Company Name: Veridian Solutions (sole proprietorship)
Effective Date: August 18, 2025
Last Updated: August 18, 2025
Contact Information : [email protected], #401-1416 Harwood St, Vancouver, B.C. Canada, V6G 1X5, 604-764-9845.
1. SCOPE AND APPLICATION
1.1 This Privacy Policy describes how Veridian Solutions (“Veridian”, “we”, “us”, “our”) collects, uses, discloses, safeguards, and retains personal information in connection with:
(a) our website and client account portal (the “Website”);
(b) our SMS lead reactivation services provided to business clients (the “Services”); and
(c) client-provided lead data that we process strictly on our clients’ documented instructions.
1.2 Veridian is the controller of personal information about its business clients’ representatives and account contacts. Veridian is the processor/service provider for personal information contained in client-provided lead lists and any other fields clients upload for the purpose of providing the Services.
2. DEFINITIONS
2.1 “Personal Information” means information about an identifiable individual and includes, for example, names, email addresses, telephone numbers, identifiers, and any other data defined as personal information under applicable Canadian privacy laws.
2.2 “Client” means a business customer that engages Veridian for the Services.
2.3 “Lead” means an individual whose information is included in a Client-provided list for SMS reactivation purposes.
2.4 “Processing” means any operation performed on Personal Information, including collection, use, disclosure, storage, access, and deletion.
2.5 “Service Provider” means Veridian acting on behalf of a Client to process Lead data strictly under the Client’s instructions.
2.6 “CASL” means Canada’s Anti-Spam Legislation and applicable regulations.
2.7 “Consent” means valid express or implied consent under CASL and applicable privacy laws.
2.8 “Suppression List” means a list of identifiers (e.g., phone numbers) that must not be messaged, including opted-out or unsubscribed numbers, do-not-call numbers provided by a Client, and any numbers otherwise prohibited by law or by a Client’s instructions.
2.9 “Controller” means the entity that determines the purposes and means of Processing Personal Information; for Client account, billing, and Website data, this is Veridian.
2.10 “Processor” means the entity that processes Personal Information on behalf of a Controller; for Client-provided Lead data, this is Veridian.
3. ACCOUNTABILITY AND CONTACT
3.1 Veridian Solutions is accountable for personal information under its control. Veridian has not appointed a separate Privacy Officer. As a one-person sole proprietorship, the proprietor is responsible for privacy compliance and serves as the primary point of contact for privacy matters. Contact details are set out at the top of this Policy.
3.2 We maintain policies, procedures, and practices appropriate to our size and risk profile to support compliance with PIPEDA and applicable provincial laws.
3.3 Québec (Law 25). Where Québec law applies, the proprietor is the “person in charge of the protection of personal information” and may delegate operational tasks as needed while retaining overall responsibility.
4. INFORMATION WE COLLECT
4.1 Client Account and Order Information. When business clients register or place an order on the Website, we collect first name, last name, email address, and other details needed to manage the account, authenticate access, bill for Services, and provide support (e.g., billing contact, company name, role, and business telephone).
4.2 Client-Provided Lead Data. Clients may upload Lead phone numbers and any other fields they choose to provide (e.g., name, tags, campaign attributes).
Veridian processes this Lead data solely to deliver the Services under the Client’s written or recorded instructions.
4.3 Website Technical Data. We collect minimal information necessary to operate the Website securely (e.g., server logs, device/browser data). We use only essential first-party cookies required for session management and security. We do not use third-party advertising cookies. If we later implement analytics or non-essential cookies, we will update this Policy and, where required, seek consent.
5. PURPOSES OF COLLECTION AND USE
5.1 We use Client account and order information to operate the Website; create and manage Client accounts; authenticate users; provide support; send service and billing notifications; process payments; prevent fraud; and comply with legal obligations.
5.2 We use Client-provided Lead data solely to perform the SMS reactivation Services on behalf of Clients to help re-engage Leads and book sales calls/appointments. We do not use Lead data for our own marketing or profiling.
6. CONSENT AND CASL COMPLIANCE
6.1 Clients are responsible for ensuring that valid and lawful consent (express or implied, as applicable) has been obtained and is current for each Lead before instructing Veridian to send any message. Clients must provide accurate sender identification and unsubscribe instructions for each campaign, as required by CASL.
6.2 Acting as a Service Provider, Veridian relies on Client instructions and Client-provided records of consent. We will implement the identification and unsubscribe mechanism supplied by the Client (including the “STOP” reply or a functionally equivalent opt-out) and will honour all opt-out requests within the time required by law. We will maintain internal logs of opt-outs processed via our system and will apply those numbers to applicable Suppression Lists.
6.3 We will not message any number on a Suppression List and will apply reasonable technical and operational controls intended to prevent messaging of
numbers flagged as opted-out, do-not-call, or otherwise prohibited by law or Client instructions.
6.4 Clients must promptly provide Veridian with all applicable Suppression Lists and update them as needed. Clients must not supply scraped, purchased without appropriate consent, or otherwise unlawful lists.
7. LIMITING USE, DISCLOSURE, AND RETENTION
7.1 We limit our Processing to the purposes described in this Policy or as otherwise required by law. We do not use Client-provided Lead data for Veridian marketing or promotional purposes.
7.2 Retention. We retain Client account data as long as required to deliver the Services, comply with legal obligations, and resolve disputes. We retain Client-provided Lead data only for the period necessary to deliver the Services and as instructed by the Client. Unless otherwise agreed in writing, our standard practice is to delete or return Lead data upon written request or within [Retention Period Placeholder, e.g., 12 months] after the earlier of campaign completion or termination of the Services. Residual copies may persist in backups for up to [Backup Deletion Placeholder, e.g., 90 days] and will be securely destroyed in the ordinary course of our backup rotation.
7.3 Upon termination or at a Client’s written request, we will delete or return Lead data in a commonly used format, subject to any legal retention obligations
8. SHARING AND SERVICE PROVIDERS
8.1 We may disclose Personal Information to vetted service providers that assist in delivering the Website and Services (e.g., SMS gateways, secure hosting, payment processors). These providers are bound by confidentiality and data protection obligations and may process Personal Information only to provide services to Veridian.
8.2 Required Statement: We do not share personal information with third parties or affiliates for marketing or promotional purposes.
8.3 We will provide Clients, on reasonable request, with information about our current subprocessors involved in the Services.
9. CROSS-BORDER TRANSFERS
9.1 Personal Information may be processed or stored outside Canada (including by SMS carriers or infrastructure providers), and may be subject to access by foreign courts, law enforcement, or regulatory authorities in accordance with foreign laws. We use contractual and technical measures that are appropriate in the circumstances to protect Personal Information during cross-border Processing.
9.2 For Québec residents’ Personal Information, where applicable we will conduct a privacy impact assessment for cross-border disclosures as required by Québec law and will implement appropriate safeguards and notices.
10. SAFEGUARDS AND SECURITY
10.1 We use administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including access controls, least-privilege access, employee confidentiality undertakings, secure software development practices proportionate to our size, and encryption in transit and at rest where reasonably practicable.
10.2 We maintain an incident response process to investigate suspected incidents, contain risks, and notify Clients without undue delay where required.
11. ACCURACY; ACCESS AND CORRECTION
11.1 We rely on Clients to provide accurate and current Lead data. Clients’ authorised users may access and correct their own account information through the Website or by contacting us.
11.2 Leads seeking access to, or correction of, their information should contact the Client (the list owner). If a Lead contacts Veridian directly, we will notify the applicable Client and assist as appropriate.
12. BREACH OF SECURITY SAFEGUARDS
12.1 We will assess suspected breaches to determine whether there is a real risk of significant harm and will notify Clients, affected individuals, and regulators as required by law. We keep records of all breaches as required.
12.2 Clients must promptly notify us of any suspected compromise of Lead data they have supplied that may impact our Processing.
13. CHILDREN’S INFORMATION
13.1 The Website and Services are intended for businesses and adult audiences. Clients must not upload Lead data about children. We do not knowingly collect or process Personal Information of individuals under the age of 16.
14. UPDATES TO THIS POLICY
14.1 We may update this Policy from time to time to reflect changes to our practices or legal requirements. Material changes will be signposted on the Website and will take effect on the “Last Updated” date shown above.
15. CONTACT AND COMPLAINTS
15.1 Questions, requests, or complaints regarding this Policy or our privacy practices may be directed to the proprietor using the contact details at the top of this Policy. We will investigate and respond. If you are a Lead, we may redirect your request to the relevant Client (the list owner) and assist as appropriate.
15.2 If you are not satisfied with our response, you may have the right to contact the Office of the Privacy Commissioner of Canada or, where applicable, a provincial privacy regulator (for example, the Commission d’accès à l’information du Québec).