Privacy policy

Last updated: April 20, 2026

EuroTech Electronics ("we", "us", "our") operates the website eurotechelectronics.com and the Shopify storefront (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Service or purchase our products.

We are committed to protecting your personal information in compliance with:

The Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada
The Act respecting the protection of personal information in the private sector (Loi 25) of Quebec
The General Data Protection Regulation (GDPR / Regulation EU 2016/679) for residents of the European Economic Area (EEA), United Kingdom, and Switzerland (see Section 13 for EEA-specific provisions)

1. Person responsible for the protection of personal information

In accordance with Section 3.1 of Quebec's Loi 25, our designated person responsible for the protection of personal information is:

EuroTech Electronics — Privacy Officer 11570 4e Avenue, Montreal, QC, Canada Email: info@eurotechelectronics.com Phone: 514-667-4756

2. What information we collect

2.1 Information you provide directly

When you interact with our Service, we may collect:

Identity information — name, shipping and billing address, phone number, email
Order information — products purchased, quantities, prices, order history
Payment information — payment method details (processed securely by Shopify Payments / Stripe; we do not store credit card numbers on our servers)
Account information — username, password (encrypted), purchase history
Communications — messages you send us via contact forms, email, or chat widgets
Machine compatibility data — brand, model, and year of your vehicle/tractor/equipment when using our fitment finder or product search features

2.2 Information collected automatically

When you browse our Service, we automatically collect:

Device information — IP address, browser type and version, operating system, device identifiers
Usage data — pages viewed, time on site, clickstream, referring URL, search queries
Cookies and similar technologies — see Section 6 below

3. Why we collect this information (purposes)

We use your personal information for the following purposes only:

Processing and fulfilling orders — payment, shipping, invoicing, post-sale support
Customer service — responding to inquiries, handling warranty claims, providing technical installation assistance
Account management — creating and maintaining your customer account
Communications — sending order confirmations, shipping updates, product-related notices, and (with your consent) marketing communications
Service improvement — analyzing usage patterns to improve our website, products, and services
Legal compliance — meeting our legal, accounting, tax, and regulatory obligations
Fraud prevention — detecting and preventing fraudulent transactions

We do not use your information for any purpose not listed here without first obtaining your specific consent.

4. Legal basis for collection

We collect and use your information based on:

Your consent — for marketing communications and non-essential cookies
Performance of contract — to fulfill orders you place
Legitimate interests — to improve our service, prevent fraud, and ensure security
Legal obligations — for tax, accounting, and regulatory requirements

5. Who has access to your information

5.1 Internal

Access is limited to EuroTech Electronics employees and contractors on a need-to-know basis, bound by confidentiality obligations.

5.2 Third-party service providers (subprocessors)

We share limited information with the following service providers, all of whom are contractually bound by a Data Processing Agreement (DPA) to protect your data:

Provider	Purpose	Data location	DPA
Shopify Inc.	E-commerce platform, checkout, hosting	Canada, USA	shopify.com/legal/dpa
Shopify Payments / Stripe	Card payment processing	Canada, USA, Ireland	stripe.com/legal/dpa
PayPal	Payment processing	USA, EU	paypal.com/legalhub
Canada Post / UPS / FedEx / Purolator	Shipping and delivery	Canada, USA	Carrier-specific
Google Analytics 4	Web analytics (IP anonymized)	EU, USA	business.safety.google
Microsoft Clarity	Session replay (anonymized)	EU, USA	microsoft.com/legal
Google Search Console	Search performance monitoring	EU, USA	business.safety.google

For EU/EEA visitors, transfers to the United States rely on Standard Contractual Clauses (SCCs) approved by the European Commission and supplementary measures where required.

5.3 International transfers

Some of our service providers (notably Shopify, Google) operate servers in the United States or elsewhere outside Quebec and Canada. When your personal information is transferred outside Quebec, we ensure that the transfer is subject to an assessment of the privacy risks involved, as required by Loi 25. We rely on contractual safeguards and, where applicable, data processing agreements that provide adequate protection.

5.4 Legal disclosure

We may disclose your information when required by law, court order, or to protect our rights, your safety, or the safety of others.

6. Cookies and tracking technologies

Our Service uses cookies and similar technologies to function properly and to improve your experience.

6.1 Essential cookies

Required for the site to function (cart persistence, login, security). These cannot be disabled.

6.2 Analytics cookies

Help us understand how visitors use our site (Google Analytics, Microsoft Clarity). We use anonymized IP addresses where available.

6.3 Marketing cookies

Used to measure the effectiveness of our ads and to retarget visitors (Facebook Pixel, Google Ads, if applicable). These require your consent.

You can manage your cookie preferences via the cookie banner displayed on your first visit or at any time by clearing your browser cookies.

7. How long we keep your information

We retain personal information only as long as necessary to fulfill the purpose it was collected for, or as required by law:

Account information — as long as your account is active, plus 3 years after closure
Order and transaction records — 7 years, to comply with Canadian tax and accounting legislation
Marketing communication preferences — until you unsubscribe, plus a reasonable reconciliation period
Website logs and analytics data — 26 months (Google Analytics default)
Customer service correspondence — 3 years

After these periods, we anonymize or securely delete your personal information.

8. Your rights

Under Quebec's Loi 25 and Canada's PIPEDA, you have the right to:

Access — request a copy of the personal information we hold about you
Rectification — request correction of inaccurate or incomplete information
Deletion — request deletion of your personal information (subject to legal retention obligations)
Portability — request your data in a commonly used, machine-readable format (Loi 25, effective September 2024)
Withdraw consent — for any processing based on your consent
Object — to processing for direct marketing purposes
Complaint — file a complaint with the Commission d'accès à l'information du Québec (CAI) or the Office of the Privacy Commissioner of Canada (OPC)

To exercise any of these rights, contact our Privacy Officer at info@eurotechelectronics.com. We will respond within 30 days as required by law.

9. Security measures

We implement reasonable administrative, technical, and physical safeguards to protect your personal information:

HTTPS encryption in transit (TLS 1.2+)
Encryption at rest for sensitive data
Access controls and authentication on all internal systems
Regular security audits
Shopify's PCI-DSS certified payment infrastructure
Employee confidentiality obligations

In the event of a confidentiality incident (data breach) that presents a risk of serious injury, we will notify the CAI and affected individuals as required by Loi 25.

10. Children

Our Service is not intended for individuals under 18. We do not knowingly collect information from minors. If we become aware of such collection, we will promptly delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes will be communicated via email or a prominent notice on our website.

12. Contact us

For any questions, requests, or complaints regarding this Privacy Policy or our data practices:

EuroTech Electronics 11570 4e Avenue, Montreal, QC, Canada Email: info@eurotechelectronics.com Phone: 514-667-4756

If you are not satisfied with our response, you may contact:

Commission d'accès à l'information du Québec (CAI) Website: cai.gouv.qc.ca Phone: 1 888 528-7741

Office of the Privacy Commissioner of Canada Website: priv.gc.ca Phone: 1 800 282-1376

13. Additional rights for EU/EEA, UK, and Swiss residents (GDPR)

If you reside in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent local laws grant you additional rights and protections.

13.1 Legal bases for processing (GDPR Art. 6)

We process your personal data under one of the following legal bases:

Performance of a contract (Art. 6(1)(b)) — to fulfill orders and provide customer service
Legal obligation (Art. 6(1)(c)) — tax, accounting, anti-fraud
Legitimate interests (Art. 6(1)(f)) — site security, fraud prevention, service improvement (always balanced against your rights)
Consent (Art. 6(1)(a)) — marketing communications and non-essential cookies (withdrawable at any time)

13.2 Your GDPR rights

In addition to the rights listed in Section 8, you have the right to:

Access your personal data and obtain a copy (Art. 15)
Rectify inaccurate data (Art. 16)
Erase your data under specific circumstances ("right to be forgotten", Art. 17)
Restrict processing (Art. 18)
Data portability in a structured, commonly used format (Art. 20)
Object to processing based on legitimate interests, including profiling (Art. 21)
Lodge a complaint with your local supervisory authority

To exercise these rights, contact us at info@eurotechelectronics.com. We will respond within one (1) month as required by GDPR.

13.3 International data transfers

Some of our subprocessors (Section 5.2) are located outside the EEA, notably in Canada and the United States. Canada is recognized by the European Commission as providing an adequate level of protection (Adequacy Decision of 20 December 2001). For transfers to the United States, we rely on:

Standard Contractual Clauses (SCCs) approved by the European Commission
EU-US Data Privacy Framework where applicable
Supplementary technical and organizational measures

13.4 EU Representative (Art. 27 GDPR)

EuroTech Electronics is established in Canada and does not maintain a physical presence in the European Union. Given our limited business activity with EU residents (occasional B2B transactions for vehicle parts), we currently rely on our designated Privacy Officer in Canada (see Section 1) as the primary point of contact for data protection matters.

EU/EEA residents may contact us directly at info@eurotechelectronics.com for any data protection inquiry. If a formal EU Representative becomes legally required due to increased volume of EU-resident processing, we will update this policy accordingly.

13.5 Supervisory authorities for EU/EEA, UK, and Switzerland

If you are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority. Some examples:

France — Commission Nationale de l'Informatique et des Libertés (CNIL), cnil.fr
Germany — Bundesbeauftragte für den Datenschutz (BfDI), bfdi.bund.de
United Kingdom — Information Commissioner's Office (ICO), ico.org.uk
Switzerland — Préposé Fédéral à la Protection des Données et à la Transparence (PFPDT), edoeb.admin.ch
Other EU countries — edpb.europa.eu/about-edpb/board/members_en

13.6 Automated decision-making

We do not engage in automated decision-making or profiling that produces legal effects on EU/EEA residents (Art. 22 GDPR).

13.7 Data Protection Impact Assessment (DPIA)

We perform a Data Protection Impact Assessment for any processing activity that may pose a high risk to the rights and freedoms of EU/EEA residents, as required by Art. 35 GDPR.