Legal
Privacy Policy
Effective 16 July 2026 · NewsLeap Media Inc.
Introduction
NewsLeap Media Inc. ("NewsLeap", "we", "us") respects your privacy and handles personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. This Privacy Policy explains what we collect, why we collect it, how we use and disclose it, and the choices available to you when you visit newsleap.pro or contact us.
Who we are
NewsLeap Media Inc. is a Canadian corporation operating an editorial news website. Registered address: 168 Front Street East, Suite 105, Toronto, ON M5A 1E6, Canada. Business number BN 761234985 RC0001. Privacy enquiries: [email protected] or +1 (416) 384-2967.
Information we collect
We may collect: (a) contact information you submit through forms (name, email, message content); (b) technical data such as IP address, browser type, device identifiers, and pages viewed; (c) cookie and similar technology data as described in our Cookie Policy; (d) membership and billing information if you subscribe to optional paid services; (e) correspondence you send us voluntarily.
How we use information
We use personal information to: operate and secure the website; respond to enquiries and corrections; deliver newsletters or membership benefits you request; analyse aggregated traffic to improve editorial product decisions; comply with legal obligations; and protect against fraud or abuse including automated form submission.
Legal basis and consent
We rely on consent where required — for example, contact form processing under PIPEDA requires the explicit consent checkbox on our contact form. Necessary cookies operate the site without optional tracking. You may withdraw consent for optional processing by adjusting cookie preferences or contacting us, subject to legal or contractual limits.
Disclosure
We do not sell personal information. We may disclose data to: service providers bound by confidentiality (hosting, email delivery, analytics if consented); professional advisers; law enforcement or regulators when required by law; or successors in a corporate transaction with continued protection commitments.
Retention
Contact form records are retained as long as needed to respond and maintain a reasonable business record, typically up to twenty-four months unless a longer period is required for legal claims. Cookie preference records expire after six months and must be renewed. Server logs rotate on a shorter schedule.
Security
We implement administrative, technical, and organisational measures appropriate to the sensitivity of information processed, including TLS encryption in transit, access controls, and honeypot spam filtering on public forms. No method of transmission is completely secure; please do not send highly sensitive credentials by email.
Your rights
Under PIPEDA you may request access to personal information we hold about you, challenge its accuracy, and request correction. You may complain to the Office of the Privacy Commissioner of Canada if you believe we handled your information improperly. We will respond to verified requests within a reasonable period.
Children
NewsLeap is intended for general audiences and is not directed at children under thirteen. We do not knowingly collect personal information from children.
International transfers
Our primary systems are located in Canada. If service providers process data outside Canada, we assess safeguards and contractual protections consistent with applicable law.
Changes
We may update this policy with a revised date at the top of the page. Material changes will be noted on the website. Continued use after changes constitutes acceptance where permitted by law.
Contact
Questions about this Privacy Policy: [email protected], NewsLeap Media Inc., 168 Front Street East, Suite 105, Toronto, ON M5A 1E6, Canada.
Schedule A — Categories
Contact data: name, email, message. Technical data: IP, user agent, timestamps. Consent records: cookie JSON preferences with expiry. Membership data: billing identifiers as applicable. Each category links to purposes described above and retention rules in Retention.
Schedule B — Processors
Hosting providers in Canada; email delivery services; optional analytics vendors only when consented. Processor list available on request to [email protected].
We maintain a data inventory listing systems that store personal information, retention schedules, and responsible owners. The inventory is reviewed quarterly and updated when we add or retire vendors.
Marketing emails, when sent, include an unsubscribe mechanism processed within ten business days. Unsubscribe requests do not affect transactional messages related to membership billing or security alerts.
If you are a Canadian resident in Quebec, you may have additional rights under provincial privacy legislation. We honour applicable provincial requirements alongside PIPEDA.
Automated decision-making: NewsLeap does not use solely automated decisions that produce legal or similarly significant effects about individuals based on contact form or cookie data.
Breach notification: if a breach creates a real risk of significant harm, we will notify affected individuals and regulators as required, document the incident, and implement remedial controls.
Aggregated statistics derived from analytics cookies, when enabled, are shared internally as tables without direct identifiers. We do not compile cross-site profiles for sale.
Third-party links on newsleap.pro are not controlled by NewsLeap. Their privacy practices are governed by their own policies.
We retain suppression lists for marketing opt-outs to honour your choices across future campaigns.
Account data for optional membership includes billing name, payment token references held by our payment processor, and subscription status. We do not store full credit card numbers on NewsLeap servers.
When you submit a correction request, we may retain correspondence and supporting documents to document our editorial response and prevent duplicate tickets on the same issue.
Server logs may include IP addresses used for security monitoring and rate limiting. Logs are rotated on a rolling thirty-day basis unless an incident requires extended retention.
We may anonymise datasets for internal editorial research — for example, aggregate counts of which sections are read by province derived from coarse geo-IP without storing individual reading histories tied to names.
If NewsLeap participates in co-branded newsletters with partners, separate consent is obtained at signup and partner data use is limited to the described purpose.
Employees and contractors with access to personal information sign confidentiality agreements and receive privacy training covering phishing risks and secure handling of tips that may identify whistleblowers.
We respond to lawful requests from Canadian authorities when compelled, reviewing scope and notifying affected users where legally permitted.
De-identified analytics may be shared with funders or grant bodies to demonstrate reach without exposing individual identities.
You may designate an authorised agent to submit access requests on your behalf with written authorization and identity verification.
We do not use contact form data to train machine-learning models. Editorial tools may analyse text you submit solely to route your message to the appropriate desk.
Sensitive tips: if you contact us about misconduct or safety issues, indicate whether you require confidential handling. We cannot guarantee anonymity for all channels but will discuss secure options where feasible.
Data minimisation reviews occur when launching new features. Features that require disproportionate personal data relative to editorial value are rejected or redesigned.
Cross-border service providers must contractually limit processing to specified purposes and delete or return data on termination where practicable.
We publish aggregate transparency reports annually summarising government data requests and correction volumes without naming individual requesters.
Photography and event coverage: when NewsLeap photographers capture public events, faces may appear incidentally in published images. Event-specific privacy notices are posted when we operate registration-based sessions.
Newsletter open and click metrics, when collected, use pseudonymous tokens rather than exposing your message content to third parties.
Data subject requests
To exercise access or correction rights, email [email protected] from the address associated with your enquiry when possible. We verify identity before disclosing personal information to prevent unauthorised access. Response timelines follow PIPEDA reasonableness standards and complex requests may require additional days with interim acknowledgement.
Research and statistics
Aggregated readership statistics may appear in public-facing transparency materials. These aggregates cannot reasonably identify individual readers. We do not sell mailing lists derived from contact forms or newsletter signups.
Vendor due diligence
Before engaging subprocessors that may process personal information, NewsLeap reviews security practices, data residency commitments, and breach notification obligations. Contracts include purpose limitation and deletion requirements at termination where practicable.
Document history
This policy was reviewed and republished on 16 July 2026. Prior versions are available on request to [email protected] for compliance review purposes.