AltoLeap Inc. ("AltoLeap," "we," "us") builds custom software and operational systems for businesses. We respect your privacy and are committed to handling personal information responsibly and in accordance with applicable Canadian privacy law (including PIPEDA). This policy explains what we collect, how we use it, and your choices.
This policy covers altoleap.com, our client project portal (hosted on GitLab), and our interactions with prospects and clients. It does not cover the internal systems we build and operate for clients, which are governed by our agreements with those clients (see "Client & project data" below).
1. Information we collect
Information you provide
- Contact & Fit Call requests: name, work email, company, phone (optional), and the details you share about your project when you complete a form or book a call via our scheduling tool.
- Payments: when you purchase the AI Opportunity Blueprint, payment is processed by our payment provider (Stripe); we receive confirmation and limited billing details but do not store full card numbers. Invoicing may be handled through Wave.
- Client portal (GitLab): if you're a client, account details and the content you submit to manage your project — issues, feature requests, comments, files, and project information.
- Communications: emails and messages you send us (we use Google Workspace / Gmail), and information shared during calls and meetings.
Information collected automatically on our website
- Usage and device data via Google Analytics 4 and Hotjar (which may capture page interactions, clicks, and aggregated session behavior to help us improve the site), plus standard log data and cookies.
Calls and meetings
- We may record and/or transcribe calls and meetings (including Fit Calls) using Fireflies to capture notes and action items. We will give notice that a call is being recorded; let us know if you prefer not to be recorded.
2. How we use information
To respond to inquiries and assess fit; to deliver our services and manage projects and the client portal; to process payments; to operate, secure, and improve our website; to send relevant communications (for marketing email, in accordance with CASL — you can unsubscribe at any time); and to meet legal and contractual obligations.
3. Cookies & analytics
We use cookies and similar technologies for site functionality and analytics (Google Analytics 4, Hotjar). You can control cookies through your browser and, where offered, our cookie banner.
4. Service providers & sub-processors
We share personal information with trusted providers who process it on our behalf, under their own privacy terms, only to deliver our services:
- Google (Analytics, Google Workspace/Gmail) · Hotjar (website analytics) · Calendly (scheduling) · Fireflies (call notes/transcription) · HubSpot (CRM) · Stripe (payments) · Wave (invoicing) · GitLab (client project portal) · our website host · Clutch (our reviews/profile) · LinkedIn / X (social).
We do not sell personal information. We may disclose information if required by law or in connection with a business transfer.
5. Client & project data
For software projects, much of the data we handle belongs to our clients. We process it on the client's behalf, per our agreement with them; the client controls that data. We take confidentiality and data security seriously and tailor data-handling to each client's requirements — which may include keeping data within the client's environment, schema-only access, or self-hosted approaches. We do not sell client data, and we agree with each client how their data may be used, including in connection with any AI or third-party services.
6. Data retention
We keep personal information only as long as needed for the purposes above or as required by law, then delete or anonymize it.
7. Security
We use reasonable administrative, technical, and physical safeguards (including access controls) to protect personal information. No method of transmission or storage is 100% secure.
8. International transfers
Some providers are located in the United States or elsewhere, so information may be processed outside Canada and become subject to foreign laws. By using our site and services you acknowledge this transfer.
9. Your rights
Subject to applicable law, you may request access to, correction of, or deletion of your personal information, and may withdraw consent (including unsubscribing from marketing). Contact us at privacy@altoleap.com.
10. Children
Our site and services are intended for businesses and are not directed to children.
11. Changes
We may update this policy; we'll post the new effective date and, where appropriate, notify you.
12. Contact
AltoLeap Inc.
18 King St E, Suite 1400, Toronto, ON M5C 1C4
privacy@altoleap.com