Privacy Policy

1. Who we are and how to reach us

Every-Day Computers Inc. is a registered Canadian telecommunications carrier headquartered at Unit B, 4836 McConnell Avenue, Terrace, British Columbia V8G 5M4.

Our Chief Privacy Officer is responsible for compliance with this policy. You can reach them at privacy@evcominc.com or by mail at the address above. We will acknowledge your message within 5 business days and respond substantively within 30 days.

2. Information we collect

To provide mobile and internet service, we collect:

• Identity: full name, date of birth, government ID details (for credit verification where required).
• Contact: mailing address, service address (for E9-1-1), phone number, email.
• Account: account password, security questions, customer reference number, signed contracts.
• Financial: payment method, billing history, credit-check result. Credit card numbers are processed by Stripe and never stored on our servers.
• Device: IMEI, IMSI, ICCID, eSIM EID, device make and model.
• Network: call detail records (CDRs), SMS metadata (sender, recipient, timestamp — we do not log message contents in normal operation), IP addresses, byte counts, attach/detach events, cell-site ID.
• Location: approximate network-derived location (from cell-site) and, during a 9-1-1 call, GNSS coordinates from your handset.
• Support: transcripts of interactions with our support team, voicemails to our support line, emails you send us.

3. Why we collect it

• To establish service and verify identity (SIM activation, eSIM profile generation).
• To bill you and detect fraud (credit, charge-backs, usage metering).
• To route and complete your calls, texts, and data sessions.
• To connect you to 9-1-1 emergency services with a valid location (CRTC obligation).
• To comply with lawful court orders and production orders under the Criminal Code.
• To respond to customer support requests.
• With your explicit opt-in only: to send you marketing offers and service updates.

4. Consent

When you sign up for service, you consent to the collection and use described above. You can withdraw consent for optional uses (marketing, telemetry) at any time from your portal or by emailing privacy@evcominc.com. Withdrawing consent for required uses (billing, network operation, 9-1-1) is not possible without terminating service.

5. Third parties we share with

We share only what is necessary for the partner to do its job. We do not sell personal information.

• Telnyx LLC (USA) — wholesale interconnect to the public switched telephone network for outbound/inbound voice and SMS; receives phone numbers, call setup metadata, and message bodies you send or receive. Telnyx does not provide radio coverage or roaming.
• Roaming partner carriers (Canada) — when your device is outside our home network, we route through one or more Canadian partner carriers under incidental-roaming arrangements. They receive the minimum information needed to authenticate your device and bill us for out-of-home-network usage.
• Stripe, Inc. (Canada / USA) — payment processing; receives payment card details, billing address, amount, and subscription metadata.
• Google LLC (Firebase) (USA) — account authentication and operational databases; receives your email, account password hash, and customer records.
• Flexgroups / SwiftSim (Germany / global) — remote SIM provisioning; receives ICCID, IMSI, eSIM profile metadata and K/OPc keys (which are never exposed to us once generated there).
• Public safety agencies (Canada) — 9-1-1 operators receive your name, service address, and GNSS location during an emergency call.
• Canadian law enforcement — we comply with properly authorized production orders (s.487 Criminal Code) and warrants. We publish an annual transparency report.
• Credit bureaus (Equifax, TransUnion) — we perform a soft credit check on signup and may report delinquent accounts.

Some of these partners store or process information in the United States, the European Union, or elsewhere. Information stored outside Canada is subject to the laws of that country, which may include lawful access by foreign governments.

6. Retention

• Billing records and invoices: 7 years, to meet Canada Revenue Agency requirements.
• Call detail records (CDRs): 13 months for billing disputes; aggregated past 13 months.
• SMS metadata: 90 days, unless required longer by lawful access order.
• Network signalling logs (registration, bearer setup): 30 days.
• Packet-level traffic: not retained; transit only.
• Customer support transcripts: 2 years.
• Account information: retained while your account is active, plus 24 months after cancellation, after which we delete or anonymize.

7. Your rights under PIPEDA

You have the right to:

• Access a copy of the personal information we hold about you.
• Correct information that is inaccurate or out of date.
• Challenge compliance with this policy, including by filing a complaint with our Chief Privacy Officer and, if unsatisfied, the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca.
• Withdraw consent for optional data uses (marketing, analytics).
• Port your phone number to another carrier at any time.
• Delete your account and request deletion of personal information that is not subject to a regulatory retention obligation.

To exercise any of these rights, email privacy@evcominc.com. We will verify your identity before acting on the request (usually by text to your MSISDN).

8. Security

We protect your information with:

• Encrypted transmission (TLS 1.2+) between your device, our core network, and our partners.
• Mutual-TLS authentication to our SM-DP+ (eSIM) platform.
• Hardened firewalls (default-drop nftables on all core hosts), fail2ban, principle of least privilege.
• Authenticated database access (MySQL and MongoDB on our HSS and S-CSCF require credentials).
• Daily encrypted backups of customer and network state.
• Physical security: core servers are located in a locked facility in Terrace with controlled access.

No system is perfectly secure. If we detect a breach that affects your personal information, we will notify you directly and file a report with the OPC as required by PIPEDA.

9. Minors and family plans

Ev-Com offers family plans where a parent or legal guardian (the "primary account holder") can activate one or more mobile lines for children under 18 ("child lines"). This section explains how we handle personal information collected from minors, consistent with PIPEDA and Canadian privacy guidance from the Office of the Privacy Commissioner (OPC).

9.1 Consent

• Only a parent or legal guardian may open a child line. By clicking "Add child line" in the portal, the primary account holder affirms they hold that legal authority.
• For children 13 and older, we also require that the child has been informed of this service and consents to its terms. The primary account holder confirms this at activation on the child's behalf.
• Children under 13 cannot provide valid consent under Canadian law; the parent/guardian consents for them. We collect only the minimum data needed to operate the line (name, age, MSISDN, IMSI, approximate location if opted in, usage records for billing).
• Consent may be withdrawn at any time by the primary account holder (remove the child line in the portal). A child 13+ may also contact our Chief Privacy Officer directly to request withdrawal of their own consent.

9.2 What we collect about a minor

• Name, age, and parent/guardian identity — used only to operate the service and comply with law.
• Phone number (MSISDN), SIM identifiers (ICCID/EID), device identifier (IMSI) — necessary to route calls, texts, and data to the correct device.
• Usage records (CDRs, data volume, SMS metadata) — for billing and network operation. Retention matches the general schedule in section 6.
• Location information — only when location sharing is expressly enabled by the parent. See 9.3 below.

We do not profile minors for advertising, sell their data, or use it for any purpose not listed here.

9.3 Location sharing for child lines

Optional location sharing lets the parent see approximate location of a child line in the portal. It is off by default and can be toggled per-line. When enabled:

• Location is derived from cell-site registration (which LTE tower the phone is attached to). This is accurate to roughly 1–5 km in rural areas and a few hundred metres in town centres. It is not GPS-precise.
• Location history is retained for 24 hours, after which it is automatically deleted from our systems.
• If the child line places a 9-1-1 emergency call, the handset's GPS coordinates are transmitted directly to the PSAP (emergency operator) by the device. We do not retain that GPS reading beyond what is required for emergency-service record-keeping.
• The primary account holder is notified by SMS the first time location sharing is enabled on a child line.
• A child 13+ may withdraw location-sharing consent by contacting our Chief Privacy Officer.

We recommend parents use purpose-built parental-control apps (Google Family Link, Apple Screen Time / Find My) for precise GPS tracking, internet filtering, and screen-time controls. Those run on the device itself and give far more detail than a cell-site lookup.

9.4 Transitioning from a child line

When a child reaches the age of majority in British Columbia (19), or with the primary account holder's consent at any earlier age, the child line can be transferred to the child's own separate Ev-Com account. At that point the child becomes the primary account holder for their own line and this "Minors and family plans" section no longer applies to them.

9.5 Complaints

Concerns about our handling of a minor's information may be directed to our Chief Privacy Officer at privacy@evcominc.com. If unresolved, you may escalate to the Office of the Privacy Commissioner of Canada (1-800-282-1376, priv.gc.ca).

10. Cookies and site telemetry

Our website uses cookies to keep you logged in and remember preferences. We use privacy-respecting analytics to understand traffic patterns (aggregated, not tied to your identity). We do not use cross-site ad trackers.

11. Marketing communications

We follow Canada's Anti-Spam Legislation (CASL). We only send marketing SMS or email after you give us express consent during signup or later through the portal. Every marketing message includes an unsubscribe link (or reply STOP for SMS). Transactional messages (SMS billing confirmations, service outages, 2FA codes) are considered business-critical and may be sent without separate opt-in.

12. Changes to this policy

We will give 30 days' written notice (email and portal announcement) before making material changes to this policy. Minor corrections (typos, broken links) may be made without notice. The "last updated" date at the top always reflects the current version.