Privacy Notice
Last Updated: February 13, 2026
This Privacy Notice describes how we collect, use, disclose, and protect personal information within our customer relationship management (“CRM”) systems. It applies to customers, prospective customers, suppliers, partners, website visitors, and other individuals whose data we maintain in connection with our business activities.
We are committed to protecting privacy rights and complying with global privacy and data-protection laws, including but not limited to the laws of the United States, Canada, the European Union, and the United Kingdom.
1. Information We Collect
We may collect and store the following categories of personal information:
1.1 Contact and Identification Information
Name, job title, organization
Business email address, phone number, and address
Job title/role
Language and communication preferences
1.2 Relationship and Account Information
Account details, purchase history, service interactions
Contract information and customer support records
Event attendance
Meeting notes
Information you voluntarily provide used to personalize professional outreach such as
Gender
Marital status
Spouse’s name
Children’s names
Anniversary
1.3 Technical Information
Log data, IP address, device information
Website interactions (if legally permitted)
CRM access logs for authenticated users
1.4 Compliance and Due Diligence Information
Information gathered for sanctions screening, regulatory checks, and identity or business verification
Publicly available or third-party-supplied information used for compliance purposes
We do not intentionally collect sensitive personal information unless required for regulatory compliance or provided voluntarily for a specific purpose.
2. How We Use Personal Information
We use personal information in our CRM system to support:
2.1 Business Operations
Developing, maintaining and growing our business relationships
Providing products, services, support, and updates
Managing accounts and business relationships
Processing orders, contracts, and transactions
2.2 Communications
Informing customers and potential customers of information relating to our business
Inviting customers and potential customers to business-related meetings and events
Sending service notices, product information, and newsletters (where allowed)
Responding to inquiries and providing customer assistance
2.3 Compliance and Risk Management
Screening for export-control, sanctions, anti-corruption, and fraud risks
Satisfying legal and regulatory obligations
2.4 System Administration and Improvement
Enhancing CRM performance and user experience
Conducting analytics, reporting, and internal audits
We only use personal information in ways consistent with these purposes or as required by law.
3. Why We Share Personal Information
We may share personal information with:
3.1 Service Providers
Cloud providers, CRM platform vendors, analytics services, and other third parties that support our operations under strict confidentiality obligations.
3.2 Business Partners
Consultant, distributors, sales agents, and others involved in fulfilling orders or servicing customer relationships.
3.3 Legal or Regulatory Authorities
When disclosure is required by law or lawful request.
3.4 Corporate Events
In connection with mergers, acquisitions, reorganizations, or asset transfers, subject to adequate safeguards.
We do not sell personal information for monetary value.
4. International Data Transfers
Due to our global operations, personal information may be processed in countries outside your place of residence, including the United States.
We rely on appropriate legal mechanisms, such as:
Standard Contractual Clauses (EU/UK)
Adequacy decisions
Contractual protections under Canada’s PIPEDA and Brazil’s LGPD
Additional technical and organizational safeguards
Regardless of where data is processed, it is handled in accordance with this Notice.
5. Data Retention
We retain personal information only for as long as necessary to:
Maintain customer accounts
Meet legal or regulatory obligations
Resolve disputes
Support legitimate business needs
Applicable laws may require longer retention periods.
6. Your Privacy Rights
Depending on your jurisdiction, you may have rights to:
Access your personal information
Correct inaccurate data
Delete or request erasure
Restrict or object to data processing
Request data portability
Withdraw consent (where applicable)
Opt out of certain types of data disclosures
You may exercise these rights by contacting us at privacy@blacklake.group.
7. Data Security
We use administrative, technical, and physical controls designed to protect personal information against unauthorized access, disclosure, alteration, and destruction.
8. Children’s Privacy
Our CRM systems and business operations are not intended for children.
We do not knowingly collect personal information from individuals below the age permitted by applicable laws.
9. Updates to This Notice
We may update this Privacy Notice periodically.
Changes will be posted with an updated “Last Updated” date.
10. Contact Us
Questions about this Notice or our CRM privacy practices may be directed to Thousand Islands Industries, Inc. dba Blacklake via privacy@blacklake.group.
11. GDPR (EU/EEA/UK) Compliance
If you are in the European Union, European Economic Area, or United Kingdom, the following applies.
11.1 Legal Grounds for Processing
Contract performance
Legitimate interests
Compliance with legal obligations
Consent for specific uses (e.g., optional marketing)
11.2 Your GDPR Rights
You may request:
Access, correction, deletion
Restriction or objection
Data portability
Withdrawal of consent
Complaint to a supervisory authority
11.3 International Transfers
Transfers outside the EU/UK rely on:
Standard Contractual Clauses
UK Data Transfer Addendum
Adequacy decisions
Additional safeguards
12. California Consumer Privacy Rights Act (CPRA)
This section applies to California residents.
12.1 Categories Collected
May include:
Identifiers
Commercial information
Internet activity
Professional information
We do not sell or “share” personal information for cross-context behavioral advertising.
12.2 CPRA Rights
You may request:
Access, correction, deletion
Information about our data practices
Opt-out from certain disclosures
Limiting use of sensitive information (not applicable as we do not use it for inferring characteristics)
Authorized agents may submit requests on your behalf.
13. Virginia Consumer Data Protection Act (VCDPA)
This section applies to Virginia residents.
13.1 Virginia Rights
You may:
Access and confirm processing
Correct inaccuracies
Delete personal data
Obtain a portable copy
Opt out of targeted advertising, sale, or significant profiling
We do not use data for automated decisions producing legal or significant effects.
13.2 Appeals
If we deny your request, you may appeal. If unresolved, you may contact the Virginia Attorney General.
14. Canada (PIPEDA) Compliance
If you reside in Canada, the following applies pursuant to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws.
14.1 Accountability
We maintain policies, training, contractual controls, and safeguards to protect personal information under our control.
14.2 Purposes for Collection
We collect personal information only for:
Managing customer relationships
Fulfilling contracts and transactions
Providing services and support
Regulatory compliance
Legitimate business operations
When required, we will obtain meaningful consent for collection, use, or disclosure.
14.3 Your Canadian Privacy Rights
Under PIPEDA, you may:
Access the personal information we hold about you
Request corrections
Withdraw consent (subject to legal or contractual limits)
Challenge our compliance with PIPEDA
We respond to verified requests within statutory timelines.
14.4 Cross-Border Transfers
Your information may be transferred to the United States or other jurisdictions.
Where this occurs, we implement measures consistent with PIPEDA requirements to protect your information.
14.5 Questions or Complaints
You may raise concerns with us via privacy@blacklake.group. If unresolved, you may contact the Office of the Privacy Commissioner of Canada.
Last Updated: February 13, 2026
This Privacy Notice describes how we collect, use, disclose, and protect personal information within our customer relationship management (“CRM”) systems. It applies to customers, prospective customers, suppliers, partners, website visitors, and other individuals whose data we maintain in connection with our business activities.
We are committed to protecting privacy rights and complying with global privacy and data-protection laws, including but not limited to the laws of the United States, Canada, the European Union, and the United Kingdom.
1. Information We Collect
We may collect and store the following categories of personal information:
1.1 Contact and Identification Information
Name, job title, organization
Business email address, phone number, and address
Job title/role
Language and communication preferences
1.2 Relationship and Account Information
Account details, purchase history, service interactions
Contract information and customer support records
Event attendance
Meeting notes
Information you voluntarily provide used to personalize professional outreach such as
Gender
Marital status
Spouse’s name
Children’s names
Anniversary
1.3 Technical Information
Log data, IP address, device information
Website interactions (if legally permitted)
CRM access logs for authenticated users
1.4 Compliance and Due Diligence Information
Information gathered for sanctions screening, regulatory checks, and identity or business verification
Publicly available or third-party-supplied information used for compliance purposes
We do not intentionally collect sensitive personal information unless required for regulatory compliance or provided voluntarily for a specific purpose.
2. How We Use Personal Information
We use personal information in our CRM system to support:
2.1 Business Operations
Developing, maintaining and growing our business relationships
Providing products, services, support, and updates
Managing accounts and business relationships
Processing orders, contracts, and transactions
2.2 Communications
Informing customers and potential customers of information relating to our business
Inviting customers and potential customers to business-related meetings and events
Sending service notices, product information, and newsletters (where allowed)
Responding to inquiries and providing customer assistance
2.3 Compliance and Risk Management
Screening for export-control, sanctions, anti-corruption, and fraud risks
Satisfying legal and regulatory obligations
2.4 System Administration and Improvement
Enhancing CRM performance and user experience
Conducting analytics, reporting, and internal audits
We only use personal information in ways consistent with these purposes or as required by law.
3. Why We Share Personal Information
We may share personal information with:
3.1 Service Providers
Cloud providers, CRM platform vendors, analytics services, and other third parties that support our operations under strict confidentiality obligations.
3.2 Business Partners
Consultant, distributors, sales agents, and others involved in fulfilling orders or servicing customer relationships.
3.3 Legal or Regulatory Authorities
When disclosure is required by law or lawful request.
3.4 Corporate Events
In connection with mergers, acquisitions, reorganizations, or asset transfers, subject to adequate safeguards.
We do not sell personal information for monetary value.
4. International Data Transfers
Due to our global operations, personal information may be processed in countries outside your place of residence, including the United States.
We rely on appropriate legal mechanisms, such as:
Standard Contractual Clauses (EU/UK)
Adequacy decisions
Contractual protections under Canada’s PIPEDA and Brazil’s LGPD
Additional technical and organizational safeguards
Regardless of where data is processed, it is handled in accordance with this Notice.
5. Data Retention
We retain personal information only for as long as necessary to:
Maintain customer accounts
Meet legal or regulatory obligations
Resolve disputes
Support legitimate business needs
Applicable laws may require longer retention periods.
6. Your Privacy Rights
Depending on your jurisdiction, you may have rights to:
Access your personal information
Correct inaccurate data
Delete or request erasure
Restrict or object to data processing
Request data portability
Withdraw consent (where applicable)
Opt out of certain types of data disclosures
You may exercise these rights by contacting us at privacy@blacklake.group.
7. Data Security
We use administrative, technical, and physical controls designed to protect personal information against unauthorized access, disclosure, alteration, and destruction.
8. Children’s Privacy
Our CRM systems and business operations are not intended for children.
We do not knowingly collect personal information from individuals below the age permitted by applicable laws.
9. Updates to This Notice
We may update this Privacy Notice periodically.
Changes will be posted with an updated “Last Updated” date.
10. Contact Us
Questions about this Notice or our CRM privacy practices may be directed to Thousand Islands Industries, Inc. dba Blacklake via privacy@blacklake.group.
11. GDPR (EU/EEA/UK) Compliance
If you are in the European Union, European Economic Area, or United Kingdom, the following applies.
11.1 Legal Grounds for Processing
Contract performance
Legitimate interests
Compliance with legal obligations
Consent for specific uses (e.g., optional marketing)
11.2 Your GDPR Rights
You may request:
Access, correction, deletion
Restriction or objection
Data portability
Withdrawal of consent
Complaint to a supervisory authority
11.3 International Transfers
Transfers outside the EU/UK rely on:
Standard Contractual Clauses
UK Data Transfer Addendum
Adequacy decisions
Additional safeguards
12. California Consumer Privacy Rights Act (CPRA)
This section applies to California residents.
12.1 Categories Collected
May include:
Identifiers
Commercial information
Internet activity
Professional information
We do not sell or “share” personal information for cross-context behavioral advertising.
12.2 CPRA Rights
You may request:
Access, correction, deletion
Information about our data practices
Opt-out from certain disclosures
Limiting use of sensitive information (not applicable as we do not use it for inferring characteristics)
Authorized agents may submit requests on your behalf.
13. Virginia Consumer Data Protection Act (VCDPA)
This section applies to Virginia residents.
13.1 Virginia Rights
You may:
Access and confirm processing
Correct inaccuracies
Delete personal data
Obtain a portable copy
Opt out of targeted advertising, sale, or significant profiling
We do not use data for automated decisions producing legal or significant effects.
13.2 Appeals
If we deny your request, you may appeal. If unresolved, you may contact the Virginia Attorney General.
14. Canada (PIPEDA) Compliance
If you reside in Canada, the following applies pursuant to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws.
14.1 Accountability
We maintain policies, training, contractual controls, and safeguards to protect personal information under our control.
14.2 Purposes for Collection
We collect personal information only for:
Managing customer relationships
Fulfilling contracts and transactions
Providing services and support
Regulatory compliance
Legitimate business operations
When required, we will obtain meaningful consent for collection, use, or disclosure.
14.3 Your Canadian Privacy Rights
Under PIPEDA, you may:
Access the personal information we hold about you
Request corrections
Withdraw consent (subject to legal or contractual limits)
Challenge our compliance with PIPEDA
We respond to verified requests within statutory timelines.
14.4 Cross-Border Transfers
Your information may be transferred to the United States or other jurisdictions.
Where this occurs, we implement measures consistent with PIPEDA requirements to protect your information.
14.5 Questions or Complaints
You may raise concerns with us via privacy@blacklake.group. If unresolved, you may contact the Office of the Privacy Commissioner of Canada.
Last Updated: February 13, 2026
This Privacy Notice describes how we collect, use, disclose, and protect personal information within our customer relationship management (“CRM”) systems. It applies to customers, prospective customers, suppliers, partners, website visitors, and other individuals whose data we maintain in connection with our business activities.
We are committed to protecting privacy rights and complying with global privacy and data-protection laws, including but not limited to the laws of the United States, Canada, the European Union, and the United Kingdom.
1. Information We Collect
We may collect and store the following categories of personal information:
1.1 Contact and Identification Information
Name, job title, organization
Business email address, phone number, and address
Job title/role
Language and communication preferences
1.2 Relationship and Account Information
Account details, purchase history, service interactions
Contract information and customer support records
Event attendance
Meeting notes
Information you voluntarily provide used to personalize professional outreach such as
Gender
Marital status
Spouse’s name
Children’s names
Anniversary
1.3 Technical Information
Log data, IP address, device information
Website interactions (if legally permitted)
CRM access logs for authenticated users
1.4 Compliance and Due Diligence Information
Information gathered for sanctions screening, regulatory checks, and identity or business verification
Publicly available or third-party-supplied information used for compliance purposes
We do not intentionally collect sensitive personal information unless required for regulatory compliance or provided voluntarily for a specific purpose.
2. How We Use Personal Information
We use personal information in our CRM system to support:
2.1 Business Operations
Developing, maintaining and growing our business relationships
Providing products, services, support, and updates
Managing accounts and business relationships
Processing orders, contracts, and transactions
2.2 Communications
Informing customers and potential customers of information relating to our business
Inviting customers and potential customers to business-related meetings and events
Sending service notices, product information, and newsletters (where allowed)
Responding to inquiries and providing customer assistance
2.3 Compliance and Risk Management
Screening for export-control, sanctions, anti-corruption, and fraud risks
Satisfying legal and regulatory obligations
2.4 System Administration and Improvement
Enhancing CRM performance and user experience
Conducting analytics, reporting, and internal audits
We only use personal information in ways consistent with these purposes or as required by law.
3. Why We Share Personal Information
We may share personal information with:
3.1 Service Providers
Cloud providers, CRM platform vendors, analytics services, and other third parties that support our operations under strict confidentiality obligations.
3.2 Business Partners
Consultant, distributors, sales agents, and others involved in fulfilling orders or servicing customer relationships.
3.3 Legal or Regulatory Authorities
When disclosure is required by law or lawful request.
3.4 Corporate Events
In connection with mergers, acquisitions, reorganizations, or asset transfers, subject to adequate safeguards.
We do not sell personal information for monetary value.
4. International Data Transfers
Due to our global operations, personal information may be processed in countries outside your place of residence, including the United States.
We rely on appropriate legal mechanisms, such as:
Standard Contractual Clauses (EU/UK)
Adequacy decisions
Contractual protections under Canada’s PIPEDA and Brazil’s LGPD
Additional technical and organizational safeguards
Regardless of where data is processed, it is handled in accordance with this Notice.
5. Data Retention
We retain personal information only for as long as necessary to:
Maintain customer accounts
Meet legal or regulatory obligations
Resolve disputes
Support legitimate business needs
Applicable laws may require longer retention periods.
6. Your Privacy Rights
Depending on your jurisdiction, you may have rights to:
Access your personal information
Correct inaccurate data
Delete or request erasure
Restrict or object to data processing
Request data portability
Withdraw consent (where applicable)
Opt out of certain types of data disclosures
You may exercise these rights by contacting us at privacy@blacklake.group.
7. Data Security
We use administrative, technical, and physical controls designed to protect personal information against unauthorized access, disclosure, alteration, and destruction.
8. Children’s Privacy
Our CRM systems and business operations are not intended for children.
We do not knowingly collect personal information from individuals below the age permitted by applicable laws.
9. Updates to This Notice
We may update this Privacy Notice periodically.
Changes will be posted with an updated “Last Updated” date.
10. Contact Us
Questions about this Notice or our CRM privacy practices may be directed to Thousand Islands Industries, Inc. dba Blacklake via privacy@blacklake.group.
11. GDPR (EU/EEA/UK) Compliance
If you are in the European Union, European Economic Area, or United Kingdom, the following applies.
11.1 Legal Grounds for Processing
Contract performance
Legitimate interests
Compliance with legal obligations
Consent for specific uses (e.g., optional marketing)
11.2 Your GDPR Rights
You may request:
Access, correction, deletion
Restriction or objection
Data portability
Withdrawal of consent
Complaint to a supervisory authority
11.3 International Transfers
Transfers outside the EU/UK rely on:
Standard Contractual Clauses
UK Data Transfer Addendum
Adequacy decisions
Additional safeguards
12. California Consumer Privacy Rights Act (CPRA)
This section applies to California residents.
12.1 Categories Collected
May include:
Identifiers
Commercial information
Internet activity
Professional information
We do not sell or “share” personal information for cross-context behavioral advertising.
12.2 CPRA Rights
You may request:
Access, correction, deletion
Information about our data practices
Opt-out from certain disclosures
Limiting use of sensitive information (not applicable as we do not use it for inferring characteristics)
Authorized agents may submit requests on your behalf.
13. Virginia Consumer Data Protection Act (VCDPA)
This section applies to Virginia residents.
13.1 Virginia Rights
You may:
Access and confirm processing
Correct inaccuracies
Delete personal data
Obtain a portable copy
Opt out of targeted advertising, sale, or significant profiling
We do not use data for automated decisions producing legal or significant effects.
13.2 Appeals
If we deny your request, you may appeal. If unresolved, you may contact the Virginia Attorney General.
14. Canada (PIPEDA) Compliance
If you reside in Canada, the following applies pursuant to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws.
14.1 Accountability
We maintain policies, training, contractual controls, and safeguards to protect personal information under our control.
14.2 Purposes for Collection
We collect personal information only for:
Managing customer relationships
Fulfilling contracts and transactions
Providing services and support
Regulatory compliance
Legitimate business operations
When required, we will obtain meaningful consent for collection, use, or disclosure.
14.3 Your Canadian Privacy Rights
Under PIPEDA, you may:
Access the personal information we hold about you
Request corrections
Withdraw consent (subject to legal or contractual limits)
Challenge our compliance with PIPEDA
We respond to verified requests within statutory timelines.
14.4 Cross-Border Transfers
Your information may be transferred to the United States or other jurisdictions.
Where this occurs, we implement measures consistent with PIPEDA requirements to protect your information.
14.5 Questions or Complaints
You may raise concerns with us via privacy@blacklake.group. If unresolved, you may contact the Office of the Privacy Commissioner of Canada.
Last Updated: February 13, 2026
This Privacy Notice describes how we collect, use, disclose, and protect personal information within our customer relationship management (“CRM”) systems. It applies to customers, prospective customers, suppliers, partners, website visitors, and other individuals whose data we maintain in connection with our business activities.
We are committed to protecting privacy rights and complying with global privacy and data-protection laws, including but not limited to the laws of the United States, Canada, the European Union, and the United Kingdom.
1. Information We Collect
We may collect and store the following categories of personal information:
1.1 Contact and Identification Information
Name, job title, organization
Business email address, phone number, and address
Job title/role
Language and communication preferences
1.2 Relationship and Account Information
Account details, purchase history, service interactions
Contract information and customer support records
Event attendance
Meeting notes
Information you voluntarily provide used to personalize professional outreach such as
Gender
Marital status
Spouse’s name
Children’s names
Anniversary
1.3 Technical Information
Log data, IP address, device information
Website interactions (if legally permitted)
CRM access logs for authenticated users
1.4 Compliance and Due Diligence Information
Information gathered for sanctions screening, regulatory checks, and identity or business verification
Publicly available or third-party-supplied information used for compliance purposes
We do not intentionally collect sensitive personal information unless required for regulatory compliance or provided voluntarily for a specific purpose.
2. How We Use Personal Information
We use personal information in our CRM system to support:
2.1 Business Operations
Developing, maintaining and growing our business relationships
Providing products, services, support, and updates
Managing accounts and business relationships
Processing orders, contracts, and transactions
2.2 Communications
Informing customers and potential customers of information relating to our business
Inviting customers and potential customers to business-related meetings and events
Sending service notices, product information, and newsletters (where allowed)
Responding to inquiries and providing customer assistance
2.3 Compliance and Risk Management
Screening for export-control, sanctions, anti-corruption, and fraud risks
Satisfying legal and regulatory obligations
2.4 System Administration and Improvement
Enhancing CRM performance and user experience
Conducting analytics, reporting, and internal audits
We only use personal information in ways consistent with these purposes or as required by law.
3. Why We Share Personal Information
We may share personal information with:
3.1 Service Providers
Cloud providers, CRM platform vendors, analytics services, and other third parties that support our operations under strict confidentiality obligations.
3.2 Business Partners
Consultant, distributors, sales agents, and others involved in fulfilling orders or servicing customer relationships.
3.3 Legal or Regulatory Authorities
When disclosure is required by law or lawful request.
3.4 Corporate Events
In connection with mergers, acquisitions, reorganizations, or asset transfers, subject to adequate safeguards.
We do not sell personal information for monetary value.
4. International Data Transfers
Due to our global operations, personal information may be processed in countries outside your place of residence, including the United States.
We rely on appropriate legal mechanisms, such as:
Standard Contractual Clauses (EU/UK)
Adequacy decisions
Contractual protections under Canada’s PIPEDA and Brazil’s LGPD
Additional technical and organizational safeguards
Regardless of where data is processed, it is handled in accordance with this Notice.
5. Data Retention
We retain personal information only for as long as necessary to:
Maintain customer accounts
Meet legal or regulatory obligations
Resolve disputes
Support legitimate business needs
Applicable laws may require longer retention periods.
6. Your Privacy Rights
Depending on your jurisdiction, you may have rights to:
Access your personal information
Correct inaccurate data
Delete or request erasure
Restrict or object to data processing
Request data portability
Withdraw consent (where applicable)
Opt out of certain types of data disclosures
You may exercise these rights by contacting us at privacy@blacklake.group.
7. Data Security
We use administrative, technical, and physical controls designed to protect personal information against unauthorized access, disclosure, alteration, and destruction.
8. Children’s Privacy
Our CRM systems and business operations are not intended for children.
We do not knowingly collect personal information from individuals below the age permitted by applicable laws.
9. Updates to This Notice
We may update this Privacy Notice periodically.
Changes will be posted with an updated “Last Updated” date.
10. Contact Us
Questions about this Notice or our CRM privacy practices may be directed to Thousand Islands Industries, Inc. dba Blacklake via privacy@blacklake.group.
11. GDPR (EU/EEA/UK) Compliance
If you are in the European Union, European Economic Area, or United Kingdom, the following applies.
11.1 Legal Grounds for Processing
Contract performance
Legitimate interests
Compliance with legal obligations
Consent for specific uses (e.g., optional marketing)
11.2 Your GDPR Rights
You may request:
Access, correction, deletion
Restriction or objection
Data portability
Withdrawal of consent
Complaint to a supervisory authority
11.3 International Transfers
Transfers outside the EU/UK rely on:
Standard Contractual Clauses
UK Data Transfer Addendum
Adequacy decisions
Additional safeguards
12. California Consumer Privacy Rights Act (CPRA)
This section applies to California residents.
12.1 Categories Collected
May include:
Identifiers
Commercial information
Internet activity
Professional information
We do not sell or “share” personal information for cross-context behavioral advertising.
12.2 CPRA Rights
You may request:
Access, correction, deletion
Information about our data practices
Opt-out from certain disclosures
Limiting use of sensitive information (not applicable as we do not use it for inferring characteristics)
Authorized agents may submit requests on your behalf.
13. Virginia Consumer Data Protection Act (VCDPA)
This section applies to Virginia residents.
13.1 Virginia Rights
You may:
Access and confirm processing
Correct inaccuracies
Delete personal data
Obtain a portable copy
Opt out of targeted advertising, sale, or significant profiling
We do not use data for automated decisions producing legal or significant effects.
13.2 Appeals
If we deny your request, you may appeal. If unresolved, you may contact the Virginia Attorney General.
14. Canada (PIPEDA) Compliance
If you reside in Canada, the following applies pursuant to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws.
14.1 Accountability
We maintain policies, training, contractual controls, and safeguards to protect personal information under our control.
14.2 Purposes for Collection
We collect personal information only for:
Managing customer relationships
Fulfilling contracts and transactions
Providing services and support
Regulatory compliance
Legitimate business operations
When required, we will obtain meaningful consent for collection, use, or disclosure.
14.3 Your Canadian Privacy Rights
Under PIPEDA, you may:
Access the personal information we hold about you
Request corrections
Withdraw consent (subject to legal or contractual limits)
Challenge our compliance with PIPEDA
We respond to verified requests within statutory timelines.
14.4 Cross-Border Transfers
Your information may be transferred to the United States or other jurisdictions.
Where this occurs, we implement measures consistent with PIPEDA requirements to protect your information.
14.5 Questions or Complaints
You may raise concerns with us via privacy@blacklake.group. If unresolved, you may contact the Office of the Privacy Commissioner of Canada.