Data processing terms.
How Apex Radius handles client-controlled personal information when operating lead systems, dashboards, automation, analytics, advertising measurement, and delivery tools.
Last updated: July 5, 2026
Purpose
These Data Processing Terms describe how Apex Radius handles client-controlled personal information while delivering services such as forms, lead intake, dashboards, automation, analytics, advertising measurement, call routing, CRM handoff, reporting, and managed operations.
A signed data processing agreement, master services agreement, or statement of work controls over these public terms if it is more specific.
Roles
For client customer, prospect, lead, employee, and operational data that Apex handles only to deliver services, the client is typically the organization that determines the purpose and means of processing, and Apex Radius acts as a service provider or processor.
For Apex Radius website enquiries, business development, account administration, security, billing, and internal operations, Apex Radius may act as an independent organization/controller for that information.
Instructions and permitted processing
Apex Radius processes client-controlled personal information only to deliver the agreed services, follow documented instructions, maintain security, troubleshoot issues, improve reliability, comply with law, and perform related business operations.
If Apex Radius believes an instruction creates material legal, security, platform, or operational risk, Apex Radius may pause the affected work and request a corrected instruction.
Data categories
Depending on scope, processed data may include contact details, lead forms, call metadata, call recordings where enabled, website events, UTM parameters, source attribution, CRM notes, booking details, ad conversion events, support messages, account identifiers, and operational logs.
Clients should not send sensitive personal information, payment card data, health data, government identifiers, passwords, or regulated records unless the written scope specifically requires and protects that data.
Sub-processors
Apex Radius may use trusted service providers for hosting, infrastructure, analytics, advertising platforms, CRM, email, automation, security, AI-assisted workflows, call routing, payment administration, and project delivery.
Apex Radius remains responsible for choosing providers with appropriate security and contractual protections for the work. Some providers may process or store information outside Canada.
Security measures
Apex Radius uses practical safeguards such as least-privilege access, private secrets storage, access reviews, secure deployment practices, audit-aware operations, environment separation where practical, and removal of access when it is no longer needed.
No system is risk-free. Security measures are designed to reduce risk based on the sensitivity, volume, and use of the information in the engagement.
Breach response
If Apex Radius becomes aware of unauthorized access, loss, or disclosure involving client-controlled personal information, Apex Radius will notify the affected client without unreasonable delay after confirming the incident facts and scope.
Apex Radius will reasonably support the client with information needed to assess notification obligations, including obligations under Alberta PIPA, PIPEDA, or other applicable privacy laws where relevant.
Return, deletion, and retention
At the end of an engagement, Apex Radius will return, transfer, archive, or delete client-controlled personal information according to the signed agreement, operational need, legal obligations, backup cycles, security logs, and dispute-resolution requirements.
Residual copies may remain in backups, logs, or compliance records for a limited period where deletion is not technically immediate or legally appropriate.
Client obligations
The client is responsible for having a lawful basis or consent for the information it asks Apex Radius to process, providing required privacy notices, honoring individual rights requests, configuring its own platform permissions, and reviewing regulated claims or consent language.
The client should avoid giving Apex Radius access to systems or data that are not needed for the engagement.
Contact
Questions about this page can be sent to [email protected]. Apex Radius is based in Calgary, Alberta, Canada.