Legal

Privacy Notice

We are gotaminute? IT Services, a brand of Ross G Saunders Consulting. Your privacy matters to us. This notice explains what data we collect, why we collect it, and how we protect it.

Last updated: June 2026

1

What Data Do We Collect?

Only what is necessary: names, contact details, technical info, and business data.

We collect only the personal information necessary to provide our services, such as:

  • Your name, email address, company, and contact information
  • Information about your business when completing assessments
  • Feedback you have provided from any services offered
  • Correspondence you have with us
  • Your social media accounts if you interact with us on our profiles
  • Technical information such as your IP address and browser when using our site
  • Your local computer information when you engage us for remote support services
  • Information related to or required by a professional service we are providing you
2

How Do We Collect Your Data?

Through contact forms, support tickets, meetings, assessments, and website activity.

We collect data when you (or your employer):

  • Contact us via email, ticket form, or website contact form
  • Complete an assessment with us
  • Book a meeting or video call with us
  • Engage us for services
  • Connect, contact, or follow us on social media
  • Browse our website
  • Use any remote support session we facilitate
3

Why Do We Process Your Data?

Legal obligation, your consent, contractual need, or legitimate business interest.

We only process your data:

  • Where we are required to do so by law
  • Where you have provided consent for us to do so (such as for marketing and updates)
  • Where we are pursuing a contractual agreement for tickets, services, or assessments
  • Where there is a legitimate interest to do so, such as improving our offerings or securing your data
4

How Do We Use Your Data?

To communicate, deliver services, manage engagements, and improve our offerings.

Depending on the circumstance, we process your data to:

  • Comply with legal obligations
  • Communicate with you
  • Manage our relationship
  • Keep you up to date with services and offerings
  • Provide services you requested
  • Improve our service offerings
  • Refer you to partners and associates if requested
  • Use AI-assisted tools to support drafting of advisory deliverables and technical outputs (see Section 6)
5

Data Sharing & Third-Party Recipients

We use reputable sub-processors and never sell your data.

Some of our services may require sharing with another partner. As such, we may share your data with:

  • Technology vendors whose products you purchase as part of our professional services
  • Additional subject matter experts that we need to engage (with your consent) for the services you have hired us for
  • Legal or regulatory authorities when required

To run our business, we make use of several reputable technology and professional service providers who may be sub-processors of your information. We ensure that these service providers are bound by contractual agreements that include appropriate security safeguards. These service providers include:

Web Hosting CanadaWebsite hosting and file storage
CloudflareDNS, CDN, security, and privacy-preserving analytics
Microsoft 365Productivity, email, meetings, and file storage
ZohoCRM, ticket management, and billing
LinktreeMarketing and link-in-bio pages
ScoreAppAssessments and risk scoring
Microsoft Teams & ZoomOnline meetings and video calls
Zoho AssistRemote desktop support sessions
Zoho VaultClient password management and secure credential sharing
Zoho FlowWorkflow automation and integration services
Stripe, PayPal & WisePayment processing
Anthropic (Claude)AI-assisted drafting, research, and technical tasks
SendmarcDMARC management and reporting

We are a partner for Sendmarc. In some circumstances, you may be engaging directly with a partner of ours, in which case you should review that partner's privacy notice for more information.

We never sell your data or use it for unrelated marketing. Should we receive a law enforcement request for your information, we will, unless prohibited by law, push back on these requests and refer the requester directly to you.
6

A Note on AI Usage

We use Claude by Anthropic internally. As a rule, no client personal data is submitted.

gotaminute? uses Claude, an AI assistant made by Anthropic, to support internal operations. As a rule, no personal information is submitted to Anthropic. Client communications and meetings are not connected to Claude, and Claude Cowork is not in use for this purpose.

In the rare case where personally identifiable information (PII) may be submitted, it is only done where consistent with applicable privacy laws, or after being deidentified. For clients based in the EEA or UK, PII is not submitted to Anthropic without your explicit consent. Measures are in place to ensure that Anthropic does not train on data submitted through our account.

7

International Data Transfers

We prioritise Canada-based hosting. Contractors in South Africa operate under written agreements.

Your information may be stored and processed outside of the country or region where it was originally collected. Some of these countries may offer fewer rights regarding your personal information than you have in your country of residence. We ensure that we enter into agreements with all service providers to ensure appropriate safeguards are in place at all times. Wherever possible, we host your information with service providers in Canada.

We work with independent contractors located in South Africa. These contractors hold gotaminute?-controlled email addresses and have access to gotaminute? systems, including Zoho Assist and support ticket tracking, to the extent required for service delivery. We have entered into written agreements with every contractor covering confidentiality, security safeguards, ethical conduct, and privacy obligations.

South Africa has its own data protection legislation (the Protection of Personal Information Act, POPIA), and our contractors are subject to those requirements in addition to their contractual obligations with us.

8

How Long Do We Retain Your Data?

Only as long as necessary — typically one year after your engagement ends.

We keep your data only for as long as necessary, for the duration of service and any applicable legal retention periods.

If your service agreement with us reaches its natural conclusion or is terminated for any reason, we will retain your information for one year after termination unless otherwise instructed, so that you can re-engage us for additional services without hassle or rework.

We may retain information for longer should you provide consent for us to do so, or where the information has been anonymised and you can no longer be identified.

9

Your Data Protection Rights

Access, correct, delete, restrict, or transfer your data. Just get in touch.

Depending on your location and jurisdiction, you have rights under data protection laws that may include:

  • Accessing the data we hold about you
  • Requesting corrections or deletions
  • Restricting or objecting to certain data processing
  • Portability — transferring your data elsewhere

To exercise any of these rights, contact us at [email protected].

10

How Do We Protect Your Data?

Strong security measures, reputable providers, and strict access controls.

Data security is of paramount importance to us. We ensure that supplementary security measures are in place across all of our systems, and follow good practice in terms of password management, using reputable providers, and keeping access limited to those who are authorised. Should you wish to find out more about our security practices, please reach out using the contact details at the bottom of this page.

11

Cookies & Tracking Technologies

We use cookies for site functionality. Cloudflare analytics does not track individual visitors.

Our website uses cookies required for site functionality, including session management and security. We use Cloudflare for analytics, which does not use cookies and does not track individual visitors across sites.

A cookie consent banner is in place for any non-essential cookies. You may manage your preferences through that banner at any time.

12

Marketing Preferences & Communications

Opt-in only. You can unsubscribe from marketing communications at any time.

You will only receive marketing communications if you have opted in. You can change your preferences at any time by selecting the opt-out link at the bottom of any communication, or by contacting us directly.

In some instances, communications are not commercial in nature and may be a required part of our engagement. In these cases, you are not able to opt out automatically. Please contact us directly if you have a concern about service-related messages.

13

Changes to This Privacy Notice

We will post any updates here. Significant changes are communicated to active clients.

We may update this notice from time to time. Any changes will be posted here, and significant changes will be communicated to active clients directly. The most current version will always be available at this URL.

How to Contact Us

If you have any questions or concerns about privacy, feel free to reach out at [email protected].