eazyBackup – Privacy Policy

Last updated: November 25 2025

This Privacy Policy explains how eazyBackup Systems Ltd. (“eazyBackup”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal information in connection with:

  • Our websites (including eazybackup.ca, eazybackup.com and related subdomains)
  • Our backup software, agents, and e3 S3-compatible object storage
  • Our cloud-to-cloud backup services (including Google Drive backup)
  • Any other products and services that link to this Privacy Policy

(collectively, the “Services”).

By using the Services, you agree that we may collect, use, and disclose your personal information as described in this Privacy Policy.

If you do not agree with this Privacy Policy, you should not use the Services.

  1. Scope and Definitions

For the purposes of this Privacy Policy:

  • Personal information means information about an identifiable individual, as defined under applicable Canadian privacy laws (such as PIPEDA), including information that can reasonably be linked to an individual.
  • Customer Data means the content you or your organization choose to back up or store using the Services (for example, files, folders, images, databases, configuration files, or other data).
  • Compte means the primary billing and administration profile registered with eazyBackup.
  • Authorized User means any individual who accesses the Services under your Account (including owners, employees, contractors, and invited sub-users).

This Privacy Policy applies to personal information that we collect about identifiable individuals. It does not apply to aggregated or anonymized information that cannot reasonably be linked back to an individual.

  1. What Information We Collect

We collect the following categories of information.

2.1 Information you provide to us

We collect personal information that you provide directly, such as:

  • Account and contact details – name, job title, company name, email address, mailing address, phone number, login credentials.
  • Billing information – billing contact details, payment method details (processed by our payment provider), transaction history.
  • Support and communication – information you provide when you contact support, participate in calls or chats, respond to surveys, or send us feedback.
  • Configuration and settings – information about your backup jobs, retention rules, selected backup sources and destinations, user roles, and other options you configure in the dashboard.

If you are an MSP, reseller, or business customer, we may also collect information about your end-users or clients that you choose to provide as part of using the Services.

2.2 Information collected automatically

When you access our websites or use the Services, we automatically collect certain technical and usage information, such as:

  • IP address, approximate location based on IP, device identifiers
  • Browser type and version, operating system, language settings
  • Date and time of access, URLs visited, clickstream data
  • Log data related to backup jobs, restore operations, errors, and performance
  • Information about the eazyBackup software and versions installed on your devices

We may also use cookies, web beacons, local storage, and similar technologies for authentication, session management, preferences, analytics, and security (see Section 10).

2.3 Customer Data (backup and storage content)

When you use our backup and storage Services, we process Customer Data that you or your organization select as backup sources or store in e3 Storage. This may include personal information contained in files, folders, mailboxes, databases, or other systems you back up.

  • Customer Data is encrypted before transmission by our software (where applicable) and is stored encrypted at rest in our infrastructure.
  • We process Customer Data only to provide the Services (for example, to perform backups, maintain retention rules, and provide restore functionality), or as otherwise described in this Privacy Policy or your agreement with us.

Where we handle Customer Data on behalf of an organization (such as an MSP or business customer), we do so as a service provider and will follow their instructions, subject to applicable law.

2.4 Google API Services and Google Drive data

If you choose to connect your Google Account and use our Google Drive cloud-to-cloud backup features, we use Google API Services to access certain information from your Google account.

When you authorize the connection, we may collect:

  • Basic Google account details (for example, your Google account ID and email address)
  • Google Drive file and folder metadata, such as file/folder names, IDs, paths, types, sizes, owners, and timestamps
  • The contents of files and folders that you select (or that are included in your configured backup jobs) so we can copy them to your chosen backup destination (for example, an e3 bucket)

We request read-only access to Google Drive for the purpose of backup and restore. We do not use Google APIs to delete or modify content in your Google Drive.

  1. How We Use Personal Information

We use personal information for the following purposes:

  1. To provide and operate the Services
    • Creating and managing Accounts and Authorized Users
    • Performing backups, storage, synchronization, and restore operations
    • Maintaining logs and records related to backup and restore activities
    • Providing cloud-to-cloud backup between supported services and e3 Storage
  2. To secure and maintain the Services
    • Authenticating users and managing access control
    • Detecting, investigating, and preventing security incidents, abuse, and fraud
    • Monitoring system performance, capacity, and availability
  3. To support you and communicate with you
    • Responding to support requests, questions, and feedback
    • Sending service-related notifications (for example, billing notices, system alerts, policy updates, security notifications)
  4. To improve and develop our products
    • Analyzing usage and performance to understand how the Services are used
    • Developing new features, integrations, and user experiences
    • Conducting troubleshooting, testing, and quality assurance
  5. For billing, account management, and administration
    • Processing payments and managing subscriptions
    • Handling renewals, upgrades, and changes to your plan
    • Managing business relationships with MSPs and resellers
  6. For marketing and optional communications
    • Sending information about new features, products, offers, and events (where permitted by law and your preferences)
    • You can opt-out of marketing messages at any time using the unsubscribe link or by contacting us.
  7. To comply with legal obligations and protect our rights
    • Complying with applicable laws, regulations, and legal processes
    • Enforcing our Terms of Service and other agreements
    • Protecting eazyBackup, our customers, and others from harm

We limit the collection and use of personal information to what is necessary for these purposes, consistent with Canadian privacy principles.

  1. How We Use and Protect Google API / Google Drive Data

This section explains how we handle data obtained via Google API Services when you enable Google Drive backup.

4.1 Use of Google Drive data

We use information received from Google APIs solely to:

  • Discover and list Google Drive files and folders that can be backed up
  • Perform backup and restore operations for the Google Drive content you choose
  • Display backup status, logs, and related information in the dashboard
  • Maintain and improve the reliability, performance, and security of these specific backup features

We do not use Google Drive data for:

  • Advertising or marketing to you or others
  • Profiling you for advertising purposes
  • Selling or renting your data to third parties

We do not use Google Drive data to train generalized or non-personalized AI or machine-learning models.

4.2 Limited Use requirements

Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including its Limited Use requirements.

In particular:

  • We limit the use of Google Drive data to providing or improving user-facing features that are prominent in the eazyBackup interface.
  • We only transfer Google Drive data to third parties where necessary to provide the Services you have configured (for example, storing encrypted backup copies in infrastructure we operate or in contracted sub-processors), to comply with law, or as part of a merger, acquisition, or sale of assets, and only as permitted by Google’s policies.
  • We do not allow humans to read your Google Drive content except:
    • when you explicitly request it (for example, during a support interaction),
    • when it is reasonably necessary for security, abuse prevention, or legal compliance, or
    • where data has been aggregated and anonymized for operational purposes.

4.3 Revoking access and deletion

You can disconnect eazyBackup from your Google Account at any time:

  • through our dashboard (where available), and/or
  • via your Google Account’s security or third-party access settings.

If you revoke access, we will no longer be able to access your Google Drive via Google APIs and will delete or anonymize associated tokens within a reasonable time.

Backup copies of Google Drive content stored as part of your configured backup jobs will be treated as Customer Data and retained or deleted in accordance with your backup policies, our data retention practices, and any applicable legal requirements.

  1. Legal Basis and Consent

eazyBackup is a Canadian company, and we handle personal information in accordance with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA).

In general, we rely on the following grounds to collect, use, and disclose personal information:

  • Your consent, which may be express (for example, clicking “I agree” or checking a box) or implied (for example, where information is provided voluntarily and it is reasonably obvious how it will be used).
  • Contractual necessity, where using your personal information is required to provide the Services you request and to perform our agreements with you.
  • Legitimate business purposes, such as securing our systems, preventing misuse, and improving our products, in a manner that is reasonable and appropriate.
  • Legal obligations, where we must retain or in some cases disclose information to comply with law or a lawful request.

You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. If you withdraw consent, we may not be able to provide certain Services.

  1. When We Share Personal Information

We do not sell or rent personal information.

We may share personal information in the following circumstances:

  1. Service providers and sub-processors
    We use trusted third-party providers to help us operate the Services (for example, data centres, payment processors, email delivery, customer support tools, analytics providers). These providers are given access to personal information only as reasonably necessary to perform services on our behalf, and they are contractually obligated to protect it.
  2. MSPs, resellers, and business customers
    If you access the Services through an organization (for example, your employer, MSP, or reseller), certain information (such as account activity, job status, and usage) may be shared with that organization’s administrators in accordance with their policies.
  3. Business transfers
    If we are involved in a merger, acquisition, financing, reorganization, or sale of some or all of our business or assets, personal information may be transferred as part of that transaction, subject to appropriate safeguards.
  4. Legal and safety purposes
    We may disclose personal information if we believe it is reasonably necessary to:

    • comply with applicable law, regulation, legal process, or governmental request;
    • enforce our agreements, including our Terms of Service;
    • protect the security or integrity of the Services; or
    • protect eazyBackup, our customers, or the public from harm.

Where required by law, we will keep records of such disclosures and, where appropriate, notify affected individuals.

  1. Data Location and International Transfers

We generally aim to store customer backup data in Canadian data centres. However, some personal information (for example, billing data, support data, or analytics information) may be processed by our service providers in other jurisdictions, including the United States and other countries.

When personal information is processed outside of Canada:

  • It may be subject to the laws of the foreign jurisdiction; and
  • We take appropriate contractual and technical measures to protect it in accordance with this Privacy Policy and applicable Canadian law.

You may contact us for more information about our use of service providers and data location.

  1. Sécurité

We are committed to protecting personal information and Customer Data.

We use a combination of administrative, technical, and physical safeguards designed to protect against unauthorized access, use, disclosure, or loss. These measures include:

  • Encryption of backup data in transit and at rest
  • Access controls and least-privilege principles for our staff and systems
  • Network and infrastructure security measures
  • Logging and monitoring of access events
  • Employee training and internal policies for handling personal information

No security measure is perfect, and we cannot guarantee absolute security. However, we continuously work to improve our security controls.

If we become aware of a security breach involving personal information that creates a real risk of significant harm, we will comply with applicable breach notification laws, including required notices to regulators and affected individuals.

  1. Data Retention

We retain personal information and Customer Data for as long as necessary to:

  • Provide the Services and fulfill the purposes described in this Privacy Policy
  • Comply with legal, accounting, or reporting obligations
  • Resolve disputes and enforce our agreements

Backup data is retained according to your configured backup and retention policies, subject to any additional retention periods required by law or by our internal policies.

When personal information is no longer required, we will delete it or anonymize it in a reasonable timeframe, subject to any legal obligations to retain it.

  1. Cookies and Similar Technologies

We use cookies and similar technologies on our websites and dashboards to:

  • Authenticate users and maintain sessions
  • Remember your preferences and settings
  • Measure and analyze usage of our websites and Services
  • Help protect against fraud and abuse

You can manage cookie preferences through your browser settings. If you block or delete cookies, some features of the Services may not function properly.

We may also use third-party analytics services (such as web analytics) that set their own cookies or similar technologies. These providers process usage data on our behalf to help us understand and improve our Services.

  1. Your Choices and Rights

Depending on where you live and subject to certain exceptions, you may have the right to:

  • Access your personal information held by us
  • Request correction of inaccurate or incomplete information
  • Withdraw consent to certain uses or disclosures (subject to legal or contractual restrictions)
  • Opt-out of marketing communications by using the unsubscribe link in our emails or contacting us
  • Ask questions or challenge our compliance with applicable privacy laws

If you wish to exercise any of these rights, please contact us using the details in Section 15. We may need to verify your identity before responding.

If you are an end-user whose account is managed by an organization (such as your employer or MSP), we may redirect your request to that organization where appropriate.

  1. eazyBackup pour les entreprises et les MSPs

If your Account is managed by a business, MSP, or reseller:

  • That organization’s administrators may access or manage information about your use of the Services.
  • Their own privacy policies and internal practices will govern how they handle your personal information.

We act as a service provider to those organizations with respect to Customer Data and related personal information, and we process such data only on their instructions and as permitted by law.

  1. Children’s Privacy

Our Services are not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13.

If you believe that a child has provided us with personal information without appropriate consent, please contact us and we will take steps to delete the information.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

When we make changes, we will update the “Last updated” date at the top of this page. For material changes, we may also provide additional notice (for example, by email or by displaying a notice in the dashboard).

Your continued use of the Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the changes, you should stop using the Services.

  1. Contacting Us and Privacy Complaints

We welcome questions, requests, and concerns about privacy.

If you have a question, request, or complaint about this Privacy Policy or our handling of personal information, please contact us:

eazyBackup Systems Ltd.
390 March Rd Suite 108,
Kanata, ON, Canada
K2K 3N1
Phone: 1 888 969 2016

We will investigate and respond to complaints in a timely manner.

If you are not satisfied with our response, you may have the right to contact the Office of the Privacy Commissioner of Canada or your applicable provincial privacy regulator.

 

fr_CAFR
en_USEN de_DEDE es_COES fr_CAFR