logo

Privacy Policy

Effective Date: January 5, 2026

About our Privacy Policy

At Sidelines, your personal privacy is very important to us, and so is being transparent about how we collect, use, and share the information we hold about you. This policy is intended to help you clearly understand:

  • Information we collect about you
  • How we use information we collect about you
  • How we share information we collect about you
  • How we store and secure information we collect
  • Retention of personal data
  • How we transfer information we collect internationally
  • How to access and control your personal data
  • Compliance with this Policy and data protection laws
  • Approval

Quick Links

  • UK / EU Addendum
  • Switzerland Addendum (CH Addendum)
  • California Addendum
  • U.S. Data Privacy Framework Notice

1. Overview

1.1 – This Policy describes how Sidelines may collect, use, share and otherwise process personal information collected (as controller of personal data), from a User to whom we provide Services.

1.2 – Sidelines offers a wide range of products and services. We refer to all these products and services, together with social media and other websites operated by us as "Services" for the purposes of this Policy.

1.3 – Sidelines' privacy practices vary amongst regions in which we operate to reflect regional legal requirements. Sidelines complies with applicable data protection laws in the jurisdictions in which it operates in its handling of personal data. If you are based in a territory which is subject to the EU/UK GDPR, please see the UK/EU addendum at the end of this Policy. If you are based in Switzerland, please see the CH Addendum at the end of this Policy. If you are based in the State of California, please see the California addendum at the end of this Policy.

1.4 – "Sidelines", "we" and "us" refers to Sidelines, a company based in Toronto, Ontario, Canada.

1.5 – "User", "you" and "your" refers to a user of our Services, including Sidelines' clients, their employees, contractors or other individuals nominated by Sidelines' clients.

2. Purpose and scope

2.1 – This Policy applies to Sidelines' Services, whether online or offline. The purpose of this Policy is to clearly describe:

  • What information or data we collect about a User
  • How we use the information we collect from a User
  • How we share information we collect from a User
  • How we store and secure the information we collect from a User
  • How a User can access and control the information we hold on a User

2.2 – As a User, you understand and agree that we collect, use, store, and disclose your personal data for the purposes of performance of a contract in accordance with this Policy.

3. Sidelines' commitment

3.1 – Sidelines is committed to respecting your privacy through appropriate protection and management of your personal information.

4. Information we collect about you

4.1 – In the course of providing Services, Sidelines may collect, use, store, and disclose personal data (any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion) about you.

4.2 – You may be asked to provide certain information when you use our Services, such as:

  • your name and contact details, including residential or business address, telephone number and email;
  • date of birth;
  • identification documentation including driver's license and other similar information including preferences;
  • payment data (corporate/personal credit cards) and bank information;
  • company details (if applicable);
  • login credentials, user IDs, employee IDs, IP addresses, device and connection information and other browsing information;
  • cookies data (with your consent, where cookies are non-essential).

4.3 – If you submit any personal data relating to another individual in connection with the Services (e.g. as a manager making arrangements for another individual), you represent and warrant that you have the authority to do so, have received consent from the individual and that you have informed the individual and the individual accepts Sidelines' use of the individual's personal data in accordance with this Policy.

5. How we use information we collect about you

5.1 – Sidelines' use of information we collect depends in part on which Services you use, how you use them, and any preferences communicated to us for the performance of contract. For example:

  • to provide the Services including personalization of your experience, authentication and verification for safety and security purposes, providing peripheral services, providing technology solutions and tailored features by analysing your activities to provide search results, notifications, and provide recommendations among others;
  • to communicate with you about the Services and provide support, and in addition we may direct market to you or your business where permitted under applicable laws, by text, phone, post, and/or email;
  • to promote and drive engagement with the Services including aggregated statistics for account analysis and business forecasting purposes, including communications aimed at driving engagement and maximising what you get out of the Services;
  • reporting on client's policy compliance and expenses;
  • management of client's spend and budget analysis;
  • quality assurance and training purposes;
  • protect our legitimate business interests and legal rights where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, including information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

6. How we share information we collect about you

6.1 – In connection with the Services, we may share your personal information to third parties listed below:

  • your employer or sponsor, with whom we have service agreements. We may share your information with them to allow them to manage their needs, meet their duty of care requirements, and assure compliance with their policies. At the request of your employer or sponsor, we may also share your information with their third-party service providers;
  • third party service providers necessary to deliver our Services;
  • third party technology providers for website and application development, hosting, maintenance, backup, storage, infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you;
  • subcontractors of Sidelines to provide support services. Such subcontractors may access your personal data but only for, on behalf of, and under the instructions of Sidelines, and are required to adhere to relevant Sidelines policies, procedures and processes and to comply with applicable data privacy laws;
  • safety and security service providers;
  • our third-party advisors, legal and compliance advisors, competent authorities, and auditors; and
  • card payment companies.

6.2 – In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request, to enforce our legal right and to protect the security or integrity of our Services or respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

7. How we store and secure information we collect

7.1 – Sidelines takes reasonable and appropriate measures to ensure and safeguard the confidentiality, integrity, and availability of data, including Personally Identifiable Information (PII). Sidelines' information security controls are based on the security controls and practices specified within ISO/IEC 27001.

7.2 – We conduct regular reviews of our data collection, storage, processing, and security measures to verify we are only collecting, storing, and processing personal data that is required to fulfill our contractual obligations to provide Services. While we make reasonable efforts to protect the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent illegal or unauthorised activity related to your personal data.

7.3 – Given Sidelines' operations, we use several locations for our data storage needs, based on legal and contractual requirements, including data residency.

7.4 – Sidelines stores PII on servers with certified cloud service providers, primarily in Canada and North America.

7.5 – For personal information collected in specific jurisdictions with data residency requirements, resident data is stored within those jurisdictions as required by law.

8. Retention of personal data

8.1 – Sidelines will retain your personal data for a period not exceeding that required for the purposes for which they were collected to provide Services and comply with legal obligations such as financial reporting and within limits prescribed by applicable regulations, and to preserve evidence for the management of disputes, claims or litigation.

9. How we transfer information we collect internationally

9.1 – Sidelines collects information globally, and depending on the Services offered, we may not always store that information within your country of residence. We may transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing the Services, including to countries that may not provide the same level of data protection as your home country.

9.2 – For intra-group transfers, Sidelines has in place an intra-group data sharing agreement, including EU Standard Contractual Clauses and UK Addendum where applicable.

9.3 – We will transfer your personal data in compliance with applicable data protection laws, including having adequate mechanisms in place to protect your personal data (e.g. DPF, Standard Contractual Clauses and appropriate approved Addendums within data protection agreements).

10. How to access and control your personal data

10.1 – To the extent required by applicable law, you have the ability to exercise various rights with regard to your personal data (e.g. access, correction, restriction, deletion, portability). However, if you choose not to provide certain details, your experience with some or all of our Services may be affected.

10.2 – We will handle such requests in accordance with applicable law, including in the time specified by applicable law, and where permitted by applicable law, may charge a reasonable administrative fee to cover the costs of responding to any such request. Where processing is based on consent, you have the right to withdraw consent at any time (where permitted by applicable law), without affecting the lawfulness of processing based on your consent before your withdrawal.

10.3 – If you wish to exercise any of your rights as described in this Policy, please contact your account manager or consultant in the first instance. Otherwise, please contact us at our contact address below.

10.4 – We will respond to any enquiries or complaints received as soon as practicable and in any case within the timeframe required under applicable data protection laws.

How to contact us

If you have any enquiries, comments or complaints about this privacy policy or our handling of your personal information, please contact us:

Contact Information:

Sidelines Global HQ
600 - 1 Queen Street East,
Toronto, OM M5C 2R9
Canada
Email: privacy@sidelineshq.com

11. Compliance with this Policy and data protection laws

11.1 – Sidelines is committed to complying with both this Policy and applicable data protection and privacy laws including but not limited to:

  • The European General Data Protection Regulation (GDPR);
  • The UK Data Protection Act 2018 (UK DPA);
  • The UK General Data Protection Regulation (UK GDPR);
  • The Privacy and Electronic Communications Regulations 2003;
  • The California Consumer Privacy Act (CCPA);
  • The Brazilian Law for the Protection of Personal Data (LGPD);
  • The Australian Privacy Act;
  • The New Zealand Privacy Act;
  • Other applicable regional and international data protection laws.

12. Approval

12.1 – This Policy has been approved by the Sidelines leadership team.

UK / EU Addendum

13. Purpose and scope

13.1 – If you are an individual based in the UK or EU, this UK/EU Addendum applies and supplements the information contained in this Policy.

13.2 – We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK GDPR. We are also subject to the EU GDPR in relation to goods and services we offer to individuals and our wider operations in the EU.

13.3 – Sidelines is a company incorporated in Canada and operating from Toronto, Ontario.

14. How and why we use your personal data

14.1 – Under data protection law, we can only use your personal data if we have a proper reason (also known as a lawful basis). These are usually:

  • where you have given consent;
  • to comply with our legal and regulatory obligations;
  • for the performance of a contract with you (or your company) or to take steps at your request before entering into a contract;
  • for our legitimate interests or those of a third party; or
  • to protect your vital interests.

14.2 – Where we process sensitive or special category personal data (such as any data which includes health information or reveals your race or ethnic origin, such as identification documents), we are also required to ensure we have the right to do so, which usually involves where:

  • we have your explicit consent;
  • the processing is necessary to protect your (or someone else's) vital interests where you are physically or legally incapable of giving consent; or
  • the processing is necessary to establish, exercise or defend legal claims.

15. Marketing

15.1 – We may use your personal data to send you updates (by email, text message, telephone or post) about our services, including exclusive offers, promotions or new products and services.

15.2 – We have a legitimate interest in using your personal data for marketing purposes. This means we do not usually need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.

15.3 – You do, however, have the right to opt out of receiving marketing communications at any time by:

  • contacting us at privacy@sidelineshq.com; and/or
  • using the 'unsubscribe' link in emails or 'STOP' in our messages, as applicable.

15.4 – We may ask you to confirm or update your marketing preferences if you ask us to provide further products and services in the future, or if there are changes in the law, regulation, or the structure of our business.

15.5 – We will always treat your personal data with the utmost respect and never sell it with other organizations outside the Sidelines group for marketing purposes.

16. Data sharing – additional information

16.1 – We or the third parties mentioned above occasionally also share personal data with:

  • our external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations;
  • our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
  • law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations;
  • other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.

17. How long your personal data will be kept

17.1 – We will not keep your personal data for longer than we need it for the purpose for which it is used. Different retention periods apply for different types of personal data. Following the end of the relevant retention period, we will delete or anonymise your personal data. We abide by internal retention and disposal guidelines. If you have any queries, please contact us using the details set out above.

18. Transferring your personal data out of the UK and EEA

18.1 – It is sometimes necessary for us to transfer your personal data to countries outside the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data.

18.2 – We will transfer your personal data to:

  • members of the Sidelines group located outside the UK/EEA; and
  • our service providers located outside the UK/EEA.

18.3 – We will also transfer your personal data between the UK and EEA.

18.4 – Under data protection laws, we can only transfer your personal data to a country outside the UK/EEA where:

  • the UK government has decided the particular country ensures an adequate level of protection of personal data;
  • in the case of transfers subject to EU data protection laws, the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an 'adequacy decision');
  • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or
  • a specific exception applies under relevant data protection law.

18.5 – In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer your personal data outside the UK/EEA unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this Policy.

19. Your rights

19.1 – You have the following rights, which you can generally exercise free of charge:

Access - The right to be provided with a copy of your personal data

Rectification - The right to require us to correct any mistakes in your personal data

Erasure (also known as the right to be forgotten) - The right to require us to delete your personal data in certain situations

Restriction of processing - The right to require us to restrict processing of your personal data in certain circumstances, e.g. if you contest the accuracy of the data

Data portability - The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party in certain situations

To object - The right to object at any time to your personal data being processed for direct marketing (including profiling); in certain other situations to our continued processing of your personal data

Not to be subject to automated individual decision making - The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

The right to withdraw consent - If you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time. Withdrawing consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn.

19.2 – If you would like to exercise any of those rights, please email us at privacy@sidelineshq.com with details of which right you would like to exercise. Please note that we reserve the right to ask for identification, for security and verification purposes, before dealing with a request.

20. Cookies

20.1 – We use cookies and similar technologies to optimise your experience. You can reject non-essential cookies using our consent management platform, and you are able to amend your settings at any time. To find out more about our use of cookies and similar technologies, please see our Cookie Policy.

21. How to contact us and/or complain

21.1 – Please contact us at privacy@sidelineshq.com if you have any queries or concerns about our use of your personal data. We hope we will be able to resolve any issues you may have.

21.2 – You may also have the right to lodge a complaint with the Information Commissioner (the UK data protection regulator) and/or the relevant supervisory authority in your jurisdiction. Please contact us if you would like further information on how to exercise your rights.

Switzerland Addendum (CH Addendum)

22. Purpose and scope

22.1 – If you are an individual based in Switzerland, this Switzerland Addendum applies and supplements the information contained in this Policy.

22.2 – We collect, use and are responsible for certain personal data about you. When we do so we are subject to the Swiss DPA. We are also subject to the EU GDPR in relation to goods and services we offer to individuals and our wider operations in the EU.

22.3 – Sidelines is a company incorporated in Canada and operating from Toronto, Ontario. We do not have separate operating entities in Switzerland.

22.4 – Sidelines, Toronto, Ontario, Canada (the "company") is the controller for Sidelines' processing under this CH Addendum, unless we tell you otherwise in an individual case, for example in additional privacy notices, on a form or in a contract.

22.5 – You may contact us for data protection concerns and to exercise your rights in Switzerland as follows:

Sidelines Global HQ
600 - 1 Queen Street East,
Toronto, OM M5C 2R9
Canada
Email: privacy@sidelineshq.com

23. How and why we use your personal data

23.1 – Under data protection law, we can only use your personal data if we have a proper reason (also known as a lawful basis). These are usually:

  • where you have given consent;
  • to comply with our legal and regulatory obligations;
  • for the performance of a contract with you (or your company) or to take steps at your request before entering into a contract;
  • for our legitimate interests or those of a third party; or
  • to protect your vital interests.

23.2 – Where we process sensitive or special category personal data (such as any data which includes health information or reveals your race or ethnic origin, such as identification documents), we are also required to ensure we have the right to do so, which usually involves where:

  • we have your explicit consent;
  • the processing is necessary to protect your (or someone else's) vital interests where you are physically or legally incapable of giving consent; or
  • the processing is necessary to establish, exercise or defend legal claims.

24. Marketing

24.1 – We may use your personal data to send you updates (by email, text message, telephone or post) about our services, including exclusive offers, promotions or new products and services.

24.2 – We have a legitimate interest in using your personal data for marketing purposes. This means we do not usually need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.

24.3 – You do, however, have the right to opt out of receiving marketing communications at any time by:

  • contacting us at privacy@sidelineshq.com; and/or
  • using the 'unsubscribe' link in emails or 'STOP' in our messages, as applicable.

24.4 – We may ask you to confirm or update your marketing preferences if you ask us to provide further products and services in the future, or if there are changes in the law, regulation, or the structure of our business.

24.5 – We will always treat your personal data with the utmost respect and never sell it with other organizations outside the Sidelines group for marketing purposes.

25. Data sharing – additional information

25.1 – We or the third parties mentioned above occasionally also share personal data with:

  • our external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations;
  • our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
  • law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations;
  • other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.

26. How long your personal data will be kept

26.1 – We will not keep your personal data for longer than we need it for the purpose for which it is used. Different retention periods apply for different types of personal data. Following the end of the relevant retention period, we will delete or anonymise your personal data. We abide by internal retention and disposal guidelines. If you have any queries, please contact us using the details set out above.

27. Transferring your personal data out of Switzerland

27.1 – As explained above, we disclose data to other parties. These are not all located in Switzerland. Your data may therefore be processed in various jurisdictions. The location of a service provider relevant to your personal information will depend on the services being provided.

27.2 – If a recipient is located in a country without adequate statutory data protection, we require the recipient to undertake to comply with data protection (for this purpose, we use the revised European Commission's standard contractual clauses) unless the recipient is subject to a legally accepted set of rules to ensure data protection and unless we cannot rely on an exception. An exception may apply for example in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if you have consented or if data has been made available generally by you and you have not objected against the processing.

28. Your rights

28.1 – You have the following rights, which you can generally exercise free of charge:

Access - The right to be provided with a copy of your personal data

Rectification - The right to require us to correct any mistakes in your personal data

Erasure (also known as the right to be forgotten) - The right to require us to delete your personal data in certain situations

Restriction of processing - The right to require us to restrict processing of your personal data in certain circumstances, e.g. if you contest the accuracy of the data

Data portability - The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party in certain situations

To object - The right to object at any time to your personal data being processed for direct marketing (including profiling); in certain other situations to our continued processing of your personal data

The right to withdraw consent - If you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time. Withdrawing consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn.

28.2 – If you would like to exercise any of those rights, please email us at privacy@sidelineshq.com with details of which right you would like to exercise. Please note that we reserve the right to ask for identification, for security and verification purposes, before dealing with a request.

29. Cookies

29.1 – We use cookies and similar technologies to optimise your experience. You can reject non-essential cookies using our consent management platform, and you are able to amend your settings at any time. To find out more about our use of cookies and similar technologies, please see our Cookie Policy.

29.2 – Most web browsers allow some control of most cookies through the browser settings. You can block cookies from any website through your browser settings. To find out more about cookies in general, including how to see what cookies have been set, visit aboutcookies.org or www.allaboutcookies.org.

30. Social Media

30.1 – We may operate pages and other online presences ("fan pages", "channels", "profiles", etc.) on social networks and other platforms operated by third parties and collect data about you. We receive this data from you and from the platforms when you interact with us through our online presence (for example when you communicate with us, comment on our content or visit our online presence). At the same time, the platforms analyze your use of our online presences and combine this data with other data they have about you (for example about your behavior and preferences). They also process this data for their own purposes, in particular for marketing and market research purposes (for example to personalize advertising) and to manage their platforms (for example what content they show you) and, to that end, they act as separate controllers.

31. How to contact us and/or complain

31.1 – Please contact us at privacy@sidelineshq.com if you have any queries or concerns about our use of your personal data. We hope we will be able to resolve any issues you may have.

31.2 – You may also have the right to lodge a complaint with the Swiss supervisory authority and/or the relevant supervisory authority in your jurisdiction.

31.3 – Please contact us if you would like further information on how to exercise your rights.

California Addendum

32. Purpose and scope

32.1 – This California Privacy Policy Addendum supplements the information contained in this Policy and applies solely to consumers who are residents of the State of California. We adopt this notice to comply with California privacy law. Terms used in this California Addendum, such as personal information, consumers, and service providers, have the same meaning as they are defined in applicable California privacy law.

33. Information We Collect and How We Use It

33.1 – In the course of providing our services, we may collect, use, store, and/or disclose personal information about you, some of which might be considered sensitive personal information under California privacy law.

33.2 – The chart below identifies the categories of personal information we may collect.

Identifiers - Full name, driver's license number, date of birth, login credentials, User IDs

Personal information - Contact details (including residential or business address, telephone number, email), payment data (corporate/personal credit cards)

Characteristics of protected classes - Age (40 years or older), race, citizenship, medical condition, physical or mental disability, sex

Commercial information - Bank information, preferences

Internet/electronic activity information - IP addresses, device and connection information, other browsing information, cookie data

Geolocation data - Physical location or movements

Professional or employment-related information - Company details, employee IDs

33.3 – For more details about the information we may collect, see Section 4 'Information We Collect About You' in this Policy. For more details about how we use information we collect about you, see Section 5 'How We Use Information We Collect About You' in this Policy.

34. Sidelines Does Not Sell or Share Under California Law

34.1 – In the preceding twelve (12) months, we have not "sold" or "shared", as those terms are defined by California privacy law, any personal information.

35. How We Use or Share Sensitive Personal Information

35.1 – Sidelines does not use or disclose sensitive personal information for purposes other than the limited purposes identified in Section 1798.121 and the regulations.

36. Personal Information of Minors

36.1 – We do not knowingly collect personal information from children under 16 years of age and we do not "sell" or "share," as those terms are defined under applicable California privacy law, the personal information of children under 16 years of age.

37. Retention of Personal Information

37.1 – We will retain your personal information, including sensitive personal information, for no longer than is reasonably necessary to fulfill the purpose(s) for which it was collected. In certain cases, it may be necessary for us to keep personal information for an extended period of time in order to comply with a legal obligation or for the establishment, exercise, or defense of a legal claim, in accordance with applicable law.

38. Your Rights

38.1 – Subject to certain exceptions, as a California resident, you may have the right to:

38.2 – Know and access. You may have the right to know certain information about our collection, use, and disclosure of your personal information for the 12 months preceding the date of your request. You may also have the right to request that we provide you with specific pieces of your personal information.

38.3 – Upon receipt of your request, and after we verify your identity, we may provide you with information about the following:

  • The categories of personal information we collected about you.
  • The categories of sources from which we have collected your personal information.
  • Our business or commercial purpose for collecting the personal information.
  • The categories of third parties to whom we disclose personal information.
  • The specific pieces of personal information we collected about you (data portability).

38.4 – Delete. You may have the right to request that we delete the personal information we have collected from you. Absent an exception or exemption, upon receipt of your request, and after we verify your identity, we will delete and will request that our service providers delete your personal information.

38.5 – Correct Inaccurate Information. You may have the right to request that we correct inaccurate personal information we maintain about you. Absent an exception or exemption, upon receipt of your request, and after we verify your identity, we will correct any such inaccuracies.

39. Exercising Your Rights

39.1 – If you are a California resident and would like to submit a request, you may:

  • Email us at privacy@sidelineshq.com.

39.2 – Only you or a person you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To authorize another person to make a verifiable request on your behalf, you must provide that person with written permission clearly describing their authority to make a request on your behalf. That individual must also be able to verify their identity with us and provide us with their authority to act on your behalf.

39.3 – In order to verify your identity, we will collect your:

  • Name
  • Company
  • Email
  • Phone Number

39.4 – We will use this information to verify your identity using reasonable methods in order to process your rights request. These methods may include matching information you provided to us with information already maintained by us or through the use of a third-party identity verification service.

39.5 – We will use the information you provide to verify your identity and to respond to your rights request and for no other purpose.

39.6 – We cannot respond to your request or provide you with personal information if we are not able to verify your identity or authority to make the request or confirm the personal information relates to you.

39.7 – You are not required to have an account with us to make a verifiable request.

40. Right to Not Receive Discriminatory Treatment

We will not discriminate against you for exercising any of your CCPA rights, which means we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

41. Contact Information

41.1 – If you have any questions or concerns about this California Addendum, please contact us at privacy@sidelineshq.com.

U.S. Data Privacy Framework Notice

42. Scope and purpose

42.1 – Sidelines complies with applicable data privacy frameworks. If there is any conflict between the terms in this Policy and data privacy framework principles, the framework principles shall govern.

42.2 – We are responsible for the processing of information about you we receive and onward transfers to a third party acting as an agent on our behalf. We comply with applicable framework principles for such onward transfers.

42.3 – Individuals with inquiries or complaints regarding our handling of personal data should first contact Sidelines at:

Privacy Officer
Sidelines Global HQ
600 - 1 Queen Street East,
Toronto, OM M5C 2R9
Canada
Email: privacy@sidelineshq.com

42.4 – Sidelines commits to cooperate and comply, as appropriate, with the advice of relevant data protection authorities with regard to unresolved complaints concerning our handling of personal data.

42.5 – Sidelines' commitments are subject to the investigatory and enforcement powers of relevant regulatory authorities.

42.6 – Sidelines commits to refer unresolved complaints to appropriate alternative dispute resolution providers. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the relevant dispute resolution service.

42.7 – Under certain conditions, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration.

© 2026 Sidelines

Last Updated: January 5, 2026

For questions about this Privacy Policy, please contact: privacy@sidelineshq.com