Last updated: June 10, 2026
This Privacy Policy explains how Vince AI Inc. (“Vince”, “we”, “us”, or “our”) collects, uses, discloses, and protects your personal data when you use our website, application and services provided by Vince, our AI-powered reference assistant for electricians (collectively, “Services”).
By using the Service, you consent to the collection, use, and disclosure of your personal data as described in this Policy.
Vince AI Inc. is an Ontario corporation that provides the Services at getvince.ca (the “Company”). The Company is responsible for personal data collected through the Services for the purposes of the Personal Information Protection and Electronic Documents Act (“PIPEDA”). We are committed to handling your personal data in accordance with PIPEDA and other applicable Canadian privacy laws.
We collect personal data relating to you (“Personal Data”) as follows:
Account information: when you create an account with us, we will collect information associated with your account, including your name, contact information which includes your email (used for login, account verification and notifications), account credentials which includes your password (stored only as a salted bcrypt hash; we cannot recover or view your password) and your display name (how Vince refers to you in conversation), account creation date, payment information and transaction history.
Communication information: if you communicate with us via email, we may collect Personal Data like your name, contact information, the contents of the messages you send and feedback you submit through the feedback feature.
Subscription and billing information: when you subscribe with us, we will collect information associated with your subscription plan and status, trial start and end dates, billing period dates, question usage counts (i.e., how many questions you have used in the current billing period), top-up purchase history, Stripe customer identifier and subscription identifier (used to link your account to your Stripe records). We do not collect or store your credit card number, expiry date, CVC, or other full payment card details. All payment information is collected directly by Stripe, Inc. and handled in accordance with Stripe’s privacy practices.
Service usage information: as you use our Services, we will collect information associated with your usage that includes the content of your messages and queries submitted to Vince, Vince’s responses to said queries, files you upload, saved conversations (referred to as “jobs”) you create within the Service and tool calls performed by Vince in response to your queries.
Technical information: when you access our Services or communicate with us, we will collect technical information associated with you which includes but is not limited to your IP address (used for rate limiting, security and fraud prevention), session identifiers (stored in browser cookies for authentication), browser type and basic device information where applicable and login timestamps and activity logs. We do not use third-party advertising trackers, web analytics services that track individual users (such as Google Analytics or Facebook Pixel), social media tracking pixels, or browser fingerprinting techniques.
We use your Personal Data for the following purposes:
To provide Services: this includes creating and maintaining your account; authenticating you when you log in; processing your queries and generating responses; saving and retrieving your saved jobs; and tracking question usage against your subscription allotment.
To process payments: this includes billing your subscription on a recurring basis; processing top-up purchases; and managing subscription changes and cancellations.
To communicate with you: this includes sending transactional, administrative or service-related communications that are necessary for the provision, operation, maintenance, or security of the Services (i.e., account verification, password resets, payment notifications, subscription changes); responding to your support inquiries and feedback; sending service announcements that materially affect your use of the Services; and sending marketing communications if you have provided express consent in accordance with Section 6.
To secure and improve the Service: this includes detecting and preventing fraud, misuse of our Services, abuse and unauthorized access; enforcing our Terms of Service and acceptable use policies; investigating and responding to security incidents; diagnosing technical problems and improving service reliability; and monitoring aggregate usage patterns to inform product development.
To comply with legal obligations: this includes responding to lawful requests from government authorities; complying with tax, accounting and other reporting requirements; and defending our interests in legal disputes.
We also aggregate or de-identify Personal Data such that it is no longer personally identifiable and this information is then used for the purposes described above, such as to analyze the way our Services are being used, to improve the Services and to conduct research. We will maintain and use de-identified information in de-identified form and not attempt to reidentify the information unless required by Canadian law.
We use the following third-party service providers to operate the Services. Each processes some of your Personal Data on our behalf, subject to contractual obligations to safeguard that information.
| Provider | Purpose | Data Location |
|---|---|---|
| Anthropic, PBC | AI processing of your queries (generates Vince’s responses) | United States |
| Stripe Payments Canada, Ltd. | Payment processing, subscription management, Customer Portal | Canada and United States |
| Resend (Resend Labs, Inc.) | Transactional and marketing email delivery | United States |
| DigitalOcean, LLC | Application server hosting, file storage, database hosting | Toronto, Ontario, Canada |
As a result, Personal Information may be transferred to, stored in, or accessed from jurisdictions outside Canada, including the United States. In particular, (i) query content, conversation history necessary to generate responses, and AI-generated outputs are transmitted to Anthropic, PBC in the United States for AI processing, (ii) transactional email content and email addresses are processed by our email service provider, Resend, in the United States and (iii) payment information is processed by Stripe and may be stored or processed in Canada, the United States, or other jurisdictions in which Stripe operates its infrastructure.
When Personal Data is transferred outside Canada, it becomes subject to the laws of the jurisdiction in which it is processed and may be accessible to courts, law enforcement agencies, national security authorities, and other governmental authorities in accordance with applicable laws of that jurisdiction.
Our primary application infrastructure is located in Toronto, Ontario, Canada. Account information, saved content, conversation logs, and user-uploaded files are generally stored on servers located in Canada. Routine backups are also maintained within Canada, subject to operational and disaster recovery requirements.
We require service providers that process Personal Data on our behalf to provide appropriate safeguards for the protection of such information and to use it only for the purposes for which it was disclosed.
We do not sell, rent, or lease Personal Data to third parties for their own marketing or advertising purposes. We do not disclose Personal Data to data brokers.
The content of your query submitted to Vince, together with relevant conversation history necessary to generate a response, is transmitted to Anthropic, PBC (“Anthropic”), our third-party artificial intelligence service provider. Anthropic processes the information and returns a response, which we then provide to you through the Service.
Anthropic’s processing of information submitted through its API services is governed by its applicable terms and privacy practices, which are available at anthropic.com. Under our agreement with Anthropic, content submitted through the Service is not used by Anthropic to train its generative AI models.
We retain records of user queries and AI-generated responses for the purposes of: (a) providing and maintaining Service functionality, including saved conversations and saved jobs features; (b) troubleshooting, monitoring, and diagnosing technical issues; (c) detecting, preventing, and investigating fraud, misuse, or violations of our Terms; (d) improving, developing, and securing the Service; and (e) complying with legal obligations. Such records are retained in accordance with the retention practices described in Section 9.
You are responsible for the information you choose to submit through the Service. Unless specifically required for your use of the Service, you should not include payment card information, social insurance numbers, passwords, confidential third-party information, or other sensitive personal information in your queries.
AI-generated responses are produced by third-party machine learning systems and may be inaccurate, incomplete, outdated, or inappropriate for your circumstances. You should independently verify any information provided by the Service before relying on it.
We comply with Canada’s Anti-Spam Legislation (“CASL”). We will send you marketing and promotional communications, including product updates, feature announcements, promotional offers, and newsletters, only where we have obtained your express consent or are otherwise permitted to do so under applicable law. These communications may be sent by us or on our behalf by our third-party service providers. All such communications will clearly state the Company’s name, identify if they are sent on behalf of affiliates or partners, and will include our contact information.
When creating an account, you may provide your consent to receive marketing communications by selecting the applicable opt-in option. You may withdraw your consent at any time by: (a) clicking the “unsubscribe” link included in any marketing email; (b) updating your communication preferences through your account settings; or (c) contacting us at support@getvince.ca and requesting to unsubscribe from marketing communications.
Withdrawal of your consent to receive marketing communications will not affect our ability to send you transactional, administrative, or service-related communications that are necessary for the provision, operation, maintenance, or security of the Services, including account verification messages, password reset emails, payment receipts and notifications, subscription-related notices, security alerts, and other similar communications.
The Service uses a limited number of essential cookies and similar browser storage technologies that are necessary for the operation of the Service. These technologies are used for purposes such as: (a) maintaining your authenticated session and account login state between visits; (b) enabling Progressive Web App functionality and offline capabilities; (c) remembering user preferences and settings; and (d) ensuring the security and proper operation of the Service.
We do not use cookies or similar technologies for advertising, tracking across other websites, or third-party analytics. We do not permit third parties to place advertising or tracking cookies through the Service.
You may configure your browser to block or delete cookies and similar storage technologies. However, disabling them may prevent you from logging in, maintaining an authenticated session, or using certain features of the Service.
We maintain reasonable physical, technical, and administrative safeguards designed to protect Personal Data against loss, theft, unauthorized access, disclosure, copying, use, modification, or destruction. Our security measures include, among other things: (a) encryption of data transmitted between your device and our systems using industry-standard TLS protocols; (b) secure password storage using one-way cryptographic hashing; (c) secure session management and authentication controls; (d) access controls and least-privilege permissions for production systems and customer data; (e) rate limiting and other measures designed to detect and prevent unauthorized access attempts; (f) network, server, and application security controls; (g) logging and monitoring of security-relevant events; (h) account verification procedures and other identity-validation measures; (i) regular backups and disaster recovery procedures; and (j) internal policies and procedures governing the handling of Personal Data.
While we take reasonable measures to protect Personal Data, no method of transmission over the Internet and no method of electronic storage is completely secure. As a result, we cannot guarantee absolute security.
If we determine that a breach of security safeguards involving Personal Data has occurred, we will investigate the incident and provide any notices required by applicable law. Where required under PIPEDA or other applicable Canadian privacy laws, we will notify affected individuals and applicable regulatory authorities within the timeframes prescribed by law.
We will retain Personal Data for only as long as necessary in order to provide our Services to you, or for other legitimate business purposes which include but are not limited to resolving disputes, safety and security reasons, or complying with our legal obligations. We retain Personal Data as follows:
We will securely delete, anonymize, or otherwise de-identify the information at the end of the applicable retention period noted above, unless continued retention is required or permitted by law.
You have the following rights with respect to your Personal Data, subject to applicable laws:
Right of Access: You may request access to the Personal Data we hold about you, including information about how it has been used and, where applicable, to whom it has been disclosed.
Right of Correction: You may request that we correct or update Personal Data that is inaccurate, incomplete, or out of date. Certain account information, such as your display name and email address, may be updated directly through your account settings.
Right to Withdraw Consent: Where we rely on your consent to collect, use, or disclose Personal Data, you may withdraw that consent at any time, subject to legal or contractual restrictions and reasonable notice. If you withdraw consent for processing that is necessary to provide the Services, we may be unable to continue providing some or all of the Services to you, and your account may be suspended or terminated.
Request for Deletion: You may request that we delete your Personal Data. We will consider such requests in accordance with applicable law and our legitimate business and legal obligations. Certain information may be retained where required or permitted by law, including for tax, accounting, security, fraud prevention, dispute-resolution, or recordkeeping purposes.
Right to Challenge Compliance: If you have concerns about our privacy practices or our handling of your Personal Data, you may contact us using the information provided below. You also have the right to submit a complaint to the Office of the Privacy Commissioner of Canada.
Please contact us at support@getvince.ca to exercise any of the above rights. We may require you to verify your identity before processing certain requests. We will respond to requests within the timeframes required by applicable law, which is generally within thirty (30) days under PIPEDA, subject to any permitted extensions.
The Service is not directed to individuals under 18 years of age, and we do not knowingly collect Personal Data from anyone under 18. If we learn that we have collected information from a person under 18, we will delete that information promptly. If you believe we have inadvertently collected information from a minor, please contact support@getvince.ca.
We may update this Privacy Policy from time to time. Material changes will be communicated via the email address associated with your account at least 30 days before they take effect. The “Last updated” date at the top of this Policy reflects the most recent revision. Your continued use of the Service after changes take effect constitutes your acceptance of the revised Policy.
For privacy-related questions, requests, or complaints, contact:
Vince AI Inc.
Attn: Privacy Officer
Email: support@getvince.ca