Privacy Policy

Tectonic Rentals Inc., operating as Tectonic Rentals (“we,” “us,” or “our”), is an incorporated equipment rental company based in Pickering, Ontario, Canada. We are the data controller responsible for your personal information collected through our website at tectonic.rentals and our business operations.

For privacy-related inquiries, contact our Privacy Officer at:

• Email: [email protected]
• Location: Pickering, Ontario, Canada

Information You Provide Directly

• Account Registration: Name, email address, phone number, password, company name (for contractor accounts), and business details including billing address, HST number, and insurance information.
• Quote Requests & Bookings: Name, email, phone, rental dates, job site information, equipment preferences, and any project details you share.
• Contact Form Submissions: Name, email, phone, subject, and message content.
• Credit Applications: Business information, trade references, bank references, insurance details, and personal guarantee information for businesses under 2 years.
• Payment Information: We record payment method types (e.g., e-transfer, credit card, cash) and reference numbers. We do not store full credit card numbers on our systems.

Information Collected Automatically

• Usage Data: Pages viewed, equipment browsed, and interaction patterns to improve our service and catalog.
• Device Information: IP address (used for rate limiting and security), browser type, and device type.
• Cookies & Local Storage: We use minimal cookies for authentication sessions and local storage for anonymous equipment like preferences (e.g., saved favourites).

We use your personal information for the following purposes:

• Service Delivery: Processing rental inquiries, creating quotes, managing bookings, generating invoices, and coordinating equipment delivery and pickup.
• Account Management: Creating and maintaining your customer account, tracking rental history, and managing contractor credit applications.
• Communication: Sending booking confirmations, invoice notifications, quote responses, and status updates about your rentals. We may contact you via email or WhatsApp (only if you opt in).
• Security: Protecting against fraud, unauthorized access, and abuse through rate limiting, authentication, and audit logging of system actions.
• Business Operations: Internal analytics, financial reporting, inventory management, and improving our rental services.
• Legal Compliance: Meeting tax reporting obligations, maintaining business records, and responding to legal requests.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

We take the security of your data seriously and employ industry-standard measures:

• Encryption at Rest: All data stored in our database is encrypted using AES-256 encryption.
• Encryption in Transit: All communications between your browser and our servers use TLS/SSL encryption.
• Password Security: Passwords are hashed using bcrypt with salt rounds — we never store passwords in plain text.
• Access Control: Role-based access ensures only authorized staff can view or modify customer data. All actions are recorded in our audit log.
• Infrastructure: Our application is hosted on secure, enterprise-grade cloud infrastructure with automated backups, redundancy, and 24/7 monitoring. Data is stored in data centres that comply with SOC 2, ISO 27001, and other industry-recognized security standards.
• Rate Limiting: API endpoints are rate-limited to prevent brute-force attacks and abuse.

We may share your personal information only in the following circumstances:

• Service Providers: We use third-party services for email notifications (transactional emails such as booking confirmations and invoice delivery). These providers process data only on our behalf and are bound by confidentiality.
• Legal Requirements: When required by law, court order, or regulatory authority, including CRA tax reporting requirements.
• Business Protection: To protect the rights, property, or safety of Tectonic Rentals, our customers, or others.
• With Your Consent: For any purpose not listed above, we will seek your explicit consent before sharing your information.

As a Canadian resident, you have the following rights regarding your personal information:

• Right to Access: You can request a copy of the personal information we hold about you.
• Right to Correction: You can request correction of inaccurate or incomplete information. You can also update your profile directly through your account dashboard.
• Right to Withdraw Consent: You can withdraw consent for non-essential data processing at any time (e.g., WhatsApp communications opt-out).
• Right to Deletion: You can request deletion of your personal information, subject to legal retention requirements (e.g., tax records must be retained for 7 years).
• Right to Complaint: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

• Active Accounts: We retain your account information for as long as your account is active.
• Rental & Financial Records: Invoices, payments, and rental history are retained for a minimum of 7 years to comply with CRA tax requirements.
• Quote Requests & Messages: Retained for 3 years after the last interaction for business continuity and reference.
• Credit Applications: Retained for 7 years from the date of submission, regardless of approval status.
• Usage Analytics: Aggregated and anonymized after 12 months.
• Deleted Accounts: Upon account deletion request, personal identifiers are removed within 30 days, though anonymized transaction records may be retained for legal compliance.

We use minimal, essential cookies:

• Authentication Cookie: A session cookie that keeps you logged in. It is deleted when you sign out or when your session expires.
• Local Storage: Used to store anonymous equipment preferences (liked equipment) for non-logged-in visitors. No personal information is stored.

We do not use third-party advertising cookies or cross-site tracking technologies.

Our services are intended for individuals 18 years of age and older. We do not knowingly collect personal information from children under 18. If we become aware that we have collected data from a minor, we will delete it promptly.

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a revised “Last Updated” date. For significant changes, we will notify registered users via email.