Privacy Policy

We are committed to protecting your personal information and being transparent about the data we hold about you (“personal data”).

This privacy policy, together with our Cookies Policy applies to all visitors and users of our websites at (the “sites”) and our online services and sets out how we will use your personal data as well as your privacy rights. It also relates to personal data you provide to us by phone, SMS, email, in letters and other correspondence and in person.

We use your information in line with all applicable laws and regulations concerning the protection of personal data from time to time in force, including the Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and 2011 and the General Data Protection Regulations (GDPR), and including any amendments or updates to these and any equivalent or successor applicable laws and regulations. Nothing in this privacy policy shall limit your statutory rights in relation to your personal data.


For the purposes of this privacy policy, the data controller is eSafetyFirst Canada (“eSafety First” or “we”).


2.1. We may collect, store and use the following kinds of personal data:

Other: any other information you chose to send or otherwise make available to us.

2.2. We use different methods to collect personal data from and about you as follows:

Direct Interactions: You may give us your personal data directly by filling in forms on our sites or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

Automated Technologies or interactions: As you interact with our sites, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our Cookies Policy for further details.

Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below.

Technical Data, for example from:

Contact, Financial and Transaction Data from providers of technical and payment services such as our third party card payment service providers.

Identity and Contact Data from publicly available sources such as Companies House.

2.3. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
2.4. We may keep a record of correspondence, telephone calls or online live chat communications if you contact us.
2.5. We may monitor or record your communications with us to assist us with the development of our sites and services; to train our staff; and if so requested by order of a court, regulatory body or law enforcement organisation.


3.1. We will only use your personal data for the purposes specified in this privacy policy or in relevant parts of the sites and only ever as permitted by law.
3.2. We may use your personal information to:

If you subscribe for our services you may be required to provide payment card details. We use third party payment card providers to manage all of our online card transactions. We ourselves do not retain any record of your payment card information. You should only provide your personal data to those payment card providers after reviewing their privacy policies, which are available on their website(s). Your payment card information is used solely to process payments you make via our sites or for fraud prevention and detection purposes. All of our payment card providers collect payment card information via a secure online payment gateway.


4.1. We may use your personal data to form a view on what products, services and offers may be of interest to you (“marketing”).
4.2. You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.
4.3. We will always obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.
4.4. You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you at any time.


5.1. We process your personal data based on the lawful bases set out below. We may process information you provide based on more than one lawful basis depending on the specific purpose for which we are using it.

Contract: To enter into a contract with you and fulfil our contractual obligations to you. This processing is necessary for us to provide the service you have requested including registering and managing your account with us and providing service updates and related information).

Consent: Where you have consented to our use of your personal data, for example where you opt-in toinfose receive relevant marketing communications from us (e.g. industry news and offers)

Legal Obligation: Where processing is necessary to comply with legal or statutory requirements on us. This may include cooperating with police in relation to their investigations.

Legitimate interest: Where processing is necessary for our legitimate interests (or those of a third party) provided that these do not conflict with your interests or fundamental rights. This may include, to improve our sites and services, understand how visitors and customers use our sites and services, undertake market research and inform our marketing, to run our business and maintain the security of our sites and services for you, us and other sites visitors and customers.


6.1. Except as provided in this privacy policy, we will not provide your information to third parties.
6.2. We may disclose your personal data to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy.
6.3. We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
6.4. We may also use or disclose your personal data as follows:
6.5. In addition, we may disclose your personal data:
6.6. We may share any information that we collect with parties including: our legal and professional advisors, the police, other public or private sector agencies, governmental or representative bodies (which Manyinclude insurance companies, finance companies and/or other agencies) in accordance with the relevant legislation for the purposes of the prevention or detection of offences, and/or the apprehension organisationprosecution of offenders


7.1. We share your personal data with our Group Companies. This will involve transferring your data outside the European Economic Area (EEA).
7.2. Many of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
7.3. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.


8.1. Data transmission over the Internet is inherently insecure and we cannot guarantee the security of data sent over the Internet.
8.2. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
8.3. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8.4. You are responsible for keeping your password and user details confidential. We will not ask you for your password.


9.1. We will process personal data for as long as necessary to fulfil the purpose we collected it for, including the purpose of legal, accounting and reporting requirements, and for as long as necessary for the prevention and detection of criminal activity. The period for which we process and store the personal data for varies depending on the use you make of the sites and services we offer. Where you register an account or subscribe for our services we will retain your personal data for as long as your account is live or as necessary to continue to provide you with our services and for a further period thereafter to enable us to satisfy our legal, accounting and reporting requirements.
9.2. In some circumstances you can ask us to delete your data: see Right to be forgotten below for further information.
9.3. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice.


10.1. At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

Right of access – you have the right to request a copy of the information that we hold about you. In the event that we refuse your request under rights of access, we will provide you with a reason as to why;

Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete;

Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records;

Right to restriction of processing – where certain conditions apply to have a right to restrict the processing;

Right of portability – in certain circumstances you have the right to have the data we hold about you transferred to another organisation;

Right to object – you have the right to object to certain types of processing such as direct marketing, automated processing or profiling;

Right to complain to the supervisory authority – you have the right to complain as outlined in section 14 below;

Please email if you have any queries regarding your rights. You can exercise your rights as set out above by emailing and/or by following Manage Your Data Preferences here. All of the above requests will be forwarded on should there be a third party involved (as set out in this Privacy Policy) in the processing of your personal data.


11.1. Please let us know if the personal information which we hold about you needs to be corrected or updated.


12.1. We may update this privacy policy from time-to-time by posting a new version on our sites. You should check this page occasionally to ensure you are happy with any changes.
12.2. We may also notify you of changes to our privacy policy by email.


13.1. The sites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.


14.1. If you wish to make a complaint about how your personal data is being processed by eSafety First Canada (or third parties as described above), or how your complaint has been handled, in the first instance please email your concerns to You also have the right to lodge a complaint directly with the Romanian supervisory authority.

If you have any questions about this privacy policy or our treatment of your personal data, please visit our “Contact Us” section of our website.