Privacy Policy

This privacy policy covers personal information we collect from:

• Website visitors — people browsing remicreative.ca
• Prospective clients — people who contact us, book a call, request an audit, or sign up for our newsletter
• Active clients — businesses engaged in a Remi Creative service agreement and their team members we communicate with
• Incidental data subjects — individuals whose personal information we may handle on behalf of a client (for example, patient inquiry data a dental clinic client has given us access to while we manage their Google Business Profile or booking flow)

Information you give us directly when you fill out a form, send an email, or engage our services:

• Name, email, phone number, business name
• Website URL and information about your business
• Content of messages you send us
• Billing information (company name, billing address, tax identifiers — payment card details are handled by our payment processor and not stored on our systems)
• Account credentials you share with us to perform services (e.g., access to your Google Analytics, Google Ads, Meta Ads, WordPress admin)

Information collected automatically when you browse remicreative.ca:

• IP address, browser type and version, operating system, device type
• Pages visited, referring URLs, time on page, click behaviour
• Approximate geographic location (city / region level, derived from IP)
• Cookies and similar tracking technologies (see Section 06)

Information from third parties:

• Publicly available information we use for outreach (business names, public LinkedIn profiles, clinic listings)
• Information provided through integrations you connect (e.g., if you authorize us to pull Google Search Console data)
• Analytics aggregated by our tools (HubSpot, Google Analytics, Meta)

We use personal information only for purposes that are reasonable in the circumstances and that align with why you provided it. Specifically:

• To respond to inquiries — answer your questions, book discovery calls, send requested information
• To deliver services — perform the work agreed in a signed Engagement Agreement
• To send the Remi Weekly newsletter — if you've opted in, send tactical search-visibility advice roughly once a week
• To process payments — invoice you and process payment for services rendered
• To improve our website and services — analyze usage patterns, fix bugs, optimize conversion
• To run marketing — retargeting ads to people who've visited remicreative.ca, lookalike audiences derived from our client list
• To comply with legal obligations — tax records, contractual obligations, responses to lawful requests from authorities
• For business development — reasonable outbound outreach to businesses that appear to fit our services, using publicly available contact information

We do not sell personal information. Ever.

Under PIPEDA and BC PIPA, we process personal information based on one of the following:

• Your consent — which you give by submitting a form, subscribing to the newsletter, or engaging us for services
• Contractual necessity — information needed to perform the services in an Engagement Agreement you've signed
• Legitimate business interest — reasonable uses that a person would expect, such as securing our website, responding to inquiries, and contacting prospective clients who have publicly available business contact information
• Legal obligation — compliance with tax, financial, or other laws

You can withdraw consent at any time. See Section 11 for how to exercise that right.

We use a number of third-party tools to run our business. These processors have access to some personal information in order to provide their services to us. They are contractually obligated to protect that information and to use it only for the purposes we specify.

Our current key processors:

Cookies are small text files a website places on your device to remember information about your visit. We use cookies for essential site functions, analytics, and advertising. You can manage cookies in your browser settings at any time; blocking cookies may affect some site features.

Cookies we use:

Managing cookies: Most browsers let you refuse cookies, delete existing cookies, or receive a notification before a cookie is set. Opt out of Google Analytics specifically at tools.google.com/dlpage/gaoptout. Opt out of Meta advertising at facebook.com/adpreferences.

When you engage us for services, we often receive access to systems that contain personal information about your customers, patients, or users — for example, a dental clinic client's Google Business Profile reviews, appointment inquiries, or customer email lists.

We treat this data as your data. Specifically:

• We access it only to perform the services in your Engagement Agreement
• We do not use it to contact, market to, or profile your patients or customers on our own behalf
• We do not share it with anyone outside your engagement except as required to deliver the services (e.g., configuring a Google Business Profile)
• When the engagement ends, we stop accessing it and remove it from our working systems within a reasonable period

For healthcare clients specifically: dental, medical, optometry, and other healthcare clinics have their own obligations under provincial health information laws (such as BC's Personal Information Protection Act and the E-Health Act). Clients are responsible for ensuring they have the right to share patient information with us and for complying with any applicable healthcare privacy laws. We act as a service provider to our clients, not as a direct collector of patient information.

We keep personal information only as long as we need it for the purposes in this policy, or as required by law.

• Form submissions & inquiries: up to 24 months from last contact, unless you've become a client
• Newsletter subscribers: until you unsubscribe, then we keep a suppression record so we don't re-contact you
• Active client records: for the duration of our engagement and for a reasonable period after (typically 7 years) for legal, tax, and accounting purposes
• Billing records: 7 years, as required by Canadian tax law
• Website analytics: per the retention settings of our analytics tools (typically 14–26 months for GA4)
• Client & patient-incidental data: removed from our working systems within 90 days of engagement end, unless a longer retention is required by a signed agreement or law

Many of our processors are based in the United States, so your personal information may be stored or processed there. US privacy law differs from Canadian privacy law, and in some circumstances US government authorities may request access to data held by US companies.

Where we use non-Canadian processors, we select reputable providers with meaningful security certifications and data-protection commitments, and we rely on contractual safeguards (their data processing agreements and applicable standard contractual clauses).

By using our services, you acknowledge and consent to your information being processed in Canada, the United States, and other jurisdictions where our processors operate.

We take reasonable technical and organizational measures to protect personal information. These include:

• HTTPS encryption on remicreative.ca and on forms that collect personal information
• Strong, unique passwords stored in a password manager for client account access
• Two-factor authentication on key business accounts (email, HubSpot, Google, Meta)
• Access limited to people who need it to perform their work
• Regular review of our processors' security certifications

No system is 100% secure. We can't guarantee absolute security, but we act in good faith to protect information and to notify you promptly if a breach affecting your personal information occurs, as required by applicable law.

Under PIPEDA and BC PIPA, you have the right to:

• Know what personal information we hold about you
• Access that information (with reasonable limitations)
• Correct information that is inaccurate or incomplete
• Withdraw consent to our use of your information, subject to legal and contractual restrictions
• Unsubscribe from marketing communications at any time (every email has an unsubscribe link)
• File a complaint with us directly or with a privacy regulator (see Section 14)

To exercise these rights, email hello@remicreative.ca with "Privacy Request" in the subject line. We'll respond within 30 days of verifying your identity, as required by law.

In some cases we may not be able to fully fulfill a request (for example, if we need to keep records for tax or legal reasons). If that's the case, we'll explain why.

Remi Creative's services are for businesses, not individuals, and our website is not directed at children. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected information about a minor, please contact us and we'll delete it promptly.

We may update this policy from time to time to reflect changes in our practices, the tools we use, or the law. The "Last updated" date at the top of this page will always show the most recent revision.

For material changes that meaningfully affect how we handle your personal information, we'll notify active clients and newsletter subscribers by email. Continued use of our website or services after an update takes effect constitutes acceptance of the updated policy. If you disagree with changes, you can exercise your rights under Section 11.

Questions, concerns, or privacy requests? Reach out to us first — we'd rather resolve it directly.

If you're not satisfied with how we've handled your privacy, you can also contact Canada's privacy regulators:

• Office of the Privacy Commissioner of Canada (OPC) — priv.gc.ca — for federal PIPEDA complaints
• Office of the Information and Privacy Commissioner for BC (OIPC BC) — oipc.bc.ca — for BC PIPA complaints