Privacy Policy

1Introduction

This Privacy Policy explains how Virtual Steward collects, uses, and protects personal information belonging to Stewards (Admins), Email Subscribers, and Website Visitors.

This policy does not cover union member representation data uploaded by Stewards. For information on how member inquiries, files, and grievance details are securely processed, please refer to our Data Processing Agreement (DPA).

2Information We Collect

We only collect the minimum amount of data necessary to provide and secure our platform:

3How We Use Your Information

• To authorize access to the steward admin dashboard and secure member case spaces.
• To deliver local newsletters, drip email onboarding sequences, and podcast alerts at your explicit direction.
• To preserve audit logs of critical administrative actions (e.g., case creations, user profile changes) to safeguard Local data.

4Data Protection & Safeguards

We implement industry-standard technical, organizational, and physical safeguards:

• Row-Level Security (RLS): The Supabase database strictly limits active record access to authenticated users matching specific local permissions.
• Secure Transport & Encryption: All data in transit is encrypted using HTTPS / TLS 1.3, and critical database assets are encrypted at rest.
• Hashed Credentials: All passwords are systematically salted and hashed using bcrypt; plain-text passwords are never saved.

5Access & Deletion Requests

Under PIPEDA, you hold absolute rights to request access to and deletion of your personal account details.

• Stewards & Subscribers: You can manage email subscription preferences or trigger a full subscription opt-out at any time via links included in every email.
• Account Deletion: Admin account holders can request deletion by reaching out to their designated local admin or contacting privacy@virtualsteward.ca.