Privacy Policy

Last updated: June 15, 2026

Sixo Agency ("Sixo Agency," "we," "us," or "our") is committed to protecting the privacy of visitors to our website and of the clients we serve. This Privacy Policy explains what personal information we collect, how we use and protect it, and the choices you have. It also explains how we handle data we access and process on behalf of our clients when delivering our services.

We handle personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and Alberta's Personal Information Protection Act (PIPA), as applicable.

1. Who We Are

Sixo Agency is a digital marketing and web development business based in Grande Prairie, Alberta, Canada. Our website address is https://sixo.agency.

You can reach us using the contact details in Section 14.

2. Scope of This Policy

This Policy applies to two distinct situations:

• Information we collect about you directly — for example, when you visit our website, submit a form, or engage us as a client. For this information, Sixo Agency determines how and why it is processed.
• Information we process on behalf of our clients — when we deliver services that involve accessing a client's third-party platforms and accounts (see Section 6). In that situation, our client controls the data and we act as a service provider processing it on the client's instructions.

3. Information We Collect

3.1 Information you provide to us

When you contact us, request a free audit or website, or become a client, we may collect:

• your name, business name, email address, and phone number;
• details about your business, website, and marketing needs;
• the contents of messages and communications you send us; and
• billing and account information necessary to provide and invoice for services.

3.2 Information collected automatically

When you visit our website, we and our analytics providers may automatically collect:

• your IP address, browser type, device information, and operating system;
• pages viewed, referring URLs, and interactions with the site; and
• information collected through cookies and similar technologies (see Section 5).

3.3 Comments and accounts

If you leave a comment on our site, we collect the data shown in the comment form, plus your IP address and browser user agent string to assist with spam detection. An anonymized hash of your email address may be sent to the Gravatar service. If you create an account, we store the information in your user profile.

4. How We Use Your Information

We use personal information to:

• respond to your inquiries and provide the services you request;
• set up, deliver, support, and invoice for our services;
• operate, maintain, and improve our website and offerings;
• send service communications and, where permitted, marketing messages (you can opt out at any time);
• detect, prevent, and address security issues, fraud, and abuse; and
• comply with our legal and regulatory obligations.

We do not sell your personal information.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the site, remember preferences, and understand how the site is used (including through analytics tools such as Google Analytics). Comment-related cookies may store your name, email, and website for your convenience and last up to one year; login and display-preference cookies are used for registered users.

You can control cookies through your browser settings. Disabling cookies may affect how the site functions.

Articles on this site may include embedded content (such as videos or images) from other websites. Embedded content behaves as if you visited the other site directly, and those sites may collect data about you, set their own cookies, and track your interaction with that content.

6. Third-Party Platforms and Data We Process on Behalf of Clients

A core part of our services involves configuring, connecting, and operating third-party platforms on behalf of our clients. These platforms may include, without limitation, accounting software such as Intuit QuickBooks Online, customer relationship management (CRM) and marketing automation platforms, advertising and analytics platforms, and hosting providers.

When we perform these services:

• Authorized access only. We access a client's third-party accounts only with that client's authorization, granted through the platform's secure authorization mechanisms (such as OAuth). The client may revoke that access at any time directly within the relevant platform.
• Limited purpose. We access and process the data within those accounts — which may include customer contact details, transaction and invoice records, and similar business data — solely to deliver the services the client has engaged us to perform.
• We act on the client's behalf. For this data, our client is the controlling party and we act as a service provider processing the data under the client's direction. We do not use it for our own unrelated purposes and we do not sell it.
• Data flows between platforms. Delivering the services may involve transferring data between connected platforms (for example, syncing customer or transaction records from an accounting platform into a CRM to trigger follow-up communications).
• Retention and deletion. We retain such data only as long as needed to provide the services, and we delete or return it on the client's request or when access is disconnected, subject to any legal retention requirements.
• Each platform's own terms. Third-party platforms are governed by their own privacy policies and terms, which apply between the client and that provider.

We protect data accessed through these integrations using the safeguards described in Section 8.

7. How We Share Information

We may share personal information with:

• Service providers and subprocessors who help us operate our business and deliver services — for example, hosting and cloud infrastructure providers, analytics providers, email and communications tools, and automation platforms — under obligations to protect the information;
• Legal and regulatory authorities where required by law, regulation, legal process, or to protect rights, property, or safety; and
• A successor entity in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not sell your personal information to third parties.

8. Data Storage, Security, and International Transfers

We use reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, and loss. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Some of our infrastructure and service providers store and process data on servers located outside of Canada, including in the United States. As a result, personal information may be transferred to, stored in, and processed in other jurisdictions, where it may be subject to the laws of those jurisdictions, including lawful access by courts, law enforcement, and government authorities.

9. Data Retention

We retain personal information for as long as necessary to fulfil the purposes described in this Policy, to provide our services, and to meet legal, accounting, and reporting obligations. Website comments and their metadata may be retained indefinitely to streamline future comment approval. When information is no longer needed, we take reasonable steps to delete or anonymize it.

10. Your Privacy Rights

Subject to applicable law, you have the right to:

• access the personal information we hold about you and request a copy;
• request correction of inaccurate or incomplete information;
• request deletion of your personal information (except where we are required or permitted to retain it);
• withdraw consent to our use of your information, where processing is based on consent; and
• ask questions or raise concerns about how we handle your information.

To exercise these rights, contact us using the details in Section 14. We will respond within the timeframes required by applicable law. If you have an account or have left comments, you may also request an export or erasure of the personal data we hold about you.

11. Children's Privacy

Our website and services are directed to businesses and are not intended for children. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will take appropriate steps to delete it.

12. Third-Party Links

Our website may contain links to third-party websites and services that we do not operate or control. This Policy does not apply to those sites, and we encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date above reflects the most recent revision. Material changes will be posted on this page, and your continued use of the website or services after changes are posted constitutes acceptance of the updated Policy.

14. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our handling of personal information, please contact our Privacy Officer:

Sixo Agency 8682 122 Ave, Grande Prairie, AB T8X 0P7, Canada Phone: (587) 803-1819 Email: darren@sixo.agency Website: https://sixo.agency

If you are not satisfied with our response, you may have the right to contact the Office of the Privacy Commissioner of Canada or the Office of the Information and Privacy Commissioner of Alberta.