Privacy Policy

Look, we get it - nobody actually enjoys reading privacy policies. But when you're dealing with sensitive corporate matters, you deserve to know exactly how we're handling your information.

At Obsidraethspire Legal Associates, we've been navigating complex regulatory landscapes since day one. Privacy isn't just some checkbox for us - it's literally part of our professional obligations under the Law Society of Ontario's rules.

This policy covers everything we do with your personal and business information, whether you're a current client, potential client, or just browsing our website. We've tried to keep the legalese to a minimum, but some things just need to be said properly.

Here's what we typically gather during our interactions with you:

Contact & Identity Information

• Your name, business title, and company details
• Email addresses, phone numbers, and business addresses
• Government-issued ID when required for conflict checks or regulatory compliance

Business & Legal Information

• Details about your corporate structure, business operations, and regulatory environment
• Information related to disputes, contracts, M&A transactions, or compliance issues
• Financial records when they're relevant to the legal work we're doing
• Communications between you and our team (emails, letters, meeting notes)

Website Usage Data

• IP addresses, browser types, and device information
• Pages you visit and how long you spend on them
• Referral sources and search terms that brought you to our site

We'll never collect more than we actually need for the legal services you've engaged us for. That's not just good practice - it's required under Canadian privacy law.

We're pretty straightforward about this - your information gets used for legal work and the stuff directly related to it:

• Providing Legal Services: This is the big one. Everything from drafting contracts to representing you in litigation to advising on regulatory compliance.
• Conflict Checks: Before we can take on your matter, we've gotta make sure we're not already representing someone on the opposite side. It's a professional requirement.
• Billing & Administration: Invoicing, payment processing, file management - the usual business operations stuff.
• Legal Obligations: Sometimes the Law Society or courts require us to maintain or produce certain records. We don't have a choice on that one.
• Communication: Sending you updates about your matter, responding to your questions, and keeping you in the loop.
• Risk Management: Maintaining professional liability insurance and handling any claims or complaints.

We won't use your information for marketing purposes unless you've specifically agreed to receive updates from us. And even then, you can opt out anytime.

This is where being a law firm really matters. When you hire us, solicitor-client privilege kicks in - and that's one of the strongest protections in Canadian law.

What this means practically: communications between you and our lawyers for the purpose of getting legal advice are confidential. Period. We can't disclose them without your consent, except in very narrow circumstances (like if we're legally compelled by a court order, or if there's an imminent risk of serious harm).

This protection goes beyond standard privacy rules. Even if you ask us to delete your information, we may need to retain certain privileged materials to protect both your interests and ours.

Important note: Privilege doesn't cover everything. Business advice that's not legal in nature, or communications involving third parties who aren't part of the lawyer-client relationship, might not be protected. We'll let you know if that's the case.

Your information lives in Canada - specifically, on servers located in Canadian data centers. We don't outsource storage to foreign jurisdictions where different privacy laws might apply.

Security Measures We've Implemented:

• End-to-end encryption for email communications
• Secure file transfer protocols for document exchange
• Multi-factor authentication for all system access
• Regular security audits and penetration testing
• Physical security controls at our Bay Street office
• Employee training on confidentiality and data protection
• Encrypted backups with off-site redundancy

Look, no system is 100% hack-proof - anyone who tells you otherwise is lying. But we've invested heavily in security infrastructure that meets or exceeds Law Society requirements. We take this stuff seriously because we have to, both legally and ethically.

If there's ever a data breach affecting your information, we'll notify you promptly as required under PIPEDA and work with you to mitigate any potential harm.

We don't sell your information to anyone. Full stop. That's not what law firms do, and it'd be a massive breach of our professional duties.

However, there are times when we need to share information with third parties to do our job properly:

Service Providers

We work with carefully vetted vendors for things like:

• Legal research databases (CanLII, Westlaw, LexisNexis)
• Document management and e-discovery platforms
• Accounting and billing software
• IT support and cybersecurity services

All these vendors are bound by strict confidentiality agreements and are only allowed to use your data for the specific services they're providing to us.

Legal Requirements

Sometimes we're legally required to disclose information:

• Court orders or subpoenas
• Law Society investigations or audits
• Regulatory filings (like with the Competition Bureau or securities regulators)
• Anti-money laundering reporting obligations under FINTRAC

With Your Consent

When it makes sense for your legal matter - like sharing information with expert witnesses, co-counsel, or other parties in a transaction - we'll get your okay first unless it's obviously within the scope of our engagement.

Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) gives you some important rights. Here's what you can do:

Access Your Information

You can request copies of the personal information we hold about you. We'll provide this within 30 days, though there might be exceptions if disclosure would reveal privileged communications or confidential information about other people.

Request Corrections

If something we've got on file is inaccurate or incomplete, let us know and we'll fix it. We'll also notify any third parties we've shared that information with (where appropriate).

Withdraw Consent

For non-essential uses of your information (like receiving newsletters), you can withdraw consent anytime. Just keep in mind that we might not be able to continue providing legal services if you withdraw consent for information that's fundamental to the work we're doing.

File a Complaint

If you're not happy with how we've handled your information, you can complain to:

• Our Privacy Officer (contact info below)
• The Law Society of Ontario
• The Office of the Privacy Commissioner of Canada

We'll always try to work things out directly first, but you've got the right to escalate if needed.

Our website uses cookies and similar tracking tech. Nothing too invasive - we're lawyers, not ad-tech companies.

What We Use:

• Essential Cookies: These keep the site functioning properly. They remember things like your session when you're using our secure client portal.
• Analytics Cookies: We use these to understand how people are using our site - which pages get visited, where people are coming from, that sort of thing. Helps us make the site better.
• Preference Cookies: These remember your choices, like language preferences or font size adjustments.

You can disable cookies in your browser settings, but fair warning - some parts of the site might not work properly if you do.

We don't use advertising cookies or sell your browsing data to third parties. That's not our business model and frankly it'd be weird for a law firm.

We can't just delete your file the moment a matter closes. The Law Society requires us to maintain records for specific periods, and there are practical reasons too (like potential limitation periods for legal claims).

Our Retention Schedule:

• Active Client Files: Maintained for the duration of our engagement plus any applicable appeal periods or ongoing obligations.
• Closed Client Files: Typically retained for 10 years after the matter concludes, which aligns with Law Society requirements and most limitation periods.
• Financial Records: Kept for 7 years to comply with tax and accounting regulations.
• Conflict Check Database: Maintained indefinitely to ensure we can always verify potential conflicts of interest.
• Website Analytics: Aggregate data kept for 26 months, then anonymized or deleted.

After retention periods expire, we securely destroy records through methods like cross-cut shredding (for paper) and certified data wiping (for electronic files).

In some cases, we might keep certain records longer if there's a legitimate legal reason - like if litigation is ongoing or if the file involves a transaction with long-term implications.

Got questions about this privacy policy or how we're handling your information? Want to exercise your rights under PIPEDA? We're here to help.

We'll respond to privacy inquiries within 30 days, as required under PIPEDA. If your request is particularly complex or involves a large volume of information, we might need a bit more time - but we'll let you know if that's the case.

Updates to This Policy

We review and update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. The "Last Updated" date at the top tells you when we last made changes.

For current clients, we'll notify you of any material changes that affect how we handle your information. For website visitors, the updated policy will be posted here, and your continued use of the site means you're cool with the changes.