Information We Collect

When you engage our financial risk assessment services, we collect specific information to properly evaluate your business situation. This includes your business registration details, financial statements from the past three years, banking relationships, and existing insurance coverage information.

We also gather contact information including business addresses, phone numbers, and email addresses for key decision-makers. During our assessment process, we may request additional documentation like audit reports, compliance records, or industry-specific regulatory filings.

• Business registration and incorporation documents
• Financial statements and cash flow projections
• Insurance policies and coverage history
• Banking relationships and credit facilities
• Contact information for key personnel

How We Use Your Information

Your information serves one primary purpose: creating accurate risk assessments that help protect your business. We analyze your financial data to identify potential vulnerabilities, recommend appropriate mitigation strategies, and develop customized risk management plans.

We use your contact information to communicate our findings, schedule follow-up consultations, and provide ongoing support. Sometimes we reference anonymized case studies from our client work, but never in ways that could identify your specific business or situation.

Data Storage and Security

All client documents are stored in encrypted servers located in Canadian data centers, ensuring compliance with federal privacy regulations. We use bank-level encryption protocols and maintain strict access controls limiting who can view your information.

Physical documents you provide are kept in locked filing systems at our Winnipeg office, with access limited to senior staff directly working on your assessment. Digital backups are encrypted and stored separately from primary files.

• 256-bit SSL encryption for all data transmission
• Encrypted storage on Canadian-based servers
• Regular security audits and system updates
• Limited access protocols for staff members
• Secure backup systems with separate encryption

Information Sharing

We share your information only when absolutely necessary for your risk assessment. This might include sharing specific financial metrics with insurance underwriters when securing coverage recommendations, or providing relevant documentation to legal counsel when addressing compliance issues.

Any third-party sharing requires your explicit consent, except in rare cases where we're legally required to provide information to regulatory authorities or law enforcement. Even then, we limit disclosure to only what's specifically requested.

Your Rights and Controls

You maintain complete control over your information throughout our relationship. You can request copies of all data we have about your business, ask us to correct any inaccuracies, or request deletion of information no longer needed for ongoing services.

If you decide to discontinue our services, you can request full deletion of your data from our systems. We'll provide written confirmation once deletion is complete, though we may retain basic contact information for tax and business record purposes as required by law.

Data Retention Policies

We keep active client files for the duration of our service relationship plus seven years afterward, as required by Canadian business record-keeping regulations. This ensures we can provide ongoing support and reference historical assessments if needed.

After the retention period expires, all physical documents are securely shredded and digital files are permanently deleted from our systems. We maintain detailed logs of these deletion activities for our internal audit processes.

Website and Communications

Our website uses basic analytics to understand how visitors use our resources, but we don't track individual browsing behavior or create detailed user profiles. We use session cookies to improve your experience, but these don't collect personal information.

Email communications with clients are encrypted and stored securely. We don't add client email addresses to marketing lists without explicit permission, and you can opt out of non-essential communications at any time.

Changes to This Policy

When we update this privacy policy, we'll notify all active clients by email at least 30 days before changes take effect. We'll also post the updated version on our website with clear highlighting of what's changed.

Major changes affecting how we handle your data require your explicit consent to continue services. Minor updates for legal compliance or clarification don't require additional consent but we'll still notify you in advance.