Privacy Policy

Last updated: March 21, 2026

Agenzys is an enterprise platform operated by Integra CSP Corp. ("Integra," "we," "us," or "our"). This Privacy Policy describes how we collect, use, store, and protect information when you use the Agenzys platform and related services.

1. Information We Collect

We collect the following categories of information:

• Account Information: Name, email address, and organizational role when you create an account or are provisioned by your organization's administrator.
• Financial Data: Bank account information, transaction data, and accounting records processed through the platform, including data obtained via third-party integrations (e.g., Plaid, QuickBooks Online).
• Usage Data: Log data, IP addresses, browser type, and platform interactions for security monitoring and service improvement.
• Device Information: Operating system, device identifiers, and connection details for security and access control purposes.

2. How We Use Your Information

We use collected information to:

• Provide, operate, and maintain the Agenzys platform and its services (ERP, project management, document management, analytics)
• Process financial transactions, bank reconciliation, and accounting operations
• Authenticate users and enforce access controls
• Monitor for security threats and unauthorized access
• Comply with legal and regulatory obligations, including CRA requirements
• Generate reports and analytics for authorized users within your organization

3. Third-Party Services

The Agenzys platform integrates with third-party services to provide financial data connectivity:

• Plaid: Used to securely connect bank accounts for transaction import and bank reconciliation. Plaid's use of your data is governed by the Plaid End User Privacy Policy.
• Intuit/QuickBooks Online: Used for accounting data migration and synchronization.
• Microsoft Azure: Cloud infrastructure provider. Data is hosted in Microsoft Azure's Canadian data centers.

We only share data with third parties as necessary to provide our services and as described in this policy. We do not sell your personal information.

4. Data Storage and Security

• Data is stored on encrypted infrastructure hosted in Microsoft Azure (Canada).
• All data in transit is protected by TLS 1.2 or higher.
• Access to systems is controlled via multi-factor authentication, SSH key-based authentication, and role-based access controls.
• OAuth tokens and API credentials are stored securely and never committed to source code.
• We employ vulnerability scanning and continuous security monitoring via Microsoft Defender for Cloud.

5. Data Retention

• Financial records are retained for 7 years in compliance with CRA requirements.
• Application logs are retained for 90 days.
• Temporary migration data is deleted after verification.
• OAuth tokens are rotated per vendor-defined schedules.

6. Your Rights

Under applicable Canadian privacy laws (PIPEDA), you have the right to:

• Access your personal information held by us
• Request correction of inaccurate information
• Request deletion of your personal information, subject to legal retention requirements
• Withdraw consent for data processing where consent is the basis for processing
• File a complaint with the Office of the Privacy Commissioner of Canada

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify affected users of material changes via email or platform notification. The "Last updated" date at the top of this page indicates when the policy was last revised.

8. Contact Us

For privacy-related inquiries or to exercise your rights, contact:

Integra CSP Corp.
Privacy Officer
Email: privacy@integracsp.com