Privacy Policy

Introduction

Look, we're lawyers who specialize in tech and privacy law, so yeah... we take this stuff seriously.

We've drafted countless privacy policies for clients, and trust me, we know how mind-numbing they can be. So we're gonna keep ours straightforward. No legal gymnastics, no hiding behind corporate speak. Just honest talk about what happens with your information when you work with us or visit our site.

Bottom line: We collect what we need to serve you, protect it like it's our own (actually better than our own), and don't sell it to anyone. Period.

What Information We Collect

When you reach out or become a client, we'll ask for basics like:

Name and contact details (email, phone number)
Company information if you're representing a business
Billing address and payment info
Professional details relevant to your legal needs

We're not gonna ask for your first pet's name or mother's maiden name unless there's a legitimate legal reason.

Obviously, when you hire us, we'll collect information about your legal matter. This might include:

Documents you share with us
Communications about your case
Technical details if it's a tech-related matter
Any other info needed to represent you properly

Client privilege applies: Everything you share with us as a client is protected by solicitor-client privilege. We don't mess around with that.

Like pretty much every website in 2026, we collect some technical stuff:

IP address and browser type
Pages you visit on our site
Time spent on different sections
Referring websites

We use this to make the site better and understand what content actually helps people. Not for creepy tracking or building behavioral profiles.

How We Actually Use Your Info

Here's the deal - we're not a data broker, we're lawyers. Your info serves one main purpose: helping us do our job for you.

Legal Services

Providing the legal advice and representation you hired us for. Kinda the whole point.

Communication

Keeping you updated on your matter, answering questions, sending invoices - the usual stuff.

Improving Services

Understanding what legal issues come up most so we can get better at handling them.

Legal Compliance

Meeting our professional obligations as lawyers (trust accounting, conflict checks, etc.)

What we DON'T do: Sell your data, rent your info, use it for unrelated marketing, or share it with third parties for their benefit. That's not our business model.

When We Share Data (Spoiler: Rarely)

We're pretty protective of client info. But there are a few scenarios where sharing happens:

With Your Consent

Most Common

If you ask us to share info with opposing counsel, a court, a third party - we'll do that. With your explicit okay.

Service Providers

Limited

We use trusted vendors for things like secure cloud storage, email, billing software. They're bound by strict confidentiality agreements and can't use your data for anything else.

Legal Obligations

Rare

If there's a court order, subpoena, or legal requirement (like anti-money laundering rules), we might have to disclose certain info. We'll fight it if it's overreaching.

All our service providers are Canadian or have data processing agreements ensuring Canadian privacy standards apply. We're not shipping your data to jurisdictions with weaker protections.

How We Protect Your Information

Given that we advise clients on cybersecurity, we'd look pretty foolish if our own security was weak. Here's what we do:

Encryption Everywhere

All data encrypted in transit (TLS 1.3) and at rest (AES-256). No exceptions.

Access Controls

Multi-factor authentication, role-based access, regular audits of who can see what.

Secure Infrastructure

SOC 2 certified providers, regular penetration testing, automated security monitoring.

Real Talk About Security

No system is 100% hack-proof. We can't promise that. What we can promise is that we use industry best practices, stay current on threats, and have an incident response plan if something goes wrong. We'll also be straight with you if there's ever a breach.

Your Privacy Rights

Under PIPEDA and Canadian privacy law, you've got rights. Here's what you can do:

Right	What It Means	How to Exercise It
Access	See what personal info we have about you	Email us - we'll respond within 30 days
Correction	Fix any inaccurate information	Let us know what's wrong, we'll update it
Withdrawal	Revoke consent (with some limits)	Tell us - though it might affect our ability to serve you
Complaint	Challenge our privacy practices	Contact our privacy officer or the Privacy Commissioner

To Exercise Your Rights:

Email: privacy@nodalwaypoint.info

We'll verify your identity (gotta make sure it's actually you) and respond promptly. No runaround, no stalling.

Cookies & Tracking Tech

Yeah, we use cookies. But not the creepy, follow-you-around-the-internet kind.

Essential Cookies

These make the site work. Things like:

Session management
Security features
Basic functionality

You can't really opt out of these without breaking the site.

Analytics Cookies

Help us understand site usage:

Which pages are helpful
Where people get stuck
General traffic patterns

We use privacy-focused analytics (no personal tracking).

You can manage cookie preferences through your browser settings. Most browsers let you block or delete cookies, though it might affect how the site works.

How Long We Keep Your Data

We don't hoard data forever, but we can't delete everything immediately either. Here's our approach:

Active Client Files

Kept for the duration of representation plus 7-10 years after closure. Why? Law society rules, limitation periods, potential disputes.

Consultation Records

If you consulted but didn't hire us - usually 2 years for conflict check purposes, then deleted unless there's a reason to keep it longer.

Financial Records

Invoices, payments - kept for 7 years minimum per tax and accounting regulations. Not negotiable.

Website Analytics

Aggregated, anonymized data kept for 2 years max. Individual session data deleted after 90 days.

Children's Privacy

Our services aren't directed at kids. We don't knowingly collect information from anyone under 18 without parental consent.

If we become aware that we've collected personal info from a minor without proper consent, we'll delete it. If you're a parent and think your kid's info ended up with us somehow, let us know ASAP.

That said, we sometimes represent minors in legal matters (with guardian involvement). In those cases, different rules apply and we handle everything appropriately.

Updates to This Policy

Privacy law keeps evolving (trust us, we track this stuff). So this policy might change occasionally.

If we make material changes - like fundamentally different data practices - we'll notify you directly via email if you're a client, or post a prominent notice on the site for everyone else.

Minor updates (clarifications, new contact info, etc.) will just be posted here with an updated date at the top.

Pro tip: Bookmark this page and check back if you're curious. The "Last Updated" date at the top tells you when the latest version went live.

Questions About Privacy?

Look, privacy can be confusing. If something in here doesn't make sense, or you've got concerns about how we handle your data, just reach out.

Privacy Officer

Email: privacy@nodalwaypoint.info

Phone: (416) 789-5432

We'll respond within 2 business days for privacy-specific inquiries.

Office Address

Nodal Waypoint Legal Services

1250 Bay Street, Suite 800
Toronto, ON M5R 2A5
Canada

You can also file a complaint with the Office of the Privacy Commissioner of Canada.

Final word: We're lawyers who believe in privacy rights. We practice what we preach. If we're not living up to these standards or if you've got suggestions for how we can do better, we genuinely want to hear about it.

Quick Navigation

Compliance