This Privacy Policy explains how Maple Learning Inc. collects, uses, stores, shares, and protects your personal information when you interact with our website and educational services.
Last Updated: January 15, 2026
Maple Learning Inc. ("we," "us," "our," or "the Company") is the data controller responsible for your personal information collected through this website (www.crowdfundingeducation.ca) and our associated educational services. Our company is incorporated under the laws of the Province of Ontario, Canada, with a registered office at 350 Bay Street, Suite 700, Toronto, Ontario, M5H 2S6, Canada.
This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's Anti-Spam Legislation (CASL), and applicable provincial privacy legislation. We are committed to upholding the ten fair information principles established in Schedule 1 of PIPEDA: accountability, identifying purposes, consent, limiting collection, limiting use, disclosure and retention, accuracy, safeguards, openness, individual access, and challenging compliance.
We provide online educational courses, webinars, and training materials focused on crowdfunding ecosystems in Canada. We do not provide financial advice, investment services, or crowdfunding platform functionality. The personal information we collect is used solely to deliver and improve our educational offerings and to communicate with our students and prospective learners.
By accessing or using our website, enrolling in our courses, subscribing to our newsletter, or otherwise providing personal information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please refrain from using our website and services.
We collect different categories of personal information depending on how you interact with our website and services. We limit our collection to information that is necessary for the purposes identified below. The following table outlines the specific data types we may collect:
| Data Category | Specific Data Collected | Collection Context |
|---|---|---|
| Identity Data | Full name, preferred name | Course registration, contact forms |
| Contact Data | Email address, phone number, mailing address | Registration, newsletter signup, contact inquiries |
| Account Data | Username, password (encrypted), account preferences | Account creation for course access |
| Transaction Data | Purchase history, payment method details (processed by third-party payment processor; we do not store full credit card numbers) | Course and material purchases |
| Technical Data | IP address, browser type and version, operating system, device type, screen resolution, time zone setting | Automatically collected via server logs and analytics |
| Usage Data | Pages visited, time spent on pages, click patterns, referral source, course progress, assessment scores | Automatically collected during website and platform use |
| Communication Data | Content of messages sent via contact forms, email correspondence, webinar chat transcripts | Direct communications with our team |
| Cookie Data | Cookie identifiers, session tokens, preference settings | Browser cookies and similar tracking technologies |
We do not knowingly collect sensitive personal information, including health data, biometric data, religious beliefs, political opinions, sexual orientation, racial or ethnic origin, trade union membership, or criminal records. If we inadvertently receive such information through a contact form or other communication, we will delete it promptly and notify you accordingly.
We collect personal information through a variety of methods, both directly from you and automatically through technology when you interact with our website and services.
We collect information directly from you when you fill out registration forms to create a student account, complete contact forms to submit inquiries, subscribe to our email newsletter, purchase courses or educational materials, participate in webinars or live sessions, submit feedback or course evaluations, or communicate with our support team via email or phone. In each instance, we collect only the information necessary for the specific purpose for which it is requested, and we clearly identify why we need it at the point of collection.
When you visit our website, certain technical and usage data is collected automatically through the following mechanisms: Server logs record your IP address, browser type, referring URL, pages visited, and timestamps for each request. Google Analytics collects anonymized usage data including page views, session duration, bounce rate, geographic region (at the city level), and device information. We have enabled IP anonymization within Google Analytics to protect your privacy. Cookies and similar technologies store preferences, session identifiers, and analytics markers as described in Section 10 of this policy. We do not currently use the Meta (Facebook) Pixel or similar social media tracking technologies on our website.
In limited circumstances, we may receive personal information from third-party sources. If you purchase a course through an authorized educational partner or affiliate, that partner may share your name and email address with us to facilitate course access. We may also receive information from payment processors confirming transaction completion (without full payment card details). We verify that any third party sharing data with us has obtained appropriate consent or has another lawful basis for the transfer.
Under PIPEDA, we are required to identify the purposes for collecting personal information and to obtain meaningful consent. We also recognize the principles established under GDPR for any users accessing our services from the European Economic Area. The following outlines our lawful bases for processing:
When you enroll in a course or purchase educational materials, we process your identity, contact, account, and transaction data to fulfill our contractual obligations to you. This includes granting access to course content, issuing certificates of completion, providing customer support related to your purchases, and sending transactional communications such as enrollment confirmations and payment receipts.
We rely on your explicit, informed consent for activities such as subscribing to our email newsletter, receiving marketing communications about new courses and webinars, placing non-essential cookies on your device (analytics and marketing cookies), and processing any personal data beyond what is strictly necessary for service delivery. You may withdraw your consent at any time by contacting us at [email protected] or by using the unsubscribe mechanism provided in our emails. Withdrawing consent does not affect the lawfulness of processing carried out prior to withdrawal.
We process certain data based on our legitimate interests, provided those interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving our website functionality and user experience through aggregated analytics, ensuring the security and integrity of our platform, preventing fraud and unauthorized access, and conducting internal research to develop better educational content. We conduct a balancing test for each legitimate interest purpose to confirm that our processing is proportionate and minimally intrusive.
We may process personal information when required to comply with Canadian tax laws (maintaining transaction records), respond to lawful requests from regulatory authorities or law enforcement, exercise or defend legal claims, and comply with court orders or other binding legal obligations. We retain records as necessary to meet these requirements, as detailed in Section 6 below.
We use the personal information we collect for the following specific purposes:
We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects on you. We do not sell your personal information to third parties for advertising, marketing, or any other purpose.
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods for each data category are outlined below:
| Data Type | Retention Period | Justification |
|---|---|---|
| Student account data | Duration of account plus 3 years after account closure | Certificate verification and customer support |
| Transaction records | 7 years from date of transaction | Canadian Income Tax Act requirements |
| Contact form submissions | 2 years from date of submission | Inquiry resolution and follow-up |
| Newsletter subscription data | Until unsubscription plus 30 days | CASL compliance record-keeping |
| Server logs | 90 days | Security monitoring and troubleshooting |
| Analytics data (Google Analytics) | 26 months | Website performance analysis |
| Cookie data | 13 months maximum | As described in Section 10 |
| Course progress and assessment data | Duration of account plus 5 years | Academic records and certificate integrity |
When personal information is no longer required for any identified purpose and there is no legal obligation to retain it, we securely delete or anonymize it. Anonymized data, from which you cannot reasonably be identified, may be retained indefinitely for statistical and research purposes.
We do not sell, rent, or trade your personal information to any third party for their own marketing or commercial purposes. We may share your personal information with the following categories of service providers who assist us in operating our business, each of whom is bound by contractual obligations to protect your data and use it only for the purposes for which it was shared:
Our website and learning platform are hosted on servers provided by Canadian and North American data centre operators. These providers have access to data stored on their servers solely for the purpose of maintaining infrastructure availability, security, and performance. Our primary hosting infrastructure is located in Canada.
When you purchase a course or materials, your payment information is processed by our third-party payment processor. We do not store your full credit card number, CVV, or other sensitive payment credentials on our systems. The payment processor receives your name, billing address, email, and payment card details solely to process the transaction and comply with anti-fraud regulations.
We use Google Analytics to collect anonymized usage data about website visitors. Google processes this data under its own privacy policies, and we have configured our Google Analytics implementation to anonymize IP addresses and disable data sharing with Google for advertising purposes. You may opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
Our newsletter and transactional email communications are delivered through a third-party email service provider. This provider receives your email address and name for the sole purpose of delivering emails on our behalf. The provider is contractually prohibited from using your data for their own marketing purposes.
We may disclose personal information to law enforcement agencies, regulatory bodies, courts, or other governmental authorities when we are legally compelled to do so by a court order, subpoena, or other binding legal process, or when we have a good-faith belief that disclosure is necessary to protect our rights, your safety, or the safety of others, or to investigate suspected fraud or illegal activity.
In the event of a merger, acquisition, reorganization, or sale of assets involving Maple Learning Inc., your personal information may be transferred to the successor entity. In such circumstances, we will provide notice to affected users and ensure that the successor entity agrees to honour the commitments in this Privacy Policy or obtains fresh consent where required.
Our primary data storage and processing infrastructure is located in Canada. However, some of our third-party service providers (such as Google for analytics and our payment processor) may process data in the United States or other jurisdictions outside Canada.
When personal information is transferred outside Canada, we take steps to ensure that appropriate safeguards are in place. These safeguards include requiring service providers to enter into data processing agreements that incorporate obligations equivalent to those under PIPEDA, verifying that the receiving jurisdiction provides an adequate level of data protection, or relying on Standard Contractual Clauses (for transfers involving individuals in the European Economic Area) approved by the European Commission.
Please note that when data is stored or processed outside Canada, it may be subject to the laws of the foreign jurisdiction, including lawful access requests by government authorities in that jurisdiction. If you have questions about the specific safeguards applicable to any international transfer, please contact our privacy officer at [email protected].
Under PIPEDA and applicable privacy laws, you have the following rights regarding your personal information. We also extend GDPR rights (Articles 15 through 22) to any user accessing our services from the European Economic Area:
You have the right to request a copy of the personal information we hold about you. We will respond to your request within 30 calendar days of receiving it, as required by PIPEDA.
You have the right to request correction of any personal information that is inaccurate, incomplete, or out of date. We will update the information promptly upon verification.
You may request deletion of your personal information where it is no longer necessary for the purposes for which it was collected, where you withdraw consent, or where there is no overriding legal basis for continued retention.
You may request that we restrict processing of your personal information in certain circumstances, such as when you contest its accuracy or where processing is unlawful but you prefer restriction over deletion.
Where technically feasible, you may request that we provide your personal information in a structured, commonly used, machine-readable format so you can transfer it to another service provider.
You may object to processing of your personal information based on our legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your rights.
Where processing is based on your consent, you may withdraw consent at any time. This does not affect the lawfulness of processing performed before withdrawal.
If you believe your privacy rights have been violated, you have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca, or the relevant supervisory authority in your jurisdiction.
How to exercise your rights: To exercise any of the rights listed above, please submit your request via email to [email protected] or by mail to: Privacy Officer, Maple Learning Inc., 350 Bay Street, Suite 700, Toronto, ON M5H 2S6, Canada. We may ask you to verify your identity before processing your request to prevent unauthorized access to personal information. We will respond to all legitimate requests within 30 calendar days. If we require additional time (up to a maximum of 60 days for complex requests), we will notify you and explain the reason for the extension.
There is no fee for exercising your rights. However, if your request is manifestly unfounded, excessive, or repetitive, we reserve the right to charge a reasonable administrative fee or refuse the request, providing reasons for the refusal.
Our website and educational services are designed for adults and are not directed at children under the age of 16. We do not knowingly collect, solicit, or process personal information from individuals under 16 years of age. Our course registration process requires users to confirm that they are at least 16 years old.
If we become aware that we have collected personal information from a child under 16 without verified parental or guardian consent, we will take immediate steps to delete that information from our systems and notify the parent or guardian if their contact information is available to us.
If you are a parent or guardian and believe that your child under 16 has provided personal information to us, please contact us immediately at [email protected] so that we can take appropriate action.
We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this policy, we will take the following steps to notify you:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our website and services after changes have been posted constitutes your acknowledgment of the revised policy, except where renewed consent is required as described above.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Officer using any of the methods below:
If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with: