PRIVACY POLICY
Las Modified: September 15, 2023
​
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. Data security is one of our key values. We use the highest level of security standards available when protecting client data. We use your data to provide and improve our Services. By using our Services, you agree to the collection and use of information in accordance with this policy.
​
Data Collection and Use
​
We receive, collect and store any information you enter on our website or provide us in any other way. We collect personally identifiable information including name (first and last), email, phone number, address, payment details (including credit card information), comments, recommendations cookies and usage data.
We collect this Information for the following purposes:
-
To provide and operate our Services;
-
To provide our Users with ongoing customer assistance and support;
-
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
-
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we may use to provide and improve our respective services;
-
To comply with any applicable laws and regulations.
​
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.
​
Storage of Data
​
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
​
Adviice Platform
​
Encryption In Transit and At Rest: Data on the platform is always encrypted using AES256 bit encryption, an industry standard. Information is encrypted both in transit, while moving from your browser to our server, and at rest, when being saved in an active session.
​
Canadian Data Infrastructure: We use Canadian data infrastructure when creating projections and when storing client data.
​
Two Factor Authentication (2FA): All financial planners and advisors must use two factor authentication as a default to help protect client data. Clients can also use two factor authentication but it is optional. Clients can activate two factor authentication in their Profile settings after logging in.
​
Data Minimization: As a default, the platform asks for only the minimum personally identifiable information (PII) when creating a client account. This includes only a first name and an email address for communication. This decreases the client's data “footprint”.
​
Data Retention: When a client deletes their account their data is deleted after a period of 14-days. This retention period allows for us to recover an account if accidentally deleted. After this 14-day retention period all client data related to that account is deleted and there is no way to recover a deleted account.
​
Brute Force Protection: To protect client data against brute force attacks we use a number of methods to both identify, isolate, and prevent malicious behaviour.
​
Phishing Protection: By using the platform you help reduce the risk of phishing attacks for your clients. Clients will only ever provide information through the platform and never via email.
​
Payments Data
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
​
Tracking Tools - Google Analytics
We use Google Analytics to monitor and analyze the use of our Service. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
​
You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy Terms webpage: https://policies.google.com/privacy?hl=en
Privacy Policy Updates
​
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
​
Consent
​
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at info@merrickfinancial.ca.