Privacy Policy

Effective April 1, 2026

Meaningful Technology Inc. ("Company", "we", "us", "our") is committed to protecting your privacy and ensuring you have a positive experience on our platform and website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Meaningful platform, including our website, mobile applications, and related services ("Platform").

Meaningful Technology Inc. is a British Columbia-based company subject to the Personal Information Protection Act ("PIPA"). This privacy policy is designed to comply with PIPA and other applicable privacy laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

‍

Commitment to Privacy

We are deeply committed to protecting your personal information and respecting your privacy rights. Our privacy practices are designed to ensure that:

• Personal information is collected only for legitimate business purposes
• Your information is used in a manner consistent with your expectations
• Your information is protected with appropriate security measures
• You have the right to access, correct, and control your information

‍

PIPA Compliance

Meaningful Technology Inc. is committed to complying with the Personal Information Protection Act (PIPA) of British Columbia. PIPA establishes rules for how private sector organizations in BC collect, use, and disclose personal information. Our privacy practices are built on the 10 PIPA principles and this Privacy Policy demonstrates our commitment to each of these principles.

‍

Definition of Personal Information

Personal information is any information about an identifiable individual. In the context of our Platform, personal information includes:

• Name, email address, and phone number
• Mailing address and billing address
• Organization affiliation and position
• Donation history and financial transaction information
• Volunteer records and participation history
• Event registrations and attendance records
• Communication history including emails and messages
• Profile visibility settings and consent records
• IP addresses and device information
• Payment tokens and billing information

‍

Information We Collect

Information You Provide Directly

We collect information you voluntarily provide when:

• Creating or updating your account
• Making donations or processing payments
• Registering for events or volunteer opportunities
• Subscribing to newsletters or communications
• Communicating with our team or other members

Information Collected Automatically

When you access our Platform, we automatically collect:

• IP address and device identifiers
• Browser type and operating system
• Pages visited and features used
• Session recordings and interaction events
• Referral source and click patterns

‍

Purposes for Collecting Personal Information

We collect and use personal information for the following purposes:

• Account management and identity verification
• Processing donations and payments
• Managing memberships and volunteer programs
• Facilitating event registration and coordination
• Sending communications, updates, and newsletters
• Providing customer support and technical assistance
• Personalizing your experience on the Platform
• Analytics and improvement of Platform features
• Fraud detection and security monitoring
• Compliance with legal and regulatory obligations

‍

Consent

We obtain your consent for the collection, use, and disclosure of personal information as required by PIPA. Consent may be:

• Express: Written or verbal consent provided by you directly
• Implied: Inferred from your actions and the context of our relationship

For sensitive personal information and certain uses (such as marketing communications and advanced analytics), we obtain express, informed consent. You can manage your consent preferences by contacting support@meaningful.ca at any time.

‍

Right to Withdraw Consent

You have the right to withdraw your consent for the use and disclosure of personal information at any time, subject to legal and contractual restrictions. To withdraw consent, you may:

• Contact support@meaningful.ca
• Click "unsubscribe" in promotional emails

‍

Limits on Use and Disclosure

Personal information will not be used or disclosed for purposes other than those for which it was collected, except with your consent or as required by law. We do not sell personal information to third parties for commercial gain.

We may disclose personal information to:

• Service providers who assist us in operating the Platform
• Affiliated organizations with your consent
• Law enforcement when required by legal process
• Successors or acquirers in the event of merger or acquisition

‍

Third-Party Service Providers

We engage third-party service providers to help operate the Platform and support our business functions. These service providers are contractually obligated to use your information only as necessary to provide services to us and must maintain appropriate security measures. Below are the third-party integrations used by Meaningful:

Stripe - Payment Processing

Purpose: Processes donations and membership payments

Information shared: Name, email, billing address, payment tokens. Stripe does not store full credit card details on our systems. Visit Stripe's privacy policy: https://stripe.com/privacy

SendGrid - Email Communications

Purpose: Delivers transactional and marketing emails

Information shared: Email addresses, email content, engagement metrics (opens, clicks). Visit SendGrid's privacy policy: https://sendgrid.com/policies/privacy

Twilio - SMS Communications

Purpose: Sends SMS notifications and reminders

Information shared: Phone numbers, message content. Visit Twilio's privacy policy: https://www.twilio.com/legal/privacy

Nylas - Email and Calendar Integration

Purpose: Integrates with user email and calendar systems for seamless communication management

Information shared: Email access, calendar events, email metadata, message content. Visit Nylas's privacy policy: https://www.nylas.com/privacy

OpenAI - AI and Machine Learning

Purpose: Powers AI-assisted features for transcription analysis and intelligent recommendations

Information shared: Transcripts, email content, participant names (only when necessary for feature use)

Data Protection: We have executed a Data Processing Agreement with OpenAI. Use of OpenAI features requires your explicit opt-in consent. OpenAI does not use your data for model training without separate consent. Visit OpenAI's privacy policy: https://openai.com/privacy

PostHog - Analytics

Purpose: Provides product analytics and feature usage insights

Information shared: Session recordings, interaction events, device information. PostHog respects your privacy choices and provides opt-out options. Visit PostHog's privacy policy: https://posthog.com/privacy

Customer.io - Marketing Automation

Purpose: Automates email campaigns and personalized communications

Information shared: Profile data, email address, phone number, interaction events. Visit Customer.io's privacy policy: https://customer.io/privacy

‍

‍

Right to Access Personal Information

You have the right to request access to your personal information held by Meaningful Technology Inc. Under PIPA, you may request to know:

• Whether we hold your personal information
• What personal information we hold about you
• How we use your information
• To whom we disclose your information

‍

How to Access Your Personal Information

You can access and manage much of your personal information directly on the Platform. To request a formal access to personal information, please:

1. Submit a written request to: support@meaningful.ca
2. Include sufficient information to identify you and the information you seek
3. Provide proof of identity if requested
4. We will respond to your request within 30 days in accordance with PIPA requirements

‍

Accuracy of Personal Information

We are committed to maintaining the accuracy, completeness, and currency of personal information. We take reasonable steps to:

• Verify information during collection
• Update information when changes are brought to our attention
• Enable you to update your own information
• Note information as disputed if you contest its accuracy

‍

Retention of Personal Information

We retain personal information only as long as necessary to fulfill the purposes for which it was collected or as required by law. Retention periods vary depending on the type of information and the context:

• Account information: Retained for the duration of your account plus 2 years
• Transaction records: Retained for 7 years for tax and legal compliance
• Marketing communications: Retained until you unsubscribe
• Session logs and analytics: Retained for up to 90 days
• Legal holds: Retained for the duration of litigation or investigation

‍

Destruction of Personal Information

Personal information that is no longer required to fulfill its identified purposes is destroyed in a secure manner. Our destruction procedures include:

• Secure deletion from databases
• Shredding of physical documents
• Permanent erasure from backup systems
• Anonymization of data when appropriate

‍

Security of Personal Information

We implement comprehensive administrative, physical, and technological safeguards to protect personal information from unauthorized access, use, disclosure, modification, or destruction.

Administrative Safeguards

• Access controls limiting information to authorized personnel
• Employee training on privacy and security practices
• Confidentiality agreements with all staff and contractors
• Privacy incident response procedures

Technological Safeguards

• Encryption of data in transit (SSL/TLS) at rest.
• Firewalls and intrusion detection systems
• Multi-factor authentication for account access
• Regular security audits and penetration testing
• Secure API key and credential management
• Regular software updates and patch management

‍

Cross-Border Transfer of Personal Data

Meaningful Technology Inc. is a Canadian company headquartered in British Columbia. Our primary database infrastructure is hosted on MongoDB Atlas servers located in the United States (Oregon, us-west-2 region). While our company is based in Canada, your personal data is stored and processed on US-based servers.

However, some of your personal information may be transferred to, processed, and maintained on servers or systems located outside of Canada — specifically in the United States — through our third-party service providers. The following vendors process personal data on US-based infrastructure: Stripe (payment processing), SendGrid (email delivery), Twilio (SMS), Nylas (email and calendar integration), OpenAI (AI-powered features, opt-in only), PostHog (analytics), and Customer.io (marketing automation).

Where personal data is transferred outside of Canada, we ensure that adequate safeguards are in place to protect your information in accordance with PIPA. These safeguards include:

• Signed Data Processing Agreements (DPAs) with all third-party service providers, requiring them to protect personal data to a standard equivalent to Canadian privacy law
• Contractual clauses requiring vendors to implement appropriate technical and organizational security measures
• Encryption of data in transit (TLS/HTTPS) between our servers and all third-party services
• Regular review and verification of vendor compliance with their contractual privacy obligations
• Data minimization practices — we only share the minimum personal information necessary for each service to perform its function

Please be aware that data protection laws in the United States may differ from those in Canada. By using our Platform and consenting to this Privacy Policy, you acknowledge that your personal information may be transferred to and processed in the United States through our service providers. No transfer of your personal data will take place to an organization or a country unless there are adequate controls in place, including the security of your data and other personal information as described in this policy.

For EU residents, cross-border transfers are governed by Standard Contractual Clauses (SCCs) as required by the GDPR. For questions about where your data is stored or processed, contact our Privacy Officer at raaj@meaningful.ca.

‍

Privacy Breach Notification

In the event of an unauthorized access or disclosure of personal information that compromises security or privacy, we will:

• Notify affected individuals without unreasonable delay
• Provide information about the nature of the breach
• Advise of steps individuals can take to protect themselves
• Notify the BC Office of the Information and Privacy Commissioner when required by law

‍

Privacy Complaints and Dispute Resolution

If you believe your privacy has been violated or you wish to lodge a complaint about our privacy practices, please contact our Privacy Officer:

Raaj Chatterjee

Meaningful Technology Inc.

Email: raaj@meaningful.ca

We will investigate your complaint and respond within 30 days. If you are not satisfied with our response, you may escalate your complaint to the BC Office of the Information and Privacy Commissioner.

BC Office of the Information and Privacy Commissioner: https://www.oipc.bc.ca or 1-800-663-9453

‍

Right to Obtain OIPC Assistance

You have the right to file a complaint with the Office of the Information and Privacy Commissioner (OIPC) if you believe we have not complied with PIPA. The OIPC is an independent office that handles privacy complaints and provides guidance on privacy matters.

You can contact the BC OIPC at: BC Office of the Information and Privacy Commissioner, 947 Fort Street, Victoria, BC V8V 3K3, Telephone: 250-356-1851 or 1-800-663-9453, Website: https://www.oipc.bc.ca

‍

GDPR Compliance (EU Residents)

If you are a resident of the European Union or European Economic Area, your personal information is protected by the General Data Protection Regulation (GDPR). In addition to the rights outlined in this policy, you have the following GDPR rights:

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

‍

CCPA Compliance (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect
• Right to know whether we sell or share personal information
• Right to delete personal information
• Right to opt-out of the sale or sharing of personal information
• Right to correct inaccurate personal information
• Right to limit the use and disclosure of sensitive personal information

‍

Children's Privacy

The Platform is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information immediately.

‍

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and understand how you use the Platform. Types of cookies used include:

• Essential cookies: Required for basic functionality and security
• Performance cookies: Measure how visitors use the Platform
• Functional cookies: Remember preferences and settings
• Targeting cookies: Deliver relevant content and advertisements

You can manage cookie preferences through your browser settings. Please note that disabling certain cookies may limit Platform functionality.

‍

Zoom Integration and Video Communications

When you use video conferencing features powered by Zoom through our Platform, the following applies:

• Your video, audio, and screen share data is transmitted through Zoom's secure servers
• Zoom meetings may be recorded if enabled, and you will receive notification
• Zoom's privacy practices govern Zoom's processing of your data
• We use Nylas API to integrate calendar and email capabilities

Please review Zoom's privacy policy at https://zoom.us/privacy for more information about how Zoom processes your information.

‍

Links to Third-Party Websites

The Platform may contain links to third-party websites. This Privacy Policy applies only to our Platform. We are not responsible for the privacy practices of external websites. When you click on third-party links, you leave our Platform and are subject to the privacy policies of those third parties. We recommend reviewing their privacy policies before providing personal information.

‍

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on the Platform and updating the "Last Updated" date.

Your continued use of the Platform following the posting of changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically to stay informed of how we protect your information.

‍

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact:

Meaningful Technology Inc.

Location: British Columbia, Canada

Privacy Officer: Raaj Chatterjee

Email: raaj@meaningful.ca

General Inquiries: hello@meaningful.ca

Response Time: We aim to respond to all privacy inquiries within 30 days.

‍

Last Updated: April 1, 2026

This Privacy Policy is effective as of the date above and will remain in effect until modified.