Privacy Policy

We take your privacy seriously - here's exactly how we handle your information

Last Updated: January 19, 2026 PIPEDA Compliant

Introduction

Look, we get it - nobody actually enjoys reading privacy policies. But if you're trusting us with your business transformation or restructuring, you deserve to know exactly what we're doing with your information.

Morphic Lift Legal Services operates out of Toronto and we're bound by Canadian privacy laws, specifically PIPEDA (Personal Information Protection and Electronic Documents Act). This isn't just legal boilerplate - it's our actual commitment to protecting your data.

Throughout our years handling corporate restructuring and M&A deals, we've learned that transparency builds trust. So here's the real deal about how we collect, use, and protect your personal information.

What Information We Collect

We're lawyers, not data miners. We only collect what's necessary to provide you with solid legal services. Here's what that typically includes:

  • Your name and title (pretty basic stuff)
  • Business contact details - email, phone number, work address
  • Company name and registration info
  • Sometimes your SIN or business number (only when legally required)
  • Professional credentials and background (helps us serve you better)

  • Corporate structure and ownership details
  • Financial statements and records (when relevant to your case)
  • Banking info for payment processing
  • Tax documents and filing information
  • Contract details and business agreements

  • IP address and browser type (standard web stuff)
  • Pages you visit on our site
  • Time and date of your visits
  • Referring website information
  • Device type and operating system

  • Emails and correspondence between us
  • Phone call records (not recordings, just logs)
  • Meeting notes and consultation summaries
  • Document exchanges and file transfers
  • Client portal activity
Important: We'll never collect sensitive personal info without explicit consent and a legitimate legal reason. And we definitely won't sell your data to third parties - that's not how we roll.

How We Actually Use Your Information

We're pretty straightforward about this. Your information serves specific purposes, and we don't go fishing for extra ways to use it.

Legal Services Delivery

To represent you, draft documents, handle your restructuring, manage M&A deals, and basically do what you hired us for

Legal Compliance

Meeting our professional obligations, anti-money laundering requirements, and other regulatory stuff we can't skip

Client Communication

Keeping you updated on your matters, sending important notices, and occasionally sharing relevant legal updates that might affect your business

Billing & Payments

Processing invoices, tracking payments, and maintaining proper financial records (as required by our professional body)

Service Improvement

Analyzing how we can serve you better, identifying issues, and improving our processes based on actual usage patterns

System Maintenance

Keeping our website and client portals running smoothly, troubleshooting issues, and ensuring security

We won't use your information for purposes you haven't agreed to. If something changes, we'll let you know upfront.

When We Share Your Information

We're not in the business of passing around client info. But there are some situations where we need to share data - always with appropriate safeguards in place.

Legitimate Sharing Scenarios:
  • With Your Consent: When you explicitly authorize us to share info with specific third parties (like accountants, business advisors, or other professionals working on your deal)
  • Service Providers: Our IT support, cloud storage providers, and payment processors - all under strict confidentiality agreements
  • Legal Requirements: Courts, regulators, or law enforcement when we're legally compelled (we'll notify you unless prohibited by law)
  • Professional Obligations: Law Society of Ontario requirements, conflict checks with other firms, or mandatory reporting situations
  • Business Transfers: If we merge with another firm or sell our practice (though we'd give you proper notice)
  • Emergency Situations: To prevent serious harm or protect vital interests (rare, but it happens)
Note: We'll never sell, rent, or trade your personal information for marketing purposes. That's not our game.

How We Protect Your Data

Given the sensitive nature of corporate restructuring and M&A work, we've invested heavily in security. Here's what we've got in place:

Encryption

End-to-end encryption for data in transit and at rest. Bank-level stuff.

Secure Servers

Canadian-based servers with physical and digital access controls

Access Controls

Multi-factor authentication and strict need-to-know access policies

Document Security

Encrypted file storage with audit trails and version control

Regular Backups

Automated backups with disaster recovery protocols

Staff Training

Ongoing security awareness and confidentiality training for everyone on our team

That said, no system is 100% bulletproof. If we ever experience a data breach that affects your information, we'll notify you and the Privacy Commissioner as required by law.

Cookies & Tracking Technologies

Yeah, we use cookies - but not the edible kind. Here's the breakdown of what's happening when you visit our site:

Types of Cookies We Use:
Cookie Type Purpose Can You Opt Out?
Essential Keep the site functioning - login sessions, security features, basic navigation Nope - these are necessary
Functional Remember your preferences and settings to improve your experience Yes, through browser settings
Analytics Help us understand how people use our site so we can make it better Yes, we provide opt-out options
Performance Monitor site speed and identify technical issues Yes, you can disable these

Most browsers let you control cookies through their settings. Just know that blocking all cookies might mess with site functionality - you might have trouble logging into our client portal, for example.

We don't use advertising cookies or work with ad networks. Your browsing on our site stays between us.

Your Privacy Rights Under PIPEDA

Canadian privacy law gives you real control over your personal information. Here's what you can actually do:

Right to Access

Request a copy of all personal info we hold about you. We'll provide it within 30 days (sometimes there's a small fee to cover copying costs).

Right to Correction

If something's wrong or outdated, tell us and we'll fix it. We'll also notify anyone we shared the incorrect info with.

Right to Withdrawal

Withdraw your consent for us to use your info (though this might limit what services we can provide, and we may still need to keep some records for legal reasons).

Right to Know

Ask how we're using your information, who we've shared it with, and why we collected it in the first place.

Right to Complain

File a complaint with the Office of the Privacy Commissioner of Canada if you think we've mishandled your information.

How to Exercise Your Rights

Just send us an email at contact@morphiclift.info with "Privacy Request" in the subject line. We'll verify your identity (for security reasons) and handle your request promptly.

There's no charge for most requests, though we might ask you to cover reasonable copying costs for extensive document requests.

How Long We Keep Your Information

We can't just delete everything the moment our engagement ends - there are legal and professional rules we've gotta follow.

Typical Retention Periods:
  • Client Files & Documents: Minimum 7-10 years after the matter closes (Law Society requirement)
  • Financial Records: 7 years from the end of the tax year (CRA requirement)
  • Conflict Check Info: Permanently (to avoid future conflicts of interest)
  • General Correspondence: As long as it's relevant to your file or our business relationship
  • Marketing Communications: Until you unsubscribe or we no longer have a legitimate interest
  • Website Analytics: Typically 24-26 months, then it's aggregated or deleted

Once the retention period expires and we don't have a legal reason to keep something, we securely delete or destroy it. For physical documents, that means shredding. For digital files, secure deletion protocols.

If you've got questions about specific documents, just ask - we maintain detailed retention schedules.

International Data Transfers

We're based in Toronto and primarily serve Canadian businesses, but sometimes info crosses borders - especially in international M&A deals or corporate restructurings.

What You Should Know:
Data Storage

We primarily use Canadian servers and cloud services. When we do use international providers, they maintain Canadian data centers or comply with Canadian privacy standards.

Cross-Border Deals

If your matter involves international parties, we'll share info as needed for legal representation - but always with appropriate safeguards and your knowledge.

Different countries have different privacy laws. If your information needs to go somewhere with weaker protections than Canada's, we'll let you know and get your consent first.

U.S. Clients: We understand CCPA and other U.S. privacy regulations. If you're subject to those laws, we'll honor those rights too.

Changes to This Privacy Policy

Privacy laws evolve, our practices improve, and sometimes we need to update this policy. When we do:

  • We'll update the "Last Updated" date at the top of this page
  • If it's a significant change affecting your rights, we'll email you directly
  • We'll post a notice on our homepage for 30 days
  • For major changes, we might ask for your renewed consent

We recommend checking this page occasionally, especially if you haven't worked with us in a while. The current version always governs how we handle your information.

Previous versions of this policy are available upon request if you want to see what changed.

Questions About Your Privacy?

Look, we know this is a lot of information. If you've got questions, concerns, or just want clarification on anything, we're here to help.

Privacy Officer

Morphic Lift Legal Services

We've designated someone to handle all privacy-related inquiries and requests

Address

2150 Bay Street, Suite 1400
Toronto, ON M5J 2N8
Canada

Email

contact@morphiclift.info

Subject: Privacy Inquiry

Phone

(416) 555-0847

Mon-Fri, 9:00 AM - 5:00 PM EST

External Resources

If you're not satisfied with our response, you can contact:

Office of the Privacy Commissioner of Canada
Website: www.priv.gc.ca
Toll-free: 1-800-282-1592

Bottom Line: We're committed to protecting your privacy because trust is everything in our line of work. If we're not living up to that commitment, we want to know about it.