vermeil consulting

Privacy Policy

Vermeil Consulting Privacy Notice 

At Vermeil Consulting, safeguarding your personal information is a top priority. How we collect, use, store and share your data is crucial to maintaining your trust. This privacy policy explains how we handle your personal information and applies to all individual consumers of our services, including service clients, contract parties, or anyone we interact with in the course of business.

What is personal information?

‘’Personal information’’ refers to any data that can identify an individual, such as name, address, email, phone number, and financial details. This may apply to customers, their representatives, employees, business contacts, and suppliers. Any mention of ‘’information’’ or ‘’data’’ in this privacy notice refers to personal information about a living individual.

What information we collect, use, and why

Information you supply to us.

You may supply us with information about you by filling in forms on our website. This includes information you provide when you submit a contact/enquiry form. The information you give us may include:

  • Name
  • Address
  • E-mail address
  • Phone number
  • Business contacts

Information our website automatically collects about you. 

In compliance with data privacy regulations, we want to inform you that during each visit to our website, we may automatically collect certain technical information. This data includes a truncated and anonymised version of your Internet Protocol (IP) address, browser type and version, operating system, and platform. This information is gathered to help us improve our website's functionality and user experience.

Please be assured that any data we collect is anonymised to protect your privacy and is not used to personally identify you. We utilise this information solely for analytical purposes, such as understanding how visitors interact with our website, optimizing performance, and enhancing security measures.

Information for operation of client services, we may collect or use the following personal information:

  • Name
  • Contact details 
  • Bank details
  • Telephone numbers
  • Business contact details

Information for recruitment purposes, we collect or use the following personal information:

  • Contact details (e.g. name, address, telephone number or personal email address)
  • Date of birth
  • Social Insurance Number
  • Copies of passports or other photo ID
  • Employment history (e.g. job application, employment references or secondary employment)
  • Education history (e.g. qualifications)
  • Right to work information

We may also collect or use the following sensitive information for recruitment purposes:

  • Racial or ethnic origin
  • Health information

How do we collect this information?

We collect personal information in the following ways:

  • Emailing us from the website
  • Calling us from the number on the website
  • If you are engaged on a call with our clients or copied in on emails

How we may use your information 

  • To carry out our responsibilities resulting from any agreements you’ve entered into with us.
  • To comply with any applicable legal or regulatory requirements 
  • Tell you about changes to our services
  • To operate our business effectively and appropriately, we may conduct activities such as system testing, evaluating business capabilities, planning, communication, quality assurance, and audits.

Who we share information with

We may share your personal information with third party processors for data storage activities.

We may also share personal information with fraud prevention agencies to prevent fraud, money laundering, and verify your identity. If false or inaccurate information is detected and fraud is confirmed, we will report it to these agencies. Law enforcement may also access and use this information. The information you provide to us may also be share with:

  • Professional or legal advisors
  • Regulatory authorities
  • External auditors
  • Organizations we’re legally obliged to share personal information with
  • Suppliers and service providers

In the event that we need to share data outside of Canada, we implement strict safeguarding measures to ensure the destination country upholds adequate data protection standards. These measures are designed to ensure that your personal information remains secure and protected, no matter where it is transferred. We thoroughly assess the data protection laws of the destination country to confirm they meet the required standards for safeguarding your privacy.

Security and Privacy Commitments 

At Vermeil Consulting, safeguarding your personal information is a top priority. We are committed to ensuring the confidentiality, integrity, and security of your data through a robust set of technical and organizational measures. These safeguards are designed to protect your information from unauthorized access, unlawful processing, accidental loss, destruction, or damage. Below are the key security practices we employ:

  • We employ strong encryption protocols to protect your personal data, both during transmission and when stored within our systems. Encryption ensures that any data exchanged with or stored by Vermeil Consulting remains secure and unreadable to unauthorized parties. Whether data is in transit or at rest, it is protected from interception and misuse.
  • To ensure the confidentiality of your data, we have established strict access control mechanisms. Only authorized personnel are granted access to sensitive information, and this access is governed by role-based access control (RBAC). This system limits access based on specific job functions, ensuring that only those who need it to perform their duties can view or process personal data.
  • We enforce the use of multi-factor authentication (MFA) for all users accessing sensitive systems. This additional layer of security further reduces the risk of unauthorized access, ensuring that even if login credentials are compromised, the security of your data remains intact.
  • We conduct regular risk assessments and security audits to evaluate potential threats and vulnerabilities in our systems. This proactive approach allows us to identify and address any weaknesses promptly, minimizing the risk of data breaches and fraud.
  • Your personal information is stored securely in a controlled environment. We implement both physical and technical measures to ensure that data is protected from unauthorized access. Our systems are regularly updated and monitored to maintain the highest level of security.
  • While we take every measure to protect your personal information, we also advise you to maintain the confidentiality of your login credentials. Usernames, passwords, and other identification details should not be shared or disclosed to anyone, as these are the first line of defence against unauthorized access.
  • We continuously monitor our systems for potential security threats. Regular updates, security patches, and vulnerability testing are part of our ongoing efforts to stay ahead of emerging risks. Our monitoring processes ensure that we can detect and respond to any security issues before they can impact your data.
  • While we employ industry-leading security measures, no system is entirely immune to risk. We cannot guarantee the absolute security of information transmitted over the internet or similar connections. We encourage you to take reasonable steps to protect your personal data, including keeping your login credentials private and secure.
  • In the unlikely event of a serious data breach or suspected security incident, we will act swiftly to mitigate any potential harm. We will follow the requirements set to notify the Office of the Privacy Commissioner. We are committed to transparency and will inform affected individuals promptly if their data is at risk.

How long we keep information

We retain your personal information according to our internal policies, based on legal or regulatory minimum retention periods. If necessary, we may retain it longer for valid business reasons such as:

  • Maintain our business records
  • Comply with record retention as required by law
  • Defend or bring about any legal claim
  • Deal with any complaint arising from the relationship
  • We delete all personal data not required for any of the above reasons

In rare cases where deletion is technically impossible, we will render the data inaccessible, ensuring it is not used, accessed, or shared, and your rights and freedoms remain protected.

Requesting Access to or Correction of Your Information

You have the right to request a copy of the personal information we hold about you, whether it's information we've collected directly from you or from a third party. You can also ask us to correct any information if you believe it is inaccurate. To do this, contact privacy@vermeilconsulting.com

We will process your request as promptly as possible without undue delay, and no later than 30 days, in accordance with regulatory requirements.

Any complaints, concerns or requests related to this privacy policy should be addressed to privacy@vermeilconsulting.com

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Cookie Policy for more information.
Preferences Deny Accept