Information provided is advertising in nature

GDPR Compliance

Last updated: June 23, 2026

Data Controller

For the purposes of the General Data Protection Regulation, indigo-fern acts as the data controller for personal information collected through this website.

Legal Basis for Processing

We process personal data based on consent when you submit information through our contact forms. By providing your information, you explicitly consent to its use for the purposes of responding to your inquiry and providing requested services.

Data Subject Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of access: You can request confirmation of what personal data we hold about you.
  • Right to rectification: You can request correction of inaccurate or incomplete data.
  • Right to erasure: You can request deletion of your personal data under certain circumstances.
  • Right to restrict processing: You can request that we limit how we use your data.
  • Right to data portability: You can request a copy of your data in a structured, commonly used format.
  • Right to object: You can object to processing based on legitimate interests.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including any legal or reporting requirements. Contact information from service requests is typically retained for project completion plus a reasonable period to address warranty or follow-up matters.

International Data Transfers

Your data is processed and stored within Canada. If transfers to other jurisdictions become necessary, we ensure appropriate safeguards are in place to protect your information in accordance with GDPR requirements.

Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include secure server infrastructure and access controls limiting data availability to authorized personnel only.

Exercising Your Rights

To exercise any of your GDPR rights, contact us using the information provided on our contact page. We will respond to valid requests within the timeframes required by GDPR, typically within one month.

Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.