Privacy Policy | AFAX – Secure Fax Service

Last Updated: April 2026

AFAX ("AFAX", "we", "us", or "our") is committed to protecting the privacy, confidentiality, and security of our customers, users, and website visitors. This Privacy Policy explains how we collect, use, store, disclose, and protect information in connection with our products, services, applications, and websites.

Information We Collect

AFAX may collect information required to provide, secure, maintain, and improve our services. Depending on how our platform is used, this information may include:

Account and contact information such as name, address, phone number, and email address;
Billing and payment information required to process subscriptions and services;
Account profile and service configuration information;
Usage, activity, and operational metadata related to fax processing and service delivery;
Technical information such as browser type, device information, IP addresses, authentication logs, and cookies;
Customer support and communication records;
Aggregated and anonymized usage statistics used for analytics, service improvement, and operational planning.

AFAX uses industry-standard third-party service providers where appropriate, including secure payment processors, analytics tools, infrastructure providers, and communication delivery services.

How We Use Information

Information collected by AFAX may be used to:

Provide, maintain, and support AFAX services and customer accounts;
Authenticate users and secure customer access;
Process billing, subscriptions, and account-related transactions;
Deliver fax communications and related notifications;
Monitor service performance, reliability, and platform security;
Prevent fraud, unauthorized access, abuse, or unlawful activity;
Improve products, services, workflows, and customer experience;
Meet legal, regulatory, operational, and contractual obligations.

Document Retention & Storage

AFAX offers configurable document retention options depending on the selected service plan and customer preferences.

Fax documents processed through the AFAX platform may be temporarily stored to support transmission processing, delivery confirmation, secure portal access, workflow continuity, and customer-selected retention settings.

Customers may configure retention periods for sent and received fax documents based on available plan options. Certain Healthcare and Enterprise solutions may support enhanced privacy controls, minimal-retention workflows, customer-managed encryption options, and extended retention policies.

Documents retained within the AFAX platform are stored using encrypted storage technologies designed to help isolate and protect customer information.

Email Delivery & Attachments

AFAX may deliver fax notifications and documents through email using encrypted transport technologies where supported. Email attachments transmitted by AFAX are not intended to remain permanently stored within AFAX delivery systems after successful processing.

Customers are responsible for maintaining appropriate security controls for their own email environments and devices used to access fax communications.

Security Practices

AFAX implements administrative, technical, and operational safeguards designed to help protect customer information and platform integrity.

Security measures may include:

Encrypted data transmission;
Encrypted backup systems;
Role-based access controls (RBAC);
Multi-factor authentication (MFA/2FA);
Audit and operational logging;
Customer-specific data segregation and protection controls.

AFAX personnel do not access customer fax document contents as part of normal business operations. Administrative visibility is generally limited to operational metadata required to support service delivery, troubleshooting, security, and billing activities.

Healthcare & Compliance Considerations

Selected Healthcare and Enterprise solutions are designed to support organizations requiring enhanced privacy, security, and compliance considerations aligned with Canadian privacy legislation, including PHIPA and PIPEDA.

Additional safeguards, encryption options, retention controls, and operational procedures may apply to eligible Healthcare and Enterprise environments.

Canadian Hosting & Data Residency

AFAX production systems are hosted in Canada. Customer information and platform data are processed within Canadian-hosted infrastructure environments designed to support privacy and security requirements.

Analytics & Cookies

AFAX websites and services may use cookies, session technologies, analytics tools, and related technologies to support authentication, website functionality, security monitoring, service optimization, and user experience improvements.

AFAX currently uses third-party analytics and monitoring services that may include Google Analytics and Microsoft Clarity.

Users may modify browser settings to limit or disable certain cookie functionality; however, some platform features may not function properly if cookies are disabled.

Your Rights & Choices

Customers may access and update certain account information through their AFAX account settings.

Subject to applicable legal, operational, and contractual obligations, customers may also request access to, correction of, or deletion of personal information associated with their accounts.

Changes to this Privacy Policy

AFAX reserves the right to update or modify this Privacy Policy from time to time. Updated versions will be posted on this page with a revised effective date.

Continued use of AFAX services following the publication of changes constitutes acceptance of the revised Privacy Policy.

Questions & Contact Information

If you have questions, concerns, or requests related to this Privacy Policy or privacy practices, please contact AFAX through our contact page or customer support channels and reference "Privacy Policy" in your communication.