Policy
Privacy Policy
Learn About Your Privacy Rights
How AuthZ handles contact messages, essential hosting data, privacy rights, and data security.
This Privacy Policy describes how Banana Bytes Publishing Inc., the operator of https://authz.ca (“AuthZ,” “we,” “us,” or “our”), collects, uses, discloses, and protects personal information. We are based in New Westminster, British Columbia, Canada.
The current Site build does not use advertising, behavioural analytics, or non-essential cookies. Netlify Analytics is not enabled for the Site. For that reason, we do not display a cookie-consent banner. If these practices change, we will update this policy and introduce any consent controls required before enabling them.
1. Information We Collect
We collect information in the following ways:
Information You Provide Directly:
- Contact Inquiries: When you use our contact form, we collect your name, email address, subject, and message. Netlify processes the submission and sends a notification containing the submission to our Google-hosted email account. We use this information to assess and respond to the inquiry, investigate a correction request, and maintain necessary administrative records. We do not use contact details for marketing without separate consent.
- Editorial Communications: A proposal, correction, or source communication may contain personal information about the sender or another person. Do not send confidential-source material, privileged communications, highly sensitive personal information, or unpublished allegations through the general contact form. Contact us first to arrange an appropriate channel.
Information Collected Automatically:
- Server and Delivery Logs: For essential operation, security, and troubleshooting, our hosting provider (Netlify) may process request data such as your IP address, browser information, requested page, referring page, and timestamp. We do not use this information for advertising or behavioural profiling.
2. Purposes and Authority
We collect, use, and disclose personal information only for purposes that a reasonable person would consider appropriate in the circumstances and as permitted by applicable law. Depending on the activity, our authority may be consent, a use or disclosure permitted without consent, or an exception in applicable privacy legislation.
British Columbia’s Personal Information Protection Act does not apply to a collection, use, or disclosure made for journalistic, artistic, or literary purposes and for no other purpose. That exception is activity-specific. We do not treat it as an exemption for contact administration, security, audience measurement, marketing, or unrelated reuse of editorial information.
3. Cookies and Browser Storage
The Site’s code does not currently set non-essential cookies or use browser storage for analytics, advertising, or profiling. We do not use Google Analytics.
Pagefind, our site-search feature, runs in your browser against a static search index. It does not require an account or an analytics cookie. Essential infrastructure may still process request information at the server or content-delivery-network level as described in Section 1; that processing is not controlled through a cookie banner.
If we later add a service that uses non-essential cookies or similar storage, we will disclose it here and request consent where required.
4. How We Use Your Information
We use the information we collect to:
- Respond to your inquiries and provide support.
- Review correction requests and editorial proposals.
- Ensure the secure and reliable operation of the Site.
- Diagnose technical problems and improve Site performance.
- Fulfill any legal or regulatory obligations.
We do not use your personal data for automated decision-making, profiling, or targeted advertising.
5. How We Share Your Information
We do not sell, trade, or rent your personal information. We may share it in the following limited circumstances:
- Service Providers: With third parties that process information for site operation, such as:
- Netlify: Our hosting and contact-form provider.
- Google: Our email provider, which receives contact-form notifications and related correspondence. We assess relevant service-provider terms, access, retention, security, processing locations, and deletion controls in light of the information involved. We remain responsible for personal information under our control.
- Legal Compliance: Where required by law, such as to comply with a subpoena or similar legal process.
- Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets.
6. Data Retention
We retain your information only for as long as necessary to fulfill the purposes outlined in this policy.
- Server and Delivery Logs: Retained according to our hosting provider’s operational and security practices. We have not configured a third-party traffic-log drain.
- Contact Form Submissions: Netlify stores submissions until they are manually deleted, and our email provider stores the notification and related correspondence until we delete it under our account settings and practices. We periodically review these records and ordinarily delete a resolved inquiry within 24 months. This is a manual retention practice, not an automatic Netlify deletion setting. We may retain a record longer where reasonably necessary for a continuing correction history, legal obligation, security matter, dispute, or preservation requirement.
- Editorial Records: Retention depends on the purpose, sensitivity, source commitments, public-interest value, and need to support or correct published work. Access is limited to people who need the material for an authorized editorial or legal purpose.
7. Your Privacy Rights
Depending on the law that applies to the activity and your location, you may have rights to:
- Access the personal information we hold about you.
- Request correction of inaccurate or incomplete data.
- Request deletion where the applicable law provides that right.
- Object to or restrict processing where applicable.
- Withdraw your consent at any time (where processing is based on consent).
- Receive portable data where applicable.
These rights are not absolute. For example, access or deletion may be limited by another person’s rights, source confidentiality, legal privilege, a preservation duty, or a journalistic, artistic, or literary exception.
To exercise any of these rights, please contact us using the details in Section 12.
8. Data Security
We implement appropriate technical and organizational measures to protect your information, including:
- HTTPS encryption through Netlify-managed TLS for data in transit between your browser and the Site.
- Secure hosting infrastructure provided by Netlify.
- Minimal data retention policies.
- Internal data access controls.
- Review of external services before sensitive personal information is submitted to them.
No transmission or storage system is completely secure. If we identify a privacy or security incident, we will contain and assess it, preserve necessary records, and provide notices where required or appropriate.
9. International Data Transfers
Our service providers, including Netlify and Google, may process information outside Canada, including in the United States, where it may be accessible under local law. Before using an external AI or cloud service for personal information, we consider its purpose, training and retention practices, subprocessors, access controls, processing locations, deletion options, and the sensitivity of the material. AuthZ does not authorize staff or contributors to place confidential-source material, privileged communications, highly sensitive personal information, or unpublished high-risk allegations into a third-party AI system unless that use has received documented editorial and privacy approval.
10. Children’s Privacy
Our Site is not intended for children under the age of 13. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or the law. We will post any changes on this page and update the “Last Updated” date. We encourage you to review this policy periodically.
12. Contact Us
Our designated Privacy Officer is the Publisher. If you have a question, complaint, or request concerning this policy or your personal information, contact the Privacy Officer through our Contact page and use the subject “Privacy request.”
Last Updated: July 14, 2026