← datastars.ca

Legal

Privacy Policy

DataStars AI Inc. · Effective Date: March 12, 2026 · Last Updated: March 12, 2026

01

Introduction

DataStars AI Inc. ("DataStars," "we," "us," or "our") is committed to protecting the privacy of our clients, website visitors, and the individuals whose information may be included in the data our clients provide to us. This Privacy Policy explains what personal information we collect, how we use it, how we protect it, and your rights under applicable Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and, for individuals in British Columbia, the Personal Information Protection Act (PIPA).

This policy applies to all interactions with datastars.ca, the DataStars customer portal, and all products and services we provide.

02

Information We Collect

2.1 Information You Provide Directly

When you engage our services, create an account, or contact us, we may collect:

  • Business contact information: name, email address, phone number, firm name, professional role.
  • Billing information: payment is processed by Stripe. DataStars does not store credit card numbers or bank account details on our servers. Stripe's handling of payment data is governed by Stripe's own privacy policy.
  • Matter and file information: property addresses, legal descriptions, matter type, litigation details, and uploaded documents related to your engagement.
  • Borrower information submitted by clients: occupational title, employer name, years of employment, employment type, income, and mortgage details (balance, rate, maturity date, monthly payment). This information is submitted by our clients — typically mortgage lenders, MICs, law firms, or insolvency trustees — for the purpose of producing reports and analyses.

2.2 Information Collected Automatically

When you visit datastars.ca, we may collect:

  • Log data: IP address, browser type, operating system, referring URL, pages visited, and timestamps.
  • Cookies: We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. See Section 8 for details.

2.3 Information from Third-Party Sources

In the course of producing reports, we collect information from publicly available sources, including corporate registries, court filings (e.g., CanLII), property assessment databases, market data providers, and news sources. This information is used solely to produce the deliverables our clients have ordered.

03

How We Use Information

We use personal information for the following purposes:

  • Service delivery: Producing reports, Borrower Volatility Analyses, market intelligence, and other products our clients order.
  • Account management: Authenticating portal access, managing subscriptions, processing payments, and communicating about your engagements.
  • Product improvement: Improving the accuracy and reliability of our scoring models and research pipeline. We use only aggregated and de-identified data for this purpose. No dataset used for methodology improvement contains information that could reasonably be used to re-identify any individual borrower.
  • Communications: Sending delivery confirmations, threshold alerts (for subscribed customers), and service updates via email.
  • Legal and compliance: Meeting our obligations under applicable law, responding to legal process, and enforcing our Terms of Service.

We do not sell, rent, or trade personal information to third parties for marketing purposes. We do not use personal information for consumer credit reporting or any purpose governed by consumer reporting legislation.

04

Borrower Information — Special Provisions

DataStars processes borrower information (occupation, employer, income, mortgage details) that our clients submit for the purpose of generating AI employment risk analyses and settlement intelligence reports. Important clarifications:

  • We act as a service provider. Borrower information is submitted to us by our clients, who are responsible for ensuring they have the lawful authority to share this information with us.
  • We do not contact borrowers. We have no direct relationship with the individuals whose information is included in client files.
  • Occupational scoring, not individual profiling. Our AI displacement scores are applied to occupational categories (NOC codes) and employer risk profiles. They are forward-looking macroeconomic commentary, not assessments of any individual's creditworthiness or employment prospects.
  • Retention. Borrower information is retained only for as long as necessary to deliver the ordered product and for a reasonable period thereafter for quality assurance and methodology improvement. See Section 7.

05

How We Share Information

We share personal information only in the following circumstances:

  • Service providers: We use third-party service providers to operate our platform. These include Vercel (hosting), Neon (database), Stripe (payments), Resend (email delivery), and Google Workspace (document storage and delivery). Each provider processes data only as necessary to provide their service and is subject to their own privacy policies and contractual obligations.
  • AI processing: We use Anthropic's Claude API to assist in research analysis and report narrative generation. Data processed through Anthropic's API is strictly zero-retention; your matter data and borrower information are never used to train third-party foundation models. We do not send personally identifiable borrower information to any AI service where it is not necessary for the analysis.
  • AACI appraisers: For Tier 2 certified reports, we share relevant property and market data with the assigned AACI appraiser. Appraisers do not receive Addendum B content or AI risk scoring data.
  • Legal requirements: We may disclose information if required by law, regulation, subpoena, court order, or governmental request.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, personal information may be transferred to the successor entity, subject to this Privacy Policy.

We do not share personal information with any party for advertising or marketing purposes.

06

Data Security

We implement commercially reasonable technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include:

  • Encrypted data transmission (TLS/HTTPS).
  • Database-level row-level security (RLS) policies restricting data access by user tier and role.
  • Authentication via magic link (passwordless), reducing credential-based attack surface.
  • Access to production systems limited to authorized personnel.
  • Payment data handled exclusively by Stripe's PCI DSS-compliant infrastructure.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we take reasonable steps to protect your data.

07

Data Retention

  • Client account data: Retained for the duration of the client relationship and for a period of seven (7) years following the last engagement, consistent with professional and tax record-keeping requirements.
  • Report and file data: Retained for seven (7) years following delivery.
  • Borrower scoring data: Retained in anonymized or aggregated form for methodology improvement. Identifiable borrower data associated with a specific engagement is retained for the same period as the related report.
  • Website log data: Retained for up to twelve (12) months.
  • Marketing and communication records: Retained until you unsubscribe or request deletion.

We will delete or anonymize personal information when it is no longer needed for the purposes described in this policy, unless a longer retention period is required by law.

08

Cookies

datastars.ca uses only essential cookies necessary for site functionality and authentication. We do not use analytics cookies, advertising cookies, or third-party tracking pixels. You may configure your browser to block cookies, but this may affect your ability to use the customer portal.

09

Your Rights

Under PIPEDA and, where applicable, BC PIPA, you have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate or incomplete personal information.
  • Withdraw consent for the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions.
  • Request deletion of your personal information, subject to our retention obligations.
  • File a complaint with the Office of the Privacy Commissioner of Canada or, for BC residents, the Office of the Information and Privacy Commissioner for British Columbia.

To exercise any of these rights, contact us at privacy@datastars.ca. We will respond within thirty (30) days.

Note regarding borrower data: If you are an individual whose information was submitted to DataStars by one of our clients, please contact the organization that submitted your information. We will cooperate with reasonable requests to correct or delete borrower data, but our primary contractual relationship is with the client who ordered the report.

10

Children

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors.

11

International Transfers

Our service providers may process data in jurisdictions outside Canada, including the United States. Where personal information is transferred outside Canada, it is subject to the privacy laws of the receiving jurisdiction, which may differ from Canadian law. We take reasonable steps to ensure that our service providers maintain appropriate safeguards for the protection of personal information.

12

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on datastars.ca and communicated to active clients via email. The "Last Updated" date at the top of this policy indicates when it was most recently revised.

13

Contact

If you have questions, concerns, or requests related to this Privacy Policy or our handling of personal information:

DataStars AI Inc. · Privacy Officer
997 Seymour Street, Vancouver, BC V6B 3M1
Email: privacy@datastars.ca
Website: datastars.ca

For complaints that we are unable to resolve, you may contact:

Office of the Privacy Commissioner of Canada
www.priv.gc.ca

Office of the Information and Privacy Commissioner for British Columbia
www.oipc.bc.ca

Terms of Service← datastars.ca