Effective: 2026-05-13. Last updated: 2026-05-13.
Crystallux Financial Services ("Crystallux", "we", "us", "our") is committed to protecting your personal information. This privacy policy explains what we collect, why we collect it, how we use it, and your rights. We operate under the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and the applicable provincial equivalents (Alberta PIPA, BC PIPA, Quebec Law 25).
We collect personal information you provide when you request a quote, complete a needs assessment, book a consultation, or apply for an insurance policy. This may include: full name, email, phone number, postal code, province, age range, family situation, income range, employment, insurance needs and interests, medical history (only when required for life/CI/DI underwriting), and information about your existing insurance coverage.
We collect technical information automatically when you visit our site: IP address, browser type, pages visited, referring URL, and similar log data. We use this for site operation, security, and analytics.
We collect, use, and disclose personal information based on your express consent (the checkbox you tick on any form), or as permitted/required by law. You can withdraw consent at any time by contacting us at privacy@crystallux.org. Withdrawal of consent may limit our ability to provide services.
We share personal information with:
We do not sell your personal information. We do not share your information with third parties for their own marketing purposes.
Personal information is stored on Canadian servers (Supabase Canada region) and on Canadian-resident infrastructure (Cloudflare Pages). Some service providers may be located in the United States; where data crosses borders we ensure equivalent privacy protection through contractual safeguards.
We retain personal information only as long as needed for the purpose collected, plus any regulatory retention period:
Under PIPEDA and Quebec Law 25 you have the right to: access your personal information, correct inaccuracies, withdraw consent, object to specific uses, request portability (Quebec residents), and complain to the regulator. To exercise any of these, email privacy@crystallux.org. We respond within 30 days.
This site uses essential cookies for site operation (session, language). With your consent, we use Cloudflare Analytics, privacy-friendly, no third-party tracking, no profiling. We do not use Google Analytics, advertising pixels, or programmatic-ad tracking.
We use industry-standard security: HTTPS / TLS on all data in transit, encryption at rest, role-based access control, audit logging, multi-factor authentication for advisor accounts. No system is perfectly secure; if we discover a material breach affecting your information we notify you and the regulator as required by law.
This service is for adults aged 18+. We do not knowingly collect information from children under 18.
Material changes to this policy are notified by email to active clients and posted on this page with a new "Last updated" date.
Privacy Officer · Crystallux Inc.
Email: privacy@crystallux.org
Address: Crystallux Financial Services, Guelph, Ontario, Canada
If you're not satisfied with our response, you can contact the Office of the Privacy Commissioner of Canada or your provincial regulator.