Book a Demo
Talk to an Expert

Privacy Policy

Last Modified: [Insert Date]

ConverjIT Technologies Inc.  (“CTI”, “we”, “us”, or “our”) respects your privacy and is committed to safeguarding your personal information in accordance with applicable privacy laws in Canada, the United States, and the European Union, including but not limited to the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act/Privacy Rights Act (CCPA/CPRA).

This Privacy Policy describes:

  • What personal information we collect and how
  • How we use and disclose personal information
  • Your rights and choices regarding your personal information
  • How we secure and retain your information

This Policy applies to:

  • Users visiting our website at [phrbo.com] (“Website”)
  • Users using any CTI products such as PHRBO
  • Organizations subscribing to our workforce and compliance software services (“Subscribers”)
  • Businesses that engage with Subscribers (“Clients”)

Employees of Clients (“Workers”) whose data is processed through our platform

1. Who We Are and What We Do

CTI provides HR, payroll, compliance, and back-office technology solutions. We act as:

  • A data processor when handling information on behalf of our Subscribers (e.g., processing payroll data for Workers)
  • A data controller for information we collect directly from Workers, Subscribers and Clients for our own business purposes

We do not sell personal information. We process it only as needed to deliver our services and to comply with legal obligations.

2. Information We Collect

We collect personal information you voluntarily provide when engaging with CTI—for example, when you fill out a form to learn more about our services or create a CTI account. The type and scope of data collected may vary depending on your interaction with us and what you choose to share. This may include:

  • Account Details: Your email address, password, and authentication credentials used to create or manage your CTI account.
  • Contact and Professional Information: Your name, phone number, email, mailing address, job title, department, industry, and organization name.
  • Billing and Contract Information: Details such as your signature, bank account and credit card information, VAT number, or other tax-related identifiers, necessary for payment processing and service contracts.
  • Identity Verification: Government-issued identification, photographs, or similar documents collected for compliance with anti-money laundering (AML) and know-your-customer (KYC) requirements.
  • Communication Records: Information shared through your communications with CTI, including inquiries, support requests, form submissions, email correspondence, or customer service interactions.
  • Insurance-Related Information: Where applicable, if your employer uses CTI’s benefits or brokerage services, we may collect your and your dependents’ insurance policy details, claims information, social insurance number, and other identifiers necessary for service delivery.
  • Financial Data: Bank routing numbers, account ownership verification documents, and transaction history collected as part of financial services, underwriting, or internal reporting.
  • Audio/Visual Content: Recordings from calls, meetings, or CTI events (virtual or in-person) may be made, with consent where required, including audio, video, or images of participants.
  • Vendor or Contractor Information: For CTI partners or third-party service providers, we may collect Tax Identification Numbers (TINs), invoicing details, bank information, and contract terms.
  • Marketing and Preferences: Data about your interests, marketing preferences, and interactions with our promotional communications or services.

Providing this information is optional, but some data may be necessary for us to deliver CTI services. Without it, certain functionalities—such as account registration or service access—may not be available.

Automatically Collected Information

When you access CTI services, we automatically collect certain technical and usage data through cookies, tracking technologies, and server logs. This includes:

  • Usage Analytics: Pages visited, content viewed, interaction data (such as clicks and scrolls), session duration, errors encountered, and other performance metrics.
  • Device and Log Information: IP address, browser type and version, operating system, device identifiers, internet service provider, access dates/times, and system activity logs.
  • Location Data: We may infer your approximate location based on your IP address or, where permission is granted, collect precise location data through GPS, Wi-Fi, or Bluetooth.
  • Cookies and Tracking Technologies: As detailed in our [Cookie Notice], we use cookies and similar technologies to enhance your user experience and gather usage insights.

Information from Third Parties

We may also obtain personal information from other sources and combine it with data you provide directly. These sources may include:

  • Employers and Affiliated Partners: If your employer uses CTI services, we may receive your personal or employment-related information from them or their authorized providers.
  • Other CTI Users: Information may be shared by customers or partners who refer you to CTI, or who provide details via contractor, vendor, or billing-related services.
  • Verification and Risk Management Partners: Third-party service providers may supply identity verification data, risk assessments, or financial verification to support our regulatory and operational needs.

Marketing Sources: Public databases, social networks (e.g., LinkedIn), event organizers, and data aggregators may provide professional or contact information for marketing and lead generation purposes.

3. How We Use Your Information

We use personal information to:

  • Provide and administer our services (e.g. cloud-based software that streamlines business operations for third-party management organizations, such as human resource consultants, accountants, bookkeepers, professional employer organizations, and recruiters, as a business-to-business-to-consumer offering; provided that such business does not engage in the business of providing employer of record services, co-employment services, professional employer organization (PEO) services, administrative services organization (ASO) services, payroll processing services, human resource services or other services ancillary thereto. )
  • Enable onboarding, authentication, account setup
  • Communicate with you about services, updates, and support
  • Comply with legal and regulatory obligations (e.g., CRA, IRS, GDPR, AML)
  • Detect and prevent fraud, unauthorized access, or misuse
  • Improve, personalize, and secure our Website and platform

We may use anonymized or aggregated data for analytics or product improvement.

4. Legal Bases for Processing

Depending on your location and the context, we rely on:

  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate interests (e.g., fraud prevention)
  • Your consent, where applicable

You can withdraw your consent at any time (see Section 9.

5. How We Share Your Information

We disclose personal information to:

  • Service providers who assist us with hosting, data storage, payments, analytics
  • Benefits carriers, banks, CRA, IRS  or other government revenue agencies (when required for employment/payroll processing)
  • Your employer or organization (if you’re a Worker)
  • Government authorities, regulators, and law enforcement where legally required
  • Successors or acquirers in a merger, asset sale, or corporate restructuring

We enter into Data Processing Agreements (DPAs) with all third-party processors as required by law.

6. Data Residency and Transfers

Personal information we collect may be stored and processed in your region, in the United States or in any other country where we or our affiliates or service providers maintain facilities. We maintain primary data centers in the Canada. We take steps designed to ensure that the personal information we collect under this Privacy Notice is processed as described in this Privacy Notice and according to any applicable laws. As a result, your personal information may be subject to the laws of foreign jurisdictions, including laws that permit or require the disclosure of information to law enforcement or national security authorities upon request. When transferring personal information from a jurisdiction restricting such exports, we will adopt appropriate data transfer tools such as approved standard contractual clauses or your consent (based on applicable laws). 

7. Data Retention

We keep your personal information for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements.

Because these needs can vary for different data types in the context of different purposes, actual retention periods can vary significantly. We determine the appropriate retention period for personal information based on the amount, nature, and sensitivity of your personal information processed, the potential risk of harm from unauthorized use or disclosure of your personal information and whether we can achieve the purposes of the processing through other means, as well as applicable legal requirements (such as applicable statutes of limitation).

Our retention obligations may require us to retain your personal information after your relationship with us has ended. These retention obligations may also prohibit us in some cases from deleting personal information after you have asked us to delete your personal information. After expiry of the applicable retention periods, your personal information will be deleted, de-identified, anonymized, or otherwise irreversibly destroyed in accordance with applicable laws. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of that data.

For further information on applicable data retention periods, please contact us at the address stated under the “Contact Us” section below.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Authenticate users
  • Remember preferences
  • Monitor website performance and usage analytics
  • Deliver and personalize advertising (only if consented)

You can manage cookie preferences through your browser settings. For more details, see our Cookie Notice [insert link if separate].

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete information
  • Withdraw consent
  • Request deletion of personal information
  • Object to processing or request restrictions
  • File a complaint with a data protection authority (e.g., Office of the Privacy Commissioner of Canada, GDPR Supervisory Authorities)

To exercise these rights, email us at [[email protected] or designated address].

10. Security Measures

We implement appropriate administrative, technical, and physical safeguards to protect your data including:

  • Encryption in transit and at rest
  • Access control policies and role-based access
  • Internal privacy training and audits
  • Secure infrastructure (hosted in Canada)

No method of transmission is 100% secure. We urge you to protect your credentials and report any suspicious activity to us.

11. Children’s Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children without verified parental consent.

12. Changes to This Policy

We may revise this Privacy Policy to reflect changes in legal or operational practices. When we make material changes, we will provide notice (via website or email) and obtain your consent if required.

Last updated date is indicated at the top of this document.

13. Contact Us

Questions, requests, or complaints can be directed to:
CTI Privacy Team [[email protected]]