Privacy Policy

North Pinnacle Finance ("we," "our," or "us") is committed to protecting your privacy and safeguarding your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect personal information in compliance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Information We Collect

We may collect the following types of personal information through our website or communication channels:

• Full name, email address, phone number, business name
• General business and financial data (e.g., revenue, time in business, funding needs)
• Technical data such as IP address, browser type, and visit duration (collected via cookies or analytics tools)
• Business documents and supporting materials uploaded during the application process

2. Purpose of Collection

We collect personal information to:

• Evaluate your business funding needs
• Connect you with suitable lending partners
• Communicate with you about your inquiry
• Improve our services and website functionality
• Comply with applicable laws and regulations
• Provide customer support and service

We only collect the information necessary to fulfill these purposes.

3. Consent

By submitting your information through our website, you consent to the collection, use, and disclosure of your personal data as described in this policy. You may withdraw consent at any time, subject to legal and contractual restrictions, by contacting us (see Section 10).

Cookie Consent: We use a cookie consent banner to inform you about our use of essential cookies. Since we only use necessary cookies for website functionality, no additional consent is required beyond being informed of their use.

4. Sharing of Information

We may share your personal information with:

• Lending partners to assess eligibility and match you with financing options
• Technology and service providers, such as hosting platforms and analytics tools
• Regulatory bodies or law enforcement, if required by law

All third-party providers are required to maintain the confidentiality and security of your information.

5. Where Your Data Is Stored

We use trusted third-party platforms, including Supabase, to manage and store personal data. Supabase may store data on servers located in jurisdictions outside of Canada, such as the United States, where different privacy laws may apply.

Cross-Border Data Transfer Safeguards: We ensure that all service providers adhere to industry-standard safeguards and contractual obligations to protect your data. This includes:

• Standard Contractual Clauses (SCCs) for data transfers
• Encryption of data in transit and at rest
• Regular security audits and assessments
• Compliance with applicable privacy laws

6. Data Security

We implement appropriate technical and organizational safeguards to protect personal data from unauthorized access, disclosure, or misuse. This includes secure data transmission (HTTPS), role-based access controls, and encrypted storage through Supabase.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes described in this policy or as required by law. Our retention periods are as follows:

• Loan Applications: 7 years (to comply with financial regulations and for audit purposes)
• Website Analytics Data: 26 months (Google Analytics standard retention period)
• Marketing Communications: Until you opt-out or withdraw consent
• Customer Support Records: 3 years after resolution

Data no longer needed is securely deleted or anonymized.

8. Your Rights

Under PIPEDA, you have the right to:

• Access your personal information
• Request corrections or updates
• Withdraw consent
• File a complaint with the Office of the Privacy Commissioner of Canada

To exercise these rights, contact us at the email below. We will respond to your request within 30 days.

Cookies and Analytics

Employee Authentication Only: This website uses cookies exclusively for employee authentication and portal access. No cookies are set for public visitors or used for tracking purposes.

Cookie Consent Banner: The cookie consent banner is displayed to inform visitors about our minimal cookie usage. Since we only use essential authentication cookies for employees, no actual consent is required from public visitors.

Types of Cookies We Use

• Employee Authentication Cookies: Required for employee login and portal access. These cookies are only set when employees authenticate with the system.
• No Analytics Cookies: We do not use any analytics or tracking cookies on this website.
• No Marketing Cookies: We do not use any marketing or advertising cookies on this website.

Public Visitors: Visitors to our public website do not have any cookies set on their devices. Only employees accessing the portal will have authentication cookies.

10. Contact Us

If you have any questions about this policy or your personal information, please contact:

11. Updates to This Policy

We may revise this policy from time to time. Any updates will be posted on this page with a new effective date. We will notify you of material changes via email or through a notice on our website.