Privacy Policy

Laburnum Consulting Inc. ("Laburnum", "we", "our" or "us") is strongly committed to being responsible custodians of the information you provide us and the information we collect in the course of operating our business.

This privacy policy ("Privacy Policy") and any documents referred to in it, sets out the basis on which Laburnum, collects and processes your personal data as a data controller when you use our websites or services. We use the words "personal information" and "personal data" in this Privacy Policy to describe information that is about you that identifies you.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting our websites, or using our services or apps, you are accepting and consenting to the practices described in this Privacy Policy. This Privacy Policy does not apply to any data you provide to us when we process personal data on your behalf as your data processor i.e. where we process customer data within the cloud service we provide to you, as a business to business service provider.

Scope of Privacy Notice

This Privacy Notice explains and describes:

1. 1. When this Privacy Policy applies.
2. 2. Data Controller.
3. 3. Legal basis for processing.
4. 4. Personal data we may collect about you.
5. 5. How we collect your personal data.
6. 6. Personal data we receive from other sources.
7. 7. Personal data we collect from other sources.
8. 8. Cookies.
9. 9. How we use your personal data.
10. 10. Disclosure of your personal data.
11. 11. International transfers.
12. 12. Data security.
13. 13. Links to other websites and services.
14. 14. Use of blogs, forums and chat rooms.
15. 15. Your rights regarding.
16. 16. Marketing communications.
17. 17. Retention of personal data.
18. 18. Complaints.
19. 19. Age of users.
20. 20. Changes to Privacy Policy
21. 21. Further information.
22. 22. Contact.

1. When this Privacy Policy applies

This Privacy Policy applies:

• to use of our websites including but not limited to, bridge-labs.com;
• to use of any other website, mobile app or other online service created or hosted by us from time to time, (together "online services"), on which this Privacy Notice appears;
• when you apply to us for a job or work placement;
• where you subscribe to any publication or newsletter that we may issue;
• to any personal information collected from third parties where we are the controller of such information.

2. Data Controller

For the purposes of EU and UK data protection laws and any applicable national implementing laws, regulations and secondary legislation relating to the processing of personal data (together "Data Protection Law"), the data controller is Laburnum Consulting Inc. of 2227 St. Johns St, Suite 200, Port Moody, BC V3H 2A7, Canada. From time to time, there may be more than one data controller of your information within our group where you have engaged different parts of our broader organization to provide different or jointly delivered services.

3. Legal basis for processing

We will only use your personal data when the law allows us to. Most commonly we will use your personal data in the following circumstances:

• To fulfill our contractual obligations to you;
• Where it is necessary for our legitimate business interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
• To comply with a legal obligations.

To the extent we process your personal data for any other purposes, we ask for your consent in advance or require that our partners obtain such consent.

Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us. For example, where we respond to your requests and provide you with services in accordance with our terms of service or other applicable terms of business agreed with you or with your employing organization.

Legitimate interests: Where we consider use of your information as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party's legitimate purpose, we may use your personal data, which may include:

• for our own direct marketing or continued communication;
• the prevention of fraud;
• our own internal administrative purposes;
• organization of the service(s) we provide to you;
• ensuring network and information security, including preventing organization access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or
• reporting possible criminal acts or threats to public security to a competent authority.

Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to Laburnum as a provider of software services.

Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal data for our marketing purposes where you or your employing organization is not a client of Laburnum, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us as set out at the end of this Privacy Policy, however please note that we will no longer be able to provide you with the products or services that rely on having your consent.

4. Personal data we may collect about you

We may collect and process personal data about you. Personal data, or personally identifiable information, means any information about an individual from which that individual can be identified. It does not include data where the identity has been removed (anonymous data). We collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

• Identity Data: includes first name, maiden name, last name, user name or similar identifier, marital status, title, date of birth and gender.
• Contact Data: includes billing address, delivery address, email address and telephone numbers.
• Financial Data: includes bank account and payment card details.
• Transaction Data: includes details about payments to and from you and other details of products and services you have purchased from us.
• Technical Data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Site or the Services.
• Profile Data: includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
• Usage Data: includes information about how you use our websites, apps and services, including the full Uniform Resource Locators (URL) clickstream to, through and from our website, apps and services (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
• Marketing and Communication Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.
• Location Data: We also use GPS technology OR insert other technology to determine your current location. Some of our location-enabled services require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling Location Data in your settings OR insert other.
• Aggregated Data: We also collect, use and share statistical or demographic data for any purpose. This Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.
• Employment Data: If you apply for a job or work placement with Laburnum then you may need to provide information about your education and employment. As part of your application you will be asked to provide your express consent to our use of this information to assess your application and to allow us to carry out both recruitment analytics and any monitoring activities which may be required of us under applicable law as an employer. We may also carry out screening checks (including reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks) and consider you for other positions. Without this personal data, we may not be able to progress considering you for positions with us.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

5. How we collect your personal data

We use different methods to collect data from and about you including via:

• Direct Interactions. You may give us your Identity, Contact and Financial Data when you fill in forms or correspond with us by post, phone, email or otherwise. This includes personal data you provide when you register to use our websites, apps or to receive our newsletter, subscribe to use our services, register for a webinar, create an account to use our websites or services, request marketing to be sent to you, search for a product or place an order on our websites, participate in discussion boards or other social media functions on our websites, enter a competition, promotion or survey, attend a conference or webinar, give us feedback or contact us and when you report a problem with our websites or services.
• Purchases: If you make purchases via our websites or within any services, or register for an event or webinar, we may require you to provide your Identity, Contact, Financial and Transaction Data.
• Community: If you register for an online community that we provide, we may ask you to provide us with Identity, Contact, Profile and Technical Data.
• Automated Technologies or Interactions. As you interact with our services, websites, apps or emails, we automatically collect Technical Data about your device, browsing actions, patterns, Location Data and Usage Data. We collect this personal data by using cookies, server logs, web beacons, pixels, and similar technologies about your device, and your use of our websites and services. We may also receive Technical Data and Location Data about you if you visit other websites using our cookies. Please see the Cookie section below for further details.

6. Personal data we receive from other sources

We work closely with the third parties set out in our Third Party Supplier List which including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies.

We may receive the following personal data about you from them:

• Technical Data: from analytics providers, advertising networks and search information providers.
• Contact, Transaction and Financial Data: from providers of technical, payment and delivery services.
• Identity and Contact Data: from providers of chat/communication/helpdesk services with customers including via email.
• Email Communications and Contact Data: from providers of email communications service providers.
• Business Contact and Financial Data: from CRM service providers who manage contacts and keep a record of communications/ interactions with customers.
• Contact Data and Financial Data: from cloud accounting systems that store email and names of persons sent invoices by email.
• Employment Data: from your employing organization, regulatory authorities and recruitment agencies.

7. Personal data we collect from other sources

We also collect personal data about you from publicly available sources. We may combine this information with personal data provided by you. This helps us update, expand, and analyse our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. We also use this for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying Contact Data. The personal data we collect includes:

• Identity and Contact Data: from publicly available sources such as Companies House.
• Identity, Contact and Profile Data: that is published about you on social media profiles: such as LinkedIn, Facebook, Twitter.

8. Cookies

We use cookies and similar technologies, as described in more detail below on our websites and in our services. This helps Laburnum to improve your experience when you visit our websites and use our services.

Our website and services use cookies and other similar technologies, for example, to distinguish you from other users when you browse our websites or use our services and to allow us to improve our websites and services.

What are cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently to improve the user experience, as well as to provide certain information to the owners of the website. Cookies are the most effective way for us to identify unique users and understand their navigation during a visit to our websites. We use cookies to store user identifications, personalize our websites and offer secure services for each account holder.

Cookies can be "persistent" or "session" cookies. We use persistent cookies and session cookies.

Persistent cookies

A persistent cookie is stored on a user's device in between browser sessions which allows the preferences or actions of a user across the website (or in some cases across different websites) to be remembered. We use persistent cookies to save your login information for future logins to the website, apps or services.

Session Cookies

A session cookie allows our websites and services to link your actions during a browser session. We use session cookies to enable certain features of our websites and services, to better understand how you interact with our websites and services and to monitor aggregate usage by users and web traffic routing on the websites. Unlike persistent cookies, session cookies are deleted from your computer when you log off from our websites and services and then close your browser.

Which cookies we use and why

The table below explains the cookies we use and why we use each of them.

Control of cookies

Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites. Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that any opt-outs or preferences you set on our websites and in our services will be lost.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org which includes information on how to manage your settings for the major browser providers.

Do not track

We do not support Do Not Track ("DNT").

Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the "Preferences" or "Settings" page of your web browser.

9. How we use your personal data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

We will not sell or rent your personal data to anyone.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

We may share information that does not reasonably identify you or your organisation as permitted by applicable law.

10. Disclosure of your personal data

Personal data we share with third parties. We may share your personal data with the third parties set out in our Third Party Supplier List for the purposes set out in the table above. Below is a summary of the types of third parties used:

• Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
• Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you to provide services such as IT and system administration services, email communications, hosting services, backup services, credit card processing, research, development, marketing and customer support.
• Analytics and search engine providers that assist us in the improvement and optimisation of our websites and services.
• With academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, recruitment analytics providers, referees and your current and previous employers to evaluate, recruit and hire personnel.
• Professional advisors acting as service providers to us in relation to the websites or services - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services.
• Tax authorities, regulators and other authorities who require reporting of processing activities in certain circumstances.
• Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose personal data about identifiable individuals to our advertisers, but we may provide them with Aggregated Data about our users (for example, we may inform them that 250 men aged over 25 have clicked on their advertisement on any given day). We may also use such Aggregated Data to help advertisers reach the kind of audience they want to target (for example, women living in London). We may make use of the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.
• Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.

Personal data we disclose to third parties. We may disclose your personal data to third parties:

• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
• If we or a member of our group of companies or substantially all of their assets are acquired by a third party, in which case personal data held by them about their customers will be one of the transferred assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions, terms of service and/or any other legal agreements; or to protect our rights, property, safety, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
• Including Aggregated Data in the normal course of operating our business; for example, with other website and services users, our customers or publicly to show trends or benchmark the general use of our websites and services.

Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on Laburnum's behalf. When such third parties no longer need your personal data to fulfil this service, they will dispose of such details in line with Laburnum's procedures unless they are themselves under a legal obligation to retain information (provided that this will be in accordance with applicable data privacy laws). If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.

11. International transfers

Our websites, apps and services are global and your personal data may be stored and processed in any country where we have operations, our staff are located or where we engage service providers engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services. This will involve a transfer of your personal data to countries outside of your country of residence, where data protection rules are different from those of your country of residence.

Processing of your personal data will involve a transfer of data to countries outside the European Economic Area ("EEA"), Switzerland or the UK.

We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy Policy. In particular this means that your personal data will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission or the UK Data Protection Authority, ("ICO") has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clauses according to conditions provided by the European Commission or ICO.

Laburnum's operational centres are located in the United Kingdom and Canada. Canada has robust and comprehensive laws that protect your personal information. The European Commission has recognized Canada as an "adequate" jurisdiction that offers a level of data protection similar to the EEA.

Our websites, apps and services are accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Site or Services from outside the EEA, Switzerland or the UK. This means that where you chose to post your personal data on our websites or within the services, it could be accessed from anywhere around the world and therefore a transfer of your personal data outside of the EEA, Switzerland or the UK may be deemed to have occurred.

12. Data security

We take steps to hold information securely in electronic or physical form.

Our information security policy is supported by a variety of processes and procedures, and we store information in access controlled premises or electronic databases requiring logins and passwords. All employees, officers or contractors of Laburnum and third party providers with access to confidential information are subject to access controls and confidentiality obligations, and we require our third-party data storage providers to comply with appropriate information security industry standards. We have put in place procedures to deal with any personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our websites or services which is at your own risk.

If you communicate with us using a non-secure web platforms, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.

Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure.

You can help us to keep your information secure by ensuring that any user name or password in relation to our online services is kept strictly personal to you and not be made available to any other person. You should stop using your username and password and notify us immediately if you suspect that someone else may be using your user details or password.

We use a variety of technical and organizational security controls to help protect your personal information from unauthorized access, use, disclosure, alteration, or destruction consistent with applicable data protection laws. These controls include:

System Security

• Highly secure, reliable, and scalable IT infrastructures
• Use of anti-virus software and encryption
• Mirrored active/active firewalls to ensure that in the event of a failure data will remain secure
• Continually upgraded systems ensuring performance at the highest level
• Systems monitored 24/7 to protect against unauthorized intrusion
• Multi-factor authentication
• System alerts for unusual activities
• Performance of regular security reviews and monitoring of security logs for anomalies

Legal Protection

• All employees receive mandatory security awareness training, including mandatory security refreshers and testing
• All employees are subject to background checks
• All employees must sign confidentiality and non-disclosure agreements
• Strict authorization protocols, logging, and monitoring for privileged systems access by Operations staff
• In addition, access to sensitive personal information is limited to those individuals and agents having a need to know.
• When we engage a third party service provider to collect or otherwise process personal data on our behalf, the third party is selected carefully and will be required to have appropriate security measures in place.

Third Party Validation

When we engage a third party service provider to collect or otherwise process personal information on our behalf, the third party is selected carefully and will be required to have appropriate security measures in place.

13. Links to other websites and services

Our websites and services may contain links to and from the websites of our partner networks, advertisers, affiliates and other third parties. This Privacy Policy does not apply to, and Laburnum is not responsible for, any third party websites or apps which may be accessible through links such links. If you use or follow a link to any of these third-party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you. You will need to check the policy policies of these other sites to understand their policies. If you access a linked site you may be disclosing your personal data. It is your responsibility to keep such information private and confidential.

Our services may include integrated content or links to content provided by third parties (such as video materials). This Privacy Policy does not address the privacy, security, or other practices of the third parties that provide such content.

14. Your rights regarding your Personal Data

Under Data Protection Law, you have the right free of charge to request:

• Access to your personal data.
• Rectification or deletion of your personal data.
• A restriction on the processing of your personal data.
• Object to the processing of your personal data.
• A transfer of your personal data (data portability) in a structured, machine readable and commonly used format.
• Withdraw your consent to us processing your personal data, at any time.

If you wish to exercise any of the above rights, please contact us at: privacy@bridge-labs.com

We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of Data Protection Law. Occasionally it could take us longer, if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

If you are a Californian Resident: the California Consumer Privacy Act of 2018 (CCPA) provides certain rights, subject to certain limitations, in relation to your personal information, including the right to non-discrimination for exercising your CCPA rights, the right to know about the personal information we've collected about you in the past 12 months and how it is used and shared (which is described in this Privacy Notice), and the right to deletion. Individuals protected by the CCPA also have the right to opt-out of the sale of your personal information. Laburnum does not currently "sell" (as defined in the CCPA) the personal information that we collect from you. Should this change in the future, Laburnum will ensure that the right to opt-out is made available to you. For clarity, this Privacy Notice constitutes Laburnum's "notice at collection" under the CCPA.

15. Marketing communications

Marketing: We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, apps, services and offers may be relevant for you (we call this marketing).

Promotional Offers from us: We will send you marketing emails if you "opt in" to receive marketing emails when registering on our websites, or if you have enquired about, or purchased any of our goods or services from us and you have not opted out of receiving such marketing.

Third Party Marketing: We will obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.

Opt out: Please note that, if you change your mind about being sent marketing emails you can "opt out" at any time by clicking the "unsubscribe" link at the bottom of any marketing email. Once you "opt out", you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email and where we send push notifications from time to time in order to update you about any service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.

16. Retention of personal data

We retain personal data we collect no longer than is reasonably necessary to fulfil the purposes that such data was originally provided or collected in accordance with our internal data retention policies or to comply with our legal, regulatory, tax, accounting or reporting obligations.

A maintained copy of our data retention policy is available at https://www.bridge-labs.com/policies/data-retention

We may retain your personal data for a longer period in the event of a complaint, if we reasonably believe there is a prospect of litigation in respect of our relationship with you, to comply with law enforcement requests, maintain security, prevent fraud and abuse, resolve disputes, enforce our legal agreements, or fulfil your request to "unsubscribe" fromfurther messages from us.

We will retain some anonymised information after your account has been closed and we may use this for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Please note: After you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the websites or services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.

17. Complaints

Our intention is to meet the highest standards when collecting and using personal data. For this reason, we take complaints we receive very seriously. We encourage users to notify us if they think that our collection or use of personal data is unfair, misleading or inappropriate. If you have any complaints about our use of your personal data, please contact us as set out at the end of this Privacy Policy or contact your local data protection supervisory authority.

If you are located in the UK you may submit a complaint to the Information Commissioner's Office, details of which can be found at https://ico.org.uk/global/contact-us.

Our EU representative is: Lauren Holland, gdpr@bridge-labs.com

If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details, consult with other parties and keep records regarding your complaint.

18. Age of users

The websites, apps and services are not intended for and shall not be used by anyone under the age of 18.

19. Changes to our Privacy Policy

As technologies and information governance practices develop, and data privacy laws (and surrounding guidance) evolve, we may need to revise this Privacy Policy. You should therefore review this page regularly to ensure that you are aware of any changes to its terms.

We will post any Privacy Policy changes on this page and, if the changes are significant or may materially impact upon your rights, we will notify you of the changes by email.

This Privacy Policy was last updated on the 22nd of December, 2024 and this version replaces any other Privacy Policy previously applicable from this date.

20. Further Information

To find out more about Laburnum please visit bridge-labs.com

Laburnum at your request, can confirm what information we hold about you and how it is processed. If Laburnum does hold personal data about you, you can request the following information by contacting us using the details below:

• Identity and the contact details of the person or organization that has determined how and why to process your data.
• The purpose of the processing as well as the legal basis for processing.
• If the processing is based on the legitimate interests of Laburnum or a third party, information about those interests.
• The categories of personal data collected, stored and processed.
• Recipient(s) or categories of recipients that the data is/will be disclosed to.
• How long the data will be stored.
• The source of personal data if it wasn't collected directly from you.
• Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

In order to verify the identity of those who make a request to us, we will accept the following forms of ID when information on your personal data is requested:

• Passport,
• Driving licence, Birth certificate,
• Utility bill dated within the last 3 months.

21. Contact

If you have any questions, concerns or comments about this Privacy Policy, or want to submit a written complaint about how we handle your personal data, please contact us via any of the following means:

Laburnum Consulting Inc. at 2227 St. Johns St, Suite 200, Port Moody, BC V3H 2A7

Email: hello@bridge-labs.com

Our DPO is: Alex Crooks <privacy@bridge-labs.com>

Third Party Supplier List