Privacy Policy

Global Compliance Version (PIPEDA, GDPR, CCPA/CPRA, UK GDPR, and other major jurisdictions)

Aegis Resources Ltd. and its affiliated entities (“Aegis”, “we”, “our”, or “us”) are committed to protecting the privacy and security of individuals whose Personal Information we handle. This Privacy Policy describes how we collect, use, disclose, store, and safeguard Personal Information through our website (the “Site”) and any related online or offline Services (the “Services”).

This Policy is designed to comply with:

  • PIPEDA (Personal Information Protection and Electronic Documents Act – Canada)
  • GDPR (General Data Protection Regulation – EU/EEA)
  • UK GDPR (United Kingdom)
  • CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act)
  • Other key jurisdictions with comparable privacy frameworks (including Australia’s Privacy Act, New Zealand’s Privacy Act, and similar national/international privacy regimes)

By accessing the Site or using our Services, you consent to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Site and Services.

If you are under the legal age of majority in your jurisdiction, please do not use the Site or submit Personal Information to us.

1. Personal Information We Collect and How We Use It

We collect Personal Information only for legitimate, specific purposes. “Personal Information” means data that identifies, relates to, or can reasonably be associated with an individual. (Note: Under CCPA, “Personal Information” has a broad statutory definition that includes device identifiers, browsing data, and inferences.)

1.1 Information You Actively Provide

You may provide Personal Information directly when you:

  • request information about Aegis or our Services,
  • subscribe to updates,
  • apply for employment,
  • communicate with us,
  • complete forms on the Site, or
  • participate in research or feedback initiatives.

This may include:

  • name
  • contact details (email, telephone, postal address)
  • employment or background information (for applicants)
  • any other information you voluntarily submit

We use this information to:

  • deliver and personalize our Services;
  • communicate with you and respond to inquiries;
  • evaluate and improve the Site and Services;
  • assess employment applications;
  • maintain business records and fulfill contractual or legal obligations;
  • identify and prevent fraud or security threats.

1.2 Information Collected Automatically

When you access the Site, we may automatically collect information through cookies, analytics, pixels, log files, and similar tools, such as:

  • IP address and general location
  • browser type, device type, and operating system
  • pages visited, actions taken, and links clicked
  • date/time of visits
  • referral paths or external URLs
  • advertising and analytics data from platforms like Google Analytics, Google Ads, and Meta (Facebook)

You may opt out of non-essential cookies through your browser settings or applicable cookie banners (as required under GDPR/UK GDPR and other regions).

1.3 Legal Bases for Processing (GDPR / UK GDPR)

Where GDPR or UK GDPR applies, we process Personal Information under one or more of the following bases:

  • Consent (e.g., marketing communications)
  • Performance of a contract (e.g., providing Services you request)
  • Legal obligation
  • Legitimate interests (e.g., improving the Site, preventing fraud)

1.4 Sensitive Personal Information

Aegis does not intentionally collect sensitive or special-category Personal Information unless legally permitted and voluntarily provided by the user (e.g., in an employment application). Where collected, it will be handled in accordance with applicable legal requirements.

2. How We Disclose Personal Information

We may disclose Personal Information in the following circumstances:

2.1 Service Providers and Contractors

We may share Personal Information with trusted third parties who assist us with:

  • website hosting and infrastructure
  • analytics
  • payment processing
  • data storage
  • marketing and communication delivery
  • cybersecurity and fraud detection
  • customer service

These third parties are contractually required to:

  • protect Personal Information,
  • use it only for authorized purposes, and
  • comply with applicable privacy laws.

2.2 Legal and Regulatory Requirements

We may share information when required to comply with:

  • laws or regulations,
  • law enforcement requests,
  • subpoenas, warrants, or court orders,
  • regulatory authorities.

2.3 Business Transfers

In the event of a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, Personal Information may be transferred to the relevant third party, provided they adhere to protections consistent with this Policy.

2.4 Aggregated or Anonymized Data

We may create de-identified, aggregated, or anonymized information for analytics, research, and business purposes, which no longer identifies individuals. Such data may be used or shared without restriction.

3. Retention of Personal Information

Aegis retains Personal Information only as long as necessary to fulfill the purposes for which it was collected or to meet legal, regulatory, tax, or audit requirements. When information is no longer needed, we will securely destroy, anonymize, or erase it.

4. Accuracy of Personal Information

We take reasonable steps to keep Personal Information accurate and up to date. Individuals are encouraged to notify us of any changes so we can maintain accurate records.

5. Protection of Personal Information

We employ reasonable administrative, technical, and physical safeguards to help protect Personal Information against unauthorized access, disclosure, or misuse. These may include encryption, access controls, secure storage, and monitoring.

Despite these measures, no system is completely secure. Users are responsible for securing their own devices, networks, and passwords. Aegis is not responsible for breaches resulting from user error or insecure personal systems.

6. International Transfers of Personal Information

Personal Information may be stored or processed in Canada, the United States, the United Kingdom, the European Union, or other jurisdictions where Aegis or our service providers operate.

Where data is transferred outside jurisdictions with strict data protection laws (e.g., EU/UK), we use lawful mechanisms such as:

  • Standard Contractual Clauses (GDPR/UK GDPR),
  • contractual safeguards,
  • adequacy determinations (where applicable).

By using the Site or submitting information, you consent to these transfers, subject to applicable regional rights.

7. Third-Party Links

The Site may contain links to external websites or services operated by third parties. Aegis is not responsible for their privacy practices. We encourage users to review third-party privacy policies before sharing Personal Information.

8. Marketing Communications

With your consent (where required by law), we may send you updates, newsletters, and promotional information about Aegis.

You may opt out at any time by:

Under CCPA/CPRA, users may opt out of targeted advertising or the “sharing” of Personal Information for cross-context behavioral advertising.

9. Your Rights

Your privacy rights depend on your place of residence. Aegis will honor all rights required by applicable law.

9.1 Rights Under PIPEDA (Canada)

You may:

  • request access to Personal Information we hold about you;
  • request corrections to inaccurate Personal Information;
  • inquire about how your information has been used or disclosed.

9.2 Rights Under GDPR and UK GDPR

If you reside in the EU/EEA or UK, you have additional rights, including:

  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing (including marketing)
  • Right not to be subject to automated decision-making, where applicable
  • Right to withdraw consent at any time

You may also file a complaint with your local data protection authority.

9.3 Rights Under CCPA/CPRA (California)

California residents have the right to:

  • Know what categories of Personal Information we collect, use, disclose, or “share”
  • Access specific pieces of Personal Information
  • Request deletion of Personal Information, with exceptions
  • Correct inaccurate Personal Information
  • Opt out of “selling” or “sharing” Personal Information (Aegis does not “sell” Personal Information as defined by CCPA/CPRA)
  • Limit the use of sensitive Personal Information (if collected)
  • Not be discriminated against for exercising privacy rights

We will verify your identity before responding to CCPA requests and may use authorized agents as permitted under the law.

10. Exercising Your Rights / Contact Us

To submit a privacy request or ask questions about this Policy, please contact our Privacy Officer:

Email: info@aegisresourcesltd.com

We will respond within timeframes required by applicable privacy laws.

11. Updates to This Privacy Policy

Aegis may modify this Privacy Policy from time to time. All changes will be posted on the Site with an updated “Last Revised” date. Continued use of the Site or Services after changes are posted indicates acceptance of the updated Policy.

Last Revised: December 9th, 2025