This Privacy Policy explains how we collect, use, disclose, and protect personal information when you interact with our website and services. It applies to visitors in the United States and Canada.

Privacy Policy (Canada), Effective Date: March 22, 2026. Website: aurebus.com

Responsible Entity AUREBUS B2B INTEGRATION INC. #225 – 20316 56 Avenue Langley, BC V3A 3Y7, Canada Incorporation Number: BC1564011 Business Number: 757064837BC0001 Email: privacy@aurebus.com.

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you interact with our website and services. It applies to visitors and businesses located in Canada.

1. Information We Collect 1.1 Information You Provide We collect the personal information you submit through our forms, including your name, email address, company, job role, and any message you provide. This information is used to respond to your inquiry, provide requested information, and manage leads in our CRM system. Lead evaluation is conducted manually; we do not employ automated decision-making or AI-driven lead scoring. Business contact information collected solely for communicating with you in your professional capacity is excluded from the general application of PIPEDA and BC PIPA.

1.2 Information Collected Automatically and Profiling Technologies We use Google Analytics 4, Microsoft Clarity, and Google Tag Manager to collect technical information such as IP address, browser     type, device information, and website interactions. Microsoft Clarity includes tracking functions such as session replay scripts and behavioral heatmaps that can be used to assess user behavior     and create profiles. You can activate or deactivate these profiling and tracking functions at any time via our site's consent management platform. This data helps us improve website performance,     maintain security, and understand site usage.

1.3 No Sensitive Information We do not intentionally collect sensitive personal information through this website.

2. Cookies and Consent
   We use essential cookies for site functionality and optional analytics cookies to understand website usage. By default, all non-essential cookies and tracking scripts are disabled for all visitors. They are activated only after we obtain your explicit, informed consent via our consent management platform. Your choices include Accept, Decline, or Customize. You may withdraw your consent at any time using the cookie settings on our website. Where required by law, we honor browser-based privacy signals such as Global Privacy Control (GPC).
   How We Use Personal Information We use personal information for the following purposes:

• Responding to your inquiry.
• Managing communications and lead processing in Zoho CRM.
• Sending commercial electronic messages (CEMs) in compliance with Canada's Anti-Spam Legislation (CASL). We only send B2B communications with your express consent or where implied consent exists (e.g., an inquiry or existing business relationship). You may withdraw your consent and unsubscribe at any time using the functioning unsubscribe mechanism included in every message. Opt-out requests will be processed without delay, and in any event no later than 10 business days after the request is made.
• Improving website performance and user experience.
• Security, fraud detection, and compliance.

    We do not sell or share personal information for advertising purposes. Internally, access to personal information is strictly limited to authorized personnel (such as sales, IT, and management)     who require such access to perform their designated duties.

4. Sharing of Information and International Transfers
   4.1 Service Providers We use trusted service providers to deliver and support our services, including:

• Zoho CRM for lead and contact management.
• Google Analytics 4 and Google Tag Manager for analytics.
• Microsoft Clarity for user experience insights. These providers process information only on our behalf and are required to follow appropriate safeguards.
  
  

4.2 Server Infrastructure and Cross-Border Transfers
    The primary hosting infrastructure for aurebus.com is physically located on servers in Germany, operated by ALL-INKL.COM. To ensure data security and operational integrity, we have executed a     formal Data Processing Agreement with this provider ensuring strict technical and organizational security measures are met. When we engage third-party service providers (such as Zoho CRM,     analytics platforms, or hosting facilities) that process data outside of Quebec or Canada, we conduct Privacy Impact Assessments (PIAs) prior to the transfer. These assessments ensure that robust     contractual safeguards are deployed to afford your personal information a level of protection essentially equivalent to the strict standards established by the Personal Information Protection and     Electronic Documents Act (PIPEDA), British Columbia’s Personal Information Protection Act (BC PIPA), and Quebec Law 25.

4.3 Business Transactions
If Aurebus B2B Integration Inc. is involved in a merger, acquisition, or sale of all or a portion of its assets, your personal information may be transferred to the acquiring entity as part of that transaction, subject to the restrictions and limitations of applicable Canadian privacy laws.

5. Third-Party Links
   Our website may contain links to third-party websites, plug-ins, or applications (e.g., LinkedIn). Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
6. Legal Basis and Principles
   We follow recognized Canadian privacy principles in accordance with PIPEDA, BC PIPA, and Quebec Law 25, including accountability, identifying purposes, consent, limiting collection, limiting use, disclosure, and retention, accuracy, safeguards, openness, individual access, and challenging compliance.
7. Your Rights and Complaint Escalation Mechanisms Under the frameworks established by PIPEDA, BC PIPA, and Quebec Law 25, and subject to statutory exceptions, you are entitled to the following rights:

• Right of Access and Information: You may request access to the personal information we hold about you and obtain explanations regarding its origin, purposes, and third-party disclosures.
• Right to Rectification: You may request the correction of any personal information that is inaccurate or incomplete.
• Right to Erasure (De-identification): You may request the deletion or irreversible anonymization of your personal information once it is no longer necessary.
• Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time via our cookie preference center or by contacting us.
• Right to Data Portability: Residents of Quebec possess the right to demand that computerized personal information collected from them be returned in a structured, commonly used technological format.
• Right to Opt-Out of Profiling: You have the right to opt out of processing activities that involve tracking or profiling.
  
  

Exercising Your Rights and Escalation:
    We will respond to all requests regarding your rights within 30 days. We may request specific information from you to help us confirm your identity before processing your request. If you have     concerns regarding our data handling practices, direct your complaint to our Privacy Officer. Should our internal resolution process fail to satisfy your concerns, you maintain the right to lodge a     formal regulatory complaint with the Office of the Privacy Commissioner of Canada (OPC), the Office of the Information and Privacy Commissioner for British Columbia (OIPC BC), or the     Commission d'accès à l'information du Québec (CAI).

8. Retention Periods
      We retain personal information only as long as necessary:

• Form submissions and CRM leads: up to 24 months after last interaction.
• Analytics data (GA4, Clarity): up to 14 months.
• Log files and security data: 12 months.
• Support-related communications: 36 months.
• Contracts, invoice, and financial records: 7 years.

9. Security and Breach Notification
   We implement administrative, technical, and physical safeguards to protect personal information, including encryption, access controls, secure hosting, and activity logging. In the event of a security breach involving your personal information that creates a real risk of significant harm (or risk of serious injury under Quebec law), we will notify you and the relevant privacy commissioners as required by applicable law.
10. Children’s Privacy
    This website is not intended for children, and we do not knowingly collect personal information from individuals under the age of 14 without obtaining the explicit consent of the person with parental authority.
11. Privacy Officer and Organizational Accountability
     In compliance with PIPEDA, BC PIPA, and Quebec Law 25, we have formally designated a Privacy Officer to oversee our organization's data protection strategies, ensure continuous compliance, and govern the execution of Privacy Impact Assessments (PIAs) for cross-border data processing. Please direct your privacy inquiries to: Name: Klaus Dirsen Title: Chief Executive Officer & Privacy Officer (Person in charge of the protection of personal information) Entity: Aurebus B2B Integration Inc. Canadian Office: #225 – 20316 56 Avenue, Langley, BC V3A 3Y7, Canada Global Privacy Office: Heinestr. 31, 50321 Bruehl, Germany Email: privacy@aurebus.com.

12. Changes to This Policy
    We may update this Privacy Policy from time to time. Any changes will be posted with a new Effective Date. If we make material changes to how we process personal information, we will notify you by posting a prominent notice on our website or by sending an email.