CSD Corp App Privacy Policy

Last updated: October 30, 2023

Your privacy is important to us. This privacy policy explains the personal data that Corner Software collects and processes, how it processes data and for what purposes it is collected and processed. This privacy policy further describes our commitment to preserving the privacy and security of your personal data. This policy applies to the interactions that Corner Software has with you through your use of Corner Software apps, products and services.

Brief overview of our commitment to privacy

At Corner Software, we believe that the less information we know about you, the better. After all, it is impossible to lose, misuse, or abuse information we don’t have. To the extent that we have control over your data or data about you, we see ourselves as custodians of that data on your behalf.

We use your data solely to provide you with services in which you enroll. Our business is providing products and services to you, the customer. We have no desire or interest to use or transfer the limited data we acquire for any other purposes.

Who We Are

Corner Software is a Canadian company located at 1810 Playfair Drive, Ottawa, ON K1H 5S1 Canada. Corner Software complies with Canadian privacy laws. We are fully compliant with the Canadian privacy laws and the GDPR. The European Union (“EU”) recognizes Canada as a destination country with “adequate level of protection” for data privacy of individuals. We are not U.S.- EU Privacy Shield certified since we are a Canadian company.

Personal Data We Collect and How We Use your Personal Data

We do not collect or obtain data from third parties. We collect some data from you, in order to provide you with our products and associated services. You provide some data directly, such as when contact us for support.

We use your personal data to provide you with a rich customer experience through our customer support. In particular, we use your data to provide app services, which includes updating, securing and troubleshooting, and providing support.

The following is a more detailed description of the types of app user data:

The application uses two kinds of user data to deliver our services: (i) Local Data and (ii) Service Data. All are treated securely with respect for customer privacy and data confidentiality, but there are important technical and usage differences.

(i) Local Data

Local Data are held on your device and we have no way of accessing this information. This includes any information about your HomeKit devices and the information they provide.

(ii) Service Data

We inevitably acquire very limited Service Data about your usage of our app, and your payments through operating our services and providing support. We retain only enough Service Data to operate and maintain the services. These data are never used for any other purpose.

Service Data are kept confidential. They are visible to our staff and include, but are not limited to, billing information and email addresses.

As long as you are using our services, we retain the right to hold and use Service Data to provide our services, troubleshoot problems, analyze the performance and demands on our services, and to provide our payment processors with the information they need to process payments.

Diagnostic Data (Optional)

Diagnostic Data are a category of Service Data which are not automatically collected or required for operation of our services.

In some cases we seek diagnostic reports and other troubleshooting, bug, and crash reports from customers to help identify and solve problems with our products and services. This information is sent to us only on a case by case basis, or by users who explicitly opt into our beta software programs or who otherwise explicitly choose to provide diagnostic data to us.

Diagnostic Data may contain sensitive information about your devices and operating environment as well as personally identifying information. Although there may be occasions when we ask for Diagnostic Data to assist you with a problem, you are never obligated to provide it.

Keeping Your Information Safe

We understand and accept our responsibility to protect Service Data. We use strict access control mechanisms, network isolation, and encryption to ensure that Service Data is only available to authorized personnel.

Compliance with the laws

Corner Software fully complies with the Canadian privacy laws and the GDPR. Corner Software is a Canadian company, we are not U.S.- E.U. Privacy Shield certified.

Data Location and Transfer

Our app’s data are held on servers located within the United States and Canada. Service Data access is restricted to members of our staff residing in Canada. The European Union recognizes Canada as a destination country with “adequate level of protection” for data privacy of individuals.

Customer support system

Our customer support and email services are hosted primarily in the United States. Any information you choose to send us through email or our customer support system may pass through and be stored on a variety of intermediate services.

Third-Party Data Processors

Your Service data are held by third party data processors, who provide us with hosting and other infrastructure services. The locations of these are described above. In many cases (but we cannot promise that this will always be the case) even Service data held by these entities is encrypted with keys held only by us.

Contacting You

We may use your contact information, that is, the contact email address provided by you, to communicate with you about Service activity, provide support, and send you other information such as product updates and announcements. You may choose to stop receiving communications from us, except certain important notifications such as billing and account security alerts.

Data Protection Principles that We Practice

(i) Your Right to Know to What We Know

You have the right to know what we know about you and to see how that data is handled. You may request a screenshot of what we can see about you in our back office systems. However, to protect customer privacy, such requests must be carefully authenticated beyond demonstrating control of the customer’s email address.

(ii) Your Right to Have Your Data Erased

As we are merely custodians of your data, account owners have the right to instruct us to remove data permanently from our systems.

Disaster recovery and data availability requirements mean that Corner Software has a legitimate interest in maintaining secure and immutable backups. Backups are kept for 35 days. Erasure requests will leave those backups untouched, and we will only remove data from backups if legally compelled to.

(ii) Your right to access and control your personal data

You can also make choices about the collection and use of your data by Corner Software. You can control your personal data and exercise your data protection rights by contacting Corner Software at the address and information provided below.

Cookies and Tracking

We do not engage in or support cross-service tracking.

We use third party analytics packages for our public pages that may set cookies on your computer. These are limited to our domains, and do not involve cross-service tracking. You may disable cookies in your browser and continue to use our services without impact.

Consent for Underage Enrollment

Those under the age of 16 may not use the services without the consent or authorization of their parent or legal custodian. Family account organizers and team owners are responsible for that authorization when they add someone under the age of 16 to an account.


We will comply with applicable laws and the contracts with our customers to provide Service Data to law enforcement agencies. If permitted, we will notify you of such a request and whether or not we have complied.

Some Service Data is made available to family account organizers. In some limited circumstances we may provide some information to non-owner members of these accounts. Account owners will be informed in these circumstances.

Breach Notification

In the event of a breach, we recognize our responsibility to our customers and to the public to disclose the nature of the risk and provide a transparent account of the events without undue delay. We follow applicable requirements under the laws, that is, the Canadian data privacy breach notification requirements and the requirements related to data breach notification under the GDPR.

Updates to our Privacy Policy

At our discretion, we may make changes to this Policy and note the date of the last revision. You should check here frequently if you need to know of updates to our Privacy Policy. We maintain the right to send you email informing you of substantive changes. Previous versions will be made available from this page.

Contact Us

If you have any questions about this Policy, you can contact our support team or write us by mail at:

1810 Playfair Drive, Ottawa, ON K1H 5S1

Supervisory Authority

If you have concerns or complaints about this policy or practices with regard to that you do not feel you can resolve through contacting us, you should bring those concerns to your local regulatory authority.

Change log