C-BAND MAILBOX, a Canadian corporation operating under C-Band Digital Innovations ("C-Band Mailbox", "we", "us", or "our") is committed to protecting your privacy and personal information. This Privacy Policy ("Policy") explains how we collect, use, disclose, retain, and safeguard your personal information when you access or use our website (cbandmailbox.com), our digital mail management platform (the "Platform"), or any related products, services, or applications (collectively, the "Services").

This Policy applies to all users of our Services, including Mailbox Renters ("Renters"), Mail Center Operators ("Operators"), and visitors to our website. By accessing or using any of our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Policy, please do not use our Services.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of material changes by posting the revised Policy on our website and updating the "Last Updated" date. Your continued use of our Services after such changes constitutes acceptance of the revised Policy.

2.1 Personal Information. We collect personal information that identifies, relates to, describes, or is reasonably capable of being associated with you ("Personal Information"). This may include: (a) Identity Information: name, email address, phone number, mailing address, date of birth, government-issued identification documents (e.g., driver's license, passport), and other information you provide during account registration or identity verification; (b) Financial Information: payment card details, billing address, bank account information (for check deposits), and transaction history; (c) Service Usage Information: mailbox preferences, mail scanning requests, forwarding addresses, shredding instructions, and other service-related data; (d) Communication Information: correspondence with our support team, feedback, survey responses, and promotional preferences; and (e) Technical Information: IP address, device identifiers, browser type, operating system, and usage analytics.

2.2 Information from Operators. When you use our Services through a Mail Center Operator, the Operator may collect and share with us Personal Information necessary to provide mailbox services, including identity verification documents, mail handling instructions, and service preferences.

2.3 Automatically Collected Information. We automatically collect certain information when you use our Services, including: (a) Log Data: server logs, access times, pages viewed, and actions taken; (b) Device Information: device type, operating system, browser version, and screen resolution; (c) Location Data: general geographic location (city/country level) derived from IP address; and (d) Cookies and Tracking Technologies: as described in Section 9 below.

We use your Personal Information for the following purposes:

3.1 Service Delivery: (a) to provide, operate, maintain, and improve our Services; (b) to process your registration, verify your identity, and manage your account; (c) to enable Operators to receive, scan, digitize, forward, shred, or otherwise handle your mail in accordance with your instructions; (d) to process payments, manage subscriptions, and handle billing inquiries; and (e) to communicate with you about your account, service updates, and important notices.

3.2 Legal and Compliance: (a) to comply with applicable laws, regulations, and legal processes (including postal regulations, anti-money laundering requirements, and identity verification obligations); (b) to respond to lawful requests from government authorities, courts, or regulatory bodies; (c) to enforce our Terms & Conditions and protect our rights, property, or safety; and (d) to investigate and prevent fraud, security threats, or illegal activities.

3.3 Business Operations: (a) to analyze usage patterns, improve user experience, and develop new features; (b) to conduct research, analytics, and business intelligence; (c) to send marketing communications (with your consent where required by law); (d) to personalize content and recommendations; and (e) to manage our business relationships with Operators and service providers.

We do not sell, rent, or trade your Personal Information to third parties for their marketing purposes. We may share your Personal Information in the following circumstances:

4.1 With Mail Center Operators: We share your Personal Information with the Operator(s) you select to enable them to provide mailbox services. Operators are contractually required to protect your Personal Information and use it solely for service delivery purposes.

4.2 With Service Providers: We engage trusted third-party service providers who perform services on our behalf, including: (a) cloud hosting and infrastructure providers; (b) payment processors and financial institutions; (c) email and communication service providers; (d) analytics and marketing platforms; (e) customer support tools; and (f) identity verification services. These providers are contractually bound to protect your Personal Information and may only use it for the purposes we specify.

4.3 For Legal and Regulatory Reasons: We may disclose Personal Information: (a) to comply with applicable laws, regulations, court orders, or legal processes; (b) to respond to lawful requests from government authorities or regulatory bodies; (c) to enforce our Terms & Conditions or protect our rights, property, or safety; (d) to investigate or prevent fraud, security threats, or illegal activities; or (e) in connection with legal proceedings or disputes.

4.4 Business Transfers: In the event of a merger, acquisition, reorganization, sale of assets, or other business transaction, your Personal Information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your Personal Information.

4.5 With Your Consent: We may share your Personal Information for any other purpose disclosed to you at the time of collection, or with your explicit consent.

5.1 Security Measures. We implement industry-standard technical, administrative, and physical safeguards to protect your Personal Information against unauthorized access, disclosure, alteration, or destruction. These measures include: (a) encryption of data in transit (TLS/SSL) and at rest; (b) access controls and authentication mechanisms; (c) regular security audits and vulnerability assessments; (d) employee training on data protection and privacy; (e) secure data centers and infrastructure; and (f) incident response and breach notification procedures.

5.2 Access Restrictions. Access to Personal Information is restricted to authorized employees, contractors, and service providers who need such information to perform their duties. All such individuals are bound by confidentiality and data protection obligations.

5.3 No Guarantee of Absolute Security. While we strive to protect your Personal Information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we will promptly notify you and relevant authorities if we become aware of a security breach that may affect your Personal Information.

Under the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable Canadian privacy laws, you have the following rights:

6.1 Right to Access: You have the right to request access to the Personal Information we hold about you, including information about how we collect, use, and disclose your information.

6.2 Right to Correction: You have the right to request correction of inaccurate, incomplete, or outdated Personal Information.

6.3 Right to Withdraw Consent: Where we rely on your consent to process Personal Information, you have the right to withdraw your consent at any time, subject to legal or contractual restrictions.

6.4 Right to File a Complaint: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada (OPC) if you believe we have violated your privacy rights.

6.5 How to Exercise Your Rights: To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days (or as required by applicable law). We may require verification of your identity before processing your request.

7.1 Retention Period. We retain your Personal Information for as long as necessary to: (a) provide our Services to you; (b) comply with legal, regulatory, or contractual obligations; (c) resolve disputes or enforce our agreements; (d) protect our rights or the rights of others; or (e) for other legitimate business purposes.

7.2 Deletion Requests. You may request deletion of your Personal Information by contacting us at [email protected]. We will delete your Personal Information unless we are required or permitted by law to retain it (e.g., for tax, accounting, fraud prevention, or dispute resolution purposes).

7.3 Data Accuracy. We take reasonable steps to ensure that Personal Information is accurate, complete, and up-to-date. Please notify us if your Personal Information changes or if you become aware of any inaccuracies.

8.1 Data Processing Locations. Your Personal Information may be processed and stored in Canada, the United States, or other countries where C-Band Mailbox, our Operators, or service providers operate. By using our Services, you consent to the transfer of your Personal Information to these locations.

8.2 Safeguards for Cross-Border Transfers. When we transfer Personal Information outside of Canada, we implement appropriate safeguards to protect your information, including: (a) contractual clauses requiring data protection standards; (b) compliance with applicable privacy laws; and (c) regular assessments of our service providers' data protection practices.

8.3 EU/UK Data Subjects. If you are located in the European Economic Area (EEA) or the United Kingdom, we may process your Personal Information in accordance with applicable EU/UK data protection laws, including the General Data Protection Regulation (GDPR).

9.1 Use of Cookies. We use cookies, web beacons, pixels, and similar tracking technologies (collectively, "Cookies") to enhance your experience, analyze usage patterns, and support our marketing efforts. Cookies are small text files stored on your device when you visit our website.

9.2 Types of Cookies. We use: (a) Essential Cookies: required for the website to function properly (e.g., authentication, security); (b) Performance Cookies: to analyze website usage and improve performance; (c) Functionality Cookies: to remember your preferences and personalize your experience; and (d) Marketing Cookies: to deliver relevant advertisements and track campaign effectiveness (with your consent where required).

9.3 Cookie Management. You can control or block Cookies through your browser settings. However, blocking certain Cookies may affect the functionality of our Services. For more information, please review our Cookie Policy (if applicable).

9.4 Do Not Track Signals. Our website does not currently respond to "Do Not Track" signals from browsers. We continue to monitor developments in this area.

Our Services are not intended for or directed to individuals under the age of 18. We do not knowingly collect Personal Information from children under 18. If you are a parent or guardian and believe that your child has provided us with Personal Information, please contact us at [email protected], and we will promptly delete such information.

Our Services may contain links to third-party websites, applications, or services that are not operated or controlled by C-Band Mailbox. This Privacy Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services you access. We are not responsible for the privacy practices or content of third-party services.

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: [email protected]

Phone: +1 (431) 276-5927

Location: Winnipeg, Manitoba, Canada

For complaints or inquiries under PIPEDA, you may also contact:

Office of the Privacy Commissioner of Canada

30 Victoria Street, Gatineau, Quebec K1A 1H3

Toll-free: 1-800-282-1376

Website: www.priv.gc.ca