Privacy Policy

How we handle your information and protect your confidentiality

Last Updated: November 18, 2025
Quick Navigation
Introduction Information We Collect How We Use Your Data Information Sharing Data Security Cookies & Tracking Your Rights Data Retention International Transfers Policy Changes Contact Us

Introduction

Look, we get it - nobody really reads these things. But here's the deal: at Obsidralynth Legal Partners, privacy isn't just some checkbox exercise for us. It's literally what we do.

We've been handling sensitive corporate information for years, and we know what's at stake when confidential data gets into the wrong hands. That's why we're pretty hardcore about protecting whatever you share with us - whether you're a potential client reaching out about a merger dispute or just someone browsing our site.

This policy covers how we collect, use, and safeguard your personal information when you interact with our website or use our legal services. We've tried to keep it straightforward without all the usual legal jargon (yeah, we know the irony of lawyers avoiding legalese).

Quick Note: This privacy policy applies to our website and general communications. Attorney-client privilege and professional confidentiality rules provide even stronger protections once you become our client.

Information We Collect

We're gonna be upfront about what info we gather. Here's the breakdown:

Stuff You Voluntarily Give Us
  • Contact Details: Name, email, phone number, company name, job title - the basics when you reach out through our contact forms or consultation requests.
  • Communication Records: Whatever you send us via email, phone calls, or our secure client portal. This includes the initial facts about your legal situation.
  • Business Information: If you're representing a company, we'll collect corporate details, industry info, and organizational structure stuff that's relevant to your legal needs.
  • Payment Information: Billing addresses and payment details when you engage our services (though we use third-party processors who handle the actual credit card data).
Technical Data We Automatically Collect
  • Device & Browser Info: IP address, browser type, operating system, device identifiers - standard web stuff.
  • Usage Data: Which pages you visit, how long you stick around, what you click on, referring URLs.
  • Location Data: General geographic location based on your IP address (we're not tracking your exact coordinates or anything creepy like that).
  • Cookies & Similar Tech: More on this later, but yeah, we use cookies to make the site work better.
Important: We don't sell your data. Period. We're not in that business. Our practice is built on trust and confidentiality.

How We Use Your Data

We're not collecting information just for kicks. Here's what we actually do with it:

Providing Legal Services

To evaluate your case, provide legal advice, communicate about your matter, and deliver the services you've hired us for.

Client Communications

Responding to inquiries, scheduling consultations, sending case updates, and keeping you in the loop.

Billing & Admin

Processing payments, maintaining accurate records, managing retainers, and handling routine administrative tasks.

Website Improvement

Understanding how people use our site so we can make it better, fix bugs, and improve user experience.

Legal Compliance

Meeting our professional obligations, complying with regulations, responding to legal processes, and protecting against fraud.

Marketing (Optional)

Sending newsletters, legal updates, and firm news - but only if you've opted in. You can unsubscribe anytime.

Information Sharing

Okay, so when do we share your info with others? Here's the honest truth:

Limited Sharing Scenarios

Service Providers & Vendors: We work with trusted third parties who help us run our practice - think cloud storage providers, IT support, billing systems, and document management platforms. These folks are bound by strict confidentiality agreements and can only use your data to provide services to us.

Legal & Professional Requirements: Sometimes we're legally obligated to share information - court orders, subpoenas, regulatory demands, that kind of thing. We'll also share info when necessary to enforce our rights, protect someone's safety, or investigate potential violations of law.

With Your Consent: If you ask us to share information with someone specific (like co-counsel or expert witnesses in your case), we'll do that. Pretty straightforward.

Business Transfers: In the unlikely event our firm merges with another or gets acquired, your information would transfer as part of that transaction. But the new entity would still be bound by this privacy policy.

What We DON'T Do: We don't sell your information to marketers, data brokers, or anyone else. We don't rent out our client lists. We don't use your confidential information for purposes unrelated to your legal matter.

Data Security

Security isn't just IT's problem - it's everyone's responsibility here. We've implemented multiple layers of protection:

  • Encryption: We use SSL/TLS encryption for data transmission (that's the little padlock you see in your browser). Sensitive data at rest is also encrypted.
  • Access Controls: Only authorized personnel can access client information, and only what they need to do their job. We use multi-factor authentication for all our systems.
  • Secure Infrastructure: Our servers are housed in certified data centers with physical security, redundancy, and disaster recovery plans.
  • Regular Audits: We conduct security assessments, penetration testing, and vulnerability scans to stay ahead of potential threats.
  • Staff Training: Everyone on our team receives regular training on data protection, confidentiality, and security best practices.
  • Incident Response: We've got protocols in place to detect, respond to, and notify you about any security breaches (though we work hard to prevent them in the first place).

That said, let's be real - no system is 100% bulletproof. While we do everything we can to protect your data, we can't guarantee absolute security. That's why we also recommend you do your part: use strong passwords, don't share login credentials, and be careful about what you send over unsecured channels.

Cookies & Tracking Technologies

Yeah, we use cookies. Not the chocolate chip kind, unfortunately. Here's what's going on:

Types of Cookies We Use
Cookie Type Purpose Duration
Essential Cookies Keep the site functioning properly - things like remembering your session, security features, load balancing. Session/Temporary
Analytics Cookies Help us understand how visitors use our site so we can improve it. We use Google Analytics with IP anonymization. Up to 2 years
Functionality Cookies Remember your preferences and choices to provide a better experience. Up to 1 year
Marketing Cookies Track effectiveness of our marketing efforts and deliver relevant content (only with your consent). Up to 1 year
Managing Your Cookie Preferences

You've got options here. Most browsers let you block or delete cookies through their settings. Keep in mind that blocking certain cookies might make parts of our site not work as smoothly. You can also opt out of Google Analytics using their browser add-on.

We also use web beacons and pixels occasionally - these are tiny images that help us track email opens and page visits. Same deal with cookies: you can disable these through your browser settings.

Your Privacy Rights

Under Canadian privacy laws (particularly PIPEDA), you've got several rights when it comes to your personal information:

Right to Access

You can request a copy of the personal information we hold about you. We'll provide it in a readable format within 30 days.

Right to Correction

If any of your info is inaccurate or incomplete, you can ask us to fix it. We'll update it and notify any third parties if necessary.

Right to Deletion

You can ask us to delete your data, subject to legal and professional retention requirements (we can't delete stuff we're required to keep by law).

Right to Withdraw Consent

If we're processing your data based on consent, you can withdraw it anytime. This won't affect past processing but will stop future use.

Right to Object

You can object to certain types of processing, particularly for marketing purposes. We'll stop unless we've got compelling legitimate grounds.

Right to Portability

You can request your data in a commonly used, machine-readable format so you can transfer it elsewhere if you want.

To exercise any of these rights, shoot us an email at inquiries@obsidralynth.info or call us at (416) 555-0847. We'll need to verify your identity before processing your request, which usually takes about 30 days.

If you're not happy with how we handle your request, you've got the right to file a complaint with the Office of the Privacy Commissioner of Canada.

Data Retention

We don't keep your data forever - that'd be weird and unnecessary. But we do need to hold onto certain stuff for legal and professional reasons:

  • Client Files: The Law Society of Ontario requires us to keep client records for at least 10 years after the matter concludes. This includes correspondence, documents, and billing records.
  • Financial Records: We keep billing and payment info for 7 years to comply with tax regulations and accounting standards.
  • Marketing Communications: If you're on our mailing list, we'll keep your contact info until you unsubscribe or ask us to delete it.
  • Website Data: Analytics and technical data is typically retained for 26 months, then automatically deleted.
  • Inquiry Data: If you contact us but don't become a client, we'll generally keep your initial inquiry for 2 years in case you reach out again.

Once the retention period expires and we no longer have a legitimate business or legal reason to keep your data, we securely delete or anonymize it. Our document destruction procedures comply with Law Society guidelines.

International Data Transfers

Here's the thing - we're based in Toronto, but the internet doesn't really care about borders. Some of our service providers (like cloud hosting companies) might store data on servers located outside Canada, including in the United States.

When we transfer data internationally, we make sure appropriate safeguards are in place:

  • We only work with vendors who comply with recognized privacy frameworks and contractual protections
  • Data transferred to the US is handled by companies that participate in relevant privacy shield programs or use standard contractual clauses
  • We conduct due diligence on all third-party processors to ensure they meet our security standards
  • Sensitive client information is encrypted both in transit and at rest, regardless of where it's stored

Keep in mind that data stored outside Canada may be subject to foreign laws and could potentially be accessed by foreign law enforcement or government agencies under their legal frameworks. We'll always push back on any requests that conflict with Canadian privacy laws or attorney-client privilege.

Changes to This Policy

Let's be honest - privacy laws and technology keep evolving, so we might need to update this policy from time to time. When we make changes, here's what'll happen:

  • We'll update the "Last Updated" date at the top of this page
  • For minor changes (like clarifying language or fixing typos), we'll just post the updated version
  • For material changes that affect how we handle your data, we'll notify you via email or a prominent notice on our website
  • If legally required, we'll get your consent before implementing significant changes

We recommend checking back here occasionally to stay informed. The updated policy takes effect as soon as it's posted, unless we specify otherwise.

Questions? Get in Touch

Look, we know privacy policies can be confusing, and maybe you've still got questions after reading all this. That's totally fine - we're here to help.

If you want to exercise any of your privacy rights, have concerns about how we're handling your data, or just need clarification on something, don't hesitate to reach out:

Our Office

2800 - Ernst & Young Tower
222 Bay Street
Toronto, ON M5K 1H6

Contact Details

(416) 555-0847

inquiries@obsidralynth.info

We aim to respond to all privacy-related inquiries within 5 business days. For urgent matters, please call us directly.

Privacy Officer: For formal privacy complaints or detailed inquiries about our data practices, you can contact our designated Privacy Officer at the above contact information. We take all privacy concerns seriously and will work with you to resolve any issues.

Need Legal Advice? Let's Talk

Your privacy is protected from the moment you reach out. All initial consultations are confidential.

Schedule a Consultation