Privacy Policy

Last updated: September 15, 2026

Who We Are

Vancouver Online Business Plus Ltd. is a commercial banking consulting firm based at 606 West 30th Avenue, Vancouver, British Columbia V5Z 0C9. When we say "we" or "us" in this policy, we mean the firm and its team of six. When we say "you," we mean anyone visiting this website or engaging our consulting services.

We've been operating since 2005 — twenty-one years of handling sensitive financial data for professional firms across British Columbia. Our approach to privacy is the same as our approach to banking audits: thorough, documented, and built on the assumption that your data deserves more protection than most organizations give it.

Why We Collect Information

We collect personal information for exactly two reasons: to respond to your inquiries and to deliver consulting services you've engaged us for. We don't sell data. We don't rent data. We don't share data with marketing partners. Our business model is consulting fees — your information is a responsibility, not a revenue stream.

Over 340 professional firms have entrusted us with their banking data since 2005. That trust is non-negotiable, and this policy exists to explain — in plain language — exactly how we handle it.

What We Collect Through This Website

When you submit our contact form, we receive your name, business name, email, phone number (if you provide it), approximate annual revenue range, your primary area of interest, and whatever you type into the message field. When you subscribe to The Banking Brief, we receive your email address. That's it — no hidden data grabs, no third-party form processors skimming information off the top.

Our website uses cookies — small data files stored in your browser — for basic functionality and to understand which pages people visit most. We do not use tracking pixels, retargeting cookies, or social media tracking scripts. We don't run Facebook Pixel, Google remarketing tags, or any other cross-site tracking technology. Our analytics are first-party only, and we review aggregate page-view data — not individual browsing profiles.

What We Collect During Engagements

Consulting engagements involve sensitive financial information — bank statements, fee schedules, loan agreements, merchant processing statements, trust account records, escrow account analyses, loan disclosures, and tax reporting forms. When Elena Vasquez runs your fee data through our benchmarking database, or when Marcus Tremblay audits your online banking configuration, they're working with information that reveals the financial architecture of your business. We treat this information with the same confidentiality you'd expect from your accountant or lawyer.

All client financial documents are stored in encrypted, access-controlled systems. Documents are retained for the duration of the engagement plus 7 years (consistent with Canadian tax record requirements), then securely destroyed. "Securely destroyed" means digital file deletion using overwrite protocols — not a casual trip to the recycling bin. Physical documents, when they exist, are cross-cut shredded on-site at our Riley Park office.

Who Sees Your Information

Your information is accessible only to the Vancouver Online Business Plus team members directly involved in your engagement. Darren Fong leads every engagement personally, so he sees everything. Beyond that, access is limited to the team members assigned to your specific project — typically two to three people from our team of six.

We do not share client financial information with any third party — including banks, credit unions, or payment processors — without your explicit written authorization. When we run a banking RFP on your behalf, for example, we share only what you've approved in writing, and only with the institutions you've selected.

When we share anonymized and aggregated data in our benchmarking database — the one covering 23 Canadian financial institutions — all identifying information is removed. No institution can determine which client's data is represented. The benchmarking database is the engine that powers our fee comparison work, and its integrity depends on absolute anonymization.

Our Benchmarking Database — A Specific Note

Our proprietary fee benchmarking database contains anonymized fee schedules, rate structures, and service configurations from 23 Canadian financial institutions. Client engagement data contributes to this database in anonymized form only. Your firm's name, your personnel, your specific transaction volumes, and any information that could identify your business are stripped before any data enters the benchmark pool. The anonymization is irreversible by design — we couldn't reverse-engineer a client's identity from the benchmarking data if we tried.

Cookies

This site uses small data files called cookies. Some are necessary for the site to function — like remembering your cookie preference so we don't ask you the same question on every page. Others help us understand site usage — which pages are visited, how long, from where. You can decline non-essential cookies using the banner that appears on your first visit. The site will work fine either way.

We use the following categories of cookies:

  • Essential cookies: These remember your cookie consent choice and ensure basic site functionality. They cannot be disabled without breaking the site.
  • Analytics cookies: These tell us aggregate information — page views, time on page, referring sources. We use this data to improve site content and structure. No individual user profiles are created.

We do not use advertising cookies, social media cookies, or any third-party tracking cookies. If you block all cookies in your browser settings, the site will still function — you'll just see the consent banner on every visit.

Data Security

Client data is stored on encrypted drives with access restricted by individual user credentials. Our systems use AES-256 encryption at rest and TLS 1.3 encryption in transit. Team access is role-based — Jordan Whitfield, for example, handles client onboarding documents but does not have access to completed engagement analysis files. Marcus Tremblay accesses online banking configuration data but not financial modeling workpapers. Access boundaries are deliberate and audited quarterly.

Our email communications containing sensitive financial data use encrypted attachments. We never send unencrypted bank statements, fee schedules, or loan documents via standard email. If a client sends us sensitive documents via unencrypted email — which happens — we download and delete the email attachment, then request a re-send through our secure file transfer portal.

Data Retention

We retain client engagement files for 7 years following the completion of an engagement. This aligns with Canada Revenue Agency record-keeping requirements and provides a practical reference window for clients who return for subsequent engagements — roughly 40% of our clients engage us more than once. After the 7-year retention period, files are securely destroyed.

Contact form submissions are retained for 12 months. Newsletter subscriber email addresses are retained until you unsubscribe. Website analytics data is retained for 26 months in aggregate form.

Your Rights

You can request access to, correction of, or deletion of any personal information we hold about you. Email contact@onlinebusinessplusvan.com with your request. We'll respond within 10 business days — our average response time in 2025 was 4.7 hours, but we give ourselves the 10-day window because sometimes requests require coordination across archived files.

For BC residents, these rights are protected under the Personal Information Protection Act (PIPA). You also have the right to file a complaint with the Office of the Information and Privacy Commissioner for British Columbia if you believe we've mishandled your information. We'd prefer you talk to us first — but the option is there, and we respect it.

Specific things you can request:

  • A summary of what personal information we hold about you
  • Correction of any inaccurate information
  • Deletion of your information (subject to our legal retention obligations)
  • Withdrawal of consent for non-essential data processing
  • A copy of your engagement files in a portable digital format

Third-Party Services

We use a small number of third-party services in our operations. Each has been evaluated for data handling practices:

  • Website hosting: Canadian-based hosting provider with data centres in British Columbia. Your browsing data does not leave Canadian jurisdiction.
  • Email service: Business email hosted with end-to-end encryption capability. Email metadata (sender, recipient, timestamp) is retained by the provider per standard email protocols.
  • Secure file transfer: Encrypted file sharing portal for exchanging sensitive financial documents with clients. Files are encrypted at rest and in transit, automatically purged 30 days after the engagement concludes.

We do not use CRM platforms that harvest user data, marketing automation tools that track browsing behavior, or cloud storage services that claim rights to stored content. Our technology stack is deliberately minimal — fewer tools means fewer points of vulnerability.

Children's Privacy

Our services are designed for business owners and professional firms. We do not knowingly collect information from anyone under 18. If you believe we've inadvertently collected information from a minor, contact us and we'll delete it immediately.

Changes to This Policy

We update this policy when our practices change. The "last updated" date at the top tells you when the most recent revision occurred. We don't make material changes without posting them here. If a change significantly affects how we handle existing client data, we'll notify affected clients directly via email — not just update a webpage and hope people notice.

Contact

Questions about this policy, data access requests, or privacy concerns:

Email: contact@onlinebusinessplusvan.com
Phone: (236) 832-8381
Office: 606 West 30th Avenue, Vancouver, BC V5Z 0C9

Darren Fong is the designated privacy officer for Vancouver Online Business Plus Ltd. Privacy inquiries are handled personally — not routed through an automated system or outsourced to a call centre.

Important Disclosures

Vancouver Online Business Plus Ltd. is an independent commercial banking consulting firm. We are not a bank, credit union, or deposit-taking institution. We do not hold client funds, accept deposits, or extend credit.

Banking products and services referenced on this site are provided by third-party financial institutions. Any descriptions of banking products are for advisory context only and do not constitute offers of financial services.

Service fees apply to all consulting engagements — see your engagement letter for a detailed schedule of fees. Initial scoping conversations are provided at no charge.

Registered under British Columbia Business Registration No. FM-2005-084729. Advisory services governed by individual client engagement agreements.

Regulatory inquiries may be directed to the British Columbia Financial Services Authority (BCFSA). Registered office: 606 West 30th Avenue, Vancouver, British Columbia V5Z 0C9.