PIPEDA Compliance
How we handle personal information for Canadian users under the Personal Information Protection and Electronic Documents Act.
Last updated: April 21, 2026
Who This Applies To
PIPEDA is Canada's federal private-sector privacy law. It applies to ShommyX Technologies Inc. when we collect, use, or disclose personal information about Canadian users in the course of commercial activity. Residents of British Columbia, Alberta, and Quebec also have protections under substantially similar provincial laws.
The Ten Fair-Information Principles
PIPEDA is built around ten principles. Here is how we implement each one.
1. Accountability
ShommyX Technologies Inc. is responsible for the personal information in its control. We have designated a Privacy Officer (below) who is accountable for our compliance with PIPEDA.
2. Identifying Purposes
We state the purposes for which we collect personal information in our Privacy Policy — primarily to operate the church management platform you or your church has signed up for.
3. Consent
You consent to the collection, use, and disclosure of your personal information when you create an account or when a church administrator adds you as a member. You may withdraw consent at any time by deleting your account or contacting us.
4. Limiting Collection
We collect only the information we need to run the Service. We do not collect personal information indiscriminately or for undisclosed purposes.
5. Limiting Use, Disclosure, and Retention
We use personal information only for the purposes for which it was collected. We do not sell personal information. We retain data only as long as necessary to provide the Service or as required by law.
6. Accuracy
You can edit your profile at any time from account settings to keep your information accurate and up to date.
7. Safeguards
We protect personal information with appropriate physical, organizational, and technical measures, including encryption in transit (TLS), access controls, and multi-tenant data isolation. See our Security page for details.
8. Openness
Our privacy practices are published on this site and available in plain language. You can find the full policy on our Privacy Policy page.
9. Individual Access
You have the right to request access to the personal information we hold about you, and to request correction of inaccuracies. You can export or delete most of your data directly from your account settings, or contact our Privacy Officer for assistance.
10. Challenging Compliance
You may challenge our compliance with these principles by contacting our Privacy Officer. If we cannot resolve your concern, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca.
Cross-Border Transfers
Your personal information may be stored and processed on servers located outside of Canada, including in the United States. By using the Service, you acknowledge that your information may be subject to the laws of those jurisdictions. We use reputable, security-certified cloud providers and apply the same safeguards regardless of where data is stored.
Breach Notification
In the event of a breach of security safeguards that creates a real risk of significant harm, we will notify affected individuals and report the breach to the OPC as soon as feasible, as required by PIPEDA. We maintain records of all breaches.
Privacy Officer
- Company: ShommyX Technologies Inc.
- Email: [email protected]
- Website: shommyxchurch.com
Direct all PIPEDA-related questions, access requests, and complaints to the email above, with "Privacy Officer" in the subject line.
This summary is provided for transparency and is not legal advice. For the complete picture of our data practices, see our Privacy Policy.