to understand how visitors use our website and to improve site performance and content. Google Analytics collects information such as:

Pages visited and time spent on pages
Referring/exit pages
Approximate location (derived from network information)
Device and browser information

IP Address Handling: Google Analytics 4 does not log or store IP addresses in Analytics reporting. IP addresses may be used briefly for geolocation and then discarded.

Cookies Used: Google Analytics typically uses cookies (e.g., "_ga" and related cookies) to distinguish users and sessions. These are analytics cookies and are not required for the website to function.

Your Choices:

Manage cookies: You can manage cookie preferences through your browser settings
Opt out of Google Analytics: Install Google's Analytics Opt-out Browser Add-on

For more information about how Google uses data, visit: How Google uses information from sites or apps that use our services

11.3 No Advertising or Tracking Cookies

We do not use advertising cookies or third-party tracking technologies for marketing or behavioral advertising purposes.

12. THIRD-PARTY LINKS

Our website may contain links to third-party websites (e.g., insurance provider portals, regulatory agencies, Google Analytics opt-out tools). We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies before providing personal information.

13. CHANGES TO THIS PRIVACY POLICY

13.1 Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. Updates will be posted on this page with a revised "Last Reviewed" date.

13.2 Material Changes

If we make material changes that significantly affect how we use or disclose personal information, we will:

Notify active clients by email or written notice
Post a prominent notice on our website
Obtain renewed consent where required by law

13.3 Review Schedule

We review this Privacy Policy annually (or more frequently if necessary) to ensure it remains current and compliant.

14. CHILDREN'S PRIVACY

Our services are intended for businesses and commercial facilities. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware that we have inadvertently collected such information, we will delete it promptly.

15. INTERNATIONAL DATA TRANSFERS

RAXO operates exclusively in Canada (Manitoba). However, we may use service providers that process or store information outside Canada (for example, website hosting, email systems, CRM tools, and analytics providers such as Google). We assess providers and use contractual and other safeguards appropriate to the sensitivity of the information.

Personal information is not transferred outside of Canada except:

When using service providers with servers in other jurisdictions (in which case we ensure appropriate safeguards are in place)
As required by law or with your explicit consent

16. CONTACT INFORMATION AND COMPLAINTS

16.1 Privacy Officer

For questions, concerns, or complaints about this Privacy Policy or our privacy practices, contact:

RAXO Group Inc. - Privacy Officer
Email: info@raxogroup.ca
Phone: (204) 202-4048
Mail: Unit 1 – 763 Henderson Hwy, Winnipeg, MB R2K 2K7, Canada

16.2 Complaint Process

If you have a privacy concern:

Contact us: Email info@raxogroup.ca with "Privacy Concern" in the subject line
We will respond: Within 10 business days to acknowledge receipt
Investigation: We will investigate and respond with findings within 30 days
Resolution: We will take appropriate corrective action if a breach is confirmed

If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada (contact information in Section 8.4).

17. GOVERNING LAW

This Privacy Policy is governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), applicable Manitoba privacy legislation, and the laws of the Province of Manitoba and Canada.

18. CONSENT AND ACKNOWLEDGMENT

By using our website, requesting quotes, or entering into a service agreement with RAXO Group Inc., you acknowledge that:

You have read and understood this Privacy Policy
You consent to the collection, use, and disclosure of personal information as described herein
You understand your rights and how to exercise them

END OF PRIVACY POLICY