Privacy Policy

Catalyst IT Canada Ltd (“Catalyst”) is committed to providing websites, applications and services that respect the privacy of visitors.

All personal information collected by Catalyst is governed by the Privacy Act. This means that you will be informed of the purpose for which your personal information is being collected and how to exercise your right of access to that information.

This privacy notice summarizes the privacy practices for Catalyst’s online activities. In particular it sets out:

  1. From whom Catalyst collects Personal Information;
  2. What Personal Information Catalyst collects;
  3. How Catalyst collects Personal Information;
  4. Why Catalyst collects Personal Information;
  5. How Catalyst uses Personal Information;
  6. How Personal Information can be accessed and corrected; and
  7. What happens in the event of a Privacy Breach.

From Whom Catalyst Collects Personal Information

Catalyst may collect Personal Information from:

  1. Catalyst’s clients
  2. Members of Catalyst’s staff
  3. Visitors to Catalyst’s premises or websites

What Personal Information Catalyst Collects

The nature of the Internet is such that web servers automatically collect certain information about a visit to a website, including the visitor’s Internet Protocol (IP) address. IP addresses are unique numbers assigned by Internet service providers (ISP) to all devices used to access the Internet. Web servers automatically log the IP addresses of visitors to their sites.
The IP address, on its own, does not identify an individual. However, in certain circumstances, such as with the cooperation of an ISP for example, it could be used to identify an individual using the site. For this reason, the Government of Canada considers the IP address to be personal information, particularly when combined with other data automatically collected when a visitor requests a web page, such as the page or pages visited, date and time of the visit.

In cases where services are provided by organizations outside of Catalyst, such as social media platforms or mobile applications, IP addresses may be recorded by the web server of the third-party service provider.

Unless otherwise noted, Catalyst does not automatically gather any specific information from you, such as your name, telephone number or email address, physical address, image, billing information, Client Information and any other information supplied by you. Catalyst would obtain this type of information only if you supply it to us.

How Catalyst Collects Personal Information

Catalyst may collect Personal Information about you in the following ways:

  1. When you provide information directly to us, whether in person, over the phone, via email or the postal system, via SMS message or other means of communication;
  2. When you use our services;
  3. When Personal Information is supplied to us by a third-party;
  4. When you visit our website we may collect your Client Information via a Data Collection Tool; and
  5. When you visit our premises we may collect your image (and in exceptional cases where necessary for security purposes, sound recordings) via CCTV cameras.

Why Catalyst Collects Personal Information

Catalyst collects Personal Information for the purposes of:

  1. Providing services to you;
  2. Administering our business; and
  3. Ensuring the physical and digital security of you, our clients, visitors, staff and our premises.

How Catalyst Uses Personal Information

Catalyst uses Personal Information to effect the above purposes.

  1. The circumstances in which Catalyst may disclose Personal Information include:
    1. Where you consent to the disclosure;
    2. Where the disclosure is required to effect the above purposes; or
    3. Where the disclosure is required by law.
  2. Catalyst stores Personal Information:
    1. In our IT or physical infrastructure for as long as is reasonably necessary to effect the above purposes; and
    2. In the case of CCTV Images or sound recordings, in our IT infrastructure for no longer than three (3) months (except where necessary).
  3. Personal Information may be subject to the following security measures:
    1. User authentication and authorisation;
    2. Network and at-rest encryption;
    3. Patching and vulnerability management; and
    4. Physical security protocols.

How Personal Information Can Be Accessed and Corrected

You may access and submit corrections to your Personal Information by contacting us directly by email or in writing to:

The Privacy Officer, Catalyst IT Canada Ltd.
20 Bay Street, WaterPark Place, 11 Floor
Toronto ON M5J 2N8

email to: [email protected]

What Happens in the Event of a Privacy Breach

In the event of a Privacy Breach, Catalyst will:

  1. Notify the affected individuals and organisations, including (if appropriate) law enforcement organisations;
  2. Attempt to mitigate the extent and consequences of the breach;
  3. Attempt to remedy the situation, as appropriate in the circumstances; and
  4. Review the breach and Catalyst’s processes and procedures with a view to minimising the risk of a similar breach occurring in the future.


For users in the European Union, we adhere to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (the “GDPR”). For users in the United Kingdom, we adhere to the GDPR as enshrined in the Data Protection Act 2018.

Third-party social media

Catalyst’s use of social media serves as an extension of its presence on the Web. Social media account(s) are public and are not hosted on Catalyst servers. Users who choose to interact with us via social media should read the terms of service and privacy policies of these third-party service providers and those of any applications you use to access them.

Personal information that you provide to the Catalyst via social media account(s) is collected to capture conversations (e.g. questions and answers, comments, “likes”, retweets) between you and Catalyst. It may be used to respond to inquiries, or for statistical, evaluation and reporting purposes. Comments posted that violate Canadian law will be deleted and disclosed to law enforcement authorities. Comments may also be deleted at Catalyst’s discretion.

Privacy inquiry

Any questions, comments, concerns or complaints you may have regarding the administration of the Privacy Act may be directed to the Privacy Officer by email or in writing to:

The Privacy Officer, Catalyst IT Canada Ltd.
20 Bay Street, WaterPark Place, 11 Floor
Toronto ON M5J 2N8

email to: [email protected]

If you are not satisfied with our response to your privacy concern, you may wish to contact the Office of the Privacy Commissioner by email at [email protected] or by telephone at


This policy was last updated 10th November, 2021. Catalyst may amend this Policy fromvtime to time in order to keep it up to date or to comply with legal requirements.This policy is reviewed at least annually and more frequently if required. All changes to the policy are reviewed by and approved by Catalyst directors.