Privacy Policy

At ITC, we are committed to providing our customers with exceptional service. As providing this service involves the collection and storage of our customers’ and their clients’ social media and/or SMS interactions, protecting their personal information is one of our highest priorities.

ITC complies with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). We inform our customers of why and how we collect and use their social media and SMS interactions, obtain their consent where required, and collect, use or disclose personal information only for purposes that a reasonable person would consider appropriate under the circumstances.


  • “Personal information” means information about an identifiable individual (name, e-mail address, and other associated non-public information), but does not include the name, title or business address or telephone number of an employee of an organization.
  • “Private information” means information that is gathered in the context of an interaction with an individual via social or SMS channels that are private. In the case of Twitter, this includes Direct Messages (DMs). For Facebook, this includes Private Messages (PMs). All SMS interactions are considered private.
  • “Anonymous Information” refers to information that does not permit the identification of individual persons.
  • “Customer” refers to a customer of ITC; more specifically, an organization that pays for ITC services.
  • “Client” refers to a person who is engaging or has engaged with an ITC customer.Enter your text here...

Adherence to PIPEDA’s 10 Principles

ITC follows the 10 principles outlined in Schedule 1 of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA):

  1. Accountability​
  2. Identifying Purposes​
  3. Consent​
  4. Limiting collection​
  5. Limiting, use, disclosure, and retention
  6. Accuracy
  7. Safeguards
  8. Openness
  9. Individual access
  10. Challenging compliance.


ITC has rigorously documented our policies and procedures concerning the protection of personal information. These policies and procedures were created based on current legislation, industry best practices, and our customers’ need for information security. ITC appoints both a Privacy Officer and a Security Officer to ensure compliance with laws, best practices, and internal policies and procedures concerning the protection of personal information.

Additionally, ITC employees undergo training to ensure adherence to best practices when handling private communications. Our employees are also subject to non-disclosure agreements to ensure the protection of personal information.

Identifying Purposes

The ITC Enterprise Portal allows our Customers to interact with their clients via social media and SMS channels. Interactions between Customer and Client that are either Direct Messages (Twitter), Private Messages (Facebook) or any SMS interaction are considered private to the ITC customer and will not be reported, released or reproduced except in the process of supporting that customer’s engagement and reporting requirements.

We will only collect customer information that is necessary to fulfill the following purpose: To facilitate conversations between our customers and their clients.


Consent to collect customer/client conversation information is implicit in the contract between ITC and our customers. At no time will private interactions be displayed, exported or released to parties other than the customer or their agents.

Consent for access to the customer’s social channels (Facebook, Twitter) is required to engage with clients through direct (Twitter) or private (Facebook) messages. The authorization for Twitter/Facebook messaging is managed within the ITC Enterprise Portal, but at no time is the password saved inside the infrastructure.

Customers may revoke their consent at any time. Thirty days from the end of the contract, it is assumed that the customer consent has been revoked and any authorization tokens will be removed from the ITC Enterprise Portal.

We will only use or disclose customer/client interaction information where necessary to fulfill the purposes of customer/client engagements. Only customers will have visibility of direct/private interaction information between customer and client.

We will not use or disclose personal or private information for any additional purpose unless we obtain consent to do so.

We will not sell customer lists or private information to other parties.

Limiting Collection

ITC limits its collection of personal data to what is necessary for the purpose for which it was collected.

Limiting Use, Disclosure, and Retention

Limiting Use

ITC customers’ personal information is only used for the purpose for which it was collected.

It is necessary for ITC employees to have access to the Customer Portals to provide support and to ensure service-level agreements (SLAs) are being met. However, to limit the exposure of customer data the following access guidelines are in place:

  • ITC only grants customer portal access to a restricted number of employees who are responsible for support and for fulfilling SLAs.
  • Support personnel with access to the customer portal will never post on the customer’s behalf.

Limiting Disclosure

ITC does not disclose customers’ information without their consent, except as required by law or for safety purposes.

ITC employees are also subject to a non-disclosure agreement to ensure the protection of personal information.

Limiting retention

We will retain customer private interaction information only as long as necessary to fulfill the identified purposes or a legal or business purpose. All personal information is disposed of in a secure manner.

ITC offers its customers appropriate means for destroying personal information, including “redaction” capabilities so that customers can erase sensitive information.


ITC will make reasonable efforts to ensure that customers’ private interaction information is accurate and complete.

All customer/client interactions via social media or SMS channels will follow the customer’s respective guidelines for delivering interaction information between customer and client.

ITC does not disclose personal information to third parties without first obtaining consent. When disclosing personal information, we will ensure that the information is accurate and current.


We are committed to ensuring the security of our customers’ private interaction information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks.

These safeguards are documented in our Account Management Policy and Procedures and Application Security Policy. The former regulates access to ITC technological resources and the latter regulates access to ITC applications (the ITC portals). The Security Officer is responsible for ensuring compliance to these policies.

ITC will continually review and update our security policies and controls as technology changes to ensure ongoing information security.


ITC is committed to informing our customers and their clients about our policies and practices concerning personal information management. For more information, please contact our Privacy Officer or Security Officer.

Individual Access

Customers have the right to access their private interactions, subject to the terms of their contract with ITC. To access personal information, please contact our Privacy Officer.

Customers’ private interaction information will be retained for at least one year so that the customer has a reasonable opportunity to request access to it. Our customers in Mexico will have access for two years, in accordance with their Ley Federal de Telecomunicaciones (LFTR)(2014).

ITC offers its customers “redaction” capabilities, allowing them to erase sensitive information. In the event of redaction, once confirmed, the redacted information will not be available anywhere in the ITC Enterprise portal, nor will it be recoverable.

ITC customers are responsible for ensuring their agents’ adherence to privacy and personal information protection laws.

Challenging compliance

ITC takes our customers’ complaints seriously and is committed to fulfilling our responsibilities concerning the documentation, investigation, and resolution of issues concerning personal information protection. For more information about lodging a complaint, please contact our Privacy Officer.

Short Code Privacy Policy

User Consent

By accessing or otherwise using ITC for SMS messaging, you agree to the terms and conditions of this Privacy Policy and the associated Short Code Terms of Service (appended to this document), you expressly consent to the processing of your personal information and anonymous information according to this Privacy Policy. Your personal information may be processed by ITC according to Canadian regulation, which may be less stringent than the laws in your country.

Regarding Children

Children under the age of 13 are not permitted to use ITC SMS services and we do not intentionally collect or maintain personal information from those under 13 years old. Protecting the privacy of children is very important to us. Thus, if we obtain actual knowledge that a user is under 13, we will take steps to remove that user’s personal information from our databases. We recommend that children between the ages of 13 and 18 obtain their parent’s permission before submitting information through SMS services. By using ITC SMS messaging services, you are representing that you are at least 18 years old, or that you are at least 13 years old and have your parents’ permission to send texts to the ITC short code.

Collection and use of information

personal information

In general, we collect any information that you submit to us voluntarily through ITC SMS messaging services. As we make it our mission to protect your personal information, this information is never shared with third parties and is never used for marketing purposes. Our treatment of the information complies with the standards of Canada’s PIPEDA legislation.

personal information from other sources

We do not receive personal information about you from other sources.

email and email addresses

If you send an e-mail to us, we will collect your e-mail address and the full content of your e-mail, including attached files and any other information you provide. We will not use your e-mail address to contact you for marketing purposes and we will never share your e-mail with third parties.

Information collected via technology

ITC does not collect information about you via other technologies, i.e. cookies, IP Address tracking, web beacons, and navigational data, such as Uniform Resource Locators (URL); nor do we allow third parties to collect information about you via the previously mentioned technologies.

use and disclosure of information

ITC does not sell, trade, rent, or share the personal information that we collect, unless you ask or authorize us to do so. When you send your information by SMS to a company that uses ITC SMS messaging platform, that company may collect your information according to its corporate policy and according to relevant legislation. ITC does not use or disclose this information, unless required to by law or for the purpose of safety.

The ability of others to view your information

Helping you to protect your information is a vital part of our mission. It is up to you to make sure you are comfortable with the information you choose to provide through ITC. SMS is a private mode of communication and ITC will not disclose your communications, unless required to by law or for the purpose of safety. Because SMS is not a completely secure channel, please avoid sending sensitive information by text message. This includes credit card numbers, social insurance/security numbers, and other sensitive data. While agents using ITC services have the ability to permanently delete sensitive information that enters the ITC system, note that this information will still be saved in your phone and should be deleted for security and privacy purposes.

Third party sites and advertising

ITC does not provide links to third-party sites. Companies using the ITC platform (our customers) may provide links to third-party sites. Please be aware that we are not responsible for the privacy practices or the content of such other websites. We encourage users to read the privacy statements of each and every website they visit.

Your choices regarding your personal information

When receiving SMS messages through ITC, you will have the opportunity to “opt-out” by texting STOP  to 898482. After texting STOP, you will be unsubscribed from this service. At ITC we follow Canada’s anti-spam legislation (CASL) and only send e-mails to people with whom we have a pre-existing relationship (implicit or explicit). All mass e-mails include an unsubscribe link. ITC is not responsible for e-mails sent by our customers.

As we do not use your personal information, we do not store it in a database where it can be changed or updated. If you are dealing with a company that uses ITC services, you may ask that company’s agents to change or delete your information from their database.


If you provide feedback to us, we may use and disclose such feedback for any purpose, provided we do not associate such feedback with your personal information. We will collect any information contained in such feedback and will treat the personal information in it in accordance with this Privacy Policy. You agree that any such comments and any e-mail we receive becomes our property. We may use feedback for marketing purposes or to add to or modify our services without paying any royalties or other compensation to you.


We are committed to protecting the security of your personal information. We use a variety of industry-standard security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. Even though we have taken significant steps to protect your personal information, no company, including us, can fully eliminate security risks associated with personal information.


We are committed to protecting the security of your personal information. We use a variety of industry-standard security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. Even though we have taken significant steps to protect your personal information, no company, including us, can fully eliminate security risks associated with personal information.


For more information, please contact:

appendix i: short code terms of service

When you opt-in to the service, we will send you an SMS message to confirm your signup.

You can cancel the SMS service at any time. Just text “STOP” to 898482. After you send the SMS message “STOP” to us, we will send you an SMS message to confirm that you have been unsubscribed. After this, you will no longer receive SMS messages from us.If you want to join again, just sign up as you did the first time and we will start sending SMS messages to you again.

If at any time you forget what keywords are supported, just text “HELP” to 898482. After you send the SMS message “HELP” to us, we will respond with instructions on how to use our service as well as how to unsubscribe.

We are also able to deliver messages to the following US mobile phone carriers: Major carriers: AT&T, Verizon Wireless, Sprint, T-Mobile, U.S. Cellular, Alltel, Boost Mobile, Nextel, and Virgin Mobile. Minor carriers: Alaska Communications Systems (ACS), Appalachian Wireless (EKN), Bluegrass Cellular, Cellular One of East Central IL (ECIT), Cellular One of Northeast Pennsylvania, Cincinnati Bell Wireless, Cricket, Coral Wireless (Mobi PCS), COX, Cross, Element Mobile (Flat Wireless), Epic Touch (Elkhart Telephone), GCI, Golden State, Hawkeye (Chat Mobility), Hawkeye (NW Missouri), Illinois Valley Cellular, Inland Cellular, iWireless (Iowa Wireless), Keystone Wireless (Immix Wireless/PC Man), Mosaic (Consolidated or CTC Telecom), Nex-Tech Wireless, NTelos, Panhandle Communications, Pioneer, Plateau (Texas RSA 3 Ltd), Revol, RINA, Simmetry (TMP Corporation), Thumb Cellular, Union Wireless, United Wireless, Viaero Wireless, and West Central (WCC or 5 Star Wireless).We are able to deliver messages to all major Canadian mobile phone carriers and most minor carriers.

As always, message and data rates may apply for any messages sent to you from us and to us from you. You will receive 1-3 messages per user request. If you have any questions about your text plan or data plan, it is best to contact your wireless provider.For all questions about the services provided by this short code, you can send an e-mail to:

If you have any questions regarding privacy, please read our Privacy Policy (see above).

Simply click to learn more about how ITC's Digital Desktop can work for you.

© In The Chat. All Rights Reserved
Waterloo: 609 Kumpf Drive, Waterloo, ON  |  519.954.8591

Toronto: 33 Bloor St East, Toronto