Privacy Policy

1. Introduction

OasisInNorth places the highest priority on protecting your personal information. This Privacy Policy transparently explains what information we collect, how we process it, and what measures we take to safeguard your privacy. Careful handling of your data is as important to us as the quality of our insurance advisory services – both are based on mutual trust and respect.

The terms used in this policy, such as "personal data," "processing," or "controller," are defined according to the General Data Protection Regulation (GDPR) and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA).

2. Data Controller

The data controller responsible for processing data in connection with our services and this website is:

OasisInNorth
742 Evergreen Terrace
Ottawa, ON K1S 5T7
Canada

Email: [email protected]
Phone: +1 (613) 487-9562

3. Types of Data We Process

  • Identification data (name, date of birth, address)
  • Contact information (email address, phone number)
  • Professional information (occupation, position, employer)
  • Basic health information (relevant for insurance applications)
  • Insurance policy data (coverage details, beneficiaries, policy numbers)
  • Website usage data (visit times, pages visited, interactions)
  • Technical data (IP address, browser type, device information)

4. Purpose of Processing

  • Providing and personalizing our insurance advisory services
  • Developing tailored insurance solutions based on your specific needs
  • Client management and communication
  • Evaluation and continuous improvement of our service offerings
  • Providing relevant information about senior insurance options
  • Processing insurance applications and claim submissions
  • Compliance with legal record-keeping requirements

5. Security Measures

We implement state-of-the-art security measures in accordance with Article 32 of GDPR to protect your data. This includes encrypted transmission of sensitive information, regular security audits of our IT systems, and strict access controls. All insurance-related information is treated with special care and is accessible only to a limited circle of specially trained employees who are bound by strict confidentiality obligations.

6. Your Rights

As a data subject, you have the following rights:

  • Right to access information about the personal and insurance-related data we store
  • Right to rectify incorrect data about you and your insurance needs
  • Right to erasure of your data after the completion of our services
  • Right to restriction of processing of your personal insurance information
  • Right to data portability to other insurance providers
  • Right to object to processing, especially for marketing purposes
  • Right to lodge a complaint with the competent supervisory authority (Office of the Privacy Commissioner of Canada)

7. GDPR Compliance

OasisInNorth processes personal data in compliance with the General Data Protection Regulation (GDPR) of the European Union and PIPEDA in Canada. We implement the following measures to ensure GDPR compliance:

  • Lawful processing: We only process your data when one of the six legal bases established in the GDPR is present (consent, contract fulfillment, legal obligation, vital interests, public interest, or legitimate interest).
  • Data minimization: We collect and process only data that is actually necessary for the stated purpose.
  • Transparency: Through this privacy policy, we provide you with comprehensive information about the processing of your data in clear, understandable language.
  • Storage limitation: We store your data only as long as necessary for the fulfillment of the processing purpose or as required by legal retention periods.
  • Data security: We implement technical and organizational measures to ensure an appropriate level of security.
  • Processor agreements: We conclude data processing agreements according to Article 28 GDPR with service providers who process data on our behalf.
  • Data protection impact assessment: For processing operations with high risk to the rights and freedoms of natural persons, we conduct a data protection impact assessment.

As a company based in Canada that offers services to individuals in the EU, we have appointed a data protection officer who serves as a contact person for data protection issues and monitors compliance with the GDPR. Contact details can be found in Section 2 of this statement.

8. Changes to the Privacy Policy

The continuous development of our services and adaptations to legal requirements may necessitate updates to this privacy policy. We therefore recommend that you review this statement regularly. In the event of significant changes, we will inform you in an appropriate manner, for example through a notification on our website or by email. The current version can always be found on this page with the corresponding date of validity.