Privacy Policy

Last updated: November 1, 2025

RegulaSync Solutions Inc. (“RegulaSync”, “we”, “us”) provides regulatory accounting and advisory services to electricity distributors and related sector participants. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information in the course of our business and on our website (the “Site”).

This Privacy Policy applies to personal information about identifiable individuals that we handle in Canada in connection with the Site and our services. It does not apply to information about our own employees, which is governed by separate internal policies.

We handle personal information in accordance with Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) and other applicable laws. We also comply with Canada’s Anti-Spam Legislation (“CASL”) for commercial electronic messages.

Quick summary

  • We collect only what we need.
  • We use it to deliver services, run our business, and improve the Site.
  • We share it with trusted providers and as required by law.
  • You can access/correct your information, withdraw consent, and complain to the Privacy Commissioner of Canada.

1) What we collect

We may collect the following categories of information:

A. Client & contact information
Names, job titles, business contact details (email, phone, employer), engagement history, and related communications.

B. Service information
Materials you (or your organization) provide to us to perform an engagement (e.g., planning documents, financial records, regulatory filings, interrogatories, evidence drafts). These materials may contain personal information about your employees or other individuals.

C. Website & device data
IP address, browser type, pages viewed, referring/exit pages, timestamps, and similar technical information generated by your use of the Site. We may use cookies or similar technologies for essential site functionality and analytics. See Cookies & Analytics below.

D. Marketing preferences
Newsletter opt-ins/opt-outs, event registrations, and related preferences.

We do not knowingly collect personal information about children under 14.

2) How we use personal information (Purposes)

We use personal information to:

  • provide, manage, and improve our services and the Site;
  • communicate with you, including responding to inquiries, scheduling, and sending service updates;
  • send newsletters or invitations with consent or as otherwise permitted by CASL;
  • maintain business records, manage risk, detect fraud, and comply with legal and regulatory obligations; and
  • evaluate and improve our offerings, including anonymized or aggregated reporting and analytics.

We generally rely on your consent, which may be express or implied, depending on the context and sensitivity of the information and your reasonable expectations. In some cases, we may handle personal information without consent where permitted or required by law (for example, to respond to a court order, investigate a possible breach of law, or collect a debt).

3) Consent under PIPEDA

Where required, we obtain meaningful consent; express or implied depending on the circumstances. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. Withdrawing consent may affect our ability to provide certain services or respond to some requests.

4) Cookies & Analytics

We use essential cookies and similar technologies to support security and basic functionality of the Site (for example, to remember certain settings or enable session management).

We may also use analytics tools to understand Site usage (e.g., pages visited, session duration) so we can improve content and performance. Our current analytics providers (if any) will be identified in this Policy or elsewhere on the Site from time to time.

You can manage cookies through your browser settings. If you disable certain cookies, some parts of the Site may not function properly. We do not use advertising cookies or behavioural ad tracking on the Site at this time. If that changes, we will update this Privacy Policy and, where required, seek your consent.

5) Disclosures to third parties

We may disclose personal information to:

  • Service providers / processors who assist with hosting, email, collaboration, accounting, security, analytics, or similar functions, under appropriate contractual safeguards;
  • Professional advisors (e.g., legal counsel, auditors) on a need-to-know basis;
  • Authorities where required or permitted by law (e.g., to comply with court orders or regulatory processes); and
  • Parties to business transactions, such as in a merger, acquisition, financing, or sale of assets, subject to confidentiality commitments and legal requirements.

We do not sell personal information.

6) Cross-border transfers

Some of our service providers may be located outside your province or outside Canada, and personal information processed in another jurisdiction may be accessible to courts, law enforcement, or regulators in that jurisdiction.

We use contractual and technical measures reasonably designed to protect personal information wherever it is processed, taking into account its sensitivity and the risks of handling it.

7) Safeguards

We employ administrative, technical, and physical safeguards commensurate with the sensitivity of the information, which may include:

  • role-based access controls and need-to-know limitations;
  • encryption in transit and secure storage practices; and
  • policies, procedures, and training aimed at protecting personal information.

No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we endeavour to protect personal information to a level that a reasonable person would consider appropriate in the circumstances.

8) Retention

We retain personal information only as long as necessary to fulfill the purposes identified in this Policy or as required by law and professional standards.

For engagement files, we generally retain records for at least seven (7) years from the end of the engagement unless a longer period is required or appropriate (for example, due to regulatory requirements, litigation holds, or limitation periods).

9) Your rights

Subject to limited exceptions, you have the right to:

  • request access to personal information about you in our custody or control; and
  • request correction of personal information that is inaccurate or incomplete.

You may also withdraw consent to non-essential processing and opt out of marketing communications at any time (see Contact below).

To exercise these rights, please contact us using the details below with a description of your request. We may take reasonable steps to verify your identity before responding. We aim to respond within 30 days, subject to any extensions permitted by law.

If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada.

10) CASL (Anti-Spam) compliance

We obtain consent where required before sending commercial electronic messages. Our messages identify us as the sender, include our contact information, and provide a working unsubscribe mechanism.

You may unsubscribe from our commercial messages at any time by using the link in the message or by contacting us. Unsubscribe requests are actioned within 10 business days.

11) Breach notification

If we experience a breach of security safeguards involving personal information that creates a real risk of significant harm to individuals, we will assess and mitigate the incident and, where required, notify affected individuals and the Office of the Privacy Commissioner of Canada.

We keep records of all security incidents involving personal information in accordance with PIPEDA, whether or not notification is required.

12) Third-party links

The Site may link to third-party sites. Their privacy practices are governed by their own policies, and we are not responsible for those sites or their content.

13) Updates to this Policy

We may update this Privacy Policy from time to time. Changes are effective when posted on the Site with a new “Last updated” date. Your continued use of the Site after changes are posted indicates your acceptance of the updated Policy.

14) Contact

Questions, requests, or complaints about this Privacy Policy or our privacy practices may be directed to:

Privacy Officer
RegulaSync Solutions Inc.
Email: privacy@regulasync.com