Available for New Projects
Legal
We collect only what we need, handle it carefully, and never sell it. Here’s exactly how it works, in plain language.
Last updated: March 9, 2026
Graphxify is a premium digital agency based in Toronto, Canada. We design and build brand systems, high-performance websites, and structured CMS architecture for founders and growth-stage companies.
When we say “Graphxify,” “we,” or “us” in this policy, we mean the Graphxify studio and team. When we say “you,” we mean anyone who visits our website, submits an inquiry, or works with us as a client.
This policy covers our website at graphxify.com and all related services we provide. We’ve written it in plain language because we think you deserve to actually understand it.
We only collect information that’s genuinely useful for working with you:
Contact & inquiry forms
When you reach out through our contact or project inquiry form, we collect your name, email address, company name, project description, and any other details you choose to share. This is what we need to understand your project and respond meaningfully.
Email correspondence
If you email us directly, we receive and retain that conversation: your name, email address, and the content of your messages.
Analytics data
We use analytics tools to understand how visitors use our site: which pages are visited, general geographic regions, and how people navigate through the content. This data is aggregated and anonymised. We do not build individual user profiles.
Technical data
Our servers automatically receive standard technical information when you visit: your IP address, browser type, device type, and referring URL. This is standard practice for any website and helps us maintain site health and security.
We use what we collect for a specific, limited set of purposes:
We do not sell your data. We do not use it for advertising. We do not share it with third parties for their own marketing purposes. Your information exists in our systems to serve your project. Nothing else.
Our website uses cookies and similar technologies to function properly and understand how it’s being used.
Essential cookies
Required for basic site functionality, including session state and security. These don’t collect personal data and can’t be opted out of without breaking the site.
Analytics cookies
Used to understand traffic patterns and page performance. We configure our analytics to anonymise IP addresses and avoid individual user tracking. We see patterns across many users, not individual profiles.
Preference cookies
Things like your colour scheme preference (light or dark mode) may be stored locally so your experience is consistent on return visits.
Most browsers let you manage or block cookies through their settings. Disabling non-essential cookies won’t break the site, though some features may behave differently.
We work with a small number of trusted providers to run our business. Here’s what they are and why:
Supabase
Our database and backend infrastructure. Contact form submissions and project inquiry data are stored securely in Supabase. Only authorised Graphxify team members have access.
Vercel
Our website is hosted on Vercel’s infrastructure. As part of serving the site, they process standard server logs and request data.
Email providers
We use email to communicate with clients and respond to inquiries. Your email address and messages pass through our email provider’s infrastructure in transit.
Payment processors
Client billing is handled through secure payment platforms that process payment data directly. Graphxify does not store credit card numbers or payment credentials on our own systems.
Each provider operates under their own privacy policy. We select partners that take privacy and security seriously.
When we work together, you’ll share materials with us: brand assets, content, copy, login credentials, and sensitive business information. Here’s how we treat it:
We retain data for as long as it’s reasonably needed for the purpose it was collected:
Inquiry data (non-clients)
Retained for up to 12 months in case you follow up, then removed from active systems.
Client records
Project data, invoices, and correspondence are retained for a minimum of 5 years to satisfy accounting and legal obligations.
Analytics data
Aggregated website analytics are retained per our analytics provider’s standard data retention schedule.
Email correspondence
Kept in our inbox for the duration of the relationship and for a reasonable period after its conclusion.
You have rights over your personal data. Depending on your location, these may include:
To exercise any of these rights, email us at privacy@graphxify.com. We respond within 30 days.
We take reasonable, practical measures to protect the data we hold:
No system is perfectly secure. If you believe your data has been compromised in any way, contact us immediately at privacy@graphxify.com.
We may revise this policy from time to time as our services evolve or legal requirements change. When we do, we’ll update the “Last Updated” date at the top of this page.
For minor changes, we won’t notify you individually. The current version is always available here. If a change meaningfully affects how we handle client data, we’ll make an effort to notify active clients directly.
Questions, requests, or concerns about this policy? We’re real people. Reach out and we’ll respond properly.
Something unclear? Ask us directly and we’ll answer it.