Agent Privacy Policy

• Name, email, mobile phone, and home postal code (for matching to nearby shops).
• Approximate latitude/longitude derived from your postal code.
• Mission reports you submit: structured responses, narrative text, photos with EXIF metadata (GPS, timestamp, camera make and model), reimbursement receipts, and field-level entry timestamps for fraud review.
• Stripe Connect onboarding data (legal name, government ID verification, bank routing) — held by Stripe under their privacy policy.
• Standard server logs (IP, user-agent, timestamps).

• To match you with nearby missions and notify you by SMS and email.
• To pay you out via Stripe Connect after a mission report clears QA.
• To meet our legal obligations — in particular, to report payments to the Canada Revenue Agency on a T4A slip when annual earnings warrant it.
• To maintain a quality-assurance trail (photo metadata, form timing) so we can investigate fraud or inaccuracy.
• To detect and prevent abuse of the platform.

• Stripe Inc. — Connect payouts.
• Resend, Twilio, Mapbox, Cloudflare, Turso, Vercel — the same service providers used to run the platform.
• Customers (business owners): only see the structured report and photos. They do not see your name, email, phone, or address.
• Canada Revenue Agency: when total annual payouts to you require us to issue a T4A.

• Active agent records: while your account is active.
• Tax records (T4A obligation): we retain payout-related information — legal name, payout method, and transaction records — for six years from the end of the relevant tax year, as required by the CRA, even after you delete your account.
• Deleted accounts: name, email, and phone are scrubbed; a one-way salted hash is kept for fraud prevention. Mission report records are kept (anonymized to a deleted-shopper id) so customer archives remain consistent.

Photos uploaded as evidence are automatically parsed for EXIF GPS, timestamp, and camera information. We compare the GPS to the shop location and flag mismatches for QA. Field-level timestamps and paste attempts in narrative answers are also retained as fraud-prevention telemetry.

You may request access, correction, or deletion of your personal information at any time. Self-service deletion is available from your profile page. Some information must be retained for tax and audit reasons; we will tell you what is being kept and why.

TLS in transit, hashed magic-link tokens, hashed session IDs, encryption at rest via our hosting providers, least-privilege access for our small team. Photos are stored in Cloudflare R2 with time-limited presigned URLs.

A first-party session cookie keeps you signed in. We use Google Analytics 4 for aggregate traffic measurement, which sets its own cookies and processes pseudonymous identifiers. We do not run third-party advertising trackers. You can opt out of Google Analytics with the Google Analytics opt-out browser add-on.

Privacy questions: privacy@spyrecruiter.com. Office of the Privacy Commissioner of Canada: priv.gc.ca.