Privacy Policy

“Workbench” is a product of Lynkr Inc.(“Lynkr,” “we,” “us,” “our”), a corporation organized under the laws of Canada and based in Toronto, Ontario. This policy applies to tryworkbench.ca, any subdomains, and the Workbench product and related services (collectively, the “Services”).

By using the Services, you acknowledge the practices described here. If you do not agree with this policy, do not use the Services.

For the marketing site and sales interactions, Lynkr acts as a controller of personal information you provide directly (e.g., name, work email, company, notes you submit through a form).

When Workbench is deployed for a customer organization and processes data inside that organization's systems, Lynkr acts as a processor (or “service provider”) on behalf of that customer. In that case, the customer's own privacy policies govern the personal information processed through those systems, and our handling is defined by the agreement executed with that customer.

We collect the minimum information we need to run the Services. The categories are:

a) Information you give us

• Contact and company details — name, work email, phone (if provided), company name, role, team size, and similar details submitted through demo, scoping, or contact forms.
• Workflow and systems context — free-text descriptions of the back-office work you'd like a crew member to handle, and the systems you currently use (e.g., ERP, project-management, payroll tools).
• Communications — the content of emails, messages, and notes from calls you have with our team.

b) Information collected automatically

• Usage data — pages viewed, referrer, approximate location derived from IP, device and browser type, and timestamps.
• Performance and reliability data — aggregated error reports, latency, and uptime telemetry from our hosting provider.
• Cookies and similar technologies — strictly necessary cookies for session handling and security. We use privacy-friendly analytics (Vercel Analytics) that does not use tracking cookies or build cross-site profiles.

c) Information from customer systems

• When Workbench is deployed in a customer environment, it reads and writes data within the systems the customer has authorized — for example, accounting, ERP, payroll, or project-management tools. That data is handled on behalf of the customer, under the terms of the agreement with that customer, and is not used for our own marketing purposes.
• We do not train third-party foundation models on customer data, and we do not use customer data to improve models used for other customers except where expressly permitted by the applicable agreement.

• To respond to demo requests, scoping requests, and sales inquiries, and to schedule and follow up on calls you explicitly request.
• To operate, secure, maintain, and improve the Services, including debugging, abuse prevention, and capacity planning.
• To understand how the site performs and where visitors come from, in aggregate.
• To send operational communications about the Services (e.g., security notices, changes to terms).
• To comply with legal obligations, enforce our Terms of Service, and protect the rights, property, and safety of Lynkr, our customers, and the public.

We do not sell personal information. We do not share personal information for cross-context behavioural advertising. We do not use your information to train third-party AI models.

We share information only with the categories of recipients below, and only as needed for the purposes described in this policy:

• Service providers and sub-processors that help us operate the Services — for example, hosting and analytics (Vercel), email delivery, CRM, and calendar providers. These providers are bound by contract to handle information only on our instructions and to protect it.
• Professional advisers (auditors, lawyers, accountants, insurers) under appropriate duties of confidentiality.
• Authorities and third parties when required to comply with applicable law, legal process, or enforceable governmental request, or to protect the rights, property, or safety of Lynkr, our customers, or the public.
• Successors in connection with a merger, acquisition, reorganization, financing, or sale of assets. We will use reasonable efforts to notify you if your information becomes subject to a materially different privacy policy as a result of such a transaction.

We retain personal information only as long as it is reasonably needed for the purposes for which it was collected, to comply with legal obligations (including tax, accounting, and contract recordkeeping), to resolve disputes, and to enforce our agreements.

Sales and contact-form data is retained for the duration of the commercial relationship and a reasonable follow-up period afterwards. Site analytics is retained in aggregated form and is not tied to individual identities. Customer system data processed on behalf of a customer is retained under that customer's agreement.

We use administrative, technical, and physical safeguards designed to protect personal information against loss, theft, and unauthorized access, use, or disclosure. Controls include encryption in transit, role-based access, least-privilege access to production systems, secrets management, and logging.

No system is perfectly secure. We cannot guarantee absolute security of information transmitted to or stored on our Services. You are responsible for keeping your own credentials and devices secure. See our Security Policy for more detail on our program.

Depending on where you live, you may have some or all of the following rights with respect to your personal information:

• Access — request a copy of the personal information we hold about you.
• Correction — ask us to correct information that is inaccurate or out of date.
• Deletion — ask us to delete your information, subject to legal or contractual retention obligations.
• Portability — receive your information in a machine-readable format, where applicable.
• Withdraw consent — withdraw previously given consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
• Object or restrict — object to or request restriction of certain processing.
• Complain — lodge a complaint with your local data protection authority (in Canada, the Office of the Privacy Commissioner at priv.gc.ca).

To exercise any of these rights, email privacy@lynkr.ca. We will verify your identity before acting on the request and will respond within the timelines required by applicable law.

Where Workbench processes your information on behalf of an organization that is our customer, please direct your request to that organization. We will support the customer's response as required under our agreement with them.

The Services are intended for adults acting on behalf of a business. We do not knowingly collect personal information from children under the age of 16. If you believe a child has provided us with personal information, please contact privacy@lynkr.ca and we will take reasonable steps to delete it.

Lynkr is based in Canada. Our service providers may store and process information in Canada, the United States, or other jurisdictions. Where required, we rely on contractual safeguards (including data-processing agreements and standard contractual clauses) to protect your information when it is transferred across borders.

We may update this policy from time to time. When we do, we will update the “Effective” date at the top of this page and, for material changes, provide more prominent notice (for example, by email or an in-product banner). Your continued use of the Services after an update constitutes acceptance of the revised policy.

Questions, requests, or concerns about this policy can be directed to:

Lynkr Inc.
Attn: Privacy
Toronto, Ontario, Canada
privacy@lynkr.ca