Our Privacy Policy

Last updated: November 7, 2025

1.      General

Welcome to www.pivotconsulting.ca (the “Website”), provided by Pivot Consulting Inc. (collectively, “Pivot,” “we,” “us,” or “our”), a private company duly incorporated pursuant to the laws of Nova Scotia. This Privacy Policy describes how we collect, use, and disclose the personal information of visitors, clients, members, and other users of the Website (collectively, “users,” “you,” or “your”). All collection, use, and disclosure of your personal information by Pivot is carried out in accordance with applicable Canadian privacy laws, such as the Personal Information Protection and Electronic Documents Act (“PIPEDA”), and with the European Union’s General Data Protection Regulation (“GDPR”), if applicable. Please read this Privacy Policy carefully prior to using the Website.

2.    Consent

Your use of the Website constitutes acceptance of and agreement with this Privacy Policy. If you do not accept this Privacy Policy, you are not permitted to use the Website. Your consent to our use of your personal information can be withdrawn at any time by following the directions in Section 10 (Your Rights) . Withdrawal of consent may adversely impact our ability to provide the Services.

3.      How Personal Information is Collected

Information that you provide to us. We collect this type of personal information directly from you. While all such information is provided voluntarily by you, we may require certain personal information to support data analysis of website traffic.

Website usage. We track usage patterns on the Website by collecting certain non-identifying information. Each time you visit our Website, our server may record the Website usage information listed above. We use this non-personal information to optimize your Website experience and for optimization of the Website.

Cookies. We may also employ “cookies” (a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns) or similar technology that provides additional functionality to the Website and helps us analyze Website usage more accurately. Cookies allow for a personalized experience when you visit or revisit the Website. With your consent, we may use cookies to present you with relevant products or advertisements on our Website and on other websites that are based on your interests. Some cookies, like preference cookies, do not need your permission. If you do not want any cookies, you can set your browsers to refuse cookies before using the Website, but some website features might not work well without cookies.

IP address and clickstream data. We may collect your IP address and clickstream data, which we use for internal system administration. An IP address is a number that is automatically assigned to your computer whenever you access the internet. Clickstream data may include such information as the page served, the time, the source of the request, the type of browser making the request, and the preceding page viewed.

4.    Use of Personal Information

Communications. We primarily use your personal information for the purposes of communications. The personal information that you voluntarily provide to us is used solely in connection with communicating with you.

Ancillary purposes. Personal information that we collect automatically may be used for certain ancillary purposes, including (without limitation) providing, administering, and improving the Website and making content and resources available to users of the Website.

Contacting you. We may also use your personal information to contact you. In all circumstances, your personal information will be used only for the purpose(s) for which it was collected.

Purposes required by law. We may use your personal information for other purposes for which we have obtained your consent, and for such other purposes as may be permitted or required by applicable laws.

5.    Disclosure of Personal Information

We may share your personal information with others in the circumstances set out below. We use contractual and other means to ensure that your personal information remains protected.

Agents. We employ other businesses and contractors to perform functions on our behalf, which include Website hosting and data analysis. These entities may have access to your personal information collected, but only to the extent required to perform their various functions in accordance with this Privacy Policy and applicable laws.

Legal process. Your personal information may be disclosed pursuant to applicable laws, court orders, or legal process, which may occur with or without notice to you.

If we otherwise intend to disclose your personal information to a party, we will identify that party and the purpose for the disclosure and obtain your consent.

6.    Location of Your Personal Information

Your personal information may be stored and processed in Canada and in any country where we engage third-party service providers. As a result, your personal information may be transferred outside your jurisdiction, and to other jurisdictions which may have different data protection rules. For the duration that your personal information is outside of your jurisdiction, it is subject to the laws of the jurisdiction in which it is located, and it may be subject to disclosure to the governments, courts, or law enforcement or regulatory agencies of such other country, pursuant to the laws of such jurisdiction. For example, certain service providers may store information in the United States of America, and accordingly, your personal information may be available to American governments or agencies under a lawful order, irrespective of the safeguards we have put in place for the protection of your personal information.

However, our practices regarding your personal information will at all times continue to be governed by this Privacy Policy and by applicable laws. Before communicating your personal information outside of your jurisdiction, we will implement appropriate safeguards to provide an adequate level of protection of your personal information.

For written information about our policies and practices regarding service providers outside of Canada, contact our Privacy Officer. See Section 12 (Contact Details).

7.    Protection of Personal Information and Breach of Safeguards

Security measures. We have implemented appropriate technical and organizational security measures against loss or unlawful processing of your personal information. We use standard, industry-wide, commercially reasonable security practices to protect your information. In addition, we have taken steps to ensure that the only personnel who are granted access to your personal information are those with a business need-to-know or whose duties reasonably require such information.

Disclaimer. However, as effective as our practices are, no security system is impenetrable. We cannot guarantee the security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the internet. Any transmission of information by you to us is at your own risk. All payments are made through a third-party payment processor that is subject to applicable regulations that govern Canada’s payment industry.

Security breach. In the event of a security breach involving your personal information, if there is a risk of significant harm to you or any other individual, we will promptly report the breach to (a) you and (b) the Office of the Privacy Commissioner of Canada in accordance with PIPEDA.

8.    Retention of Personal Information

In connection with the Services, we retain your personal information as long as necessary to fulfill the purposes for which that personal information was collected and as permitted or required by law,

If you do not request continued retention of your personal information, we will destroy, erase, or anonymize such information, once it is no longer required (a) to comply with a legal obligation; (b) to pursue our legal rights and remedies; (c) for an appeal process; (d) to facilitate your occupational mobility rights; or (e) for any other purpose identified in this Privacy Policy.

We may retain certain aggregated, non-identifying information indefinitely for evaluation, reporting, and statistical analysis related to the Services.

9.    Marketing

You may opt in to receive marketing communications from us, in which case, we may use your contact details to send you general updates regarding our news. You may opt out of receiving these updates at any time by following the opt-out instructions in the email, in particular by clicking the “unsubscribe” link at the bottom of any email you receive from us.

10.          Your Rights

Right to access. Upon request, you will be informed of the existence, use, and disclosure of your personal information that is under our custody, and you will be given access to such personal information. Under certain circumstances, you may request that we transmit your personal information directly to you or to another organization, in a structured, commonly used, and machine-readable format, and we will comply where reasonably practicable.

Right to rectification. You may challenge the accuracy and completeness of your personal information and request that it is amended as appropriate.

Withdrawal of consent and erasure. You may also withdraw your consent to the collection, use, or disclosure (or two or more of the foregoing). Under certain conditions, and subject to applicable laws, you may request erasure of your personal information

Finally, you have also the right to lodge a complaint with the relevant data protection authority.

Any requests or directions with respect to your personal information should be provided to our Privacy Officer using Section 12 (Contact Details).

11.          Other

External links. This Privacy Policy applies only to the Website and not to any advertisers, sponsors, or other third-party websites that may be linked. We have not reviewed all of the websites linked to the Website, and we are not responsible for the contents of any such linked websites. These other websites may or may not have their own published privacy policies. If you visit a website that is linked to the Website, you should review that website’s privacy policy before providing any personal information to them. The inclusion of any link does not imply endorsement by us. Use of any such linked website is at your own risk.

This section does not apply to those third parties with whom we share or receive your personal information pursuant to contract. We will ensure that such third parties (a) limit use and disclosure of your personal information to what is required in connection with the Services and (b) implement appropriate safeguards to protect your personal information in a manner consistent with this Privacy Policy and with applicable privacy laws.

Minors. We do not intentionally collect any personal information from children. Any use of the Website by children or minors must be supervised by a parent or guardian. The parent or guardian is responsible for all actions taken in connection with the Website by their children.

Governing law. This Privacy Policy, the subject matter herein and all related matters will be governed by, and construed in accordance with, the laws of the Province of Nova Scotia and the laws of Canada applicable in Nova Scotia.

Changes to this Privacy Policy. We may update this Privacy Policy from time to time to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.

12.          Contact Details

If you have questions, comments, or concerns regarding our Privacy Policy, or if you’d like to exercise your rights with respect to your personal information, you can reach out to:

Attn: Julie Bates, Director, Internal Services
privacy@pivotconsulting.ca
5251 Duke St., Suite 1210
Halifax, Nova Scotia
Canada  B3J 1P3

You can also contact us through the “Contact Us” page available on the Website.

If you are not satisfied by our response, you can contact the Privacy Commissioner of Canada:

Office of the Privacy Commissioner of Canada
30 Victoria Street Gatineau, Quebec
K1A 1H3

13.          GDPR Compliance

The European Union (EU) has implemented a comprehensive privacy regulation called the General Data Protection Regulation (GDPR), the intent of which is to protect the personal information of EU residents. The GDPR addresses the transfer of personal information outside of the EU, including to organizations such as Pivot. To the extent that we process personal information of EU data subjects in connection with the Services, we are subject to the GDPR.

The European Commission has adopted an “adequacy decision” for Canadian organizations subject to PIPEDA. Pivot is subject to PIPEDA, and thus in accordance with the adequacy decision, processing of personal information of EU data subjects in connection with the Services is carried out as intra-EU processing.

Notwithstanding the adequacy decision, this Privacy Policy applies to our collection, use, and disclosure of personal information of EU data subjects. In addition to the other sections of this Privacy Policy, the provisions set out below apply exclusively (to the exclusion of non-EU data subjects) to our collection, use, and disclosure of personal information of EU data subjects.

Disclosure to other countries. If we must transfer your personal information to a third country or international organization, we will inform you of this requirement and the existence or absence of an adequacy decision applicable to such country or organization. In all such circumstances, we will ensure that appropriate contractual safeguards are in place to protect your personal information.

Disclosure to third parties. If we engage a third party to process your personal information (a “Processor”), we will ensure that the Processor complies with the standards set out in this Privacy Policy. We will ensure that the Processor does not engage any other party to process your personal information without our authorization. Processing of your personal information by a Processor will be governed by contract in place between Pivot and the Processor, including, where applicable, (without limitation) use of standard contractual clauses, as approved by the EU Commission.

Breaches. In the case of a breach of personal information which is likely to result in a risk to your rights and freedoms, we will promptly inform the competent data protection authority of the breach and appropriate details thereof. If the breach is likely to result in a high risk to your rights and freedoms, we will communicate the breach to you without undue delay.

Data protection officer. In compliance with Article 37 of the GDPR, Pivot has designated its data protection officer as:

Julie Bates, Director, Internal Services
privacy@pivotconsulting.ca
5251 Duke St., Suite 1210
Halifax, Nova Scotia
Canada  B3J 1P3