Franchise IQFranchise IQLog in

Privacy Policy

Effective date: Use the date you last published this policy (update this line when you change the document).

CajeFX (“we,” “us,” or “our”) operates Mimir (the “Service”). This Privacy Policy describes how we collect, use, disclose, and protect information in connection with the Service.

Contact
100-441 Innovation Rd, Winnipeg, MB, Canada
Email: company@cajefx.com
Phone: 613-902-6621

1. Scope

This policy applies to personal information we process when you use the Service as an authorized user of a customer organization. Your employer or contracting entity may have its own notices that also apply.

2. Information we process

Depending on how the Service is configured and used, we may process:

  • Account and profile data — such as name, email, phone, role, and identifiers assigned by your organization or our systems
  • Usage and technical data — such as IP address, device/browser type, approximate location derived from IP, timestamps, and diagnostic logs needed to operate and secure the Service
  • Content you submit — such as messages, tickets, files, and knowledge-base material you or your organization uploads
  • Support and communications — information you provide when you contact us or use in-app help features

We do not intentionally collect sensitive categories (for example, health data) unless your organization configures the Service to process them; in that case, processing is done on behalf of the organization as a processor/service provider under their instructions where applicable.

3. How we use information

We use personal information to:

  • Provide, maintain, and improve the Service
  • Authenticate users and enforce access controls
  • Monitor reliability, performance, and security (including fraud and abuse prevention)
  • Communicate about the Service, incidents, and policy updates
  • Comply with law and respond to lawful requests
  • Exercise or defend legal claims

We may use aggregated or de-identified data that does not identify you for analytics and product improvement.

4. Legal bases (where GDPR/UK GDPR applies)

Where required, we rely on one or more of: contract (providing the Service), legitimate interests (security, improvement, proportionate analytics), legal obligation, or consent where we ask for it explicitly.

5. Sharing and subprocessors

We share personal information with:

  • Your organization — administrators may access activity and content according to their policies
  • Service providers — vendors that host infrastructure, send email, provide analytics, or support security, under contracts that require appropriate safeguards
  • Authorities — when required by law or to protect rights, safety, and integrity
  • Business transfers — in a merger, acquisition, or asset sale, subject to appropriate notices and safeguards

A list of key subprocessors may be provided separately or upon request.

6. International transfers

We may process data in Canada and other countries. Where we transfer personal data from the EEA, UK, or Switzerland, we use appropriate safeguards (such as standard contractual clauses) where required.

7. Retention

We retain personal information as long as needed to provide the Service, comply with law, resolve disputes, and enforce agreements. Retention periods may be set by your organization’s configuration or contract with us.

8. Security

We implement technical and organizational measures designed to protect personal information. No method of transmission or storage is completely secure; we encourage strong passwords and prompt reporting of suspected incidents.

9. Your rights

Depending on your location, you may have rights to access, correct, delete, restrict or object to certain processing, port data, or withdraw consent where processing is consent-based. You may also lodge a complaint with a supervisory authority.

To exercise rights, contact your organization’s administrator or company@cajefx.com. We may need to verify your identity.

10. Children

The Service is not directed at children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal information from children for consumer purposes.

11. Cookies and similar technologies

We may use cookies or similar technologies for session management, preferences, security, and analytics. You can control cookies through browser settings; some features may not work without necessary cookies.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated policy in the app or provide notice as appropriate. Continued use after the effective date constitutes acceptance of the changes where permitted by law.

13. Contact

Privacy questions: company@cajefx.com.

This document is a baseline for a B2B SaaS-style product. Edit config/legal/privacy.md as needed and have qualified legal counsel review it for your jurisdictions and data practices.