Privacy Policy
Person responsible for personal information
The person responsible for the protection of personal information at Wilderton Advisory is:
[FULL NAME TO BE COMPLETED]
[TITLE TO BE COMPLETED]
Email: [EMAIL TO BE COMPLETED] (suggested address: privacy@wilderton-advisory.com)
Information we collect
We collect the following personal information:
- Contact form: full name, email address, organization name, and the content of your message.
- Navigation data: IP address, browser type, pages visited, visit duration — via [ANALYTICS TOOL TO BE COMPLETED, e.g. Google Analytics, or remove this line if none].
We do not collect sensitive information (health data, social insurance numbers, financial information, etc.).
Why we use it
The information collected is used for the following purposes:
- Responding to your enquiries and following up on engagements;
- Contacting you within the scope of an advisory relationship;
- Improving our website and understanding how visitors use it.
We do not use your information for unsolicited marketing and do not sell it to third parties.
Consent
By submitting the contact form on our website, you consent to the collection and use of your personal information for the purposes described in this policy. You may withdraw your consent at any time by writing to the email address indicated above.
Retention and destruction
- Contact form submissions: retained for a maximum of 30 days, then securely deleted.
- Engagement data (email, working documents): retained for [DURATION TO BE COMPLETED, e.g. 2 years] after the end of the engagement, then deleted or anonymized.
Security measures
Information transmitted through our contact form is encrypted in transit (TLS). Our systems are managed in accordance with the security practices we advise our clients to follow: multi-factor authentication, access controls, and secured Microsoft 365 environments.
Hosting and transfers outside Québec
Our website is hosted by [HOSTING PROVIDER TO BE COMPLETED, e.g. Vercel — United States]. Our communication services are provided by [EMAIL PROVIDER TO BE COMPLETED, e.g. Microsoft 365 — data in transit via Microsoft servers]. These providers may store data outside Québec and Canada. We take reasonable steps to ensure they maintain an adequate level of protection.
Your rights
Under Law 25 (Act respecting the protection of personal information in the private sector), you have the right to:
- Access the personal information we hold about you;
- Correct that information if it is inaccurate or incomplete;
- Withdraw your consent to its use;
- Request its deletion, subject to our legal retention obligations.
To exercise these rights, please write to us at: [EMAIL TO BE COMPLETED]
Confidentiality incidents
In the event of a confidentiality incident (unauthorized access, disclosure, or loss of personal information), we will notify the affected individuals and the Commission d'accès à l'information du Québec within the timeframes required by law.
Changes
We may update this policy at any time. The most current version is always available at /en/privacy. The date of the last update is indicated at the top of this page.