Privacy Policy

 

Credora Privacy Policy

Effective Date: January 15, 2025
Credora (“we,” “our,” or “us”) is committed to protecting your privacy and maintaining transparency about how we collect, use, and share your information. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your personal data when you use our website, services, and online forms.

1. Information We Collect

We may collect the following types of personal information from you:

Personal Information

  • Full name
  • Email address
  • Phone number
  • Postal code and province
  • Date of birth
  • Any additional information provided in free-text or survey form fields

Financial Information

  • Estimated debt amount
  • Types of debt
  • Monthly income
  • Employment and credit status
  • Financial goals and preferences
  • Financial documents you choose to provide
  • Credit information (only with your explicit consent)

Technical Information

  • Website usage data (IP address, browser type, pages visited)
  • Communication records (emails, phone calls, chat logs)
  • Cookies and similar tracking technologies

2. How We Use Your Information

Your information is used for the following purposes:

Primary Service Delivery

  • Providing free financial wellness consultations
  • Assessing your financial situation to identify appropriate options
  • Facilitating connections with qualified licensed financial professionals
  • Providing follow-up support after your consultation

Business Operations

  • Improving our services and client experience
  • Complying with legal and regulatory requirements
  • Preventing fraud and ensuring service security
  • Internal analytics and service optimization

Communications

  • Sending service-related communications
  • Providing educational content and resources
  • Following up on your service experience
  • Responding to your inquiries and requests

3. How We Share Your Information

Sharing with Service Partners

With your explicit consent, we may share your information with:
  • Licensed financial professionals who can assess formal debt relief options when appropriate
  • Financial institutions for appropriate financial solutions
  • Credit-counseling agencies and financial educators
  • Other qualified financial service providers who may assist with your situation

Referral Compensation — Transparency Disclosure

Credora may receive referral compensation from licensed professional partners when a client proceeds with their services. This compensation is never charged to you. There is no cost to you for your consultation or for the connection to any professional. Important Safeguards: All data sharing requires your explicit, informed consent • Personal identifying information is never sold or shared without authorization • You may opt out of data sharing and still receive our core services.

Legal and Regulatory Sharing

We may disclose your information without consent when required by:
  • Court orders or legal proceedings
  • Regulatory investigations or compliance requirements
  • Law-enforcement requests where legally obligated
  • Protection of our legal rights or the safety of individuals

We Do NOT Share Your Information

  • With unauthorized third parties
  • For purposes unrelated to financial services without explicit consent
  • With companies that do not meet our security and compliance standards
  • For general marketing purposes outside the financial-services sector

Explicit Consent Required

Before submitting any form, you will be asked to give explicit consent via required checkboxes:
☐ I consent to Credora collecting and using my personal information to provide financial wellness consultation services as outlined in this Privacy Policy. ☐ I consent to Credora sharing my information with qualified licensed professionals to help me explore appropriate financial solutions.

Understanding Your Consent

  • Your consent is specific to the purposes outlined above
  • You may withdraw consent at any time by contacting us
  • Withdrawing consent may limit our ability to provide certain services
  • You can opt out of data sharing while still receiving our core consultation services

Managing Your Preferences

  • Updating your communication preferences
  • Opting out of specific data-sharing arrangements
  • Requesting restrictions on how your data is used
  • Withdrawing consent for future data processing

5. Data Retention

We retain your information only as long as needed to fulfill the purposes outlined in this policy or as required by applicable law:

Service Data

  • Active client data: retained for the duration of our relationship plus 7 years for legal compliance
  • Consultation data: retained for 7 years as required by financial services regulations
  • Communication records: retained for 3 years for service quality and dispute resolution

Marketing and Analytics Data

  • Lead and marketing data: retained for 3 years from last contact or until you opt out
  • Website analytics: aggregated data retained indefinitely; personal identifiers removed after 2 years

Legal and Compliance Records

  • Records required by law: retained as mandated by Canadian financial-services regulations
  • Dispute resolution records: retained for 7 years after resolution
You may request that your data be deleted or anonymized at any time by contacting us, subject to legal retention requirements.

6. Your Privacy Rights

Under Canadian privacy law (PIPEDA), you have the right to:

Access and Control

  • Request access to the personal data we hold about you
  • Receive a copy of your personal information in a portable format
  • Correct or update inaccurate information
  • Request deletion of your data (subject to legal requirements)

Consent Management

  • Withdraw your consent at any time
  • Object to specific uses of your information
  • Request restrictions on data processing
  • Opt out of data sharing activities

Transparency and Accountability

  • Request details about how your information has been used or shared
  • Receive information about our data partners and sharing arrangements
  • File a complaint with the Privacy Commissioner of Canada
  • Request an investigation into our privacy practices
Important Limitations: Some rights may be limited by legal or regulatory requirements; withdrawing consent may affect our ability to provide services; legal retention periods may prevent immediate data deletion.

7. Data Security

Technical Safeguards

  • End-to-end encryption of sensitive data in transit and at rest
  • Secure servers with multi-layered access controls
  • Regular security audits and penetration testing
  • Automated monitoring for suspicious activities
  • Multi-factor authentication for all system access

Administrative Safeguards

  • Employee training on privacy and data protection
  • Regular privacy impact assessments
  • Incident response and breach notification procedures
  • Third-party security certifications and audits
  • Data minimization and purpose-limitation practices

Physical Safeguards

  • Secure facilities with restricted access
  • Environmental controls and monitoring
  • Secure disposal of physical documents
  • Background checks for employees handling sensitive data

8. Third-Party Services and Partners

Service Providers

Our website and services may utilize trusted third-party platforms for:
  • Website analytics and optimization
  • Form processing and data collection
  • Communication tools (email, scheduling, chat)
  • Security and fraud-prevention services

Partner Standards

All third-party partners must:
  • Meet or exceed Canadian privacy standards
  • Provide adequate security safeguards
  • Use data only for specified purposes
  • Allow us to audit their privacy practices
  • Maintain appropriate insurance and liability coverage

Cookies and Tracking

We use cookies and similar technologies to:
  • Improve website functionality and user experience
  • Analyze website usage and performance
  • Provide personalized content and recommendations
  • Facilitate secure login and session management
You can control cookie settings through your browser preferences. Disabling certain cookies may limit website functionality.

9. Compliance and Regulatory Framework

Credora complies with all applicable Canadian privacy and financial-services legislation:

Privacy Laws

  • Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Provincial privacy laws where applicable
  • Canada’s Anti-Spam Legislation (CASL)

Financial Services Regulations

  • Office of the Superintendent of Bankruptcy requirements
  • Provincial financial-services regulations
  • Anti-money-laundering and know-your-customer requirements
  • Consumer protection legislation

Industry Standards

  • Canadian Standards Association privacy framework
  • International Organization for Standardization (ISO) security standards
  • Payment Card Industry (PCI) data-security standards where applicable

10. International Considerations

Data Location: Your information is primarily processed and stored within Canada. Cross-Border Transfers: In limited circumstances, your data may be transferred outside Canada to:
  • Cloud service providers with Canadian data-residency commitments
  • International financial service partners (only with explicit consent)
  • Legal or regulatory authorities in other jurisdictions (when legally required)
All international transfers include appropriate safeguards and comply with PIPEDA requirements.

11. Children and Minors

Our services are intended for adults (18 years of age or older) seeking financial wellness guidance. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected information from someone under 18, we will delete it promptly and notify the individual’s guardian where appropriate.

12. Policy Updates and Changes

Reasons for Updates

We may update this Privacy Policy due to:
  • Changes in our business practices or services
  • New legal or regulatory requirements
  • Technological developments affecting privacy
  • Feedback from privacy authorities or customers

How We Notify You

  • Material changes will be communicated via email (where possible)
  • All updates will be posted on our website with a revised effective date
  • Significant changes may require renewed consent
  • Additional notice may be provided for substantial modifications
Your Continued Consent: Continued use of our services after policy updates constitutes acceptance of the revised terms. If you disagree with changes, you may withdraw consent and discontinue services.

13. Contact Information and Complaints

Privacy Inquiries

Privacy Officer: privacy@credora.ca Response Times: We will acknowledge privacy inquiries within 5 business days and provide substantive responses within 30 days (or as required by applicable law). External Complaints: If you are not satisfied with our response, you may contact:
  • Office of the Privacy Commissioner of Canada — Website: priv.gc.ca • Phone: 1-800-282-1376 • Email: info@priv.gc.ca
  • Provincial Privacy Commissioners: You may also contact your provincial privacy commissioner if applicable.
This Privacy Policy complies with Canadian privacy legislation including PIPEDA and was last updated on January 15, 2025. We are committed to maintaining the highest standards of privacy protection and transparency in all our business practices.
Legal Notice: This Privacy Policy is effective as of the date listed above. For the most current version, please visit credora.ca/privacy-policy. If you have questions about this policy or Credora’s privacy practices, please contact our Privacy Officer using the information provided above.