Privacy Policy
Last updated: 09/29/2025
Risio Institute for Digital Dental Education (“Risio Institute,” “we,” “our,” or “us”) is committed to protecting the privacy of individuals who interact with us, study at the Institute, or use our website and services. This policy explains how we collect, use, disclose, and safeguard personal information in compliance with the Access to Information Act (ATIA), the Health Information Act (HIA), and the forthcoming Consumer Privacy Protection Act (CPPA).
Scope
This policy applies to all personal information in the custody or under the control of Risio Institute, including information collected:
- Through our website and digital platforms,
- From students, employees, contractors, and partners, and
- From individuals who communicate with or otherwise interact with the Institute.
Definitions
- Collection: The act of gathering, acquiring, recording, or obtaining personal information from any source and by any means.
- Consent: A voluntary agreement to the collection, use, and/or disclosure of personal information for defined purposes.
- Disclosure: Making personal information available to a third party.
- ATIA: Refers to the Access to Information Act.
- Formal Access Request: refers to a request for access to information which cannot be answered through existing or established processes. A Formal Access Request is processed under terms and conditions set out in FOIP.
- Personal Information: Information about an identifiable individual including, but not limited to: name, contact details, SIN, income, student grades, or other identifiers. Personal information does not include work product information prepared or collected as part of an employee’s job.
- Third Party: Any person or organization other than the individual the information is about or an employee of the Institute acting in their official capacity.
Information We Collect
Risio Institute collects personal information directly from individuals whenever possible. Examples include:
- Educational purposes: student registration, academic records, grading, and certification.
- Employment purposes: HR records, payroll, benefits, and professional qualifications.
- Website and communications: when you submit a contact form, sign up for a newsletter, or interact with our website.
We also collect limited data automatically when you use our website, through third-party tools including:
- Google Analytics & Search Console – website traffic analysis.
- Microsoft Clarity – user interaction insights (session recordings, heatmaps).
- Google Ads, Facebook Ads, and related remarketing tools – to deliver relevant advertising.
Purpose of Collection
Personal information is collected for purposes including but not limited to:
- Delivering education and training programs,
- Supporting research and accreditation requirements,
- Administering student and employee services,
- Responding to inquiries and providing support,
- Monitoring and improving our website and services, and
- Delivering and measuring advertising and marketing campaigns.
Use of Personal Information
We use personal information only for the purposes for which it was collected, or for uses consistent with those purposes, unless consent is obtained for other uses or disclosure is authorized by law.
Disclosure of Personal Information
Risio Institute for Digital Dental Education will only disclose personal information in accordance with the Freedom of Information and Protection of Privacy Act (FOIP), the Health Information Act (HIA), and the forthcoming Consumer Privacy Protection Act (CPPA).
Permitted Disclosures
Personal information may be made public or disclosed to a third party under the following circumstances:
- The disclosure is for the purpose identified at the time of collection or for a purpose consistent with the original purpose (e.g., review for learning, calibrating and assessing for licensing and accrediting authorities).
- The individual the personal information is about has consented to the disclosure.
- The disclosure is not considered to be an unreasonable invasion of privacy.
- The disclosure is required, permitted, or authorized under FOIP, HIA, or CPPA.
It is not considered to be an unreasonable invasion of a student’s privacy to release the following information to a third party:
- Dates of registration at Risio Institute for Digital Dental Education,
- Instructors/department or program of registration,
- Diplomas or certificates awarded,
Convocation dates, - Attendance at or participation in a public event or activity related to the institution (e.g., graduation),
- Personal information already in the public domain.
It is not considered to be an unreasonable invasion of an employee’s privacy to release the following information to a third party:
- Employment status,
- Business address, telephone number, e-mail address,
- Job title, job profile, rank, or job family,
- Salary range and discretionary benefits,
- Relevant educational qualifications,
- Attendance at or participation in a public event or activity related to the institution,
- Personal information already in the public domain,
- Publications listed in an academic staff member’s annual report.
Requests for personal information of an employee that is not readily available will be referred to the employee’s supervisor or Human Resources. Teaching material and research information of employees may be disclosed to Risio Institute’s Directors for administrative purposes.
Third-Party Service Providers
In limited cases, personal information may be disclosed to trusted third-party service providers that support our operations. These may include providers of:
- Analytics tools (Google Analytics, Microsoft Clarity),
- Advertising and remarketing platforms (Google Ads, Facebook/Meta Ads), and
- Email newsletter services (e.g., Mailchimp, MailerLite).
These providers process data on our behalf under contractual safeguards. However, their independent data practices are governed by their own privacy policies:
Individual Rights under CPPA
Under the CPPA, individuals may:
- Withdraw consent to the use of their personal information for advertising, analytics, or newsletter purposes,
- Request deletion of personal information we hold, subject to legal and academic record-keeping requirements, and
- Exercise their rights directly with third-party platforms (e.g., Google, Meta, Microsoft) regarding information collected through those services.
Cookies and Tracking Technologies
We use cookies and similar technologies for:
- Website functionality,
- Analytics and performance tracking, and
- Advertising and remarketing.
Where required under the CPPA, we will provide a cookie consent banner to allow users to manage their preferences.
Accuracy and Access
We take reasonable steps to ensure personal information is accurate and up to date.
- Individuals may request access to their personal information and request corrections where appropriate.
- Access requests may be subject to fees as permitted under FOIP.
Retention and Deletion
We retain personal information only as long as necessary for the fulfillment of its purposes or as required by law.
Data Deletion
Individuals may request deletion of personal information under CPPA. Requests may be directed to our Privacy Officer. For third-party platforms, deletion requests should be made directly to those services:
Security
We take reasonable steps to protect personal information against unauthorized access, use, disclosure, or destruction. Where external organizations process data on our behalf, we ensure appropriate safeguards are in place.
Individual Rights (CPPA)
Under the CPPA, individuals have the right to:
- Request access to their personal information,
- Request corrections,
- Withdraw consent for data collection and use (where applicable),
- Request deletion of their data, and
- Be informed about automated decision-making that significantly affects them.
Questions, Complaints, and Contact
Questions, concerns, or formal requests relating to privacy should be directed to:
Privacy Officer
Risio Institute for Digital Dental Education
info@risiodental.com
If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada (OPC).
Policy Review
This Privacy Policy will be reviewed regularly and updated to reflect legal and operational changes, including the implementation of the CPPA.