Ethos is committed to protecting the privacy and confidentiality of the personal information of our clients, employees, and website visitors. As a Canadian company, we adhere to the principles set out in the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
This policy outlines how Ethos ("we," "us," or "our") collects, uses, discloses, and protects your personal information in connection with your use of our website, located at ethoshq.ca, and our services.
1. Personal Information We Collect
We collect personal information necessary to provide our consulting services, manage our business operations, and communicate effectively with you.
A. Information You Provide Directly
This includes information voluntarily submitted through forms, email, or direct communication:
Contact Data: Name, job title, company name, mailing address, telephone number, and email address.
Inquiry Data: Information provided when you submit a query through our "Contact Us" or "Request a Quote" forms.
Professional Data: Details related to potential or current consulting projects, requirements, and business challenges.
B. Information Collected Automatically
When you visit our website, we may automatically collect certain technical data:
Usage Data: Details about your interaction with our website, including pages viewed, time spent on pages, click paths, and the referring website.
Device Data: Internet Protocol (IP) address, browser type and version, operating system, and unique device identifiers.
Cookies and Tracking: We use cookies, web beacons, and similar technologies to enhance user experience, analyze website traffic, and remember user preferences.
2. How We Use Your Information
Ethos uses the collected personal information for the following purposes:
Service Delivery: To understand your consulting needs, develop proposals, and deliver the agreed-upon technology services.
Communication: To respond to your inquiries, send administrative information (like policy changes), and provide updates related to your account or projects.
Business Operations: To manage our contractual relationship with you, process payments, and fulfill legal and compliance requirements.
Website Improvement: To analyze website usage, measure the effectiveness of our marketing, and optimize the user experience.
Marketing (Consent-Based): To send you promotional communications about our services, white papers, or events, provided you have explicitly consented to receive them.
3. Legal Basis for Processing (PIPEDA Compliance)
In accordance with PIPEDA, we collect and use personal information based on the following:
Consent: We rely on your express or implied consent, particularly when you voluntarily submit your information via a contact form or subscribe to a newsletter.
Contractual Necessity: When processing is necessary for the performance of a contract (e.g., executing a consulting agreement).
Legitimate Interests: When processing is necessary for our legitimate business interests (e.g., website security, internal analytics), provided these interests are not overridden by your rights.
4. Disclosure and Sharing of Personal Information
Ethos does not sell or rent your personal information. We may share your information only in the following limited circumstances:
Service Providers: We engage trusted third-party service providers (e.g., cloud hosting, CRM tools, email platforms) to perform functions on our behalf. These providers are contractually obligated to protect the information and use it only for the purposes for which it was disclosed.
Legal Compliance: When required by law, such as in response to a subpoena, court order, or similar legal process, or to comply with governmental requests in Canada or other jurisdictions where Ethos operates.
Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
5. Data Security
We take reasonable steps to protect your personal information using physical, technical, and administrative security measures. These measures include:
Encryption of data in transit and at rest where appropriate.
Access controls and authentication protocols for our systems.
Regular security assessments and employee training on privacy protection.
While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.
6. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purpose of satisfying any legal, accounting, or reporting requirements.
7. Your Privacy Rights (PIPEDA)
As an individual whose personal information we hold, you have certain rights under Canadian law:
Right of Access: You have the right to request access to the personal information we hold about you.
Right to Correction: You may request that we correct any inaccurate or incomplete personal information.
Right to Withdraw Consent: You may withdraw your consent to the collection, use, and disclosure of your personal information at any time, subject to legal or contractual restrictions. Note that withdrawing consent may affect our ability to provide certain services to you.
To exercise any of these rights, please contact our Privacy Officer using the details provided below.
8. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will revise the "Effective Date" at the top of this policy and notify you by posting the updated policy on our website. We encourage you to review this policy periodically.
9. Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or our privacy practices, please contact our designated Privacy Officer: