Legal · Privacy

Privacy Policy

How we collect, use, store, and protect personal information, written in plain language and aligned with PIPEDA.

Last updated: May 24, 2026

Section 01

Overview

OMHAS Solutions Inc. ("OMHAS", "we", "our") is committed to protecting the privacy of every learner, client, contractor, and visitor who interacts with us. This Privacy Policy explains what personal information we collect, why we collect it, how we use it, and the choices you have.

This policy applies to omhas.ca, the OMHAS Academy learner portal, and any related services or communications. We operate in compliance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Ontario privacy legislation.

Section 02

Information We Collect

We collect only the information needed to deliver our services. This typically includes: full name, work email, employer or organization, billing address, phone number, course enrollment and completion data, certificate identifiers, and payment confirmation tokens (we do not store full card numbers).

We also collect technical telemetry, browser type, IP address, referring URL, and session duration, to maintain the security and performance of our platform.

Section 03

How We Use Your Information

Personal information is used to deliver training, issue certificates, support audits, process payments, respond to inquiries, and comply with regulatory record-keeping obligations.

We may use de-identified, aggregated data for product improvement, statistical reporting, and benchmarking. We do not sell personal information to any third party, ever.

Section 04

Disclosure to Third Parties

We disclose personal information only to service providers acting on our behalf (payment processors, infrastructure hosts, email delivery), and only to the extent strictly necessary to perform their function under written confidentiality terms.

We may disclose information when required by law, court order, or to protect the rights, property, or safety of any person.

Section 05

Retention

Certificate records and learner transcripts are retained for the duration of certificate validity plus seven years to support audit verification.

Billing records are retained for seven years to meet CRA requirements. Marketing contact data is retained until you withdraw consent.

Section 06

Your Rights

You have the right to access, correct, or request deletion of your personal information. You may also withdraw consent to marketing communications at any time.

To exercise these rights, contact our Privacy Officer at privacy@omhas.ca. We will respond within 30 days.

Section 07

Security

Personal information is protected by encryption in transit (256-bit TLS) and at rest, role-based access controls, and continuous security monitoring. Our learner portal is independently penetration-tested annually.

Section 08

Cookies & Tracking

We use first-party cookies to maintain login sessions and remember user preferences. We use a privacy-respecting analytics service to understand aggregate site usage. We do not use third-party advertising trackers.

Section 09

Updates to This Policy

We may update this Privacy Policy as our services evolve or as legal requirements change. Material changes will be communicated by email to active account holders and posted prominently on this page for 30 days.

Section 10

Contact Our Privacy Officer

Questions, requests, or complaints regarding this policy should be directed to our Privacy Officer at privacy@omhas.ca or by mail to OMHAS Solutions Inc., Privacy Office, Sudbury, Ontario, Canada.

If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.

See also our Terms & Conditions.