Global Compliance

Privacy & Trust Center • Distronode Corporation • Headquarters: Toronto, Canada

Verified Frameworks

PIPEDA Compliant

GDPR Hardened

CASL Verified

A2P 10DLC Certified

01. Compliance Standards & Baseline

Privacy by Design: From PIPEDA Baseline to GDPR Rigor

Distronode is a Canadian corporation headquartered at RBC WaterPark Place, 20 Bay Street, Toronto, ON. As a Canadian entity, our regulatory baseline is established under the federal Personal Information Protection and Electronic Documents Act (PIPEDA). However, because we serve global media creators, enterprise automation nodes, and international platforms, we have engineered our compliance framework to strictly match the more stringent requirements of the European Union's General Data Protection Regulation (GDPR).

Under European law, Canada maintains an "Adequacy Decision" status, meaning Canadian PIPEDA standards are legally equivalent to GDPR data transfer requirements. By aligning both frameworks, we offer our clients seamless, legally compliant cross-border data residency and processing without legal friction.

Canadian PIPEDA Compliance

Strict adherence to the 10 Fair Information Principles: Accountability, Identifying Purposes, Consent, Limiting Collection, Limiting Use/Disclosure, Accuracy, Safeguards, Openness, Individual Access, and Challenging Compliance.

Read PIPEDA Clauses

GDPR Alignment

Full implementation of individual user rights, including the Right to be Forgotten (Erasure), Right to Portability, Consent-before-Tracking (ePrivacy & Consent Mode v2), and strict sub-processor transparency.

Read GDPR Rights

02. Verified Sub-Processors

Where Your Data Goes: 100% Radical Transparency

Unlike traditional companies that obscure their vendor relationships, we believe you have the right to know and judge exactly who processes your data. Distronode operates a siloed, trust-first infrastructure. We share data only with the following verified enterprise-grade partners to deliver our automation services:

Google Cloud Platform (GCP)

AI Inference & Storage

Vertex AI & Firestore

Processes customer recordings, audio pipelines, metadata structures, and primary CRM entries. Under our Enterprise partner terms, your data remains fully isolated in private VPC configurations.

Isolated Data Silo

ZERO Training on Customer Data

ISO 27001 / SOC 2 Type II

View AI Security

Twilio, Inc.

Telephony Ingestion & SMS

Voice Gateway & A2P Campaign

Twilio handles real-time voice streaming (G.711 protocols) and outbound customer notifications. Voice media is bridged directly to the gateway WebSocket; Twilio operates purely as an encrypted transmission transit layer.

PCI-DSS Compliant Transit

Verified A2P 10DLC Campaigns

256-Bit AES TLS Transit

View Telephony

Apollo.io (ZenProspect, Inc.)

B2B CRM Enrichment

Domain Intelligence Scan

Provides public firmographic B2B metadata (employee count, revenue scale, business segment) based strictly on business domains during inbound call CRM enrichments. Zero PII or private conversation data is ever transmitted to Apollo.

Pure Firmographic Queries Only

Zero Transcription Data Shared

GDPR & CCPA Aligned

View Lawful Basis

Stripe, Inc.

Billing Infrastructure

PCI-DSS Level 1 Gateway

Processes payments, subscriptions, and partner payout credentials. Stripe isolates all card numbers, routing addresses, and financial transaction metadata; Distronode servers never store or see your raw credit card information.

PCI-DSS Level 1 Certified

Tokenized Encryption Architecture

Secure Partner Payouts

View Payment Rules

03. Connected Platforms

You Own the Access: Revoke Permissions Anytime

Distronode enriches and automates your brand footprint across multiple channels. You maintain complete custody of your security and permissions. If you ever wish to audit or permanently revoke Distronode's access to your creator portals, use the official security dashboard links below:

Meta (Instagram & Facebook)

Audit, modify, or revoke permissions inside Meta Application Settings.

Google Workspace & YouTube

Review third-party applications linked to your Google accounts.

X (formerly Twitter)

Revoke API access tokens and check connected apps inside X Settings.

04. Data Deletion & DPO Intake

Your Right to be Forgotten

Under both PIPEDA and GDPR, you have the absolute right to demand the permanent deletion of your PII, content assets, voice transcripts, and API records.

Submit a formal deletion request, and our compliance team will scrub your PII from active operational vaults and Firestore tables within 30 days. We issue a formal compliance certificate upon request.

Privacy HQ Address

Distronode Corporation

Attn: Privacy & Data Protection Officer

RBC WaterPark Place, 20 Bay Street, 11th Floor

Toronto, Ontario, M5J 2N8, Canada

DPO Intake Contact

legal@distronode.com

Requests processed within 30 business days. Formally logs your Right to Erasure.

05. Telephony & Carrier Compliance

Mobile Network & Carrier Trust Standards

Distronode operates automated Twilio live receptionists and system alerts. Telephony carrier policies (especially within the US/Canada) require strict registration and opt-out flows to combat spam and protect consumer consent. We enforce the following carrier compliance standards:

A2P 10DLC Campaign

Our SMS communication nodes are fully registered in the Twilio Trust Hub, matching carrier expectations. Transmissions use verified routes to bypass carrier spam filters.

Campaign Registered

SMS Rules

SMS STOP Registry

Users maintain the right to opt-out of communications. Texting STOP or QUIT to any Distronode number triggers an automatic carrier block and database entry, halting all outbound alerts.

Read Registry Terms

Call Disclosures

Twilio voice sessions comply with two-party call recording disclaimers. Our live receptionist clearly declares recording status, and raw audio assets are permanently purged within 90 days.

Read Recording Terms