Privacy Policy

Last Update: October 18, 2025

At Aidi ("we", "us", "our"), the trust of our clients is paramount. This privacy policy transparently explains how we collect, use, and protect information in the course of providing our project and portfolio management platform (the "Service").

Our commitment is to collect only the professional information strictly necessary for the proper functioning of the Service.

1. Privacy Officer

In accordance with applicable legislation, Aidi has designated a Privacy Officer to oversee compliance with this policy. For any questions or to exercise your rights, you may contact them at:

Marc Parenteau, CEO
3970 Saint-Ambroise Street, Suite 400, Montreal, QC H4C 2C7, Canada
Email: marc.parenteau@aidi.io

2. Information We Collect

We limit our collection to the professional information required to create and manage user accounts and ensure the functionality of the Service. This does not include sensitive personal information but rather professional contact details.

  • Information Provided by Users: When creating an account, we collect the first name, last name, professional email address, and professional phone number of authorized users.
  • Data Uploaded by the Client ("Customer Data"): The client and its users upload data related to their projects (budgets, contracts, schedules, etc.). The client is responsible for ensuring that no sensitive personal information is included in this data.
  • Usage Data: We collect technical information on how you interact with our Service (modules used, IP addresses, browser type) to improve the performance and security of the platform.

3. How We Use Your Information

The professional information collected is used exclusively for the following purposes:

  • To Provide, Maintain, and Improve the Service: To manage user accounts, provide technical support, and develop new features.
  • For Security: To protect the integrity of our Service and Customer Data, including by monitoring for unauthorized access.
  • For Communications: To send you important information regarding the Service, such as maintenance notices or security updates.

4. Information Sharing and Disclosure

The confidentiality of your data is a priority. We do not sell or rent your information.

  • Service Providers (Sub-processors): We use third-party providers for essential services like data hosting and application performance monitoring. These providers are subject to strict confidentiality obligations and only have access to information to perform their mandated tasks. A list of our sub-processors is available to our clients.
  • Data Hosting in Canada: For our Canadian customers, we are committed to ensuring all Customer Data is stored, processed, and hosted exclusively within Canada.
  • Legal Obligations: We may be required to disclose information if required by law or to respond to a valid legal request from a public authority.

5. Security of Your Data

We have implemented robust administrative, physical, and technical security measures to protect your data, in line with the highest industry standards, such as those of SOC 2.

  • Encryption: All data is encrypted in transit and at rest using industry-standard technologies.
  • Access Management: Access to Customer Data is strictly controlled and limited to authorized personnel with a legitimate business need.

6. Your Rights Regarding Your Information

In accordance with Quebec's Law 25, you have the following rights concerning your professional information:

  • Right of Access and Rectification: You may request access to the information we hold about you and request its correction if it is inaccurate.
  • Right to Withdraw Consent: You may withdraw your consent to the use of your information, which may, however, limit your ability to use the Service.
  • Right to Data Portability: Upon request, we will provide you with the professional data you have provided to us in a structured, commonly used format.

To exercise these rights, please contact our Privacy Officer.

7. Data Retention

We retain your professional information for the duration of your subscription. Following the termination of your agreement, you will have a 30-day period to retrieve your Customer Data, after which it will be securely deleted from our systems.

8. Changes to This Policy

We may update this policy from time to time. We will inform you of any significant changes by email or through a notice on our platform. The effective date at the top of the page will indicate the date of the last revision.