Privacy Policy

Last updated: June 22, 2026

Twelverays ("Twelverays", "we", "us", or "our") respects privacy and handles personal information in connection with our website, marketing, sales, client services, payment processing, recruitment, business operations, and professional services.

This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information. It applies to our website, forms, meeting booking, communications, client engagements, proposals, payments, and related business activities.

Twelverays primarily serves businesses, governments, and nonprofits in Canada and the United States. Our website and services are not directed to children or to individual consumers.

1. Privacy Contact

Twelverays has designated a privacy contact for questions, requests, and complaints about our privacy practices.

Privacy Contact
Twelverays
Email: [email protected]

2. Personal Information We Collect

The personal information we collect depends on your relationship with us.

2.1 Website and Device Information

When you visit our website, we may collect:

  • IP address;
  • device type, browser type, operating system, and device identifiers;
  • pages viewed, links clicked, forms started or submitted, scrolls, session activity, and referring pages;
  • approximate location derived from IP address;
  • campaign parameters, UTM parameters, ad click identifiers, referrers, and marketing attribution information;
  • cookie identifiers, analytics identifiers, advertising identifiers, and similar online identifiers;
  • security, fraud-prevention, diagnostics, and log information.

2.2 Contact, Form, and Meeting Information

When you contact us, submit a form, book a meeting, request a proposal, subscribe to communications, or communicate with us, we may collect:

  • name, business email, phone number, company, job title, website, and location;
  • message content, business needs, budget, project details, goals, and service interests;
  • meeting booking details, calendar information, notes, and communications;
  • newsletter or marketing communication preferences;
  • information automatically included with forms, such as page URL, page name, form source, IP address, and tracking identifiers.

2.3 Client and Project Information

When we provide services, we may collect and process information provided by or on behalf of clients, including:

  • business contact information for client personnel, vendors, contractors, customers, prospects, or end users;
  • CRM records, sales pipeline data, customer and prospect lists, support tickets, marketing automation data, website form data, analytics data, advertising audiences, conversion data, ecommerce data, and reporting data;
  • website content, account access information, platform configurations, project files, comments, approvals, tickets, project-management records, and technical logs;
  • data needed for CRM implementation, data migration, analytics, advertising, marketing, automation, web development, AI operations design, reporting, and related services.

For client-provided project data, Twelverays generally acts as a service provider, processor, contractor, or similar role, as applicable. The client is responsible for having the lawful authority, notices, consents, rights, and permissions needed to provide that data to us.

2.4 Proposal, Billing, and Payment Information

When you request or accept a proposal, sign a statement of work, or pay us, we may collect:

  • proposal and contract information;
  • billing contact information;
  • invoice, payment, renewal, retainer, and account status information;
  • transaction records;
  • payment method details processed by third-party payment providers.

We use third-party payment processors such as Stripe. We do not directly store complete payment card numbers.

2.5 Recruitment Information

If you apply for a role or contact us about work opportunities, we may collect:

  • name, contact information, resume, portfolio, work history, education, skills, references, interview notes, communications, and other information you provide;
  • information needed to evaluate your application, communicate with you, and manage recruitment.

2.6 Sensitive or Regulated Information

We do not intentionally request sensitive or regulated personal information unless it is necessary for a specific project and approved in the applicable statement of work or in writing. Sensitive or regulated information may include health information, financial account information, government identifiers, children's data, biometric data, precise geolocation, criminal records, special-category information, or legally privileged material.

Clients must not provide sensitive or regulated information unless expressly approved by Twelverays. If a client provides such information, the client remains responsible for lawful authority, notices, consents, safeguards, minimization, and compliance.

2.7 Children

Our website and services are intended for businesses and adults. We do not knowingly collect personal information from children. Clients must not provide children's data unless expressly approved in a statement of work or by Twelverays in writing.

3. How We Use Personal Information

We may use personal information to:

  • operate, maintain, secure, personalize, and improve our website and business;
  • respond to inquiries, book meetings, prepare proposals, and communicate with you;
  • provide professional services, project delivery, account management, support, reporting, and consulting;
  • perform CRM implementation, data migration, analytics, advertising, marketing, automation, web development, AI operations design, and related services;
  • process payments, manage invoices, administer retainers, collect amounts due, and prevent fraud;
  • analyze website usage, campaign performance, lead attribution, and service performance;
  • send service communications, administrative messages, and, where permitted, marketing communications;
  • manage client relationships, project records, approvals, contracts, and service history;
  • recruit, evaluate, and communicate with job applicants;
  • protect security, detect abuse, troubleshoot, debug, audit, and maintain business continuity;
  • comply with legal, tax, accounting, regulatory, insurance, contractual, and professional obligations;
  • establish, exercise, or defend legal rights;
  • complete business transactions such as mergers, acquisitions, financing, restructuring, or asset sales.

4. Cookies, Analytics, Advertising, and Tracking Technologies

We use cookies, pixels, tags, scripts, local storage, and similar technologies for website operation, analytics, security, advertising, retargeting, attribution, performance measurement, and service improvement.

These technologies may collect or receive information such as IP address, device and browser information, pages visited, events, referrers, campaign parameters, approximate location, advertising identifiers, and cookie identifiers.

Representative tools and providers may include:

  • Webflow;
  • HubSpot forms, CRM, marketing, and meeting tools;
  • Google Analytics and Google Tag Manager;
  • Google Ads and Microsoft Ads;
  • Meta advertising pixels and tools;
  • LinkedIn advertising and analytics tools;
  • Microsoft Clarity;
  • Cloudflare, including security, performance, and bot-prevention tools;
  • Stripe and Qwilr for proposal and payment workflows;
  • Twelverays internal systems, including TR-OS or systems hosted at Twelverays-controlled domains.

You can control some cookies through your browser settings, device settings, ad platform settings, and industry opt-out tools. Blocking cookies may affect website functionality, analytics, personalization, attribution, or security features.

Some browsers offer "Do Not Track" or similar signals. Because there is no uniform industry standard for those signals, our website may not respond to them unless legally required.

5. Marketing Communications

We may send marketing communications, newsletters, event invitations, educational content, service updates, or business development messages where permitted by law, including where we have consent or an existing business relationship.

Commercial electronic messages will identify Twelverays and include an unsubscribe mechanism where required. You may unsubscribe from marketing communications at any time. We may still send transactional, service, billing, legal, security, or project-related messages.

6. How We Disclose Personal Information

We may disclose personal information to:

  • service providers, contractors, subcontractors, consultants, and vendors who help operate our business or provide services;
  • website, hosting, cloud, security, analytics, advertising, CRM, marketing, meeting, project-management, payment, proposal, email, communication, and support providers;
  • representative tools and vendors such as Webflow, HubSpot, Google, Meta, LinkedIn, Microsoft, Cloudflare, Stripe, Qwilr, hosting providers, cloud providers, and analytics or advertising platforms;
  • client-approved platforms, accounts, and vendors as needed to provide services;
  • professional advisers, including lawyers, accountants, auditors, insurers, bankers, and consultants;
  • government, regulatory, law-enforcement, tax, court, arbitration, or legal authorities where required or appropriate;
  • parties involved in a merger, acquisition, financing, restructuring, sale of assets, change of control, or similar business transaction;
  • other parties with consent, at direction, or as otherwise permitted or required by law.

We do not sell personal information as our business model. We may use advertising and analytics tools that involve sharing online identifiers or website activity with advertising and analytics providers. Some laws may treat certain advertising, analytics, retargeting, or cross-context behavioral advertising activities as "sharing" or similar concepts. You can contact us at [email protected] with questions or requests.

7. Client Project Data

For client project data, Twelverays processes information to provide the services described in the applicable statement of work and related instructions. This may include CRM records, customer and prospect data, analytics data, advertising audiences, website data, sales pipeline data, support records, email or marketing records, and other business data.

Clients are responsible for:

  • determining whether they have lawful authority to provide the data to Twelverays;
  • giving required privacy notices;
  • obtaining and recording required consents;
  • maintaining suppression lists and unsubscribe records;
  • ensuring data accuracy, minimization, and compliance;
  • approving uses of data for campaigns, automations, analytics, reporting, AI-assisted workflows, and other deliverables.

Twelverays may use approved vendors, contractors, subprocessors, and service providers to process client project data for service delivery, security, operations, and support.

8. AI Tools and Automated Technologies

We may use AI tools, automation tools, analytics tools, and machine learning tools to help provide services, improve workflows, analyze data, draft content, summarize information, generate recommendations, or support internal operations.

AI-assisted outputs may be inaccurate, incomplete, or unsuitable without human review. Clients are responsible for reviewing and approving final use of AI-assisted outputs in their business, campaigns, systems, or public materials.

We do not intentionally provide sensitive or regulated information to third-party AI tools unless approved for a specific engagement or permitted by the applicable statement of work.

9. Cross-Border Processing

Twelverays works with clients, vendors, contractors, and service providers in Canada, the United States, and other locations. Personal information may be processed, stored, accessed, or transferred outside your province, state, or country, including in Canada and the United States.

When information is processed in another jurisdiction, it may be subject to the laws of that jurisdiction, including lawful access by courts, law enforcement, regulators, or government authorities.

10. Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide services, manage client relationships, complete projects, administer accounts, maintain business records, comply with legal, tax, accounting, insurance, contractual, and regulatory obligations, resolve disputes, collect payments, protect security, maintain backups, and exercise legal rights.

Retention periods vary depending on the type of information, the engagement, legal requirements, backup cycles, limitation periods, and legitimate business needs.

11. Safeguards

We use reasonable administrative, technical, physical, and organizational safeguards designed to protect personal information against unauthorized access, use, disclosure, loss, theft, alteration, and destruction.

No method of transmission, storage, hosting, internet communication, third-party platform, or security control is completely secure. We cannot guarantee absolute security, especially for third-party platforms, client-controlled systems, client-provided access, or internet transmission.

Clients are responsible for maintaining appropriate security controls for their own systems, accounts, users, credentials, platforms, and data.

12. Your Privacy Rights and Choices

Depending on applicable law and your relationship with us, you may have rights to request access to personal information, correction of inaccurate information, deletion where applicable, withdrawal of consent, restriction or objection where applicable, information about our privacy practices, or review of a privacy complaint.

To make a request, contact [email protected].

We may need to verify your identity or authority before responding. Some requests may be limited by legal, contractual, security, backup, confidentiality, privilege, accounting, tax, dispute, business-record, or legitimate business reasons.

Withdrawing consent may affect our ability to provide services, respond to requests, or continue certain communications. We may continue to collect, use, or disclose information where permitted or required by law.

13. California and Other U.S. Privacy Rights

Twelverays primarily provides B2B services in Canada and the United States. We do not believe our current business model is based on selling personal information. Some U.S. privacy laws, including California privacy law, may apply only to businesses that meet specific thresholds or processing criteria.

If a U.S. privacy law applies to your personal information, we will handle applicable requests as required by that law. You may contact [email protected] with privacy questions or requests.

14. Business Transfers

We may disclose or transfer personal information in connection with a merger, acquisition, financing, restructuring, sale of assets, change of control, due diligence process, bankruptcy, or similar business transaction. The recipient will be required to handle personal information consistently with applicable law.

15. External Links and Third-Party Sites

Our website, communications, and deliverables may link to third-party websites, platforms, plugins, applications, or services. We are not responsible for the privacy practices, security, content, or terms of third parties. You should review their privacy notices and terms.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on our website with a new "Last updated" date. Changes apply when posted unless otherwise stated.

17. Contact Us

For privacy questions, requests, or complaints, contact:

Twelverays
Email: [email protected]

© Twelverays.
U.S. & CA Based Team
Subscibe to newsletter
LinkedinInstagram
BlogsCareersExpertise
Terms of ServicePrivacy Policy
Subscibe to newsletter
BlogsCareers
LinkedinInstagram
Terms of ServicePrivacy Policy
© 2025 Twelverays.
U.S. & CA Based Team
Portfolio
Clients & case studies
SEO, D365, Web Design, Salesforce, and Ads.
Get in touch
Let's set your direction
Start your growth