Privacy Policy

Last updated: 26th of February 2026

1. Who we are

Augmented Group Inc & subsidiaries (“we”, “us”, “our”) provides staff augmentation and managed services to clients in Canada, the United Kingdom, the European Union, and the United States. We operate the website www.augmented.xyz, which is intended for prospective and current clients, candidates, contractors, and business partners.

  • Registered office: 88 Queens Quay W Suite 2500, Toronto, ON M5J 0B8
  • Email: operations@augmented.xyz
  • Phone: +1 416 805 63 27

For GDPR purposes, we act as:

  • A controller for personal data we process for our own purposes (e.g., managing our candidate database, marketing, client relationship management).
  • A processor (or “service provider”) when we process personal data on behalf of clients under their instructions (e.g., providing managed services on client systems).

Where required, we may appoint a Data Protection Officer (DPO) and/or EU/UK representative.

2. Scope and applicable laws

This policy describes how we collect, use, disclose, and protect personal information through our website and related online services, and in connection with our staff augmentation and managed service activities.

We comply with:

  • Canada’s PIPEDA and applicable provincial private‑sector laws.
  • The EU/UK GDPR and local data protection laws where we offer services to, or monitor the behavior of, individuals in the EEA or UK.
  • Applicable U.S. federal and state privacy and data protection laws, to the extent they apply to our activities (for example, in relation to certain state consumer privacy laws and sectoral regulations, as relevant).

3. What personal information we collect

Candidate and contractor information

Depending on the role, location, and stage of the engagement, we may collect:

  • Identification and contact details: name, address, email, phone number, country of residence, preferred work locations.
  • Professional profile: CV/resume, LinkedIn or portfolio links, work history, education, certifications, skills, salary expectations, work preferences.
  • Right‑to‑work and compliance data: work authorization, visa status, national ID or passport details where permitted/required by law and client requirements, background check results provided by third‑party screening vendors (where allowed and subject to separate notices/consents).
  • Assignment data: assignment history, time and attendance, performance feedback, and information necessary to manage placements and engagements.

Client, prospect, and vendor information

We collect personal information about:

  • Client contacts and decision‑makers.
  • Users who fill out contact forms, download content, attend events, or subscribe to communications.

Such data may include business contact details, job role, communication preferences, and records of interactions.

Website and technical data

When you use our website, we may collect:

  • IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, and access times.
  • Cookie and analytics data (see “Cookies and similar technologies”).

We do not intentionally collect sensitive personal data (e.g., health, union membership, religion) via the website unless you choose to provide it and it is necessary for a clearly identified purpose, or we are legally required to process it.

4. How we collect personal information

We collect personal information:

  • Directly from you: when you submit a CV, apply for a role, sign up for talent pools, contact us, sign a contract, or otherwise communicate with us.
  • From clients and partners: when clients share candidate or contact details for specific assignments, onboarding, or managed services under our contracts.
  • From third parties: job boards, professional networking sites, recruitment platforms, background screening providers, and referral sources, in accordance with their own privacy notices and applicable law.
  • Automatically: via cookies and similar technologies when you visit our website.

5. Purposes and legal bases (GDPR)

When GDPR applies, we rely on the following legal bases:

  • Service delivery and staffing lifecycle
    • Purposes: sourcing candidates, evaluating suitability, matching candidates to roles, arranging interviews, onboarding, payroll and assignment administration, and managing ongoing staff augmentation and managed service engagements.
    • Legal bases: performance of a contract or steps at your request prior to entering a contract; our legitimate interests in providing staffing and managed services.
  • Operating our business and client relationships
    • Purposes: managing client accounts, contracts, and projects; communicating with client contacts; invoicing and collections; vendor management.
    • Legal bases: performance of a contract; legitimate interests in operating and growing our business.
  • Marketing and business development
    • Purposes: sending newsletters, event invitations, and information about our services; maintaining a talent community or candidate pool.
    • Legal bases: consent where required (e.g., email marketing to individuals in certain jurisdictions); legitimate interests in promoting our services, with the ability to opt out.
  • Compliance and risk management
    • Purposes: compliance with employment, tax, immigration, and social security laws; record‑keeping; responding to legal requests; preventing fraud and misuse of systems.
    • Legal bases: legal obligations; legitimate interests in safeguarding our rights and those of our clients, candidates, and contractors.

If we rely on consent, you can withdraw it at any time using the contact details below or unsubscribe mechanisms, without affecting processing carried out before withdrawal.

6. Use of personal information (PIPEDA)

Consistent with PIPEDA’s accountability and limiting collection principles, we use personal information only for purposes that a reasonable person would consider appropriate in the context of staff augmentation and managed services.

Typical purposes include:

  • Evaluating and presenting candidates for current and future roles with clients.
  • Managing contractor and employee assignments, timekeeping, and payment (where applicable).
  • Administering contracts with clients and service providers.
  • Monitoring service performance and quality, including feedback from clients and workers.
  • Complying with applicable laws and responding to regulatory inquiries or complaints.

If we intend to use personal information for a materially different purpose, we will update this policy and, where required, obtain additional consent.

7. Cookies and similar technologies

Our website uses cookies, web beacons, and similar technologies for:

  • Core site functionality and security.
  • Remembering your settings and preferences.
  • Aggregated analytics on website usage and effectiveness.
  • Marketing and remarketing (where enabled and lawful).

Where required by law (e.g., in the EEA/UK), we will obtain your consent before using non‑essential cookies such as analytics and marketing cookies. You can control cookies via your browser settings and, where available, our cookie banner or preference center.

8. When we act as processor vs controller

In many client engagements we process personal data of employees, contractors, and end‑users on behalf of our clients.

  • For client‑owned data processed in the course of providing managed services or staff augmentation, we generally act as a processor/service provider and process such data only on the documented instructions of the client, under a written data processing or service agreement.
  • For our internal candidate database, marketing, HR, and business operations, we act as an independent controller and determine the purposes and means of processing.

Clients remain responsible for providing appropriate privacy notices to their personnel and end‑users, and for determining the lawful basis for processing under applicable law.

9. How we share personal information

We do not sell personal information. We may share it with:

  • Clients and prospective clients: we share candidate and contractor profiles, subject to appropriate confidentiality and contractual obligations, to facilitate staffing and managed service engagements.
  • Service providers and vendors: including cloud hosting, ATS/CRM platforms, payroll and benefits providers, background check providers, IT support, analytics providers, and marketing tools, subject to data protection agreements and security requirements.
  • Professional advisors: legal, tax, and accounting advisors where necessary.
  • Corporate transactions: in connection with mergers, acquisitions, or other business restructuring, subject to appropriate safeguards.
  • Legal and regulatory bodies: when required to comply with laws, court orders, or governmental requests, or to protect our rights, safety, or those of others.

10. International transfers

We operate and use service providers located in multiple countries, including Canada, the UK, EU member states, and the United States.

When transferring personal data from the EEA/UK to countries that may not offer the same level of protection, we use appropriate safeguards, such as:

  • Adequacy decisions (where applicable).
  • Standard contractual clauses or equivalent approved mechanisms.
  • Additional technical and organizational protections where appropriate.

11. Data retention

For candidates and contractors, we retain personal information for as long as necessary to:

  • Assess and place you in suitable roles.
  • Maintain records of assignments as required by clients and applicable law.
  • Comply with statutory retention periods (e.g., employment, tax, and financial rules).

We periodically review candidate and client records and delete or anonymize information that is no longer required, subject to legal or contractual obligations to retain it.

12. Your rights

Your rights depend on where you are located and which laws apply.

Under PIPEDA (Canada)

Subject to exceptions, you may:

  • Request access to your personal information.
  • Request corrections to inaccurate or incomplete information.
  • Withdraw consent, where consent is the legal basis, subject to legal/contractual restrictions.
  • Challenge our compliance with PIPEDA through our internal process and, if unresolved, with the Office of the Privacy Commissioner of Canada.

Under GDPR (EEA/UK)

Where GDPR applies, you may have the rights to:

  • Access, rectification, and erasure.
  • Restrict or object to processing, including for direct marketing.
  • Data portability for certain information.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority in your country of residence or work.

To exercise any of these rights, contact us using the details below. We may need to verify your identity before responding.

Under U.S. privacy laws

Where applicable state or sector‑specific U.S. privacy laws apply to you, you may have additional rights (such as the right to know, delete, or opt out of certain uses or disclosures of personal information). We will honor such rights in accordance with the relevant law.

13. Security

We implement appropriate technical and organizational measures to protect personal information, taking into account the sensitivity of the data and the risks of processing in staffing and managed service environments.

Measures may include access controls, role‑based permissions, encryption in transit and at rest where appropriate, secure development and configuration of systems, vendor due diligence, contractual security obligations, and staff training on information security and privacy.

14. Children’s privacy

Our services and website are not directed to children under the age of [13/16, depending on jurisdictions], and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, please contact us so we can take appropriate steps.

15. Third‑party sites and tools

Our website may link to third‑party websites or integrate third‑party tools (for example, job boards, scheduling tools, background check vendors, or social login). Their privacy practices are governed by their own policies, which we encourage you to review.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data practices. We will indicate the date of the latest update at the top of this page and may provide additional notice for material changes.

17. Contact us

To ask questions or exercise your rights, please contact:

  • Email: operations@augmented.xyz
  • Postal address: 88 Queens Quay W Suite 2500, Toronto, ON M5J 0B8

For Canada: you may contact the Office of the Privacy Commissioner of Canada if your concerns remain unresolved.
For EEA/UK: you may lodge a complaint with your local data protection authority.

Updates
Get the latest insights on talent sourcing and enterprise solutions delivered to your inbox.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
We respect your privacy and only send relevant updates to your inbox.
© 2026 Augmented Group Inc. All rights reserved.
Privacy Policy