PRIVACY // PIPEDA_PIPA
Privacy Policy
Last updated: 10 July 2026
1. Introduction and accountability
EduSynthLab Inc. ("EduSynthLab," "we," "us," or "our") is a British Columbia corporation operating an education research and development lab from 1661 Ontario Street, Suite 110, Vancouver, BC V5Y 0C4, Canada. We are accountable for personal information under our control and have designated a privacy contact responsible for compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and the British Columbia Personal Information Protection Act (PIPA BC).
This Privacy Policy describes how we collect, use, disclose, retain, and protect personal information when you visit edusynthlab.life, submit our contact form, communicate with us by email or telephone, or engage us for professional services. It does not cover third-party websites linked from our pages.
By using our website or providing personal information to us, you acknowledge that you have read this policy. Where consent is required, we obtain it in a meaningful way — for example, through the explicit checkbox on our contact form before submission.
2. Definitions
"Personal information" means information about an identifiable individual, as defined under PIPEDA and PIPA BC. This includes your name, email address, telephone number, organization name, and the content of messages you send us. It does not include business contact information used solely to communicate regarding your employment role, except where combined with other identifying details.
"Client data" refers to curriculum materials, learner records, and institutional documents entrusted to us under a services agreement. Client data is governed by both this policy and the data processing terms in your contract.
3. Information we collect
3.1 Information you provide directly
When you complete our contact form, we collect your name, email address, optional organization name, selected topic, message content, and your PIPEDA consent confirmation. When you email or call us, we collect whatever information you choose to share, including correspondence records.
3.2 Information collected automatically
Our web server may log technical data including IP address, browser type, referring URL, pages visited, and timestamps. We use this information for security monitoring, troubleshooting, and aggregate traffic analysis. We do not use this data to build individual behavioural profiles for marketing.
3.3 Cookies and local storage
We store your cookie consent preference in browser local storage. See our Cookie Notice for details. We do not deploy advertising trackers or third-party analytics cookies on this site.
3.4 Client project data
When you engage our services, we may process institutional documents, curriculum source files, and — only where explicitly scoped — learner performance data supplied by your organization. The categories processed depend on your statement of work. We do not solicit student assignments or personal academic records through our public website.
4. Purposes for collection, use, and disclosure
We collect and use personal information only for purposes a reasonable person would consider appropriate in the circumstances. Primary purposes include:
- Responding to inquiries submitted through our contact form, email, or telephone;
- Scoping, contracting, and delivering education R&D services to institutional clients;
- Maintaining business records required by Canadian corporate and tax law;
- Protecting the security and integrity of our website and internal systems;
- Complying with legal obligations, court orders, or regulatory requests.
We will not use your contact information for unrelated marketing without your separate opt-in consent. We do not sell personal information to data brokers or advertising networks.
We may disclose personal information to service providers who assist with hosting, email delivery, or contract accounting, but only under agreements requiring them to protect the information and use it solely for the instructed purpose. We may disclose information where required by law or to establish, exercise, or defend legal claims.
5. Consent
PIPEDA and PIPA BC require meaningful consent for the collection, use, and disclosure of personal information, subject to limited exceptions. For website inquiries, we rely on your affirmative consent via the contact form checkbox labelled for PIPEDA and PIPA BC. You may withdraw consent for future non-essential communications by emailing [email protected], though withdrawal cannot retroactively invalidate processing already completed under valid consent or legal obligation.
For client engagements, consent and authority to process institutional data are established through signed agreements and your organization's internal authorization chain.
6. Limiting collection, use, and disclosure
We collect only information reasonably necessary for the identified purposes. Our contact form does not ask for your date of birth, government ID numbers, or financial account details. If you voluntarily include sensitive information in a message, we will use it only to respond to your inquiry unless a separate purpose is agreed.
7. Data retention
Contact form submissions and related correspondence are retained for up to twenty-four months unless a business relationship develops, in which case records follow our client retention schedule. Server logs rotate on a ninety-day cycle. Client project data is retained per contract terms and deleted or returned upon project completion unless a longer retention period is legally required or mutually agreed for continuity support.
8. Safeguards
We protect personal information with administrative, technical, and physical safeguards appropriate to its sensitivity. Measures include access controls limited to personnel who require information for their duties, encrypted transport (TLS) for website traffic, secure storage for client corpora, and confidentiality obligations in employment and contractor agreements. No method of transmission over the Internet is perfectly secure; we encourage clients to use institutional email domains and encrypted file transfer for sensitive documents.
9. Cross-border processing
Our public website is hosted with preference for Canadian infrastructure. Some email routing or backup services may process data in the United States or other jurisdictions. Where personal information crosses borders, we assess risks and apply contractual protections consistent with PIPEDA's accountability principle. Clients requiring strict Canadian residency for project data may specify this at contracting; we accommodate on-premise and private Canadian cloud deployments where feasible.
10. Individual access and correction
You have the right to request access to personal information we hold about you and to request correction of inaccuracies, subject to limited exceptions under PIPEDA and PIPA BC. Submit requests to [email protected] with sufficient detail to identify your records. We respond within thirty days unless an extension is permitted and communicated. We may charge a minimal fee for transcription costs where allowed by law.
11. Challenging compliance
If you believe we have not handled your personal information in accordance with this policy, contact our privacy contact first. We will investigate and respond. You may also file a complaint with the Office of the Privacy Commissioner of Canada or the Office of the Information and Privacy Commissioner for British Columbia if concerns remain unresolved.
12. Children and students
Our website and services are directed at institutional decision-makers, not minors. We do not knowingly collect personal information from individuals under sixteen through our public contact channels. Client projects involving learner data are processed only under institutional authority and applicable educational privacy obligations.
13. Breach notification
If a breach of security safeguards creates a real risk of significant harm to individuals, we will notify affected parties and regulators as required under PIPEDA and PIPA BC, document the incident, and take remedial steps to reduce future risk.
14. Changes to this policy
We may update this Privacy Policy to reflect legal, technical, or operational changes. The "Last updated" date at the top will change accordingly. Material changes affecting how we use personal information already collected will be communicated where practicable.
16. Service providers
We use a limited number of subprocessors to operate our business. Categories include Canadian web hosting, transactional email relay, and accounting software. Each provider receives only the information necessary for its function and is bound by confidentiality obligations. A current subprocessor list is available on request to clients and privacy inquirers.
17. De-identification and aggregate use
We may create aggregate or de-identified statistics from website traffic or project metrics for internal quality improvement. These statistics cannot reasonably identify an individual. We do not attempt re-identification.
18. Accuracy and retention of inquiry records
We make reasonable efforts to keep contact records accurate. You may request correction of your name, email, or organization details at any time. When inquiries do not convert to contracts, we purge associated correspondence within the retention window described in section 7 unless legal holds apply.
19. Contact information
Privacy contact
EduSynthLab Inc.
1661 Ontario Street, Suite 110
Vancouver, BC V5Y 0C4, Canada
Email: [email protected]
Phone: +1 (778) 512-4093
Business Number: 803 261 495 RC0001
We respond to privacy requests within thirty days unless an extension is permitted by law. Please include sufficient detail for us to locate your records.
Formal complaints about our privacy practices may also be directed first in writing to the Office of the Privacy Commissioner of Canada or the Information and Privacy Commissioner for British Columbia after you have given us an opportunity to address your concern directly.