Privacy Policy
Bridge Canvas RM ("Bridge Canvas," "we," "our," or "us") respects your privacy. This Privacy Policy explains what information we collect when you visit bridgecanvasrm.com or interact with our services, how we use it, and the choices you have. By using our website, you agree to the practices described here.
1. Who We Are
Bridge Canvas RM is a governance, risk, and compliance (GRC) and information security advisory firm serving small and mid-sized businesses. You can reach us at reachout@bridgecanvasrm.comfor any privacy-related questions, requests, or concerns.
2. Information We Collect
We collect information in two ways: information you give us directly, and information collected automatically when you use our site.
Information you provide. When you fill out a contact form, request a discovery call, subscribe to our newsletter, or otherwise communicate with us, you may share your name, work email address, company name, company size, and any details you choose to include in your message. When you book a call through our scheduling tool, that tool may also collect your time zone and any meeting notes you provide.
Information collected automatically. When you visit our site, we and our service providers may automatically collect technical information such as your IP address, browser type and version, device type, operating system, referring URL, the pages you view on our site, and the dates and times of your visits. We use cookies and similar technologies to support core site functionality, remember your preferences, and measure how our site is used. You can control cookies through your browser settings.
3. How We Use Your Information
We use the information we collect to respond to your inquiries and schedule discovery calls; provide the GRC and information security services you've engaged us for; send you newsletters or updates if you've opted in (you can unsubscribe at any time); improve and secure our website and services; comply with legal, regulatory, and contractual obligations; and detect and prevent fraud, abuse, or unauthorized activity.
We do not sell your personal information, and we do not share it with third parties for their own marketing purposes.
4. Cookies and Analytics
We use cookies and analytics tools to understand how visitors use our site so we can improve it. These tools may collect aggregated and anonymized data about page views, traffic sources, and visitor behavior. The specific tools we use may include website analytics, scheduling, email, and form-processing services provided by trusted vendors.
You can control or disable cookies through your browser settings. If you disable cookies, some parts of the site may not function as intended.
5. How We Share Information
We share information only with service providers who help us operate our business, and only to the extent necessary for them to perform their functions. These providers are contractually required to protect your information and use it only for the purposes we direct. Examples include our website host, scheduling platform, email provider, analytics provider, and CRM.
We may also disclose information when we are legally required to do so — for example, in response to a valid subpoena, court order, or government request — or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you and provide choices, where required by law.
6. Your Rights and Choices
Depending on where you live, you may have specific rights regarding your personal information. These can include the right to access the information we hold about you, the right to correct inaccurate information, the right to request deletion, the right to restrict or object to certain processing, the right to data portability, and the right to withdraw consent where processing is based on consent.
For residents of the European Economic Area, United Kingdom, and Switzerland (GDPR): Our lawful bases for processing your information include your consent, our legitimate interests in operating and improving our business, and the necessity to perform contracts you've entered into with us. You have the right to lodge a complaint with your local data protection authority.
For California residents (CCPA / CPRA): You have the right to know what personal information we collect, the right to request deletion, the right to correct inaccurate information, and the right to opt out of the sale or sharing of your personal information. We do not sell or share personal information as those terms are defined under California law.
To exercise any of these rights, contact us at reachout@bridgecanvasrm.com. We will respond within the timeframes required by applicable law. We may need to verify your identity before fulfilling your request.
7. How Long We Keep Information
We retain personal information only as long as needed to fulfill the purposes for which it was collected, to comply with our legal and contractual obligations, to resolve disputes, and to enforce our agreements. When we no longer need the information, we delete or anonymize it using reasonable safeguards.
8. Data Security
As a security and compliance firm, we take information security seriously. We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. No method of transmission over the internet or electronic storage is completely secure, however, so we cannot guarantee absolute security.
9. International Data Transfers
We are based in the United States. If you access our site or share information with us from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries. Where required by law, we use appropriate safeguards — such as standard contractual clauses — to protect information transferred internationally.
10. Children's Privacy
Our services are intended for businesses and adult professionals. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected information from a child, please contact us at reachout@bridgecanvasrm.com and we will take steps to delete it.
11. Third-Party Links
Our website may contain links to third-party sites we don't operate. This Privacy Policy does not apply to those sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, provide additional notice.
13. Contact Us
If you have questions about this Privacy Policy or how we handle your information, please contact us at:
Bridge Canvas RM
Email: reachout@bridgecanvasrm.com
This policy was prepared as a starting template tailored to a B2B advisory firm. Privacy law evolves, and your specific obligations may depend on the states, countries, and industries you operate in. We recommend having qualified legal counsel review this policy before publication, particularly if you expand into regulated sectors, process special-category data, or operate in new jurisdictions.