Who We Are and What This Covers

Qildron operates from 40 Charlotte St, Saint John, NB E2L 2H9, Canada. We build investment applications, which means handling financial data responsibly isn't optional—it's everything. This policy covers our website (qildron.vip), our investment platform, and any related services we provide to clients in Canada and beyond.

When we say "personal information," we mean anything that identifies you or could reasonably be linked back to you. Not rocket science, but worth stating clearly.

Information We Collect

Let's be straight about what we gather and why. We don't collect things for the sake of it.

Account and Identity Information

When you create an account with us, we collect your name, email address, phone number, and mailing address. For investment accounts specifically, Canadian financial regulations require us to verify your identity—so we'll need government-issued ID, social insurance number, date of birth, and proof of address.

This isn't us being nosy. It's legally required under Canadian anti-money laundering rules and securities regulations.

Financial Information

Investment applications need financial data. We collect bank account details for transfers, investment holdings, transaction history, and records of your investment preferences and risk tolerance. Some of this comes directly from you during account setup. The rest gets generated as you use our platform.

Technical Information

Our systems automatically log certain technical details: IP addresses, device information, browser type, operating system, pages you visit, how long you stay, and where you clicked. Standard web analytics stuff that helps us keep the platform running smoothly and spot potential security issues.

Communications

When you email us, call us, or use our chat support, we keep records of those conversations. Mostly so we can reference them later if you have follow-up questions. Also helpful for training our team and making sure we're actually solving problems.

How We Use Your Information

Here's where your data actually goes and what it does for you.

• Account Management: Creating and maintaining your account, processing your investment transactions, providing customer support when you need it.
• Legal Compliance: Meeting regulatory requirements from Canadian securities commissions, preventing fraud and money laundering, responding to legal requests from authorities.
• Service Improvement: Analyzing how people use our platform to fix bugs, add features that matter, and generally make the experience less frustrating.
• Communication: Sending account updates, transaction confirmations, security alerts, and occasional educational content about investing (only if you've opted in for that last part).
• Security: Monitoring for suspicious activity, protecting against unauthorized access, keeping your financial data safe from bad actors.

How We Share Your Information

We're not in the business of selling your data. But there are specific situations where we share information with third parties, and you should know about them.

Service Providers

We work with companies that help us run our platform: payment processors for handling transactions, cloud hosting providers for storing data securely, identity verification services for compliance checks, and customer support tools. These providers only get access to the information they need to do their specific job, and they're contractually bound to protect it.

Financial Institutions

Your investment transactions involve banks, brokerages, and clearing houses. We share necessary information with these institutions to execute trades, transfer funds, and maintain accurate records. This is how the financial system works—there's no way around it.

Legal and Regulatory Authorities

Canadian securities regulators, tax authorities, and law enforcement can request information under certain circumstances. When they do, we comply with valid legal requests. We'll notify you when possible, unless doing so would violate the law or compromise an investigation.

Business Transfers

If Qildron gets acquired or merges with another company, your information would transfer to the new entity. We'd notify you beforehand and explain any changes to how your data gets handled.

Your Privacy Rights Under Canadian Law

Canadian privacy legislation (particularly PIPEDA—the Personal Information Protection and Electronic Documents Act) gives you specific rights over your data. Here's what you can actually do.

To exercise any of these rights, email us at contact@qildron.vip with "Privacy Request" in the subject line. We'll need to verify your identity before processing the request—standard security procedure.

How We Protect Your Information

Security isn't something we bolt on afterward. It's built into everything we do from day one.

Technical Safeguards

• All data transmitted between your device and our servers uses TLS encryption (the same technology banks use)
• Sensitive information stored in our databases gets encrypted at rest using AES-256 encryption
• We use multi-factor authentication for account access, so a stolen password alone won't compromise your account
• Regular security audits and penetration testing by third-party experts help us find and fix vulnerabilities
• Automated monitoring systems watch for unusual activity 24/7

Organizational Safeguards

Our team members only access the minimum information needed to do their jobs. We track who accesses what and when. New employees go through security training before touching any client data. And we have incident response procedures in place for when things go wrong (because eventually, somewhere, something always does).

How Long We Keep Your Data

We don't hold onto information longer than necessary, but "necessary" means different things depending on the type of data and legal requirements.

Active account data: As long as your account remains open, we keep the information needed to operate it. Pretty straightforward.

Transaction records: Canadian tax law requires us to keep financial transaction records for at least seven years after the tax year they relate to. This isn't optional—it's the law.

Identity verification documents: We keep these for seven years after you close your account, again for regulatory compliance.

Marketing communications: If you've opted into marketing emails, we'll keep that preference until you opt out or your account gets closed.

Technical logs: Most server logs get deleted after 90 days unless they're needed for security investigations or legal holds.

When we delete data, we actually delete it. We don't just hide it—we remove it from our systems permanently, including backups (once those backups cycle out naturally).

Cookies and Tracking

Our website uses cookies—small text files stored on your device. Here's what they do:

Essential cookies: These keep you logged in, remember your preferences, and generally make the site work. You can't opt out of these because they're necessary for basic functionality.

Analytics cookies: We use these to understand how people navigate our site, which pages are most useful, where people get stuck. This helps us improve the experience. You can opt out through your browser settings.

Security cookies: These help us detect and prevent fraudulent activity. Also essential for protecting your account.

We don't use advertising cookies or share cookie data with advertisers. That's not our business model.

International Data Transfers

While Qildron operates in Canada and primarily serves Canadian clients, some of our service providers have servers located outside Canada—particularly in the United States. When we transfer data internationally, we use legal mechanisms recognized under Canadian law, such as standard contractual clauses and ensuring adequate protection measures are in place.

If you're concerned about where your data physically resides, contact us and we'll provide specific details about which services involve international transfers.

Children's Privacy

Our investment platform isn't designed for anyone under 18 (or 19 in some provinces—the age of majority varies across Canada). We don't knowingly collect information from minors. If you're a parent and discover your child has created an account with us, contact us immediately and we'll delete it.

Changes to This Policy

We'll update this policy occasionally as our practices evolve or regulations change. When we make material changes, we'll notify you by email and post the updated version on our website with a new "Last Updated" date at the top.

Minor clarifications or formatting changes might happen without notification. We're not going to email you every time we fix a typo.

Continuing to use our services after we've notified you of changes means you accept the updated policy. If you don't agree with the changes, you can close your account—though we'd be sorry to see you go.

Questions and Complaints

If you have questions about this policy, concerns about how we're handling your data, or want to exercise any of your privacy rights, start by contacting us directly. Most issues get resolved faster when we can talk through them together.

If you're not satisfied with our response, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada. They investigate privacy complaints and enforce federal privacy legislation. You can reach them at 1-800-282-1376 or through their website.