Privacy Policy
Last updated: June 5, 2026
1. Who We Are
Wolf Codes Inc. operates SiteWire at sitewire.ca. We are incorporated in British Columbia, Canada. Our data processing is governed by the Personal Information Protection and Electronic Documents Act (PIPEDA) at the federal level and the Personal Information Protection Act (PIPA BC) at the provincial level. We store all customer account data on servers located in Canada.
2. Data We Collect
Account data: email address, password (bcrypt-hashed, never stored in plaintext), company name, professional role.
Usage data: permit searches, alert configurations, API requests, used to operate and improve the service.
Billing data: handled entirely by Stripe, Inc. We store only your Stripe customer ID, no card numbers or full payment details ever reach our servers. Stripe is PCI DSS Level 1 certified.
Permit data: building permits are public records sourced from government open data portals. They contain contractor names, business addresses, and project details, no personal residential information.
Functional storage: session tokens and referral context are stored in your browser's localStorage. See our Cookie Policy for details.
3. How We Use Your Data
- To provide and improve the SiteWire service
- To send transactional emails (alerts, verification, billing receipts)
- To detect and prevent fraud or abuse
- To comply with legal obligations under PIPEDA and applicable Canadian law
We do not sell your personal data to third parties. We do not use your data for advertising.
4. Data Hosting
SiteWire is built on public open-data permit and tender feeds published by Canadian governments. Customer account data and usage logs are hosted on our cloud infrastructure provider (Render), and our permit and tender warehouse runs on Google Cloud BigQuery.
If your organization has a formal Canadian data-residency requirement, contact us before purchase so we can confirm whether we can meet it for your engagement.
5. Sharing & Disclosure
We share data only with:
- Stripe, Inc., payment processing. PCI DSS Level 1 compliant. Stripe's servers are located in the United States; data shared is limited to what Stripe requires to process payments.
- Google Cloud Platform, permit and tender data warehouse (BigQuery). Subject to Google's Data Processing Agreement.
- Law enforcement or regulators when required by applicable Canadian or provincial law.
We do not share data with any marketing platforms, social networks, or data brokers.
6. Retention
Account data is retained for the duration of your account plus 90 days after deletion. Usage logs are retained for 12 months. Billing records are retained for 7 years as required by Canadian tax law. You may request deletion at any time by emailing hello@sitewire.ca.
7. Your Rights Under PIPEDA
Under PIPEDA and applicable provincial privacy legislation, you have the right to:
- Access the personal information we hold about you
- Correct inaccurate information
- Withdraw consent and request deletion of your account and data
- Lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC)
Contact us at hello@sitewire.ca to exercise these rights. We respond within 30 days as required by PIPEDA.
8. Security
We use HTTPS/TLS 1.2+ for all data in transit. Passwords are hashed with bcrypt (cost factor 12). Session tokens are JWTs with 72-hour expiry. API keys are stored as SHA-256 hashes, the raw key is shown once at creation and never again. We conduct periodic security reviews and apply principle-of-least-privilege to all service accounts.
9. Cookies & Local Storage
SiteWire uses browser localStorage for session management only. We do not place advertising or tracking cookies. No third-party analytics scripts are loaded. Full details are in our Cookie Policy.
10. Contact & Privacy Officer
Privacy questions or data requests: hello@sitewire.ca
Wolf Codes Inc. · 582 E 57th Ave, Vancouver, BC V5X 1S9, Canada
You may also contact the Office of the Privacy Commissioner of Canada if you have unresolved concerns.