🔒 Confidential case review · Trusted by agencies, banks & exchanges
Toronto Refund Legal

Privacy Policy

How TorontoRefund.net collects, uses, discloses, retains, and protects personal information in connection with fund recovery inquiries and services.

Effective DateAPRIL 4 2024
Last UpdatedMAY 8 2026

1. Introduction

At TorontoRefund.net ("Company," "we," "our," or "us"), we assist individuals in recovering lost funds from various forms of financial disputes, including online scams, insurance claim denials, and fraudulent billing schemes. In the course of providing these fund recovery services, we may necessarily collect, use, and disclose sensitive personal information, including personal health information.

We are committed to protecting the privacy and security of this data. This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information and outlines your rights and our legal obligations under applicable privacy legislation.

2. Scope and Legal Framework

This policy applies to all personal information we collect, including sensitive personal and health-related data, from individuals who interact with our website, engage our services, or make inquiries.

As a service based in Ontario, Canada, our data handling practices are governed primarily by the Personal Information Protection and Electronic Documents Act (PIPEDA), which applies to private sector organizations and requires meaningful consent and stringent safeguards for sensitive information, and the Personal Health Information Protection Act (PHIPA), which sets rules for health information custodians in Ontario.

We align our practices with the principle that health and financial data require a higher degree of protection. Where personal data of residents from other jurisdictions, such as GDPR for EU residents, is processed, we also adhere to applicable international data protection laws.

3. Definitions

In this policy, "personal information" means any information about an identifiable individual. "Sensitive personal information" includes data revealing racial or ethnic origin, political opinions, religious beliefs, genetic or biometric data, and particularly health and financial data.

"Personal health information" (PHI) refers to identifying information about an individual's physical or mental health, including medical history, diagnoses, treatment, and payment for healthcare.

4. Information We Collect

We limit our collection to information that is necessary for the stated purposes. We may collect the following categories of information:

a) Information You Voluntarily Provide

  • Personal Identification: Full name, address, email address, phone number, date of birth.
  • Case-Specific Information: Detailed narratives and supporting documents about your case, which may include contracts, emails, and other correspondence.

c) Automatically Collected Technical Data

  • IP address, browser type, operating system, referring URLs, and general usage data through cookies and similar technologies for security and analytics purposes.

5. How We Use Your Information

We use the collected information for the following purposes, with your consent or as otherwise permitted by law:

  • Verification and Assessment: To verify your identity and evaluate the viability of your fund recovery case.
  • Service Delivery: To build a comprehensive case file, prepare and submit claims, appeals, and disputes to financial institutions, insurers, or relevant authorities on your behalf.
  • Communication: To respond to your inquiries, provide case updates, and send important service-related notices.
  • Security and Fraud Prevention: To monitor for and protect against fraudulent activities, unauthorized transactions, and to safeguard our systems and your data.
For sensitive information, we obtain explicit consent before collection, use, or disclosure, in accordance with PIPEDA's requirement for a higher form of consent for such data.

6. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may only disclose your data under the following limited circumstances and with appropriate safeguards:

  • Authorized Agents: To our employees and contractors who require the information to perform their duties, bound by strict confidentiality agreements.
  • Service Providers: To trusted third-party vendors, such as legal counsel and forensic accountants, who assist us in delivering our services. We ensure they are contractually obligated to protect your data and process it only on our instructions.
  • Legal and Regulatory Compliance: If required by law, regulation, court order, or to protect our rights, safety, or property. We will make reasonable efforts to notify you of such disclosure unless prohibited.

7. Data Retention Practices

We retain personal information only for as long as necessary to fulfill the stated purposes or as required by law. Retention periods are based on the nature of the information and our operational needs:

  • Active Case Files: Information related to ongoing recovery efforts is retained for up to seven (7) years after case closure to comply with potential legal or audit requirements.
  • Inactive Inquiry Data: If your inquiry does not progress to a retainer agreement, we securely delete your information within twelve (12) months of the last communication.
  • Conclusion: When information is no longer needed, we will securely destroy or irreversibly anonymize it, ensuring all sensitive and health-related data is rendered unreadable and inaccessible thereafter.

8. Data Security Safeguards

We implement robust administrative, technical, and physical safeguards to protect your data, with heightened measures for sensitive health and financial information:

  • Encryption: Use of AES-256 encryption for data at rest and TLS 1.3 for data in transit.
  • Access Controls: Role-based access, multi-factor authentication, and the principle of least privilege to ensure only strictly authorized personnel handle sensitive data.
  • Audits & Monitoring: Regular security assessments and continuous monitoring of our systems.
  • Training: Ongoing privacy and security training for all staff.

While we strive to protect your information, no method of electronic storage or transmission over the internet is 100% secure. In the event of a data breach posing a risk of significant harm, we will notify you and the appropriate authorities without undue delay, as required by PIPEDA and PHIPA.

9. Cookies and Tracking Technologies

We use essential cookies for website functionality and security, and may use analytics cookies to understand site usage. We do not use cookies to collect sensitive personal or health information. You can manage your cookie preferences through your browser settings.

10. Your Privacy Rights

You have rights regarding your personal information, subject to applicable law and verification. These include:

  • Access: To request a copy of the personal data we hold about you.
  • Rectification: To correct any inaccurate or incomplete information.
  • Erasure: To request deletion of your data, subject to legal retention requirements.
  • Withdrawal of Consent: To withdraw consent for the processing of your data at any time, subject to contractual or legal restrictions. We will inform you of the implications before processing your request.

To exercise your rights, or if you have any questions or concerns about this policy, please contact our Privacy Officer using the details below.

11. Contact Us

TorontoRefund.net - Privacy Officer

Email: [email protected]