Legal
Privacy Policy
- Effective date
- Effective July 4, 2026
- Last updated
- Last updated July 4, 2026
This Privacy Policy explains how Agnotiq (“Agnotiq”, “we”, “us”) collects, uses, shares, and protects personal information in connection with Agnotiq MarginTide Price Checker and our related websites and services (the Service). It works together with our Terms of Service.
We are based in Toronto, Ontario, Canada and serve business customers in Canada and the United States. We designed the Service to keep each customer’s data isolated and to process personal information only as needed to run the Service.
Two roles: controller and processor.
For account, billing, website, and usage information, Agnotiqacts as the controller (in Canada, the organization accountable for the data). For the Customer Data you put into the Service to run pricing checks, we act as a processor / service provider on your behalf and handle it under our Terms of Service (and any data processing terms that apply to your plan).
01Overview & scope
This Policy applies to personal information we handle through our website, sign-up and sign-in flows, dashboards, communications, and support — and to the Customer Data processed through the Service. It does not apply to third-party websites or services we link to or integrate with, which have their own privacy practices (§14).
02The information we collect
Information you provide.
- Account & contact data — your business email address (used for passwordless sign-in), name, workspace and Organization details, and role.
- Billing data — subscription tier, billing contact, and payment records. Card details are collected and stored by our payment processor (Stripe), not by us.
- Support & communications — messages, requests, and feedback you send us.
- Customer Data — the data you submit to operate the Service, such as product catalogs, competitor URLs, cost and margin inputs, CSV imports, pricing policies, and configuration.
Information collected automatically.
When you use the Service we collect device and connection data (such as IP address, browser type, and approximate region), authentication and security event logs, and usage data (such as pages viewed, features used, and run activity), including through cookies and similar technologies (§5).
Information from third parties.
We may receive information from our service providers — for example, billing and fraud signals from Stripe, email deliverability data, and, if you connect Slack, the workspace and channel information needed to deliver alerts.
When you connect Slack, we also store the access credential — an OAuth bot token that Slack issues to us — so we can post the alerts you configure to your chosen channel. We keep this credential encrypted at rest, use it only to deliver your alerts, and delete it when you disconnect Slack.
03How we use information
We use personal information to:
- provide, operate, maintain, and secure the Service, including running scheduled and on-demand pricing checks and generating Output, Recommendations, and alerts;
- authenticate you (via magic-link sign-in), manage workspaces and access, and prevent abuse, fraud, and security incidents;
- check the domain of your sign-up email against general reference lists of consumer and free email providers and of known disposable or throwaway email domains — to tell business accounts from personal ones, prevent abuse, and administer free-tier eligibility (those reference lists are general information about email domains, not information about you);
- process payments, manage subscriptions, and provide support;
- communicate with you about the Service, including transactional messages and (where permitted) product updates you can opt out of;
- analyze and improve the Service using aggregated or de-identified data; and
- comply with legal obligations and enforce our Terms.
04Legal bases for processing
In Canada, we collect, use, and disclose personal information with your consent (express or implied) and as otherwise permitted or required by the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial law, for purposes a reasonable person would consider appropriate in the circumstances. Where regional law (such as in the European Union) requires a specific legal basis, we rely on performance of a contract, legitimate interests, consent, and legal compliance, as applicable. You may withdraw consent subject to legal and contractual restrictions (§11).
06AI & agentic processing of your data
The Service uses a pipeline of AI agents to do its work: a composing agent plans the research, per-retailer research agents perform web searches to estimate competitor prices, and a quality-grading agent evaluates the results. To run a check, relevant Customer Data (for example, the products and competitor URLs you configured) and web search results are processed by these agents.
- AI provider. By default, agent inference is performed using Anthropic’s API. We use Anthropic under commercial terms that do not use your inputs or outputs to train models.
- BYO-key isolation. If you supply your own Anthropic API key, inference for your workspace runs under your own Anthropic account and your agreement with Anthropic; in that case Anthropic’s handling of that content is governed by your agreement, not ours (see Terms §10).
- Web research. To estimate competitor prices, the agents query third-party search and public web pages. Search queries derived from your configuration are sent to the search provider, and the agents read publicly available page content.
- Advisory only. AI-generated Output may be inaccurate or incomplete and is for your review; how it may and may not be relied upon is described in the Terms (§4).
08Data retention
We retain personal information for as long as reasonably necessary to provide the Service, to comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary by data type and context (for example, account data for the life of your account, and billing records for the period required by tax and accounting law). When information is no longer needed, we delete or de-identify it. Customer Data is handled per your Terms; export anything you need before terminating.
09How we protect information
We use technical and organizational measures designed to protect personal information, including:
- Tenant isolation — workspace-scoped row-level security enforced at the database, with additional access checks in the application layer;
- Encryption — data encrypted in transit and at rest by our infrastructure providers;
- Passwordless authentication — magic-link sign-in; we do not store account passwords, so there is no password database to breach; and
- Least privilege & logging — restricted access to systems and security event logging.
No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Because your email inbox is the root credential for sign-in, keeping it secure is an important part of protecting your account.
10International data transfers
We and our sub-processors store and process information in Canada, the United States, and other countries where our infrastructure operates. As a result, your information may be transferred to, and processed in, a country other than your own and may be subject to the laws of those countries, including lawful access by courts, law enforcement, and government authorities. Where required, we use appropriate safeguards for international transfers.
11Your privacy rights & choices
Subject to applicable law, you may have the right to access, correct, update, or delete your personal information, to obtain a copy of it, to withdraw consent, and to opt out of marketing communications. You will not be discriminated against for exercising these rights.
To exercise a right, email privacy@agnotiq.com. We will respond within five (5) business days (or as required by law) and may need to verify your identity. If we process Customer Data on behalf of a customer, we will refer individual requests to that customer (the controller). You may unsubscribe from marketing email using the link in the message; transactional messages (such as sign-in links and billing notices) continue regardless.
12Regional disclosures (Canada / U.S.)
Canada (PIPEDA).
We are accountable for personal information under our control and have designated a contact for privacy matters (reachable at privacy@agnotiq.com). You may request access to, and correction of, your personal information, and may challenge our compliance. As noted in §10, your information may be processed outside Canada and subject to foreign lawful access.
United States (California — CCPA/CPRA, and similar laws).
In the prior 12 months we have collected the following categories of personal information: identifiers (such as email and IP address); commercial information (such as subscription and billing records); internet/network activity (such as usage and log data); geolocation inferred from IP address; and, if you connect Slack, the integration credential described in §2 (the OAuth bot token Slack issues to us). We collect these for the business purposes described in §3, from the sources described in §2, and disclose them to the sub-processors and recipients described in §7.
We do not sell personal information and do not share it for cross-context behavioral advertising, and we do not use or disclose sensitive personal information for purposes that require an opt-out. California residents may exercise rights to know, delete, correct, and to non-discrimination as described in §11. Residents of other U.S. states with comprehensive privacy laws have analogous rights, which we honor where applicable.
13Children’s privacy
The Service is a business tool intended for adults and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact privacy@agnotiq.com and we will take appropriate steps to delete it.
14Third-party links & integrations
The Service may link to or integrate with third-party websites and services (for example, retailer sites the agents research, Slack, and Stripe). We are not responsible for the privacy practices of those third parties; your use of them is governed by their own terms and privacy policies.
15Changes to this Policy
We may update this Policy from time to time. If we make a material change, we will provide notice by a reasonable means (for example, in-product notice, email, or posting an updated version with a new effective date). The “Last updated” date above reflects the most recent revision; continued use of the Service after a change takes effect means you accept the updated Policy.
16How to contact us
For privacy questions, requests, or security disclosures, contact Agnotiq at privacy@agnotiq.com, or write to us at Toronto, Ontario, Canada. We aim to respond within five (5) business days. For contract questions, see our Terms of Service or email legal@agnotiq.com.