C-Line GlobalC-Line Global← Back to sign in

C-Line Global Inc.

Effective Date: May 12, 2026

Last Updated: May 12, 2026

Privacy Policy

1. About this policy

C-Line Global Inc. ("C-Line", "we", "us", "our") operates the CLG Tracker application at tracker-c-line.ca (the "Service"). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights as a user.

This policy is governed by the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada. By using the Service, you agree to the practices described here.

2. Privacy Officer

The role responsible for compliance with this policy is:

Privacy Officer C-Line Global Inc. 50 Minthorn Boulevard, Suite 100 Thornhill, ON L3T 7X8 Canada Email: info@c-line.ca

You can contact our Privacy Officer with questions, complaints, or requests about your personal information using the contact details above.

3. Information we collect

We collect only the information needed to provide the Service.

From you when you create an account or use the Service:

  • Name (full name or display name)
  • Email address (used to sign in and to communicate about your account)
  • Password (stored as a one-way hash; we never see or store your actual password)
  • Company affiliation (which customer organization you belong to)
  • Role (admin, operations staff, or customer portal user)

Automatically when you use the Service:

  • Sign-in timestamps (so we can detect unusual access)
  • IP address (for security and abuse prevention)
  • Browser and device information (operating system, browser type)
  • Pages you visit and actions you take (for the audit log and to improve the Service)

Business data uploaded or entered:

  • Invoice data (invoice numbers, purchase orders, parts, quantities, dates, totals, and currencies)
  • Shipment data (tracking numbers, carriers, ship dates, packing list details)
  • PDF documents (invoices and packing lists you upload for AI extraction)
  • Customer organization records (company names, currency preferences, default addresses)

What we do NOT collect:

  • Government-issued identification numbers
  • Financial account numbers (we don't process payments)
  • Health information
  • Biometric data
  • Children's information (the Service is not directed to anyone under 18)

4. How we use your information

We use your information only for the following purposes:

  • Providing the Service— letting you sign in, view orders, manage shipments, and access only the data you're authorized to see
  • Communicating with you — about account changes, security alerts, or important updates to the Service
  • Securing the Service — detecting fraud, abuse, or unauthorized access
  • Improving the Service— analyzing aggregate usage patterns to identify what's working and what isn't
  • Complying with legal obligations — responding to lawful requests from authorities, preserving records for tax and audit purposes

We do not sell your personal information to anyone. We do not share your data with marketing partners or advertising networks, ever.

We do not use your data to train artificial intelligence models that are shared with other parties.

5. Service providers we work with

To operate the Service, we share data with the following third parties. Each is bound by contract or terms of service to protect your information:

ProviderPurposeWhere data is storedCertifications
Supabase Inc.Database hosting, authenticationAmazon Web Services (us-east-1, Northern Virginia, United States)SOC 2 Type 2, ISO 27001, HIPAA
Vercel Inc.Application hosting and content deliveryGlobally distributed edge networkSOC 2 Type 2, ISO 27001, PCI DSS
Anthropic PBCAI-powered document extraction (when you upload PDFs)Anthropic infrastructure (AWS, United States)SOC 2 Type 2, ISO 27001
GitHub Inc.Source code repository (no customer data)GitHub-managed infrastructureSOC 1, SOC 2, ISO 27001

When you upload a PDF for AI extraction, the document contents are transmitted to Anthropic's API for processing. Anthropic does not use your data to train its models and retains data only for safety and abuse monitoring (up to 30 days) before deletion.

We do not transfer your personal information to any other third parties without your consent, except as required by law.

6. Where your data is stored

Your information is stored primarily in Supabase data centers operated by Amazon Web Services in the us-east-1 region (Northern Virginia, United States).

We acknowledge that data stored outside of Canada may be subject to the laws of the country in which it is stored. By using the Service, you consent to your information being transferred to, processed in, and stored in the United States.

If you have specific data residency requirements (for example, your contracts require data to remain in Canada), please contact our Privacy Officer to discuss.

7. How long we keep your data

We retain personal information only as long as needed for the purposes it was collected:

  • Account information — for the duration of your relationship with C-Line, plus up to 90 days after account deactivation to handle any final inquiries
  • Business records (invoices, shipments, transaction data) — for 7 years to comply with Canadian tax and business record-keeping laws (Income Tax Act, Excise Tax Act)
  • Audit logs — for 24 months, then automatically purged
  • Sign-in records and IP addresses — for 12 months
  • Uploaded PDF documents — for the duration of your account; deleted within 30 days of account closure

After these periods, we securely delete the information or anonymize it so individuals can no longer be identified.

8. How we protect your data

We use commercially reasonable safeguards to protect your information, including:

  • Encryption in transit — all communication uses TLS (HTTPS)
  • Encryption at rest — data stored in Supabase is encrypted with AES-256
  • Access controls — only authorized employees can access personal information, and only when necessary for their role
  • Row-level security — our database enforces that customers can only access their own data, even at the database query level
  • Multi-factor authentication available for all accounts (and required for administrator accounts)
  • Audit logging — every change to invoices, shipments, and customer records is logged with the user identity and timestamp
  • Daily automated backups with point-in-time recovery capability
  • Confidentiality agreements for all employees with access to personal information

No system is perfectly secure. If we ever experience a data breach that creates a real risk of significant harm to you, we will notify you and the Office of the Privacy Commissioner of Canada as required by PIPEDA.

9. Your rights

Under PIPEDA, you have the following rights regarding your personal information:

Right to access

You can request a copy of the personal information we hold about you. We'll respond within 30 days. The first request each year is free; additional requests in the same year may have a reasonable administrative fee.

Right to correct

If your information is inaccurate or incomplete, you can request a correction. We'll either make the change or note your disagreement in the record.

Right to withdraw consent

You can withdraw consent for us to use or disclose your information at any time. Note that withdrawing consent may mean we can no longer provide the Service to you.

Right to delete

You can request deletion of your account and personal information. We will honor this request except where we are legally required to retain certain records (for example, tax records for 7 years). In those cases, we will retain the minimum necessary information.

Right to complain

If you believe we have not handled your information appropriately, you can:

  1. Contact our Privacy Officer (above) first — we'll work to resolve the issue
  2. File a complaint with the Office of the Privacy Commissioner of Canada at https://www.priv.gc.ca or 1-800-282-1376

How to exercise your rights

Email info@c-line.ca with your request. We may ask you to verify your identity before processing requests.

10. Cookies and tracking

The Service uses essential cookies only — these are required for you to sign in and stay signed in. We do not use third-party advertising cookies, cross-site tracking, or analytics services that profile individual users.

Your browser may store the following cookies:

  • Authentication session cookies (set by Supabase) — let you stay signed in
  • Application preference cookies — remember things like your last selected filter

You can disable cookies in your browser, but this will prevent you from using the Service.

11. International users

The Service is primarily intended for users in Canada and the United States. If you access the Service from elsewhere, please understand that:

  • Your information will be transferred to and processed in the United States
  • If you are an EU resident, please contact us before using the Service so we can ensure compliance with the General Data Protection Regulation (GDPR). We currently do not offer specific GDPR compliance commitments and may not be the right service for EU residents.

12. Children's information

The Service is intended for business use only and is not directed at anyone under 18 years of age. We do not knowingly collect information from children. If you believe a child has provided us with information, please contact our Privacy Officer and we'll delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify active users by email or through an in-app notice
  • Maintain the previous version available for reference for at least 90 days

Continued use of the Service after changes constitutes acceptance of the updated policy. If you disagree with material changes, you may close your account.

14. Contact us

For any questions, concerns, or requests related to this Privacy Policy or your personal information:

C-Line Global Inc. Attn: Privacy Officer 50 Minthorn Boulevard, Suite 100 Thornhill, ON L3T 7X8 Canada Email: info@c-line.ca