1. Introduction
This Privacy Policy describes how YRW Consult, operated by Yrw Consulting Ltd., collects, uses, stores, and protects personal information obtained through our website located at https://www.yrwconsult.lat and through our consulting services.
By accessing our website or engaging our services, you acknowledge that you have read and understood the practices described in this Privacy Policy. If you do not agree with any part of this policy, you should discontinue use of our website and services.
This policy applies to all visitors, clients, and users of the YRW Consult platform. We are committed to transparency and strive to provide clear, accessible information about our data handling practices.
2. Information We Collect
2.1 Information You Provide Directly
When you contact us through our website, send us an email, or engage our consulting services, we may collect the following categories of personal information:
- Contact information — your full name, email address, phone number, company name, and job title.
- Business information — details about your organization, project requirements, technical specifications, and system architecture documentation that you share with us during consulting engagements.
- Communication records — the content of emails, contact form submissions, phone call summaries, and any other correspondence you initiate with our team.
- Payment and billing information — invoicing details, billing addresses, and transaction records related to services rendered.
2.2 Information Collected Automatically
When you visit our website, certain technical information is collected automatically through standard web server logs and analytics tools. This includes:
- Log data — your IP address, browser type and version, operating system, referring URL, pages visited, timestamp of each visit, and time spent on each page.
- Device information — device type, screen resolution, and language preferences as reported by your browser.
- Usage data — patterns of navigation through our website, including which pages are accessed and the sequence of interactions.
This automatically collected information is aggregated and does not, on its own, identify individual users. We use it to understand how visitors interact with our website and to improve our content and user experience.
2.3 Cookies and Similar Technologies
Our website uses essential session cookies to maintain basic functionality and security. These cookies are strictly necessary for the operation of the website and are not used for tracking or advertising purposes. The cookies we use include:
- Session cookies — temporary cookies that are deleted when you close your browser. They enable core website functionality such as page navigation and access to secure areas.
- Security cookies — used to help prevent cross-site request forgery and other security threats.
We do not use third-party tracking cookies, advertising cookies, or social media cookies. You can configure your browser to reject all cookies; however, this may affect the functionality of certain website features.
3. How We Use Your Information
YRW Consult uses the information we collect for the following purposes and on the following legal bases:
- Service delivery — to provide the consulting and systems design services you have requested, including project planning, technical analysis, and solution delivery. This processing is necessary for the performance of our contract with you.
- Communication — to respond to your inquiries, provide project updates, send service-related notifications, and maintain business correspondence. This processing is based on our legitimate interest in communicating with clients and prospective clients.
- Billing and administration — to process payments, issue invoices, maintain financial records, and comply with applicable tax and accounting obligations. This processing is necessary for compliance with legal obligations.
- Website improvement — to analyze aggregated usage patterns, diagnose technical issues, and enhance the performance and content of our website. This processing is based on our legitimate interest in maintaining an effective online presence.
- Legal compliance — to comply with applicable laws, regulations, legal processes, or enforceable governmental requests. This includes responding to lawful requests by public authorities.
- Security and fraud prevention — to protect the security and integrity of our website, services, and business operations, and to detect and prevent fraudulent or unauthorized activity.
We do not sell, rent, or trade your personal information to any third party for their marketing purposes. We do not use your information to make automated decisions that produce legal or similarly significant effects.
4. Information Sharing and Disclosure
We may share your information in the following limited circumstances:
4.1 Service Providers
We may engage trusted third-party service providers to perform certain business-related functions on our behalf, such as website hosting, email delivery, payment processing, and data storage. These providers are contractually bound to process your data only on our instructions and in accordance with this Privacy Policy. They are prohibited from using your data for their own purposes and are required to implement appropriate security measures.
4.2 Legal Requirements
We may disclose your information if required to do so by law, or in response to valid legal requests by public authorities, including courts, law enforcement agencies, or regulatory bodies. We will make reasonable efforts to notify you of such disclosure unless prohibited by law or where notification would compromise an ongoing investigation.
4.3 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website before your information becomes subject to a different privacy policy.
4.4 With Your Consent
We may share your information for any other purpose with your explicit consent. You may withdraw your consent at any time by contacting us using the details provided in Section 9 of this policy.
4.5 Aggregated and De-Identified Data
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This data is used for statistical analysis, industry reporting, and improving our services.
5. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. The specific retention periods are as follows:
- Client project data — retained for the duration of the client relationship plus seven years after project completion, to comply with professional service record-keeping obligations and potential legal claims.
- Communication records — retained for three years from the date of last correspondence, unless a longer period is required for ongoing client relationships.
- Financial and billing records — retained for seven years to comply with tax and accounting regulations under Canadian law.
- Website log data — retained for a maximum of twelve months before being securely deleted or anonymized.
When personal information is no longer required, we securely delete or anonymize it using industry-standard methods. In some cases, residual copies may persist in backup systems for a limited period before being automatically purged.
6. Data Security
YRW Consult implements and maintains technical, administrative, and physical security measures designed to protect your personal information against unauthorized access, disclosure, alteration, and destruction. These measures include:
- Encryption — all data transmitted between your browser and our website is encrypted using Transport Layer Security (TLS) technology. Data at rest is encrypted using industry-standard AES-256 encryption.
- Access controls — access to personal information is restricted to authorized personnel who require it for legitimate business purposes. Access is granted on a need-to-know basis and is periodically reviewed.
- Network security — our infrastructure is protected by firewalls, intrusion detection systems, and regular security audits to identify and address potential vulnerabilities.
- Secure development — our systems are built following secure coding practices and are subject to regular code reviews and security testing.
- Physical security — our office and server facilities employ access controls, surveillance, and environmental controls to prevent unauthorized physical access.
- Incident response — we maintain a documented incident response plan to promptly address and contain any data security incidents. In the event of a breach affecting your personal information, we will notify you and the relevant supervisory authorities as required by applicable law.
While no method of transmission over the Internet or electronic storage is 100% secure, we strive to use commercially acceptable means to protect your personal information. We regularly review and update our security practices to address evolving threats.
7. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights regarding your personal information:
7.1 Access and Portability
You have the right to request a copy of the personal information we hold about you, and to receive it in a structured, commonly used, and machine-readable format. We will provide this information within the timeframe required by applicable law.
7.2 Correction and Deletion
You have the right to request that we correct inaccurate or incomplete personal information, or delete your personal information entirely. Deletion requests will be evaluated against our legal obligations and legitimate business interests that may require continued retention.
7.3 Restriction and Objection
You may request that we restrict the processing of your personal information in certain circumstances, or object to processing based on our legitimate interests. We will assess each request individually and respond accordingly.
7.4 Withdrawal of Consent
Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing conducted prior to withdrawal. To withdraw consent, please contact us using the details provided in Section 9.
7.5 Exercising Your Rights
To exercise any of these rights, please contact us at help@yrwconsult.lat or write to us at our mailing address. We will respond to your request within the time period required by applicable law, typically within thirty days. We may need to verify your identity before processing your request to ensure the security of your information.
7.6 Complaints
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction. In Canada, this is the Office of the Privacy Commissioner of Canada. We encourage you to contact us first so that we may address your concerns directly.
8. International Data Transfers
YRW Consult is headquartered in Victoria, British Columbia, Canada. Your personal information is stored and processed primarily on servers located in Canada. However, certain service providers we engage may be located in or process data in other countries, including the United States.
When we transfer personal information across borders, we ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include:
- Standard contractual clauses approved by relevant data protection authorities;
- Data processing agreements that impose equivalent privacy and security obligations;
- Verification that the recipient country has been deemed to provide an adequate level of data protection by the relevant authority.
By using our website or services, you acknowledge that your information may be transferred, stored, and processed in Canada and other countries where our service providers operate.
9. Third-Party Links
Our website may contain links to third-party websites, applications, or services that are not owned or controlled by YRW Consult. This Privacy Policy does not apply to those third-party platforms. We are not responsible for the privacy practices, content, or security of any third-party services.
We encourage you to review the privacy policies of any third-party services you access through our website before providing any personal information. The inclusion of a link does not imply our endorsement of the linked website or its privacy practices.
10. Children's Privacy
Our website and services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that a child under the age of 16 has provided us with personal information without verifiable parental consent, we will take prompt steps to delete such information from our systems.
If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately using the details provided below so that we may take appropriate action.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will:
- Post the revised policy on this page with an updated effective date;
- Provide a prominent notice on our website for a reasonable period prior to the changes taking effect;
- Notify existing clients via email if the changes significantly affect how we handle their personal information.
We encourage you to review this Privacy Policy periodically to stay informed about our data handling practices. Your continued use of our website or services after any modifications indicates your acceptance of the updated terms.
12. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us using any of the following methods:
Data Controller: YRW Consult, a brand operated by Yrw Consulting Ltd.
Yrw Consulting Ltd.
Attn: Privacy Officer
3257 Millgrove Street
Victoria, BC V8Z 3V6
Canada
Email: help@yrwconsult.lat
Phone: +1 (253) 295-5742
Website: https://www.yrwconsult.lat
The developer of this application is YRW Consult. The organization responsible for data processing is Yrw Consulting Ltd., registered at the address shown above. All privacy-related inquiries are handled by our Privacy Officer, who can be reached using the contact details provided in this section.