Security & Trust
​​Last updated: September 16, 2025
At Clarynce, security, privacy, and trust are foundational to how we operate. We are committed to protecting our clients’ data, systems, and business interests through responsible practices, industry-aligned controls, and a security-first mindset.
Our Commitment to Security
Clarynce integrates security into every phase of our consulting and delivery lifecycle. We follow industry best practices to help ensure the confidentiality, integrity, and availability of information entrusted to us.
Our approach emphasizes:
Risk-based security assessments
Secure system design and architecture
Data protection by design and by default
Continuous improvement of security controls
Data Protection & Privacy
We handle client information with care and in accordance with applicable data protection laws and contractual obligations.
Key principles include:
Collecting only information necessary for business purposes
Limiting access to authorized personnel on a need-to-know basis
Protecting personal and confidential data using appropriate technical and organizational safeguards
Retaining data only as long as required for legitimate business or legal purposes
For more information, please review our Privacy Policy.
Secure Access & Controls
Clarynce maintains internal controls designed to protect systems and information, which may include:
Role-based access control (RBAC)
Multi-factor authentication where appropriate
Secure credential management
Regular review and revocation of access rights
Infrastructure & Technology Practices
When working with client environments or third-party platforms, Clarynce follows secure configuration and deployment practices, including:
Use of reputable cloud and infrastructure providers
Secure development and deployment methodologies
Monitoring for security risks within the scope of engagement
Adherence to client-defined security and compliance requirements
Third-Party & Vendor Security
We work with trusted third-party service providers only where necessary to deliver our services. Third parties are expected to maintain security standards appropriate to the nature of the services provided.
Clarynce does not sell client data or personal information.
Incident Awareness & Response
Clarynce takes potential security incidents seriously. We maintain procedures to:
Identify and assess security risks
Respond to suspected or confirmed incidents within the scope of our services
Communicate with affected parties in accordance with contractual and legal requirements
Compliance & Standards Alignment
While Clarynce is not a certification authority, our practices are aligned with widely recognized security and governance frameworks, where applicable, such as:
ISO/IEC 27001 principles
NIST Cybersecurity Framework
Industry best practices for secure IT consulting
Specific compliance obligations are addressed through client agreements and project-specific requirements.
Client Responsibility & Shared Security Model
Security is a shared responsibility. Clients are responsible for:
Managing user access to their systems
Maintaining security controls outside the scope of Clarynce’s engagement
Implementing recommendations provided by Clarynce
Clarynce provides guidance and expertise but does not assume operational control unless explicitly agreed in writing.
Trust & Transparency
We believe trust is built through transparency, accountability, and consistent delivery. We are committed to:
Clear communication
Ethical business practices
Respect for client confidentiality
Professional integrity in all engagements
​
Contact Information
If you have any questions about these Terms, please contact us:
Business Name: 16280676 Canada Inc
Operating Name: Clarynce
Website: https://clarynce.ca