PIPEDA Compliance

Last updated: December 15, 2025

Our Commitment to Privacy

Cothon Technologies Inc. is committed to protecting the privacy of our users in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA). As a Canadian company, we adhere to all 10 fair information principles outlined in PIPEDA.

This page outlines how we implement each of the PIPEDA principles in our operations.

What is PIPEDA?

PIPEDA (Personal Information Protection and Electronic Documents Act) is Canada's federal privacy law for private-sector organizations. It sets out ground rules for how businesses must handle personal information in the course of commercial activities.

PIPEDA applies to organizations that collect, use, or disclose personal information in the course of commercial activities, which includes Cothon's procurement intelligence and bid analysis services.

The 10 PIPEDA Principles

1

Accountability

Cothon is responsible for personal information under our control. We have designated a Privacy Officer responsible for compliance with PIPEDA.

How we comply: Our Privacy Officer oversees all data handling practices and can be reached at privacy@cothon.com.

2

Identifying Purposes

We identify the purposes for which personal information is collected at or before the time of collection.

How we comply: We clearly state why we collect data in our Privacy Policy and at the point of collection (e.g., during signup).

3

Consent

We obtain meaningful consent for the collection, use, or disclosure of personal information.

How we comply: Users must explicitly consent to our terms during account creation. We use clear, plain language and allow users to withdraw consent at any time.

4

Limiting Collection

We limit collection to information necessary for identified purposes.

How we comply: We only collect data essential for providing our bid analysis and procurement intelligence services.

5

Limiting Use, Disclosure, and Retention

Personal information is only used for the purposes for which it was collected.

How we comply: We do not sell user data. Data is retained only as long as necessary and users can request deletion at any time.

6

Accuracy

Personal information is kept accurate, complete, and up-to-date.

How we comply: Users can update their profile information at any time through account settings.

7

Safeguards

Personal information is protected by appropriate security safeguards.

How we comply: We use industry-standard encryption (AES-256, TLS 1.3), secure authentication, and regular security audits.

8

Openness

We make information about our policies and practices readily available.

How we comply: Our Privacy Policy, Terms of Service, and this PIPEDA compliance page are publicly accessible.

9

Individual Access

Upon request, individuals are informed of the existence, use, and disclosure of their personal information.

How we comply: Users can request a copy of their data or ask questions about how their data is used by contacting us.

10

Challenging Compliance

Individuals can challenge compliance with these principles to our Privacy Officer.

How we comply: Contact privacy@cothon.com with any concerns. We will investigate and respond within 30 days.

Your Rights Under PIPEDA

As a user, you have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request your data in a portable format
  • Withdraw Consent: Withdraw consent for data processing at any time

Security Measures

We implement comprehensive security measures to protect your personal information:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Secure authentication with multi-factor authentication options
  • Regular security audits and vulnerability assessments
  • Employee training on data protection and privacy
  • Access controls limiting data access to authorized personnel only

Privacy Officer Contact

If you have questions about our PIPEDA compliance, want to exercise your privacy rights, or have concerns about how we handle your personal information, please contact our Privacy Officer:

Email: privacy@cothon.com

We will respond to all inquiries within 30 days as required by PIPEDA.

Office of the Privacy Commissioner

If you are not satisfied with our response to your privacy concerns, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada (OPC):

Website: www.priv.gc.ca

Phone: 1-800-282-1376

Cothon | AI-Powered Procurement & Bid Management Software