Privacy Policy
Last Updated: October, 2025
1) Purpose of this Privacy Policy
2) Application & Scope
This Policy covers personal information I collect through the Site, forms, scheduling, email/phone, and during delivery of Services. It doesn’t cover third-party websites or services linked from the Site—please review their policies.
3) Accountability & Contact
I am responsible for personal information in my control and for compliance with this Policy and PIPEDA. If I use service providers, I ensure appropriate safeguards are in place.
Privacy contact
Name: Alexis Pereira
Email: info@pereiraalexis.com
Phone: +1 (647) 531-3384
Location: Toronto, Ontario, Canada
(No physical office/mailing address—please contact me by email.)
If a concern remains unresolved, Canadian residents may contact the Office of the Privacy Commissioner of Canada (priv.gc.ca).
4) Changes to this Policy
I may update this Policy from time to time. The “Last updated” date shows the latest version. Material changes will be posted on this page and, when feasible, notified by email if I have it.
5) What I Collect
“Personal information” means information about an identifiable individual. Depending on how you interact with me, I may collect:
Identity & Contact: name, email, phone, company/role, social handle(s).
Business/Audit Inputs: website/Instagram, goals, answers to intake questions, files you share.
Transactional: invoices, payment confirmations (payment processors handle full card details; I don’t store them).
Technical/Usage: IP address, device/browser type, pages visited, timestamps, approximate location, cookies or similar identifiers.
Preferences: newsletter/marketing opt-ins or opt-outs.
Publicly Available Data: information you publish that supports an audit (e.g., website, social posts).
Please do not send sensitive information (e.g., health data, SIN). I do not intentionally collect such data.
6) How I Collect It
Directly from you: forms, emails, calls, Free Audit requests, discovery calls
Automatically: cookies/pixels/analytics when you use the Site.
From tools you choose to use with me: scheduling, email/CRM, analytics/ads, and payments (see “Service Providers” below)
7) Why I Use It (Purposes & Legal Bases)
I use personal information to:
Provide the Site & Services (diagnose, plan, deliver, communicate status). Legal bases: contract, legitimate interests.
Respond to inquiries & send service messages (booking confirmations, audit delivery). Contract, legitimate interests.
Improve the Site & Services (analytics, troubleshooting). Legitimate interests.
Send optional resources/marketing you requested or consented to (unsubscribe anytime). Consent, legitimate interests.
Security, fraud prevention & legal compliance (tax/records, enforce agreements). Legal obligation, legitimate interests.
I do not sell personal information.
8) Cookies & Similar Technologies
The Site may use cookies and similar tech to operate, remember preferences, and understand performance. Your browser can limit cookies. Refusing non-essential cookies may affect features.
9) Service Providers (Processors)
To operate the Site and provide the Services, I engage carefully selected third-party service providers who act on my behalf under written terms. These providers are limited to using personal information only as necessary to deliver their services to me and must apply appropriate confidentiality and security measures. Provider categories may include, without limitation:
Hosting & infrastructure/CDN (website hosting, content delivery, uptime/security)
Scheduling/booking (calendars, meeting links)
Email/CRM/automation (service messages, optional marketing you request/consent to)
Analytics & advertising (to understand performance and manage campaigns)
Payment processing & invoicing (card payments are processed by third parties; I do not store full card numbers)
Professional advisors (legal, accounting)
I may update or change providers over time. Where service providers transfer or store personal information outside Canada, I take reasonable steps to ensure comparable protections (e.g., contractual safeguards) consistent with applicable law. I may disclose information if required by law, to protect safety, or to enforce legal rights.
10) International Transfers
Some providers may process data in Canada, the United States, or other countries. I take reasonable steps to ensure appropriate safeguards consistent with PIPEDA (e.g., contractual protections).
11) Limiting Collection, Use, Disclosure & Retention
I collect only what’s necessary for the purposes above and disclose on a need-to-know basis with safeguards. I keep information only as long as needed for those purposes and legal/financial recordkeeping. When no longer needed, I delete or anonymize it. If you unsubscribe from marketing, I retain a minimal suppression record.
12) Security
I use reasonable physical, organizational, and technical measures to protect personal information (HTTPS, access controls, least-privilege accounts, vetted vendors). No method is 100% secure; I cannot guarantee absolute security.
Mobile & Remote Access
Devices must be kept secure and not left unattended. Personal devices must not store client data unless authorized and protected.
Periodic Review
I periodically review safeguards with advisors to align with evolving best practices.
13) Accuracy
I aim to keep information accurate and up to date for the identified purposes. Please contact me to update your details. I may verify accuracy when actively using data to provide ongoing Services.
14) Your Rights & Requests
You may request access to or correction of your personal information by emailing the privacy contact above. I will respond within 30 days as required by PIPEDA (subject to permitted extensions/exemptions) and may need to verify your identity.
Fees: Basic access is free; reasonable fees may apply for extensive retrieval or copying. I’ll advise you in advance.
15) Consent (Obtaining & Withdrawing)
I rely on implied consent when you voluntarily provide information to receive Services, consistent with PIPEDA and this Policy.
Where required or for marketing, I will seek express consent (e.g., a checkbox on forms).
You can withdraw consent at any time—subject to legal/contractual limits—by contacting me. I’ll explain any implications (e.g., I may not be able to provide certain Services).
CASL: All commercial emails include an unsubscribe link or instructions.
16) Children
The Site and Services are not directed to children under 16. I do not knowingly collect their data.
17) Third-Party Links
The Site may link to third-party sites. Their privacy practices are their own.
18) If You Decline to Provide Information
If certain information is required to deliver Services or meet legal obligations and you decline to provide it, I may be unable to proceed and will let you know.
19) Destruction of Information
Electronic records are securely deleted or anonymized when no longer required. If hardware is discarded, storage media are securely wiped or destroyed.
20) Regional Supplements
EU/UK GDPR
If GDPR applies, AP Growth is the controller. You may have rights to access, rectification, erasure, restriction, portability, and objection; and to withdraw consent where processing is based on consent. You may lodge a complaint with your local Data Protection Authority. International transfers rely on appropriate safeguards (e.g., contractual clauses).
California (CCPA/CPRA)
I do not “sell” personal information as defined by CCPA/CPRA. If I engage in cross-context behavioral advertising, California residents may request to opt out or make access/deletion/correction requests by contacting me at info@pereiraalexis.com with the subject “California Privacy Request.” I will take steps to verify your identity before responding. You will not receive discriminatory treatment for exercising your rights.
21) How to Contact Me