Privacy Policy
How we collect, use, disclose, retain, and protect personal information on the CATTLEytics platform.
Version 1.0 · Effective Date: March 16, 2026
Document Owner: CATTLEytics Inc.
1. Introduction
CATTLEytics Inc. (hereinafter “CATTLEytics”, “we”, “us”, or “our”) is committed to protecting the privacy and security of personal information entrusted to us. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information in connection with the CATTLEytics platform (mshake.app and associated mobile applications).
This Policy is published in accordance with PIPEDA Schedule 1, Principle 8 (Openness) and applies to all individuals whose personal information is held by CATTLEytics, including farm managers, workers, consultants, veterinarians, nutritionists, and any other persons granted platform access by a site administrator.
This Policy should be read alongside the CATTLEytics Producer Data Sharing Agreement, which governs farm-level operational data. This Policy specifically addresses the personal information of individuals using or administered within the platform.
2. Our Privacy Officer
CATTLEytics has designated a Privacy Officer accountable for our compliance with this Policy and with the Personal Information Protection and Electronic Documents Act (PIPEDA), S.C. 2000, c. 5.
All privacy inquiries, access requests, correction requests, and complaints should be directed to the Privacy Officer.
3. Scope
This Policy applies to:
- All personal information collected from or about individuals who are granted access to the CATTLEytics platform, including but not limited to farm owners, farm managers, workers, consultants, and advisors
- Personal information collected for the purpose of workforce management features within the platform
- Processing activities carried out by CATTLEytics and any third-party data processors acting on our behalf
This Policy does not govern:
- Farm-level animal or operational data (governed by the Producer Data Sharing Agreement)
- Information collected from job applicants (governed by a separate recruitment privacy notice, if applicable)
- The privacy practices of third-party websites or services linked from the platform
4. Personal Information We Collect
We collect only the personal information necessary for the identified purposes described in Section 5. We do not collect personal information indiscriminately.
4.1 Standard Platform Information
| Information | Purpose |
|---|---|
| Full name | Identity verification, platform access, workforce records |
| Email address | Account credentials, system notifications |
| Username | Platform authentication and audit logging |
| Job title / role | Role-based access control, workforce management |
| Platform access level | Permissions management |
| Login and access logs | Security monitoring and audit trail |
4.2 Workforce Management Information
The following categories of personal information may be collected where the CATTLEytics platform is used by a site administrator to manage farm workforce records:
| Information | Purpose |
|---|---|
| Date of birth | Identity verification, employment eligibility |
| Immigration visa number | Employment eligibility verification |
| Employment history within the platform | Performance management, record-keeping |
| Performance reviews and evaluations | Workforce management |
| Emergency contact information | Occupational health and safety |
| Team communications | Task and team management |
4.3 Sensitive Personal Information
The following categories are considered sensitive and are subject to heightened protection:
Health Information
Health information (including information related to medical accommodations, disability, or leave requests) is collected only where:
- The individual has volunteered sensitive personal information using the app, or
- Collection is required to fulfil a legal obligation (e.g., duty to accommodate under the Ontario Human Rights Code)
Health information is strictly access-controlled and is not accessible to farm workers or managers beyond what is necessary to administer the accommodation or leave. It is not shared with any third party.
Immigration Visa Number
A visa number is collected only for the purpose of verifying employment eligibility under the Immigration and Refugee Protection Act (Canada). It is not shared with any third party and is not used for any other purpose.
5. Purposes for Collecting Personal Information
In accordance with PIPEDA Schedule 1, Principle 2 (Identifying Purposes), personal information is collected for the following identified purposes, communicated at or before the time of collection:
- Creating and managing platform user accounts
- Authenticating platform access and enforcing role-based permissions
- Workforce and human resources record-keeping for farm operations
- Employment eligibility verification
- Payroll administration
- Administration of medical accommodations and leave
- Security monitoring, audit logging, and incident response
- Compliance with applicable legal obligations
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the individual's consent or as required or permitted by law.
6. Legal Basis for Processing
6.1 Under PIPEDA
CATTLEytics relies on the following bases under PIPEDA for processing personal information:
| Information | PIPEDA Basis |
|---|---|
| Account creation and platform access | Express consent at onboarding |
| Workforce records and HR management | Express consent or contractual necessity |
| Employment eligibility verification | Legal requirement (s. 7(1)(a) PIPEDA) |
| Health information for accommodation | Consent (explicit) or regulatory requirement under human rights regulation |
| Security logging and audit trails | Legitimate business purpose / legal obligation |
6.2 Under GDPR (for individuals in the EU/EEA)
For individuals whose personal information is subject to GDPR, CATTLEytics relies on the following legal bases under Article 6:
| Processing Activity | GDPR Legal Basis |
|---|---|
| Account creation and platform access | Art. 6(1)(b) — Performance of a contract |
| Workforce records and HR management | Art. 6(1)(b) — Performance of a contract |
| SIN / tax compliance | Art. 6(1)(c) — Legal obligation |
| Employment eligibility verification | Art. 6(1)(c) — Legal obligation |
| Health information for accommodation | Art. 9(2)(b) — Employment law obligation |
| Security logging and audit trails | Art. 6(1)(f) — Legitimate interests |
7. Consent
7.1 How We Obtain Consent
Consent for the collection of personal information is obtained:
- At onboarding — individuals granted platform access are presented with this Policy and asked to acknowledge it before their account is activated
- At the point of collection — for sensitive categories (health information, SIN), explicit written consent is obtained at the time the information is first collected, separately from general platform consent
- In plain language — consent requests will not be buried in terms of service; they will clearly identify what information is collected and why
7.2 Implied vs. Express Consent
Standard platform information (name, email, role) is collected on the basis of implied consent arising from the individual's voluntary use of the platform. Sensitive information (health data, SIN, immigration status) requires express written consent.
7.3 Withdrawal of Consent
Individuals may withdraw consent at any time by contacting the Privacy Officer at [email protected], subject to reasonable notice and any legal or contractual constraints.
Effect of withdrawal:
- Withdrawal does not affect the lawfulness of processing prior to withdrawal
- Where withdrawal would prevent CATTLEytics from meeting a legal obligation (e.g., tax remittance), the individual will be informed that collection is legally required and consent withdrawal may not be possible for that specific purpose
- Platform access may be affected if consent is withdrawn for information necessary to operate the account
8. Data Minimization and Limiting Collection
In accordance with PIPEDA Schedule 1, Principle 4 (Limiting Collection), CATTLEytics collects only the personal information necessary for the identified purposes. We do not:
- Collect personal information speculatively or in anticipation of future uses
- Require personal information as a condition of access where a less privacy-invasive alternative exists
- Collect personal information that is disproportionate to the purpose
Site administrators are responsible for ensuring that only necessary information is entered into the platform for their workforce. CATTLEytics provides guidance on appropriate use through administrator documentation.
9. Encryption and Security
CATTLEytics implements the following technical and organisational measures to protect personal information:
- Field-level encryption of select sensitive personal information using industry-standard authenticated encryption
- Encryption in transit using TLS for all data transmitted between client devices and platform servers
- Encryption at rest for all data stored on platform infrastructure
- Role-based access control (RBAC) ensuring individuals can only access information relevant to their assigned role (see Section 10)
- Periodic security reviews of application code and infrastructure
- Access logging for all interactions with sensitive data fields
- Secure deletion procedures for data at end of retention period
No security system is infallible. In the event of a breach, CATTLEytics will respond in accordance with Section 14.
10. Role-Based Access Control
Access to personal information within the platform is strictly limited based on the user's assigned role. The following principles govern access:
- Need-to-know basis: Users access only the personal information required to perform their platform function
- Least privilege: Default access levels are set to the minimum required; elevated access requires explicit administrator grant
- Separation of sensitive data: Health information, SIN, and immigration status are accessible only to roles with a documented administrative or compliance need (e.g., site administrator, HR-designated role)
- Worker access: Farm workers and general platform users do not have access to other individuals' sensitive personal information
- Audit trail: All access to sensitive personal information is logged with timestamp, user identity, and action taken
Site administrators are accountable for maintaining appropriate access controls for their site and for promptly revoking access when an individual's employment or engagement ends.
11. Disclosure to Third Parties
11.1 What We Do Not Share
CATTLEytics does not:
- Sell personal information to any third party
- Use personal information for training of machine learning or artificial intelligence models
- Disclose protected, identifiable personal information to any other commercial third party
- Use personal information for advertising, marketing profiling, or any purpose beyond those identified in Section 5
11.2 Limited Information Shared with Authorized Platform Users
Non-sensitive system information (such as username and user role / access level) may be visible to other authorized users within the same platform site in the ordinary course of using the platform. This is limited to what is necessary to identify who has access to a given site and at what permission level.
No protected personal information — including health information, work visa number, date of birth, or employment records — is disclosed to any commercial third party.
11.3 Data Processors
CATTLEytics engages third-party data processors solely to provide technical services necessary to operate the platform. By the nature of providing these services, processors may have incidental access to personal information stored on or transmitted through platform infrastructure. Current processor categories include:
| Sub-Processor Type | Purpose |
|---|---|
| Cloud infrastructure provider | Hosting, storage, and compute |
| Email service provider | System notifications |
| Error monitoring service | Application stability |
| Analytics service (internal only) | Platform performance |
| Third-party data integration services | Data sync with DairyComp, Lely Horizon, and other farm management systems |
| AI / LLM service providers | AI-powered farm analysis, breeding insights, and conversational advisor. CATTLEytics takes reasonable steps to minimize personal information included in queries. API agreements prohibit training on customer data. |
| Mobile push notification service | Delivery of push notifications to mobile application users (e.g., OneSignal). Receives device tokens and user identifiers necessary to route notifications. |
| Payment processor | Subscription billing and usage metering |
| CRM platform | Customer relationship and subscription management |
| Avatar service | User profile image retrieval |
| Weather data provider | Environmental data for farm analysis |
| Government data APIs | Livestock traceability reporting and market data |
All data processors are bound by contract to:
- Process personal information only on CATTLEytics's documented instructions and solely for the purpose of providing the contracted service
- Not access or use personal information for any independent purpose, including product development or improvement
- Not sell personal information or use it for training of AI or machine learning models
- Implement technical and organisational security measures at least equivalent to those described in Section 9
- Notify CATTLEytics promptly of any suspected breach involving personal information
- Delete or return all personal information upon termination of the processing relationship
Note on AI features: Where AI-assisted features are provided through a third-party language model API, CATTLEytics takes reasonable steps to minimise the personal information included in queries. Users should avoid entering protected personal information (such as names, SIN, or health details) into AI-assisted input fields. CATTLEytics will verify that applicable API agreements prohibit training on customer data before enabling any feature that transmits user-generated content to an external AI provider.
A current list of named data processors is available upon request from the Privacy Officer.
11.4 Legally Required Disclosure
Personal information may be disclosed without consent where required by applicable law, court order, or lawful authority. CATTLEytics will, where legally permitted, notify the affected individual before disclosure and limit disclosure to what is strictly required.
12. Retention and Deletion
In accordance with PIPEDA Schedule 1, Principle 5 (Limiting Use, Disclosure, and Retention), personal information is retained only as long as necessary for the identified purposes or as required by law.
| Information Category | Retention Period |
|---|---|
| Active user account information | For the duration of active platform access |
| Workforce records (active employee) | For the duration of active employment / engagement |
| Workforce and payroll records (inactive employee) | 6 years from the date the individual's status is set to inactive (CRA requirement per the Income Tax Act) |
| Health information (accommodations/leave) | 3 years from inactive status, or as required by employment law |
| Security and access logs | 24 months |
| Consent records | Duration of relationship plus 3 years |
At end of retention period: Personal information will be securely and permanently deleted using methods that prevent recovery. Where information cannot be fully deleted (e.g., backup media), it will be rendered inaccessible and deleted at the next scheduled backup cycle.
13. Your Rights
13.1 Rights Under PIPEDA
All individuals whose personal information is held by CATTLEytics have the following rights under PIPEDA:
| Right | Description | How to Exercise |
|---|---|---|
| Right of Access | Request a copy of your personal information held by CATTLEytics | Written request to Privacy Officer |
| Right to Rectification | Request correction of inaccurate or incomplete information | Written request to Privacy Officer |
| Right to Withdraw Consent | Withdraw consent for non-mandatory processing at any time | Written request to Privacy Officer |
| Right to Know Disclosures | Request information about third parties to whom your information has been disclosed | Written request to Privacy Officer |
13.2 Additional Rights Under GDPR (EU/EEA individuals)
For individuals whose personal information is subject to GDPR, the following additional rights apply:
| Right | GDPR Article | Notes |
|---|---|---|
| Right to Erasure (“Right to be Forgotten”) | Art. 17 | Subject to legal retention obligations (e.g., CRA payroll records) |
| Right to Restriction of Processing | Art. 18 | Can be requested while a dispute is under review |
| Right to Data Portability | Art. 20 | Applies to data processed by automated means on the basis of consent or contract |
| Right to Object | Art. 21 | Applies to processing based on legitimate interests |
CATTLEytics offers erasure, portability, and restriction rights as best practice to all users regardless of jurisdiction, to the extent permitted by applicable legal retention obligations.
13.3 How to Submit a Request
Requests to exercise any of the above rights should be submitted to the Privacy Officer at [email protected]. CATTLEytics will:
- Acknowledge your request within 5 business days
- Respond fully within 30 calendar days (extensions of up to an additional 30 days may apply for complex requests, with notice provided)
- Not charge a fee for standard requests
- Require identity verification before disclosing or modifying personal information
14. Breach Notification
In the event of a breach of security safeguards involving personal information, CATTLEytics will respond as follows, in accordance with PIPEDA's Breach of Security Safeguards Regulations (SOR/2018-64):
14.1 Internal Response
- Contain and assess the breach as soon as it is discovered
- Determine whether the breach creates a real risk of significant harm to affected individuals, as defined under PIPEDA s. 10.1
14.2 Notification to the Privacy Commissioner of Canada
Where a breach poses a real risk of significant harm, CATTLEytics will notify the Office of the Privacy Commissioner of Canada (OPC) as soon as feasible following discovery, in the form prescribed by the Regulations.
14.3 Notification to Affected Individuals
Where a breach poses a real risk of significant harm, CATTLEytics will notify affected individuals as soon as feasible, directly and in plain language, including:
- A description of the breach
- The personal information involved
- Steps taken or being taken to address the breach
- Steps individuals can take to protect themselves
- Contact information for the Privacy Officer and the OPC
14.4 Notification Under GDPR (where applicable)
Where GDPR applies, CATTLEytics will additionally notify the relevant supervisory authority within 72 hours of becoming aware of a breach likely to result in a risk to individuals' rights and freedoms (Art. 33), and will notify affected individuals without undue delay where the risk is high (Art. 34).
14.5 Breach Records
CATTLEytics maintains records of all breaches of security safeguards for a minimum of 24 months from the date the breach was discovered, as required by the Regulations, regardless of whether notification was required.
15. Cross-Border Data Transfers
Personal information may be stored on servers located outside Canada (e.g., in the United States or other jurisdictions) by CATTLEytics's cloud infrastructure providers. CATTLEytics takes reasonable steps to ensure that personal information transferred outside Canada receives comparable protection, including through contractual obligations with data processors.
Individuals should be aware that when personal information is transferred to another jurisdiction, it may be subject to the laws of that jurisdiction, including lawful access by government authorities.
For individuals subject to GDPR, personal information will only be transferred outside the EEA where an adequate level of protection is ensured through one of the mechanisms recognised under GDPR Chapter V (e.g., Standard Contractual Clauses).
16. Accountability
In accordance with PIPEDA Schedule 1, Principle 1 (Accountability), CATTLEytics is accountable for all personal information in its custody or control, including information transferred to third-party processors.
CATTLEytics's Privacy Officer is responsible for:
- Overseeing compliance with this Policy and PIPEDA
- Developing and maintaining CATTLEytics's privacy management program
- Handling inquiries and complaints relating to personal information
- Training staff on privacy obligations
- Conducting periodic reviews of privacy practices
Site administrators operating within the platform are accountable for the appropriate use of personal information within their site and must ensure that access is granted only to individuals with a legitimate need.
17. Changes to This Policy
CATTLEytics may update this Policy from time to time. Material changes will be communicated to users via:
- Email notification to registered account holders, and / or
- Prominent notice within the platform, no less than 30 days before the changes take effect
Continued use of the platform after the effective date of a revised Policy constitutes acceptance. If you do not accept the revised Policy, you may request account deactivation by contacting the Privacy Officer.
The current version of this Policy is always available at cattleytics.com/privacy.
18. Complaints
If you believe CATTLEytics has not handled your personal information in accordance with this Policy or applicable law, you may:
- Contact our Privacy Officer at [email protected] — we will investigate and respond to your complaint
- If our response and investigation is not satisfactory, you may contact the Office of the Privacy Commissioner of Canada (OPC):
- Website: www.priv.gc.ca
- Toll-free: 1-800-282-1376
- The OPC will investigate and issue findings and recommendations
- Apply to the Federal Court of Canada for a binding order under s. 14 of PIPEDA, if you are not satisfied with the OPC's findings
For individuals in the EU/EEA, you may also lodge a complaint with the data protection supervisory authority in your country of residence.
19. Contact
For all privacy-related matters, including access requests, corrections, consent withdrawal, and complaints:
Appendix A — PIPEDA Fair Information Principles Compliance Summary
| Principle | How CATTLEytics Addresses It |
|---|---|
| 1. Accountability | Designated Privacy Officer; processor contracts; site administrator obligations (§16) |
| 2. Identifying Purposes | Purposes identified at or before collection; listed in §5 |
| 3. Consent | Express consent at onboarding; explicit consent for sensitive data; withdrawal process in §7 |
| 4. Limiting Collection | Data minimization policy; collection limited to identified purposes (§8) |
| 5. Limiting Use, Disclosure & Retention | Purposes defined in §5; no third-party sale; retention schedule in §12 |
| 6. Accuracy | Users and administrators may correct information; rectification right in §13 |
| 7. Safeguards | Field-level encryption; RBAC; TLS; security logging (§9, §10) |
| 8. Openness | This published Policy; Privacy Officer contact publicly available (§2, §19) |
| 9. Individual Access | Access and rectification process in §13.1; 30-day response commitment |
| 10. Challenging Compliance | Complaint process in §18; OPC escalation path; Federal Court route |
Appendix B — Special Category Data Handling Summary
| Data Type | Access | Applicable Law | Basis for Collection | Third Party Sharing |
|---|---|---|---|---|
| SIN | Site admin / payroll role | PIPEDA s. 7; Income Tax Act | Legal obligation (payroll/CRA) | CRA only |
| Health information | Restricted admin role only | PIPEDA; Ontario Human Rights Code; GDPR Art. 9 | Explicit consent or legal obligation (accommodation) | No |
| Immigration / visa status | Manager + site admin | PIPEDA; Immigration and Refugee Protection Act | Legal obligation (employment eligibility) | No |
| Performance reviews | Manager + site admin | PIPEDA | Consent (employment relationship) | No |
| Date of birth | Site admin only | PIPEDA | Consent / employment necessity | No |
Questions about your privacy?
Our Privacy Officer is here to help with access requests, corrections, consent withdrawal, and any concerns.
Contact our Privacy Officer