SPDAFY Logo
ENGINE

Privacy Policy

Last Updated: May 2, 2026

1. Overview & Accountability

DJ SPDAFY ("we," "us," or "our") operates the SPDAFY Creator-Tech Engine. We are committed to protecting your privacy in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and the General Data Protection Regulation (GDPR) for our users located in the European Economic Area (EEA). We act as the Data Controller for information collected directly through our platform. For any inquiries, please contact our Privacy Officer at: legal@spdafy.com.

2. Lawful Basis for Processing

Under the GDPR, we must have a lawful basis to process your personal data. We rely on the following:

  • Consent: When you accept our use of cookies or sign up for our waitlist.
  • Legitimate Interests: To operate, secure, and improve our Creator-Tech Engine, provided these interests do not override your fundamental rights.
  • Contractual Necessity: To provide services you have explicitly requested from us.

3. Data Collection & Google Consent Mode v2

To comply with the GDPR and the ePrivacy Directive, we implement Google Consent Mode v2. By default, our engine strictly denies the storage of non-essential cookies (such as ad_storage, analytics_storage, and ad_user_data).

Only when you explicitly grant consent via our Cookie Banner do we transmit these consent signals to Google Tag Manager and Google Analytics. This ensures that no tracking or advertising data is processed without your explicit, opt-in consent.

4. AI Processing & Privacy

Our engine leverages Google Cloud Vertex AI and Gemini models. We ensure that your proprietary content is processed in isolated environments and is not used to train public foundational models. All AI analysis is specific to your brand orchestration.

5. International Data Transfers

While DJ SPDAFY is based in Ontario, Canada (a jurisdiction recognized by the European Commission as providing adequate data protection under PIPEDA), our infrastructure utilizes Google Cloud. If data is transferred outside the EEA, we ensure it is protected by appropriate safeguards, such as Standard Contractual Clauses (SCCs).

6. Individual Access Rights (GDPR & PIPEDA)

You possess robust rights regarding your personal data. You have the right to:

  • Access: Request a copy of the data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request the deletion of your data (the "Right to be Forgotten").
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction & Objection: Limit or object to our processing of your data.

To exercise any of these rights, please use our Data Deletion page or contact our Privacy Officer.

7. CASL Compliance

In accordance with Canada's Anti-Spam Legislation (CASL), we will only send Commercial Electronic Messages (CEMs) with your express or implied consent. Every electronic communication will include a clearly visible "unsubscribe" mechanism.

8. Contact Information

For questions regarding this policy, to manage your cookie preferences, or to exercise your rights, please contact our Privacy Officer: legal@spdafy.com