Skip to main content
emicode
  • Home
  • Services
  • Process
  • Portfolio
  • Team
  • FAQ
17:44 · WPG Start a project
  • Home
  • Services
  • Process
  • Portfolio
  • Team
  • FAQ
Start a project
Legal

Privacy Policy

Last updated: June 22, 2026

Emicode ("we", "us") is a web development studio based in Winnipeg, Manitoba, Canada. This policy explains what personal information we collect through emicode.ca, why we collect it, and how we handle it. We follow the Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada's Anti-Spam Legislation (CASL).

What we collect

  • Contact form data — name, email, phone number, company name, and the project details you choose to share when you submit the project brief or request a callback.
  • Marketing attribution — when you arrive from an ad or a link, we record campaign parameters (UTM tags, click IDs) and the referring site, so we know which channels work.
  • Technical data — standard server logs (IP address, browser type, pages requested) kept for security and troubleshooting.
  • Preferences — your colour-theme choice and your cookie-consent decision are stored in your browser's local storage; marketing-attribution data is stored in session storage. See Cookies and analytics below for exactly which cookies we set and how analytics works.

Why we collect it

  • To respond to your inquiry and prepare a quote — this is the only reason we ask for contact details.
  • To understand which marketing channels bring visitors, so we can spend our advertising budget sensibly.
  • To keep the site secure and reliable.
  • To send occasional service emails if you have contacted us — every such email contains a working unsubscribe link, honoured immediately, as CASL requires.

What we never do

  • We never sell, rent, or trade your personal information.
  • We never share your data with third parties for their marketing.
  • We never use your phone number or email for purposes other than the inquiry you sent it for, unless you explicitly agree.

Cookies and analytics

We keep tracking to a minimum. There are three layers, and only the last one ever involves your consent:

  • Essential cookies — a session cookie and a security (CSRF) token. They are required for the site to function and to protect form submissions, are set for every visitor, and under privacy law need no consent. They carry no marketing data.
  • Cookieless, first-party analytics — to see roughly how many people visit and which pages are useful, we run our own first-party analytics. It sets no cookies, never tracks you across other websites, and stores no name, email, or device identifier. It does record your IP address alongside the page you viewed — we use this only to measure traffic and to spot obvious bots, abuse, and suspicious patterns. This data is visible only to us in the admin analytics dashboard, is never used to build a profile of you or for advertising, and is never shared or sold. These records are kept for at most 30 days and then deleted automatically. Because it is first-party and sets no cookies, it runs as basic audience-and-security measurement without a separate consent banner.
  • Google Analytics — only if you agree — where Google Analytics is active, your first visit shows a cookie banner. Nothing from Google loads and no Google cookies are set unless you choose Accept. You can decline with a single click (Reject), and change your choice at any time through the Cookie settings link in the footer. With your consent, Google Analytics helps us measure traffic and the campaigns that bring visitors; it is provided by Google LLC, which may process the data in the United States under the EU–US Data Privacy Framework. Declining changes nothing about your use of the site, and our own cookieless analytics works the same either way.

Where your data lives and how long we keep it

Inquiry data is stored in our own database on infrastructure we manage. We keep it for as long as needed to handle your inquiry and any resulting engagement, after which it is deleted on request or during periodic clean-ups. Server logs rotate automatically. For obvious bot or spam traffic, we may block specific IP addresses at the application layer; such a block simply denies access and is not used to profile you or for advertising. We use a small number of infrastructure providers (hosting, email delivery, content delivery network) to operate the site. They process data on our behalf under their own privacy and security obligations and are not permitted to use it for anything else.

Your rights

You may ask us at any time to show you the personal information we hold about you, correct it, or delete it. Email contact@emicode.ca and we will respond within a reasonable time, normally a few business days. You may also complain to the Office of the Privacy Commissioner of Canada if you believe we have mishandled your information.

Changes to this policy

If we change this policy, the new version will be published on this page with an updated date. Material changes will be noted prominently.

Contact

Privacy questions: contact@emicode.ca.

emicode

Full-service web development studio based in Canada. We build fast, scalable, and beautiful digital products.

Services

Company

  • Portfolio
  • FAQ
  • Blog
  • Contact

© 2026 10228747 MANITOBA. All rights reserved.

Privacy Policy  ·  Terms of Service  ·  contact@emicode.ca

We use essential cookies to keep this site running — those stay on. With your consent, we also use analytics cookies to understand how the site is used. Click Accept to allow analytics. See our Privacy Policy for details.