100%
Canadian Data Sovereignty
PIPEDA
Privacy Compliant
SOC 2
In Progress
24/7
Security Monitoring
OUR COMMITMENTS
How We Protect Your Data and Trust
Our security practices, privacy standards, and compliance commitments.
Data Security
All client data is encrypted at rest (AES-256) and in transit (TLS 1.3). Access is controlled by role-based permissions and MFA.
Canadian Data Residency
Client data is stored exclusively in Canadian data centres, ensuring compliance with PIPEDA and provincial privacy legislation.
Privacy by Design
We collect only the data necessary to deliver our services. All data handling is documented, auditable, and subject to your review.
Contractual Protections
All engagements are covered by comprehensive NDAs and Data Processing Agreements with clear data ownership and liability terms.
Certifications & Audits
We undergo regular third-party security audits and are actively pursuing SOC 2 Type II certification for our platform.
No Data Sharing
We never sell, share, or use client data for any purpose other than delivering the agreed services. Period.
FAQ
Trust & Security FAQs
Common questions about how we handle your data and maintain security.
All client data is stored in Canadian data centres. We never transfer data outside Canada without explicit client consent. This ensures compliance with PIPEDA and applicable provincial privacy laws.
Access to client data is strictly limited to personnel assigned to your account, controlled by role-based permissions, protected by MFA, and audited with complete access logs.
We have a documented Incident Response Policy that includes immediate client notification within 72 hours of discovering any incident that may affect client data, consistent with PIPEDA breach reporting requirements.
Yes. Enterprise clients can request our security documentation, third-party audit reports, and a security review session as part of due diligence. We welcome transparency.