Privacy Policy

Canner is a deployment platform operated from Montreal, Quebec. We are committed to handling your personal information in compliance with Quebec’s Act respecting the protection of personal information in the private sector (commonly known as Law 25) and the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

This policy describes what we collect, why we collect it, how long we keep it, and the rights you have over your data.

1. Who we are

Canner is operated by Colin Shand, based in Montreal, Quebec, Canada. For privacy questions or to exercise any of your rights below, contact privacy@canner.ca.

2. What we collect

We collect only what is necessary to operate the platform:

• Account data: email address, hashed password, company name, plan tier, billing status.
• Project data: project names, GitHub repository URLs, environment variables (encrypted at rest), build logs, deployment history.
• Operational data: HTTP request logs (host, path, status, timestamp), build duration and resource usage, error traces.
• Payment data: handled by our payment processor; we never see or store full card numbers.

We do not collect or sell behavioural advertising data, and we do not run third-party trackers on canner.ca.

3. Where your data lives

All customer data — including databases, environment variables, build artifacts, and application code — is stored on infrastructure physically located in Quebec, Canada. Data does not leave the province in the normal course of operation.

Limited operational subprocessors (e.g. transactional email, payment processing, DNS) may process metadata such as your email address or IP. We disclose these in §7 and select providers with Canadian or contractually-binding data-residency commitments wherever practical.

4. Why we use your data

• To run the deployment service you are paying for.
• To bill you and detect fraud.
• To send essential service notifications (build failures, security alerts, plan changes).
• To diagnose bugs and improve reliability.
• To comply with legal obligations.

We do not use your project data, build logs, or source code to train machine-learning models.

5. How long we keep it

• Account records: until you delete your account, plus up to 90 days for backups and billing reconciliation.
• Build logs: 30 days, then purged.
• Access logs: 90 days, then purged.
• Backups: rolling 30-day window.

6. Your rights

Under Law 25 and PIPEDA you have the right to:

• Access the personal information we hold about you.
• Have inaccurate information corrected.
• Request deletion of your account and associated personal data.
• Withdraw consent (subject to overriding legal obligations).
• Export your data in a structured, commonly-used format (data portability).
• File a complaint with the Commission d’accès à l’information du Québec or the federal Office of the Privacy Commissioner of Canada.

To exercise any of these rights, email privacy@canner.ca. We respond within 30 days.

7. Subprocessors

We use a small number of third-party providers to operate the service:

• Web Hosting Canada (WHC) — Quebec-based hosting provider for compute and storage.
• Cloudflare — DNS and TLS certificate issuance only. No traffic-proxying; requests do not transit Cloudflare’s network.
• Stripe — billing and payment processing. Subject to their own privacy practices.
• Resend — transactional email delivery (sign-up confirmations, password resets, billing receipts).
• GitHub — only when you connect a repository. We act on the permissions you grant the Canner GitHub App.

8. Security

We use TLS for all network traffic, encrypt sensitive fields at rest (environment variables, tenant database credentials), hash passwords with bcrypt, and isolate tenant builds and runtimes using cgroup-bounded subprocesses on dedicated hosts. We are a small team; if you discover a security issue, please email security@canner.ca before disclosing publicly.

9. Cookies

We use a single first-party session cookie to keep you signed in. We do not use any advertising cookies on the marketing site.

10. Site analytics

We measure traffic to canner.ca with a self-hosted, cookieless analytics tool that we built. It does not set cookies, write to localStorage, or fingerprint your browser. For each pageview we record the URL path, page title, referrer, your screen size, your browser language, and a coarse country / region derived from your IP address (the IP itself is never stored).

To distinguish one visitor’s sequence of pageviews from another’s without an identifier, we derive a pseudonymous session ID by hashing the combination of site + your IP + your user-agent with a salt that rotates at the start of each UTC month. We never store the inputs or the salt; only the resulting hash. The monthly rotation means the session ID for a returning visitor changes each month and cannot be correlated across that boundary. Raw events are deleted after 12 months.

You can disable analytics in your browser by enabling its Do Not Track setting, or by running localStorage.setItem('canner.analytics.disabled', '1')in the developer console. The site works identically with analytics disabled.

11. Changes

If we update this policy in a material way, we will notify active customers by email at least 30 days before the change takes effect.