Privacy Policy

1. Introduction

Teradrive Forensics ("we," "us," "our") is committed to protecting the privacy of personal information that we collect in the course of providing digital forensics services and operating this website at teradriveforensics.ca.

This Privacy Policy describes the personal information we collect, how we use it, when and how we disclose it, how we safeguard it, and your rights to access, correct, or withdraw consent for our use of it.

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) federally, the Personal Information Protection Act (BC PIPA) in British Columbia, Canada's Anti-Spam Legislation (CASL), and any other privacy and electronic-marketing law that applies to our work.

2. What personal information we collect

We collect personal information in three primary contexts.

Engagement data. When we are retained to perform digital forensic services, we collect information about the matter, the parties, the devices examined, the data analysed, and the deliverables produced. This information is collected from our retaining client (counsel, corporate clients, or individuals) and from the evidence sources we are authorized to examine.

Website data. When you visit teradriveforensics.ca, we collect information about your visit through standard server logs and analytics tooling. This includes your IP address, browser type, pages viewed, and the date and time of your visit.

Communication data. When you contact us through the website form, by email, or by telephone, we collect the information you provide, including your name, email address, organization, role, and a description of your inquiry.

Cookies and analytics. This website uses only the essential cookies required for the site to function (such as session and security cookies). We do not use advertising cookies, third-party tracking pixels, or cross-site behavioural analytics. Aggregate, non-identifying server logs are retained for security and operational diagnostics only.

3. How we use personal information

We use personal information to deliver the digital forensic services we have been retained to perform, communicate with you about your matter, your inquiry, or our services, comply with our legal, regulatory, and professional obligations, maintain the security and integrity of our systems and our evidence custody, improve our services and our website, and send you electronic communications (such as a quarterly insights brief) where you have consented under CASL.

We do not sell personal information. We do not use personal information for purposes outside the scope of the engagement or the website inquiry without additional consent.

4. When we disclose personal information

We disclose personal information only as follows.

To our retaining client and their counsel. Engagement deliverables are produced for the retaining client. Where the engagement is taken through counsel, deliverables are channelled accordingly to support a litigation-privilege claim.

To regulators and courts where legally required. Where our engagement findings are part of a regulatory filing or court process, we disclose as required by the applicable rule, order, or statute.

To service providers acting on our behalf. Where we use third-party services (such as cloud-storage providers, IT services, or accounting services), we disclose only the personal information necessary for the service and we require contractual safeguards.

With your consent. For any other disclosure, with your specific informed consent.

We do not disclose personal information for marketing purposes, to data brokers, or to any party not described above.

5. How we safeguard personal information

We safeguard personal information through physical safeguards (access-controlled premises, secured evidence storage at our Langley main office, tamper-evident sealing of evidence containers), technical safeguards (encrypted storage for evidence and engagement materials, multi-factor authentication on all administrative accounts, monitored network access to the lab environment), and administrative safeguards (confidentiality obligations on all examiners and staff, role-based access to engagement materials, documented chain of custody, training on privacy and security obligations).

Despite these safeguards, no system is perfectly secure. If we become aware of a breach involving personal information that creates a real risk of significant harm, we will notify affected individuals, the Office of the Privacy Commissioner of Canada, and any other organization or regulator as required by PIPEDA or other applicable law.

6. Retention of personal information

We retain personal information only as long as necessary for the purpose for which it was collected, plus any legal or regulatory retention period that applies.

Engagement data is retained according to the retention plan agreed with the retaining client at scoping. Default retention typically tracks the matter's anticipated litigation horizon. Original evidence is sealed and retained under documented chain of custody. Working copies are retained on encrypted storage.

Website data is retained for the period required by analytics and security purposes, typically up to 26 months.

Communication data is retained for the period necessary to address the inquiry and any subsequent engagement, plus a reasonable record-keeping period thereafter.

When the retention period expires, we securely destroy the personal information.

7. Your rights

Subject to applicable exceptions under PIPEDA, BC PIPA, and any other applicable statute, you have the right to access the personal information we hold about you, correct inaccuracies in that information, withdraw consent for our use or disclosure of that information (subject to legal or contractual restrictions), receive an account of the disclosures we have made of your personal information, and complain to the Office of the Privacy Commissioner of Canada (or the Office of the Information and Privacy Commissioner of British Columbia for BC matters) if you are not satisfied with our response to a privacy inquiry.

To exercise any of these rights, please contact us at the address below. We will respond within the timeframes prescribed by PIPEDA or BC PIPA.

8. CASL and electronic communications

If you have consented to receive our electronic newsletter or other commercial electronic messages, your consent is expressly given under Canada's Anti-Spam Legislation. Each message we send includes a clear sender identification, a description of who we are and how to contact us, and an unsubscribe mechanism that takes effect within 10 business days.

You can unsubscribe from electronic communications at any time using the link in any message we send, or by contacting us at the address below.

8. Changes to this policy

We may update this Privacy Policy from time to time. The effective date at the top of the page reflects the most recent change. Material changes will be communicated to active engagement clients directly. For website visitors, the updated policy is effective when posted.

8. Contact

To exercise your privacy rights, ask a question about this policy, or report a privacy concern, please contact:

Privacy Officer Teradrive Forensics 20627 Fraser Hwy, V3A 4G4, Langley, BC Email: privacy@teradriveforensics.ca [REVIEW WITH COUNSEL: confirm or substitute correct privacy contact email] Phone: (604) 800-9060

You may also contact the Office of the Privacy Commissioner of Canada at priv.gc.ca or the Office of the Information and Privacy Commissioner for British Columbia at oipc.bc.ca if you have an unresolved privacy concern.