Group e-media
Privacy

Privacy principles.

Group e-media works with business systems, documents, and operational workflows. We treat customer data as confidential, keep access scoped to the engagement, and design AI systems with explicit permissions, audit trails, and human review where needed. The principles below apply to every engagement; specific data-handling commitments for a given project are defined in the signed agreement.

Scope of this policy

This page covers how we operate as a consultancy and R&D studio. The Terms of use govern the public website. Project-specific obligations — including data controllers, sub-processors, retention, and breach notice — are agreed in writing per engagement.

Data we handle

  • Client data — production systems, schemas, documents, tickets, code, and operational artifacts shared for the engagement.
  • Conversation data — when Conversation Intelligence is enabled, only opt-in channels are processed and signal extraction respects channel-level scope.
  • Website data — limited analytics on groupemedia.ca; no advertising trackers; no sale or sharing of contact submissions.

Operating principles

  • Scoped access. Access is granted per engagement, per system, and revoked on completion. Least-privilege by default.
  • Tenant isolation. Client data is never used to train shared models or inform other engagements.
  • Auditable execution. Agent actions on production systems are logged with traces, including model, tool, input, output, and approval state.
  • Human review. High-risk actions (writes, external sends, financial impact) pass through approval gates encoded in the workflow.
  • Vendor choice. Where regulatory or sensitivity requirements demand it, inference runs on private or local models. Hosted vendors are selected with the client.
  • Data residency. When required, processing is constrained to specific regions (Canada, EU) using region-locked endpoints.

Sub-processors and model vendors

Engagements may use third-party model and infrastructure vendors (for example: Anthropic, OpenAI, Google, AWS, Microsoft Azure, and inference providers for open-weights models). The specific sub-processors used for a given client are documented in the engagement agreement, along with their data-handling commitments.

Retention and deletion

Project artifacts are retained for the duration of the engagement plus a defined post-engagement period for support and warranty. On request or at engagement end, client data is deleted from our environments and access tokens are revoked.

Contact

Questions about privacy, data handling, or sub-processors can be sent through the contact form. For active engagements, the named project contact is the primary route.

Last updated: April 2026. This policy may be updated as our practices evolve; material changes are communicated to active clients in writing.