Privacy policy

1. Introduction

BEMSB ("we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our website or engage our services, in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA), applicable Canadian privacy laws, and - where applicable - the EU General Data Protection Regulation (GDPR).

We may update this Policy from time to time. Changes take effect when we post the revised version. The "Last updated" date above indicates when this Policy was most recently revised.

We do not knowingly collect information from individuals under the age of eighteen.

2. Information We Collect

We collect the following categories of information:

• Personal data: name, contact details, and identification documents where required for AML/KYC compliance
• Company and business information relevant to our consulting services
• Technical data: IP address, browser type, device identifiers, and cookies collected automatically when you visit our website
• Usage data: pages visited, time spent on the site, and navigation patterns
• Communication data: records of emails, form submissions, and customer service interactions
• KYC/AML data: identity verification documents and transaction monitoring records where applicable to regulatory compliance

3. How We Use Information

We use personal information to:

• Provide consulting and advisory services and fulfil contractual obligations
• Prepare compliance and regulatory documentation
• Communicate with clients and respond to inquiries
• Meet legal and regulatory obligations, including FINTRAC requirements and anti-money laundering laws
• Analyse website usage and improve our services
• Maintain the security of our services and prevent fraud

We use personal information only for legitimate business purposes related to our services.

4. Disclosure of Information

We do not sell personal information.

We may share information with the following categories of recipients, subject to appropriate confidentiality agreements:

• Hosting and infrastructure providers
• Payment processors
• Analytics platforms (including Google Analytics)
• Live chat provider (Tawk.to)
• Professional advisors (legal, accounting)

We may also disclose information to regulatory authorities where required by law or in response to valid legal process.

5. Data Retention

We retain personal information only as long as necessary for business and legal purposes. Client records are retained for a minimum of five years in accordance with FINTRAC record-keeping obligations, or longer where required by law.

6. Data Security

We implement reasonable administrative, technical, and organisational safeguards to protect personal information, including data encryption, role-based access controls, firewalls, staff training, and regular audits. However, no method of transmission or storage is completely secure.

We maintain breach notification procedures and will notify affected individuals and relevant authorities in the event of a data breach, as required by applicable law.

7. Cookies

Our website uses essential cookies required for basic functionality. Non-essential technologies, including Google Analytics and our live chat tool (Tawk.to), are loaded only after consent is provided through our cookie banner. You can update your preference at any time via Cookie settings. We do not use cookies for targeted advertising.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access your personal data and obtain a copy
• Correct inaccurate or incomplete data
• Request deletion of your personal data, subject to legal retention requirements
• Restrict or object to certain processing activities
• Request data portability in a structured, machine-readable format
• Withdraw consent at any time, where processing is based on consent
• Lodge a complaint with a data protection supervisory authority

We may require verification of identity before processing requests. We will respond within the timeframe required by applicable law.

Privacy requests: admin@bemsb.com

9. International Processing

Personal information may be processed by service providers outside Canada. For individuals in the European Economic Area or the United Kingdom, Canada has been recognised by the European Commission as providing an adequate level of data protection for commercial organisations subject to PIPEDA.

Where data is transferred to jurisdictions without an adequacy decision, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

10. GDPR

If you are located in the EEA or the United Kingdom, additional information about how we process your data under the GDPR is available on our GDPR compliance page.

11. Contact

BEMSB
Office 723, 145 1/2 Church Street, Unit 5
Toronto, Ontario, M5B 1Y4, Canada
admin@bemsb.com