We take your privacy seriously - here's exactly how we handle your information
PIPEDA Compliant
We adhere to Canadian privacy laws and international standards
Look, we get it - nobody actually enjoys reading privacy policies. But when you're dealing with legal matters, especially stuff that crosses borders, you need to know your information's in good hands. So we've tried to make this as straightforward as possible.
At Pyrevornyx Legal Services, we've been handling sensitive corporate and trade information for years. We know what's at stake when you share details about your business, your deals, or your legal concerns. This policy explains what we do with your data, and more importantly, what we don't do with it.
We're gonna be real with you - we collect different types of info depending on how you interact with us. Here's the breakdown:
When you reach out or become a client, we'll typically collect:
We're not asking for this stuff to build a database - we need it to actually serve you properly and stay compliant with our professional obligations.
For corporate and trade work, we'll handle:
This is the meat of what we do. Everything here's protected by solicitor-client privilege plus our own security protocols.
When you're on our website, we automatically collect:
This helps us figure out what's working and what isn't on our site. We use Google Analytics but we've configured it to respect privacy as much as possible.
We keep records of our conversations, including:
We're required to keep these for professional and regulatory reasons. They're also super helpful if we need to reference past discussions.
This is the obvious one - we use your info to provide the legal services you've hired us for. Drafting contracts, handling negotiations, managing compliance, all that good stuff.
We've got obligations to the Law Society, tax authorities, and other regulatory bodies. Sometimes we need to verify identities, maintain records, or report certain things.
We'll use your contact info to send case updates, important deadlines, or occasionally share relevant legal developments that might affect your business.
We analyze how clients use our services to get better at what we do. This includes website analytics and feedback on our processes.
We're not in the business of selling or sharing your information - that's not how law firms work. But there are some situations where we need to share data:
| Who | What | Why |
|---|---|---|
| Service Providers | IT support, cloud storage, communication tools | We use vetted third-party services to run our operations. They're all under strict confidentiality agreements. |
| Legal Experts | Relevant case details | Sometimes we bring in specialists or co-counsel for complex matters. They're bound by the same professional duties we are. |
| Regulatory Bodies | Compliance records | Law societies, tax authorities, and other regulators have legitimate reasons to see certain records. |
| Courts & Tribunals | Litigation materials | If we're representing you in court or arbitration, we'll need to file documents that contain your information. |
| Counterparties | Transaction details | In deals and negotiations, we share what's necessary with the other side (always with your authorization). |
Under Canadian privacy law (PIPEDA) and our professional obligations, you've got some solid rights when it comes to your information:
You can request copies of what information we hold about you. We'll provide it within 30 days, though for complex requests it might take a bit longer. There might be a reasonable fee for extensive requests.
If something's wrong or outdated, let us know and we'll fix it. This is pretty important for legal work - we need accurate info to serve you properly.
You can ask us to delete your data, but here's the thing - as lawyers, we're required to keep client files for at least 6 years. So while we'll honor deletion requests where possible, some stuff needs to stay in our archives for regulatory reasons.
If you've given us consent for something specific (like marketing emails), you can take it back anytime. Just shoot us an email or hit unsubscribe.
You can request your data in a commonly used format to transfer to another service provider. We'll provide it in PDF or other standard formats.
If you think we've messed up with your data, you can complain to the Office of the Privacy Commissioner of Canada. We'd prefer you talk to us first so we can sort it out, but it's your call.
Security isn't just a checkbox for us - it's fundamental to what we do. When you're handling M&A deals or trade agreements, you can't mess around with security. Here's what we've got in place:
All data's encrypted in transit (TLS 1.3) and at rest (AES-256). Our client portal uses end-to-end encryption for document sharing.
Multi-factor authentication for all systems. Role-based access means people only see what they need to see for their work.
Canadian data centers with SOC 2 certification. Regular security audits and penetration testing keep us on our toes.
Everyone on our team goes through regular security training. We take confidentiality seriously - it's literally part of our professional oath.
Given our focus on international trade, we sometimes need to transfer data across borders. Here's how we handle that:
When we're working on international deals, we might need to share your info with foreign counterparties, regulators, or legal experts. We always:
Some of our tech providers have servers in the US or EU. We've vetted them all and they're bound by standard contractual clauses that meet Canadian and international privacy standards. Your data stays protected regardless of where the servers are physically located.
We don't keep stuff forever, but we do have some legal requirements about retention periods:
| Type of Data | Retention Period | Reason |
|---|---|---|
| Client Files | Minimum 6 years after matter closes | Law Society requirement & statute of limitations |
| Financial Records | 7 years | Tax and accounting regulations |
| Correspondence | Duration of representation + 6 years | Professional standards |
| Website Analytics | 26 months | Standard practice for analytics |
| Marketing Lists | Until you unsubscribe | Ongoing consent |
After these periods, we securely delete or anonymize the data. For particularly sensitive matters, we might keep records longer if there's an ongoing legal reason (like active litigation).
Privacy laws evolve, technology changes, and our practices adapt. When we update this policy, here's what happens:
For major changes, we'll send you an email at least 30 days before they take effect.
You can check previous versions using the dropdown at the top of this page.
The "Last Updated" date at the top shows when changes were made.
For minor tweaks (like fixing typos or clarifying existing language), we'll just update the page. Material changes that affect how we handle your data get the full notification treatment.
Look, if you've made it this far, you probably care about your privacy (good call). If something's unclear or you've got concerns, just reach out. We'd rather answer your questions than have you worrying.
(416) 555-7893
contact@pyrevornyx.info
1250 Bay Street, Suite 800
Toronto, ON M5R 2A5
For privacy-specific inquiries, mark your correspondence "Attention: Privacy Officer"