Xendrioxz DIY

Privacy Policy

This Privacy Policy explains how Xendrioxz Home Projects Inc. (“Xendrioxz DIY”, “we”, “us”, or “our”) collects, uses, discloses, and safeguards information when you use our website dedicated to DIY home improvement and repair ideas. We operate transparently and align with Google Ads and Meta Ads policies. If you have questions, contact us at [email protected] or visit our Contact page.

Legal entity and contact: Xendrioxz Home Projects Inc., 100 King Street West, Toronto, ON M5X 1C9, Canada. Phone: +1 (416) 862-8138. Email: [email protected].
View Cookie Policy

1. Cookie Categories

We use cookies and similar technologies to operate our website and improve user experience. Cookies are small files placed on your device that store settings and identifiers. We divide cookies into exactly three categories, each with a clear purpose and retention schedule. Essential cookies are set automatically because they are necessary for the site to function. Analytics and Marketing cookies require your consent and are only activated after you click “Accept All” or enable them through the preferences panel.

1.1 Essential Cookies

Purpose: core site functionality, security, and session management. These allow pages to load, help protect against fraud, and remember your cookie choices. Examples: session_id, csrf_token, cookie_consent_status. Consent required: NO — Essential cookies are always active. Retention: for the session or up to 12 months to store consent and preference data.

1.2 Analytics Cookies

Purpose: to measure traffic and understand how visitors use our content so we can improve performance and usability. Tools: Google Analytics 4 (GA4). Examples: _ga, _ga_XXXXXXX, _gid, _gat. Consent required: YES — activated only after you accept. Retention: up to 14 months as configured within GA4.

1.3 Marketing / Advertising Cookies

Purpose: to deliver personalized advertising, perform remarketing, and measure conversions from ads. These cookies help us show relevant ads across platforms and understand which campaigns are effective. Consent required: YES — activated only after you accept. Retention: up to 540 days, in line with Google Ads defaults.

2. Marketing Cookies — Mandatory Disclosures

To be clear and specific about how marketing technologies work on this website, the following statements apply in full:

  • Third-party ad serving: “Third-party vendors, including Google, use cookies to serve ads based on a user's previous visits to this website and other sites on the internet.”
  • Advertising partners: “We may work with advertising partners such as Google and Meta to deliver advertisements tailored to your interests across various websites and platforms.”
  • Remarketing: “We may use remarketing services to advertise to previous visitors of our website. After visiting our site, you may see our ads on other websites, apps, or platforms you visit.”
  • YouTube and Display Network: “Advertisements may appear across Google services including YouTube, Gmail, and the Google Display Network.”
  • Tracking technologies — list ALL that apply: “We use the following tracking technologies on this website: - Cookies (first-party and third-party) - Tracking pixels (Google Ads tag / gtag.js, Meta Pixel) - Device identifiers (browser fingerprint, IP address) - Conversion event tags”
  • Advertising measurement: “We use conversion tracking to understand which advertisements lead to actions on our website — such as form submissions, calls, or purchases. This allows us to measure campaign effectiveness and allocate budget appropriately. Conversion data may be shared with Google Ads and Meta.”
  • Technologies in use — list explicitly: “Advertising and analytics technologies active on this site: - Google Ads (gtag.js / Google Tag Manager) - Google Analytics 4 - Google Remarketing Tag - Meta Pixel (Facebook / Instagram)”
  • Opt-out from personalized advertising: “You may opt out of personalized advertising at any time: - Google Ads Settings: https://adssettings.google.com - Your Online Choices (EU): https://www.youronlinechoices.eu - Network Advertising Initiative: https://optout.networkadvertising.org - Digital Advertising Alliance: https://optout.aboutads.info Opting out does not remove ads entirely — you will continue to see non-personalized advertisements.”
  • Cookie preference management: Use the button labeled “Manage cookie preferences” on this page or in the footer to open the consent panel and adjust Analytics and Marketing toggles at any time.

3. Consent Requirements

Our consent system presents a banner with three options: “Accept All”, “Reject Non-Essential”, and “Manage Preferences”. Analytics and Marketing cookies remain inactive until you opt in. Your choice is stored in localStorage for 12 months and can be changed at any time via the preferences panel. The banner links to this Privacy Policy, and is dismissible without accepting. Essential cookies remain active regardless, as they are necessary for security and core functionality.

Consent statement: “By clicking ‘Accept All Cookies’, you consent to the storing of cookies on your device for analytics and advertising purposes, including personalized advertising delivered by Google and Meta. You may withdraw consent at any time through the cookie preferences panel without affecting the lawfulness of processing that occurred before withdrawal.”

EEA / UK users: “Users in the European Economic Area and the United Kingdom receive this consent notice in compliance with the General Data Protection Regulation (GDPR) and UK GDPR. Marketing and analytics cookies are activated solely after explicit, informed, freely given consent under GDPR Article 6(1)(a). Consent is recorded with a timestamp and may be audited upon request.”

Withdrawal of consent: “You may withdraw consent at any time by clicking ‘Manage cookie preferences’ in the website footer, or by clearing cookies via your browser settings. Withdrawal does not affect processing that occurred while consent was valid.”

4. Data Sharing with Advertising Partners

We share certain data with advertising partners for campaign delivery and measurement. Recipients and the data categories shared include:

  • Google LLC: cookie identifiers, conversion events, anonymized behavioral data, remarketing lists. Governed by Google’s Privacy Policy: https://policies.google.com/privacy
  • Meta Platforms, Inc.: pixel events, conversion data, custom audiences. Governed by Meta’s Data Policy: https://www.facebook.com/privacy/policy

We do not sell personal data. All transfers to Google and Meta operate under Standard Contractual Clauses where applicable. Data is processed for ad targeting and campaign measurement only, and not resold to unaffiliated third parties. Google and Meta may use this data across their own platforms in accordance with their respective policies. We encourage users to review those policies directly.

5. Lead Forms and Contact Requests

When you submit a contact form or send us an email, we collect the information you provide. This typically includes your full name, email address, phone number, and the content of your message. Legal basis: consent (GDPR Art. 6.1.a) and, where a service relationship exists, performance of a contract (GDPR Art. 6.1.b). Retention: form submission data is retained for up to 2 years from the date of submission, unless a longer period is required by applicable law. You may request deletion of your data at any time by contacting us at [email protected]. A link to this Privacy Policy appears adjacent to every submission button on this site. Submitting a form constitutes acknowledgment of this policy.

6. Google Services and Advertising

This website uses the following Google services:

  • Google Analytics 4: collects anonymized usage data, device info, and behavioral signals. IP anonymization is enabled. Data retention is set to 14 months. Users may opt out via the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout
  • Google Ads Conversion Tracking: records when a user completes a defined action after clicking one of our ads. This data is used solely for measuring ad campaign performance.
  • Google Remarketing: allows us to show ads to previous visitors across Google’s network. Remarketing lists are not created from sensitive data categories.
  • Google Tag Manager: deploys tracking tags on our behalf. No personal data is collected by GTM itself; it acts as a container for the tags listed above.

Google’s advertising products are governed by: https://policies.google.com/technologies/ads

7. Meta Advertising Services

This website uses the Meta Pixel to measure the effectiveness of our advertising on Facebook and Instagram. The pixel may record page views, time on site, specific conversion events (such as form submissions), and custom audience membership for retargeting purposes. We do not use the Meta Pixel to collect sensitive personal data or to target users based on special-category attributes prohibited under Meta’s policies. Meta acts as an independent data controller for data collected via its Pixel and processed within its own platform. Refer to Meta’s Data Policy: https://www.facebook.com/privacy/policy. To manage your ad preferences on Meta platforms, visit: https://www.facebook.com/adpreferences/

8. Prohibited Content Self-Declaration

This website does not promote, sell, or facilitate access to prohibited product or service categories including but not limited to: weapons, controlled substances, counterfeit goods, gambling services (unlicensed), adult content, or services that make misleading health or financial claims. All advertising conducted through Google Ads and Meta Ads complies with the respective platform policies in full.

9. Landing Page Integrity Statement

The content of this website accurately represents the topics and services advertised. No bait-and-switch practices are employed. The experience delivered to users arriving from paid advertisements is identical to the experience for all other visitors. Cloaking, automatic redirects, and content variation by traffic source are not used on this website.

10. Children’s Privacy

This website is not directed at individuals under the age of 16. We do not knowingly collect personal data from minors. If we discover that data has been collected from a person under 16 without verifiable parental consent, we will delete it promptly. Contact us at [email protected] if you believe we have received data from a minor.

11. International Data Transfers

Personal data collected through this website may be transferred to and processed in countries outside of Canada and the European Economic Area, including the United States, where Google LLC and Meta Platforms, Inc. are based. These transfers are conducted under Standard Contractual Clauses (SCCs) approved by the European Commission, which provide appropriate safeguards for personal data. A copy of the applicable SCCs can be requested by contacting us directly.

12. User Rights (GDPR Articles 15–22)

If you are located in the EEA or UK, you have the following rights: Access (Art. 15) to request a copy of data we hold about you; Rectification (Art. 16) to correct inaccurate or incomplete data; Erasure (Art. 17) to request deletion; Restriction (Art. 18) to limit how we process your data; Portability (Art. 20) to receive your data in a structured, machine-readable format; Objection (Art. 21) to processing based on legitimate interest; and the right to Withdraw consent (Art. 7.3) at any time without penalty. To exercise any right, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority: EU users: https://edpb.europa.eu; UK users: https://ico.org.uk.

13. What Data We Collect

  • Full name
  • Email address
  • Phone number
  • IP address
  • Browser type and version
  • Device type and operating system
  • Cookies and tracking identifiers
  • Usage data (pages visited, time on site, click paths)
  • Form submission content
  • Conversion events (form submits, calls, purchases)

14. Legal Basis for Processing (GDPR Art. 6)

  • Contact form data: consent (Art. 6.1.a) and contract performance (Art. 6.1.b).
  • Analytics data: consent (Art. 6.1.a).
  • Marketing/remarketing data: consent (Art. 6.1.a).
  • Security and fraud prevention: legitimate interest (Art. 6.1.f).

15. Retention Periods

  • Contact form submissions: 2 years.
  • Analytics data (GA4): 14 months.
  • Marketing cookies (Google Ads): up to 540 days.
  • Email communications: duration of relationship + 1 year.
  • Server logs: 90 days.
  • Cookie consent records: 3 years (audit requirement).

16. Policy Metadata and Changes

Last Updated: January 15, 2026. Effective Date: January 15, 2026. We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If material changes are made, we will provide notice via a homepage banner at least 14 days before they take effect. Continued use of the website after the effective date constitutes acceptance of the updated policy.

How to Contact Us

If you have questions about this policy or wish to exercise your rights, please contact: Xendrioxz Home Projects Inc., 100 King Street West, Toronto, ON M5X 1C9, Canada. Phone: +1 (416) 862-8138. Email: [email protected]. You may also reach us through our Contact page. For cookie-specific preferences, use the “Manage cookie preferences” button below or in the footer.