Privacy Policy

Who we are

The Service is operated by the individual or small team responsible for rjinbc.ca (the “operator”). For privacy requests, contact:

andrew@rjinbc.ca

Personal information we collect

Depending on how you use the Service, we may collect:

• Account information — name, email address, and password (stored using one-way hashing). We may also store your role at an organization when you register a program or submit a claim.
• Program and listing information — program name, description, organization name, website, contact email and phone, office address (including city and optional postal code), service areas, and related directory fields you provide.
• Claims and verification — information you submit to verify your relationship to a program (for example, role title and free-text verification notes).
• Location coordinates — latitude and longitude derived from your office address to show programs on a map (see Geocoding below).
• “Suggest a correction” submissions — if you use this feature, you may provide your name, email, and details about a listing. When configured, this information is sent by email to the site administrator; it may be retained in that mailbox even if it is not stored in our application database.
• Authentication and sessions — technical identifiers such as session cookies, and server-side session records that may include IP address and browser user agent, as needed to keep you signed in and protect the Service.
• Password reset — if you use password recovery, we process your email address and time-limited reset tokens as part of that flow.
• Anti-abuse verification — when Cloudflare Turnstile is enabled, your browser loads Turnstile from Cloudflare and we send Turnstile a verification request that can include your IP address and the challenge token.
• Server logs — our hosting environment may log requests, IP addresses, and errors. Geocoding-related logs may include query fragments derived from addresses used to look up coordinates.

How we use personal information

We use this information to:

• Provide, secure, and improve the directory (including maps and search).
• Create and manage accounts; authenticate users; process password resets.
• Review program submissions and claims; communicate with administrators about listings.
• Detect, prevent, and address abuse, fraud, and technical issues (including bot protection).
• Comply with law or protect rights and safety where required.

Geocoding

To place offices on a map, we send a geocoding request built from the address, city, and (when provided) postal code you submit. Depending on configuration, that request may be sent to a third-party API for geocoding. Those providers receive the query needed to return coordinates.

Public directory

When a program listing is published, information you chose to include in the listing (such as program name, description, contact details, and mapped office location) may be visible to anyone who visits the website or consumes public data derived from it.

Third-party services and CDNs

The Service loads certain scripts and styles from third-party networks (for example, fonts, mapping libraries, optional Tailwind helpers, and Turnstile when enabled). Your browser may connect directly to those providers; they may process technical data such as IP address and request metadata under their own policies.

Email

We use email to send administrative notifications (for example, when a program is submitted or a claim is filed) to the address configured for site administration. Email is typically delivered through an email provider (such as your host’s SMTP or a transactional provider), which processes message content and delivery metadata.

Cookies and similar technologies

We use cookies and similar technologies required for the Service to function, including session and security (CSRF) cookies. When Turnstile is enabled, Cloudflare may set or read cookies or other identifiers as part of the challenge. You can control cookies through your browser settings; disabling essential cookies may prevent parts of the Service from working.

Retention

We retain personal information for as long as needed to operate the Service, comply with law, resolve disputes, and enforce our agreements. Account and listing data are generally kept while your account exists and listings remain relevant. Correction suggestions sent by email are retained according to the administrator’s mailbox practices.

Security

We use reasonable administrative and technical measures appropriate to the nature of the Service (for example, HTTPS in production, password hashing, and access controls for administrative areas). No method of transmission or storage is completely secure.

Access, correction, and withdrawal of consent

Subject to applicable law (including Canada’s federal private-sector privacy law, PIPEDA, where it applies), you may request access to, correction of, or deletion of your personal information, or withdraw your consent to our processing of it, by contacting us using the email above. We may need to verify your identity before responding. Deleting your account will remove your account data and any associated listings from the Service.

Children

The Service is not directed at children, and we do not knowingly collect personal information from minors. If you believe we have collected personal information from a child, please contact us and we will take appropriate steps to delete it.

International transfers

Our servers and subprocessors may be located in Canada or other countries. Where personal information is processed outside Canada, it may be subject to the laws of those jurisdictions.

Changes to this policy

We may update this Privacy Policy from time to time. We will adjust the “Last updated” date when we do. For material changes, we may provide additional notice (for example, a notice on the website).