Jones Blacksmith ("Jones Blacksmith", "we", "us", or "our") is committed to protecting the privacy of everyone who visits our website or uses our business technology services. This Privacy Policy explains what personal information we collect, why we collect it, how we use and safeguard it, and the choices and rights available to you.
Template notice — replace before publishing. This document is a structural template. The legal entity name, registered address, retention periods, the names of third-party processors, and your supervisory authority all need to be confirmed and reviewed by a qualified privacy lawyer for your jurisdiction (British Columbia / Canada under PIPEDA and BC PIPA, plus the EU/UK GDPR where you serve those visitors).
Scope of this policy
This policy applies to personal information collected through our website, our contact and enquiry forms, email and telephone communications, and the delivery of our business technology services — including business phone plans, internet security, managed cybersecurity, and enterprise solutions.
It does not apply to third-party websites, products, or services that may be linked from our site. We encourage you to review the privacy policies of any third party before providing them with your information.
Information we collect
We collect information in three ways: information you provide directly, information collected automatically, and information received from third parties.
Information you provide to us
- Contact details — your name, business name, business address, email address, and telephone number, typically submitted through our enquiry or pop-up contact forms.
- Enquiry content — the message and any details you choose to include when you ask us about a service.
- Service and account information — information needed to scope, deliver, and support the services you engage us for.
Information collected automatically
- Device and usage data — IP address, browser type, operating system, referring pages, and the pages you view on our site.
- Cookies and similar technologies — see Cookies & tracking and our dedicated cookie notice for the full detail.
Information from third parties
We may receive limited information from our service partners, referral sources, or publicly available business directories where relevant to a current or prospective engagement.
How we use your information
We use personal information only for purposes that are clear, limited, and consistent with this policy:
- To respond to your enquiries and provide the information or quotes you request.
- To deliver, manage, support, and improve the services you engage us for.
- To communicate with you about your account, service updates, and important notices.
- To send marketing communications where you have consented, with an option to unsubscribe at any time.
- To maintain the security and integrity of our website, systems, and services.
- To comply with legal, regulatory, and contractual obligations.
Legal bases for processing
Where the EU or UK GDPR applies, we rely on one or more of the following legal bases when we process your personal information:
| Legal basis | When we rely on it |
|---|---|
| Consent | Marketing communications and non-essential cookies. You may withdraw consent at any time. |
| Contract | Processing necessary to provide a service you have requested or entered into with us. |
| Legitimate interests | Responding to enquiries, securing our systems, and improving our services — balanced against your rights. |
| Legal obligation | Retaining records and responding to lawful requests where the law requires it. |
Sharing & disclosure
We do not sell your personal information. We share it only in the limited circumstances below:
- Service providers and partners — vendors who help us operate our business, such as hosting, communications, and the technology partners through whom we deliver client solutions. These parties are bound to use your information only as instructed.
- Professional advisers — accountants, auditors, and lawyers, where reasonably necessary.
- Legal and regulatory authorities — where we are required to disclose information by law or to protect our rights, safety, or property.
- Business transfers — in connection with a merger, acquisition, or sale of assets, subject to the protections in this policy.
Cookies & tracking technologies
We use cookies and similar technologies to operate our website, remember your preferences, understand how the site is used, and — where you consent — support marketing. Essential cookies are always active because the site cannot function without them; all other categories require your consent.
You can review and change your choices at any time through our cookie preferences panel. For full detail on the categories we use, see our Cookie Notice.
Data retention
We keep personal information only for as long as necessary to fulfil the purposes described in this policy, including any legal, accounting, or reporting requirements. When information is no longer needed, we securely delete or anonymise it.
To confirm: insert your actual retention periods here — for example, how long enquiry records, client service records, and accounting records are kept. These should reflect your real practices and applicable law.
How we protect your information
As a business technology and cybersecurity provider, safeguarding data is central to what we do. We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorised access, loss, misuse, or alteration. These include access controls, encryption in transit, monitoring, and staff training.
No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. If we become aware of a personal data breach that affects you, we will notify you and the relevant authorities as required by law.
Your privacy rights
Depending on where you live, you may have some or all of the following rights regarding your personal information:
- Access — request a copy of the personal information we hold about you.
- Correction — ask us to correct information that is inaccurate or incomplete.
- Deletion — ask us to delete your personal information, subject to legal exceptions.
- Restriction and objection — ask us to limit or stop certain processing, including direct marketing.
- Portability — receive your information in a portable, machine-readable format.
- Withdraw consent — withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us using the details below. We will respond within the timeframe required by applicable law. You also have the right to complain to your data protection authority — in Canada, the Office of the Privacy Commissioner; in the EU, your local supervisory authority.
International data transfers
We are based in Canada, and the service providers we work with may process information in other countries. Where personal information is transferred across borders, we take steps to ensure it remains protected by appropriate safeguards, such as standard contractual clauses or equivalent measures recognised under applicable law.
Children's privacy
Our website and services are intended for businesses and are not directed at children. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "last updated" date above and, where appropriate, provide a more prominent notice. We encourage you to review this page periodically.
Contact us
If you have questions about this Privacy Policy, or wish to exercise your rights, please get in touch: