Skip to main content Scroll Top
Book a Call
Privacy Policy
Privacy Policy

OMQ LAW — DAVID MOON PROFESSIONAL CORPORATION

Effective Date: April 7, 2026

Privacy is important to us. As lawyers, we have a professional obligation to collect, use, retain and disclose your personal information in compliance with applicable laws, including the Personal Information Protection and Electronic Documents Act (“PIPEDA”), or substantially similar provincial legislation (including the privacy legislation of Quebec, British Columbia, and Alberta), as well as the Rules of Professional Conduct of the Law Society of Ontario (“Rules”).

This Privacy Policy outlines how David Moon Professional Corporation, doing business as OMQ Law (“the Firm”, “we”, “us”, or “our”), handles Personal Information that we collect when you visit our website, contact us, or receive legal services from us. Our offices are located in Toronto, Ontario.

WHAT IS PERSONAL INFORMATION?

“Personal Information” is defined in PIPEDA as information about an identifiable individual. Personal Information does not include contact information typically found in a company directory (e.g., the name, business address, or telephone number of an employee of an organization), nor does it include aggregated or anonymized information that is not linked to an identifiable individual, such as browser type or other non-personally identifiable information.

CONSENT TO COLLECTION, USE AND DISCLOSURE

We require your consent to collect, use, and disclose your Personal Information. When you engage us for legal services, we assume we have obtained your implied consent to use that information to provide those services. If circumstances warrant, or if you are not a client, we will ask for your express consent to collect, use, and disclose your Personal Information.

You may withdraw or limit your consent at any time by contacting our Privacy Officer; however, withdrawal of consent may prevent the Firm from accepting or continuing your retainer, and is subject to our continued ability to meet our legal, professional, and contractual obligations.

WHAT WE COLLECT

If you are a client, we will collect the information we are required to collect under the Rules and applicable law, including LSO By-Law 9 (Client Identification and Verification), and anti-money laundering (“AML”) and counter-terrorist financing (“CTF”) obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act. Depending on your circumstances, this may include:

(a) For individuals: legal name, date of birth, home address, email address, telephone number, occupation, and government-issued photo identification;

(b) For businesses: the name, position, and contact information of each individual authorized to give instructions; the organization’s incorporation or business identification number and place of issue; the general nature of the business; and, where required, information regarding directors, officers, and beneficial ownership;

(c) Financial information, including source of funds and transaction amounts, where required for AML/CTF compliance;

(d) Sensitive identifiers (e.g., Social Insurance Number) — only where required and with your explicit consent.

If you are acting on behalf of or representing a third party, we will collect the same type of information about that third party. By providing us with Personal Information about a third party, you represent that you have the necessary consents to allow us to collect, use, and disclose that information in accordance with this Policy.

If you are not a client, we collect only the Personal Information you voluntarily provide to us via our website, email, or telephone.

We collect only the Personal Information that is necessary for the purposes identified in this Policy, in accordance with the limiting collection principle under PIPEDA. We do not collect Personal Information indiscriminately or beyond what is reasonably required to fulfill those stated purposes.

HOW WE USE YOUR PERSONAL INFORMATION

We collect and use your Personal Information for the following purposes:

  • To provide legal advice, representation, and services requested;
  • To conduct conflicts checks and client/matter intake;
  • To verify client identity, beneficial ownership, and to perform KYC/AML screening;
  • To establish and manage client relationships and to fulfill our legal and professional duties;
  • To comply with legal and regulatory obligations, including reporting to courts, government bodies, FINTRAC (Financial Transactions and Reports Analysis Centre of Canada), and other applicable authorities;
  • For billing, collections, and financial recordkeeping;
  • To communicate with associated counsel and service providers in the course of providing services;
  • To protect the Firm against fraud, negligence, error, theft, and other illegal activity, and to audit compliance with our policies and contractual obligations;
  • To distribute email communications and other material to individuals on our mailing or email lists, with your express consent;
  • As permitted by, or required to comply with, any legal or regulatory requirements.

We will only use your Personal Information for marketing purposes with your express consent. Any commercial electronic messages we send are also governed by Canada’s Anti-Spam Legislation (“CASL”), and we will only send such communications where we have obtained the required express or implied consent under CASL. If you subscribed to our marketing communications and no longer wish to receive them, you may unsubscribe at any time by following the “unsubscribe” instructions in our emails or by contacting our Privacy Officer. Unsubscribe requests will be processed within ten (10) business days.

SMS AND TEXT MESSAGE COMMUNICATIONS: If you provide us with your mobile telephone number and consent to receive SMS or text message communications from the Firm, we may use that number to send you appointment reminders, matter updates, or other communications relevant to your file. We will only send SMS communications with your express consent. Standard message and data rates from your wireless carrier may apply. You may opt out of SMS communications at any time by replying “STOP” to any message you receive from us, or by contacting our Privacy Officer. Opting out of SMS communications will not affect your ability to receive legal services from the Firm. We will not share your mobile telephone number with third parties for their own marketing purposes.

DISCLOSURE OF PERSONAL INFORMATION

The Firm will not disclose your Personal Information without your consent, subject to the following exceptions:

  • When we are required or authorized by law to do so (e.g., pursuant to a court order or regulatory requirement);
  • To courts, tribunals, regulators, opposing counsel, and other parties to a matter, as necessary to provide legal services;
  • To service providers and vendors (e.g., document management, cloud backup, payment processors) who are bound by confidentiality and security obligations no less protective than those set out in this Policy;
  • To government and regulatory authorities where required by law, including FINTRAC and other AML/CTF or tax authorities;
  • To professional advisors (e.g., accountants, notaries, external counsel) where necessary and authorized;
  • When the information is already in the public domain.

In certain cases, your consent to our disclosure of your Personal Information will be implied — for example, where the legal services we are providing require us to share your information with a third party in the course of a transaction, or with another law firm retained on your behalf at your instruction.

CROSS-BORDER TRANSFERS

Some of our service providers may be located outside Canada, including in jurisdictions where authorized government officials may be able to access Personal Information without your knowledge or consent. If your information is transferred or accessible outside Canada (e.g., to cloud service providers or foreign counsel), we will take reasonable steps to protect it in accordance with applicable law. By engaging our services, you consent to such transfers where necessary for your legal representation.

Residents of Quebec should be aware that the Act Respecting the Protection of Personal Information in the Private Sector, as amended by Law 25 (Bill 64), imposes additional obligations with respect to Personal Information of Quebec residents. These include: (i) conducting Privacy Impact Assessments (“PIAs”) before transferring personal information outside Quebec; (ii) honouring rights to data portability and deindexation upon request; (iii) reporting confidentiality incidents to the Commission d’acces a l’information (“CAI”) where there is a risk of serious injury to individuals; and (iv) publishing and maintaining a privacy policy that meets the specific requirements of Law 25. Quebec residents may contact our Privacy Officer to exercise any rights available to them under Law 25.

STORAGE AND RETENTION

We may keep a record of your Personal Information, including correspondence and other communications, in physical and/or electronic files. We will retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected, and as required or otherwise permitted by law, the Law Society of Ontario, and our firm policies. Client and matter records are typically retained for a minimum of ten (10) years following the end of the retainer, or longer if required by law or professional obligations.

If you request access to, correction of, or deletion of your Personal Information, please contact our Privacy Officer. Please note that legal and regulatory retention obligations may prevent deletion of certain records.

We take reasonable steps to ensure that the Personal Information we hold is accurate, complete, and up-to-date as necessary for the purposes for which it is used, in accordance with PIPEDA’s accuracy principle. If you believe that information we hold about you is inaccurate, incomplete, or out-of-date, please notify our Privacy Officer so that appropriate corrections may be made.

SECURITY

The Firm uses a number of safeguards to protect your Personal Information against loss, theft, unauthorized access, or disclosure. These safeguards include: security of physical files; procedural safeguards; security software and firewalls to prevent unauthorized computer access; and internal passwords and access controls that restrict access to our electronic files on a need-to-know basis. Where we engage third-party service providers, we take steps to ensure, through our contracts, that Personal Information is kept secure, and these obligations survive any termination of our engagement.

All personnel are instructed to act in accordance with this Policy, and all employees and contractors are required to sign a confidentiality/non-disclosure agreement.

Despite these measures, no method of transmitting or storing data is completely secure, and transmissions over the Internet are susceptible to possible loss, misrouting, interception, and misuse.

We use third-party technology platforms and cloud-based tools in the course of providing legal services and operating our practice. These may include practice management systems, document management platforms, AI-assisted legal research and drafting tools, email and communication platforms, and cloud backup and storage providers. Such tools may process or store Personal Information. We conduct due diligence prior to deploying any technology that may involve Personal Information, and we take steps to ensure that third-party providers are bound by appropriate confidentiality and data security obligations. Where such platforms are hosted or operated outside Canada, the provisions of the Cross-Border Transfers section of this Policy apply. Clients who have concerns about the use of specific third-party platforms in connection with their matter are invited to contact our Privacy Officer.

In the event of a breach of security safeguards involving Personal Information under our control that creates a real risk of significant harm to an individual, we will notify the affected individual(s) and report the breach to the Office of the Privacy Commissioner of Canada as soon as feasible, in accordance with our obligations under PIPEDA. We maintain a record of all security breaches, whether or not notification is required. In the event of a breach, we will take all reasonable steps to contain the breach, mitigate potential harm to affected individuals, and prevent recurrence.

WEBSITE PRIVACY AND COOKIES

Like most organizations, we may monitor traffic patterns, site usage, and related site information for security and analytical purposes. Our website server automatically collects IP addresses, submission timestamps, and device information for security and fraud prevention purposes. We may use browser features such as “cookies” and session management tools to enable form functionality, secure access, and to optimize users’ visits to our website. You may set your browser to turn cookies off during your use of this website. We do not link your IP address or cookies to Personal Information, and we do not use automated decision-making or profiling based on information collected through our website.

ACCESS TO YOUR PERSONAL INFORMATION

You have the right to request access to your Personal Information and to receive a summary of how that information has been used and disclosed, subject to certain exceptions prescribed by law. You also have the right to request correction of inaccurate information. To make such a request, please contact our Privacy Officer.

Complaints regarding the handling of your Personal Information may be directed in writing to our Privacy Officer. We will acknowledge receipt of your complaint within five (5) business days and will endeavour to provide a substantive response within thirty (30) days of receipt, or such longer period as may be reasonably required in complex circumstances, in which case we will notify you of the extended timeline. If you are not satisfied with our response, you may refer the matter to the Office of the Privacy Commissioner of Canada or the applicable provincial privacy regulator.

PRIVACY OFFICER

If you have any questions or concerns about this Privacy Policy or the handling of your Personal Information, or to request access to or update any information we have on file, please contact:

Privacy Officer David Moon Professional Corporation (OMQ Law) David Moon david.moon@omqlaw.ca 416-735-9091

If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada at 112 Kent Street, Ottawa, Ontario, K1A 1H3, or by calling 1-800-282-1376.

We may update this Privacy Policy from time to time to reflect changes in law, our practices, or the services we offer. Any changes will be posted on our website, and the effective date at the top of this Policy will be updated accordingly. This Privacy Policy is available at www.omqlaw.ca/privacy-policy and a copy will be provided upon request to our Privacy Officer. We encourage you to review this Policy periodically. This Privacy Policy is effective as of April 7, 2026.