Privacy Policy

The Grey Cardinal Group Inc.

Effective Date: 2026.02.20

1. Introduction

The Grey Cardinal Group Inc. (“Company”, “we”, “us”, or “our”) is committed to protecting the privacy and personal information of clients, partners, and website visitors worldwide.

This Privacy Policy complies with:

  • Personal Information Protection and Electronic Documents Act (PIPEDA)
  • General Data Protection Regulation (GDPR)
  • Applicable international privacy principles

2. Data Controller

The Grey Cardinal Group Inc.
2258 Mountain Dr, Abbotsford,
British Columbia, Canada
Email: access@greycardinalgroup.com

For GDPR purposes, The Grey Cardinal Group Inc. acts as the Data Controller.

If required under Article 27 GDPR (no EU establishment), you may later appoint an EU Representative.

3. Categories of Personal Data Collected

We may collect:

  • Name
  • Email address
  • Telephone number
  • Company information
  • Billing information
  • IP address
  • Technical browser data
  • Communications content
  • Contractual information

We do not knowingly collect sensitive personal data unless voluntarily provided within a contractual engagement.

4. Legal Bases for Processing (GDPR)

We process personal data based on:

  • Contractual necessity
  • Legitimate business interests
  • Legal obligations
  • Consent (where required)

5. Purpose of Processing

Personal data is processed to:

  • Provide advisory and consulting services
  • Respond to inquiries
  • Execute contracts
  • Issue invoices
  • Improve website performance
  • Comply with legal obligations

6. International Data Transfers

As a Canadian corporation serving global clients:

  • Data may be processed in Canada or other jurisdictions.
  • Transfers from the EU are protected via contractual safeguards consistent with GDPR requirements.

7. Data Retention

We retain personal data only as long as necessary for:

  • Contract fulfillment
  • Legal compliance
  • Legitimate business interests

8. Your Rights (GDPR)

EU data subjects have the right to:

  • Access
  • Rectification
  • Erasure
  • Restriction
  • Data portability
  • Object to processing
  • Lodge a complaint with a supervisory authority

9. Your Rights (Canada – PIPEDA)

Canadian residents may:

  • Request access to personal information
  • Request corrections
  • Withdraw consent (subject to contractual/legal limitations)

10. Security Measures

We implement administrative, technical, and organizational safeguards appropriate to the sensitivity of the information.

11. Cookies

We may use cookies and analytics tools. A separate Cookie Notice may apply where required.

12. Contact for Privacy Matters

Privacy Officer: Sanjeev Kuhendrarajah
Email: access@greycardinalgroup.com