Privacy Policy

Last updated: May 1, 2025

Introduction

MehmiGroup.com (operated by Mehmi Group Corp., referred to as "Mehmi Group", "we", or "us") is committed to protecting the privacy of our users and customers. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website and services. It is designed to comply with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), and to inform you of your rights. By accessing or using our website or services, you agree to the terms of this Privacy Policy.

This policy applies to all users of MehmiGroup.com, including those in Ontario, elsewhere in Canada, and internationally. If you do not agree with our practices, please do not use our website or provide us with your personal information. We may update this Privacy Policy from time to time (see Changes to the Policy below for more information).

Information We Collect

Personal information means any information about an identifiable individual. Mehmi Group collects several types of personal and financial information through our website, including:

  • Contact and Identification Information: Your name, email address, telephone number, mailing address, and other basic contact details. We may also collect identification details such as date of birth or government-issued ID numbers (e.g. driver’s license or passport number) if you provide them for verification purposes.
  • Financial and Application Information: Information related to financing applications or service inquiries, such as your income, employment details, credit history or credit score (if provided), and banking details. For example, if you apply for financing, we might collect details about your business (business name, business address, industry) or personal finances as needed to process your application.
  • Uploaded Documents: Copies of documents you choose to upload or submit through our website. This may include identification documents (such as a driver’s license, passport, or other ID), financial documents (such as bank statements, pay stubs, or tax forms), vehicle or equipment information (such as vehicle registration, VIN, or purchase invoices), and any other documentation required for financing or verification.
  • Vehicle and Asset Information: If you are seeking financing for a vehicle or equipment, we collect information about that asset. This may include details like the vehicle or equipment type, make, model, year, serial number or VIN, value, and condition, as well as ownership or registration information.
  • Technical and Usage Information: When you visit our website, we automatically collect certain technical data about your device and how you interact with our site. This includes your computer or mobile device’s Internet Protocol (IP) address, your browser type and version, your operating system, device identifiers, and device settings. We also collect usage data such as the pages or content you view, the dates/times of your visits, the links or buttons you click, and the website that referred you to our site.
  • Cookies and Tracking Data: We use cookies and similar tracking technologies (described in How Information Is Collected below) that may collect data about your browsing preferences and usage of our site. This can include information on how you navigate and interact with our webpages, which helps us improve our services and personalize your experience.
  • We limit the personal information we collect to only that which is necessary for the purposes identified in this policy. You have choices about the information you provide; however, if you choose not to provide certain information, you may not be able to use some features of our site or apply for our services.

We limit the personal information we collect to only that which is necessary for the purposes identified in this policy. You have choices about the information you provide; however, if you choose not to provide certain information, you may not be able to use some features of our site or apply for our services.

How Information Is Collected

We collect personal information from you both directly and indirectly, through a variety of methods:

  • Directly from You: Most of the information we collect comes directly from you. For instance, when you fill out forms on our website (such as our contact form, “Get My Rate” form, or a financing application form), we collect the personal and financial details you submit. This includes any information you enter into form fields and any documents you upload. Our website may use third-party form and customer relationship management tools (for example, forms may be powered by our CRM provider, HubSpot) to securely collect and manage this data. Additionally, if you communicate with us via email, phone, or in person, or if you provide information through an online chat or support inquiry, we may collect and retain those communications and any information you share.
  • Through Automated Technologies: When you browse our site, we and our third-party partners automatically collect technical information via cookies, scripts, pixels, and similar technologies. Cookies are small text files that are placed on your device to remember your preferences and activity. Web beacons or pixels (such as the Meta Pixel used for Facebook/Instagram) are tiny images or code snippets that can track when a page or email is viewed. We use these tools to gather data about your device and usage (as described in Technical and Usage Information above). For example, we use Google Analytics to collect information about how visitors use our website – this service uses cookies to track pages viewed, time on site, browser details, and other usage data. Similarly, we use the Meta Pixel (from Facebook/Meta) to understand the effectiveness of our Facebook and Instagram advertising campaigns and to help us present relevant ads to you on those platforms. These automated technologies may collect information such as your IP address, browser type, pages visited, and actions taken on the site.
  • From Third Parties and Partners: In some cases, we may receive personal information about you from third-party sources, but only with your consent or as permitted by law. For example, if you apply for financing through us, we might obtain additional information about you from our financial partners or service providers involved in the application process. This could include, for instance, a credit report or credit score from a credit bureau, identity verification results from third-party verification services, or information from a lender that is considering your application. We may also receive confirmation and details from financing partners about any financing they provide to you (such as loan approval status or terms). Additionally, our analytics and advertising partners (like Google and Meta) may provide us with aggregated insights about our website traffic or ad campaigns (for example, Google Analytics might give us demographic trends, and Meta might tell us how many people interacted with our ads). These third-party data sources help us better understand our clients and improve our services, but we only engage with third parties that we trust and that have the legal right to share such information.

Cookies & Similar Tech: You can control or disable cookies through your web browser settings. However, note that if you block cookies, some features of our site may not function properly. For example, some parts of the site may require cookies to remember your preferences or keep you logged in (if applicable). For more details on our use of cookies or to adjust your cookie preferences, you may refer to our Cookies policy or contact us.

How We Use Your Information

We use the personal information we collect for various purposes related to our business operations and providing services to you. These purposes include:

  • Providing Products and Services: To process your requests and transactions. For example, we use your information to review and process financing applications, provide quotes or pre-approvals, and facilitate the financing or services you’ve requested. We also use it to communicate with you about your application status or any agreements.
  • Communication: To communicate with you regarding your inquiries, applications, or accounts. This includes sending you confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages. If you contact us with questions or for support, we will use your contact information to respond.
  • Verification and Eligibility: To verify your identity and the information you provide. For instance, we may use identification details or run credit checks (with your consent) to confirm your eligibility for financing or to prevent fraud. Uploaded documents like IDs or bank statements are used to validate your credentials, assess creditworthiness, or comply with legal requirements (such as anti-fraud and anti-money laundering rules).
  • Improvement and Analytics: To analyze, evaluate and improve our website, products, and services. Personal and aggregated information (especially technical and usage data) helps us understand how users interact with our site, which pages or services are most interesting, and where improvements are needed. For example, we might use data from Google Analytics to see which pages are frequently visited or to detect technical issues with the site. This information guides us in enhancing the user experience, optimizing our application process, and developing new features or services.
  • Personalization: To personalize your experience on our website. We may use cookies or past information to remember your preferences (such as language or region) and to tailor the content or offers that you see. For example, if you have started an application with us, we might use cookies to remember your progress or pre-fill certain fields when you return.
  • Marketing and Promotional Communications: To send you information about our services, promotions, news, or other updates that may be of interest to you. We will only send you marketing emails or newsletters if you have provided consent to receive them (for example, if you subscribed or opted in via a form). You can unsubscribe from these messages at any time (see Consent and Withdrawal below). We comply with Canada’s anti-spam laws (CASL) and will ensure commercial electronic messages are only sent in accordance with your preferences and consent.
  • Advertising and Retargeting: To show you relevant advertisements. For instance, we might use data collected through the Meta Pixel to create “custom audiences” for our ads on Facebook or Instagram – this means we can target ads to people who have visited our site or shown interest in our services. Similarly, we might use Google Ads or other advertising networks to reach you with ads based on your interactions with our site. Any such activities will be done in accordance with applicable law and ad network policies. (See Sharing and Disclosure – Advertising Partners for how we protect data in these cases.) We do not use your sensitive personal information (like financial or identity documents) for advertising purposes.
  • Security and Fraud Prevention: To maintain the security of our website and services, and to protect against error, fraud, or illegal activities. We may use certain information (like IP addresses or browsing behavior) to detect and prevent cyber-attacks, spam, unauthorized access, or other harmful activities. Information may also be used to debug and troubleshoot issues with our systems.
  • Legal and Regulatory Compliance: To comply with our legal obligations and any applicable regulations. For example, as a financial services provider, we may be required by law to maintain records of transactions or applications for a certain period, to report certain information to regulatory authorities, or to comply with a court order or government inquiry. We use your information as necessary for these purposes (e.g., keeping transaction records for auditing or tax compliance).
  • Internal Record-Keeping: To maintain business records appropriate for running our company (such as records of contracts, communications, or customer transactions) in accordance with standard business practices and legal requirements.
  • Aggregated or Anonymized Data: We may also convert personal information into aggregated or anonymized formats for research and analysis. For instance, we might compile statistics on the number of applications submitted or average loan sizes, which no longer identify any individuals. Such aggregated data may be used to understand trends, improve our offerings, or share with partners or the public in reports, but it will not personally identify you.
  • Other Purposes (with Consent): If we intend to use your personal information for a purpose that is not outlined in this Privacy Policy, we will explain it to you at the time of collection and, if required, obtain your consent. We will not use your personal information for any unrelated purposes without your consent, unless otherwise required or permitted by law.

We will only retain and use personal information for as long as necessary to fulfill the purposes described above (see Data Retention and Storage for more details on retention). We do not sell your personal information to third-party data brokers or marketers for their own use.

Consent and Withdrawal

Consent to Collection and Use: By engaging with our website or services and providing personal information, you are giving your consent for Mehmi Group to collect, use, and disclose your information as described in this Privacy Policy. In most cases, your consent is implied by your actions – for example, when you fill out a financing application and submit personal details, it is clear that you are consenting to our use of that information to evaluate and process your application. We may also explicitly request your consent in certain situations, such as when you tick a checkbox agreeing to our terms and this Privacy Policy, or when we request permission to send you marketing communications.

We aim to obtain “meaningful consent” as required by PIPEDA and other laws. This means we strive to inform you of the purposes for which we are collecting your information at the time of collection, and to use clear language so you understand how your information will be used or shared. If we ever wish to use your personal information for a new purpose that we haven’t previously identified, we will seek your consent before doing so (unless otherwise required by law).

Withdrawal of Consent: You have the right to withdraw your consent at any time, subject to legal or contractual restrictions. For example, if you initially consented to receive our email newsletter or to be contacted by phone with offers, you can later opt out. You can withdraw consent by contacting us (see Contact Information at the end of this policy) and making a request, or by using any specific opt-out mechanisms we provide (such as an “unsubscribe” link in marketing emails).

If you withdraw your consent for certain uses of your information, we will stop using or sharing your information for those purposes. Please note, however, that withdrawing consent will not affect the legality of any processing we conducted prior to your withdrawal. In some cases, withdrawal of consent may mean we can no longer provide you with certain services. For instance, if you withdraw consent for us to use and share information required to process a financing application, we will be unable to continue with the application process. We will inform you if this is the case.

Managing Cookie Consent: As mentioned above, you can manage your preferences for cookies and tracking through your browser settings. If our site uses a cookie consent banner or tool, you can also use that to opt in or out of certain categories of cookies (like analytics or advertising cookies).

Keep in mind that certain information may need to be retained by us even after you withdraw consent, if required for legal reasons (see Data Retention and Storage). Withdrawal of consent is not the same as a request for deletion; if you want us to delete your personal information, please see Your Rights and Choices below for the process to make that request.

Sharing and Disclosure of Information

We understand that your personal information is important, and we only share it with others under specific circumstances, and only as necessary. We do not sell your personal information to unrelated third parties. Below are the situations in which we may disclose or share your information with third parties:

  • Service Providers (Processors): We share personal information with trusted third-party service providers who perform services on our behalf. These include:
  • IT and Hosting Providers: Companies that host our website, manage our databases, or provide IT infrastructure, ensuring our site and data are properly maintained and secure.
  • Analytics Services: Providers like Google Analytics, which process usage data to give us website traffic reports and insights. These providers may receive technical and usage information from your browser via cookies or scripts on our site. Importantly, such analytics data generally do not identify you personally to us; they are used to improve our site and marketing.
  • Customer Relationship Management (CRM) and Marketing Tools: Services such as HubSpot (which we use to manage contact forms, email communications, and customer interactions) or email service providers that send out our newsletters. These tools help us organize inquiries, send communications, and track interactions with you. They will store contact details and communication history so we can effectively manage our relationship.
  • Advertising Partners: Ad platforms that help deliver our advertisements and measure their effectiveness – for example, Facebook/Instagram (Meta) and Google Ads. Data shared with advertising partners is typically limited to what is needed to target or measure campaigns (e.g. a unique identifier like a cookie ID or hashed email for a custom audience). More details on our advertising data practices are provided separately below.
  • Other Operational Partners: Additional vendors for specific business operations, such as document storage services, identity verification services, payment processors (if applicable), or cloud-based software tools. These parties are given access only to the information necessary to perform their functions (for example, an identity verification service might receive your ID details to confirm authenticity).

All our service providers are contractually obligated to protect your information, keep it confidential, and use it only for the purposes of providing services to Mehmi Group. We do not permit them to use your personal information for their own marketing or other purposes outside the scope of what we’ve hired them to do.

  • Financial Institutions and Lending Partners: If you apply for financing through us, we will share your information with third parties necessary to fulfill your request. This includes banks, leasing companies, alternative lenders, or other financing partners that work with us to provide funding. For example, when you submit a truck or equipment financing application, we may forward the application details and supporting documents to one or more potential lending partners so they can evaluate your eligibility and offer terms. These partners are typically independent data controllers of the information we provide to them, meaning they have their own legal responsibilities to protect your data and their own privacy policies (we encourage you to review any privacy information they provide). We only share the information required to facilitate your financing; this usually includes the information on your application form and necessary documents, and may include credit-related information if needed for the lender’s decision. Our financing partners are expected to use your information solely for assessing your application and providing financing, and they are not permitted to use it for other purposes without your consent. We do not share sensitive personal documents (like IDs or bank statements) with any party unless it’s necessary for the service you’ve requested (e.g. proving identity to a lender).
  • Legal Requirements and Protection: We may disclose your personal information when required by law or legal process, or when we believe in good faith that such disclosure is necessary to comply with applicable laws, regulations, or a legal obligation (such as a court order, subpoena, or government demand). We may also disclose information to investigate or assist in preventing suspected fraud, security issues, or violations of our Terms of Service or other agreements. If you violate our Terms of Service or engage in behavior that is potentially illegal or harmful, we may share information with law enforcement or other authorities as part of an investigation (subject to applicable privacy laws).
  • Business Transfers: If Mehmi Group is involved in a business transaction such as a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, or sale of company assets, your personal information may be transferred to a successor or affiliate as part of that transaction. For example, if another company acquires Mehmi Group or its assets, personal information held by us (including customer data) would likely be one of the transferred assets so that the service can continue under the new ownership. In such cases, we will ensure that the successor entity is bound to protections substantially similar to those set out in this policy, and we will provide notice on our website if a transfer of this nature occurs.
  • With Your Consent: Apart from the scenarios above, we will only share your personal information with third parties if you have given us explicit permission to do so. For instance, if you ask us to share your information with a co-signer, guarantor, or your financial advisor, or if you opt in to a program that involves third-party access to your data, we will do so with your direction. You have the right to change your mind and withdraw consent for this kind of sharing at any time (see Consent and Withdrawal above).

Advertising Partners – Facebook/Meta and Others: We want to be transparent about how we use information in conjunction with advertising platforms like Facebook and Instagram. We use the Meta Pixel on our site, which means some data about your visit (such as pages viewed or actions taken) is sent to Meta. This helps us with “retargeting” (showing you ads on Facebook/Instagram if you’ve visited our site) and with measuring how effective our ads are (for example, seeing if people who saw an ad then visited our site or took an action). We do not receive personal data like your Facebook profile information from this (unless you explicitly provide information via a Facebook lead form or similar), but Meta may combine the information from our site with data they have about you to tailor ads.

We take steps to limit and protect the data used for advertising. In relation to our use of Facebook/Meta advertising data, we abide by the following principles:

  • Limited Sharing: We only share Facebook advertising data with authorized service providers working on our behalf and with the Facebook/Meta platform itself. For example, if we use an agency or marketing consultant, they might have access to our Facebook Ads account data to help manage campaigns, but they will be bound by confidentiality.
  • Purpose of Use: Facebook advertising data (information collected via the Meta Pixel or provided by Facebook about our ads) is used by us solely to evaluate ad performance and to improve our advertising strategies. We analyze this data in aggregate and anonymous form (for example, the total number of ad clicks or conversions). We do not use this information to identify you individually, unless you have explicitly permitted such use. In other words, unless otherwise permitted by applicable law or by your explicit consent, we treat Facebook ad data as a tool for statistics and marketing improvement, not as personal data for individual profiling.
  • No Profile Building from Ad Data: We do not use data from Facebook or Instagram advertising to build independent personal profiles about our customers or website visitors. Any segmentation or targeting we do within Facebook’s system (like creating a custom audience of site visitors) stays within that system and follows Facebook’s terms. Outside of that platform, we are not compiling your browsing behavior into a profile.
  • No Selling to Third Parties: We do not sell or transfer Facebook advertising data (or any advertising or analytics data about our users) to third-party ad networks, data brokers, or other independent parties. The data collected via our Meta Pixel is shared with Meta and used by us internally; it is not given away for others’ independent use.

Similar practices apply to any other advertising or analytics partners we use. The data collected is used only for our internal analysis or ad targeting as described, and not for others’ independent purposes. For example, if we use Google Ads conversion tracking, that data is only used to inform us about ad effectiveness and is not sold or shared further.

Third-Party Privacy Policies: Please note that when your information is shared with a third party (such as a financing partner or an analytics provider), that third party will have their own privacy practices and policies which may also apply. We encourage you to read the privacy policies of any third-party services or partners that you interact with. For example, you can review Google’s Privacy Policy to understand how Google Analytics data may be used, or Meta’s Data Policy for information on Facebook/Instagram data practices. However, our agreements with service providers prohibit them from using your data for any purpose other than providing services to us or as required by law.

If you have questions about our third-party sharing practices, you can always contact us for more information.

Cross-Border Data Transfers

Mehmi Group is based in Canada, but the personal information we collect may be stored or processed in other countries. Specifically, some of our third-party service providers (such as web hosts, cloud storage services, analytics and advertising partners like Google, Meta, or HubSpot) are located in or have servers in the United States or other jurisdictions outside of Canada. This means that when we share information with them or when they collect information on our behalf, your data may be transferred to and stored on servers located in a country other than Canada.

Differences in Laws: If your personal information is held in another country, it may be subject to the laws of that country and could be accessible to government, courts, or law enforcement authorities in those jurisdictions. For example, data stored in the United States may be lawfully accessed by U.S. authorities under American law. Similarly, data in other countries might be accessed under local laws. It’s important to note that the privacy protections in those countries may differ from those in Canada.

However, regardless of where your data is processed, we will take appropriate measures to ensure its protection. Our practices will remain governed by this Privacy Policy, and we will employ safeguards (such as contractual data protection agreements) to ensure that any service providers outside Canada provide a level of protection for personal information that is comparable to that provided under Canadian law. For instance, when we engage service providers in the U.S., we may include standard contractual clauses or similar legal mechanisms in our agreements with them to protect your data.

By using our website or providing us with personal information, you consent to the transfer of your information to jurisdictions outside of your home country, including to Canada and the United States. If you are located in the European Union (EU) or other regions with data transfer restrictions, please note that we will take steps to ensure that adequate safeguards are in place when transferring your personal information (for example, relying on legal transfer mechanisms recognized by the EU, if applicable).

If you would like to know more about how we handle cross-border transfers of your data, or if you have questions about the policies governing our international service providers, you can contact us (see Contact Information section) and we will be happy to provide more information.

Data Retention and Storage

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required or permitted by law. This section explains how long we keep different types of data and how we securely store it.

Data Retention:

  • If you apply for financing or use our services, we will retain the information you provided (and any records of the service provided to you) for the duration of our relationship with you, and for a period afterward. This retention period may be determined by legal requirements. For instance, financial records and transaction details might need to be kept for a certain number of years to comply with federal and provincial regulations, tax laws, or auditing purposes. Even if your application is not approved or you choose not to proceed with financing, we may keep your application information for a certain time in case you have questions, to improve our services, or to comply with record-keeping obligations.
  • If you merely make an inquiry (for example, you contact us but do not go on to apply for a service), we will keep your information for as long as needed to respond to you and follow up, and a reasonable period thereafter in case you later decide to pursue our services. If you’ve given consent to receive marketing updates, we will retain your contact information until you unsubscribe or withdraw that consent.
  • Technical data (like logs from website visits) is typically stored only for a short period (a few months up to a couple of years) unless we are required to retain it longer. We may keep aggregated data (that does not identify individuals) indefinitely for statistical analysis.
  • When your personal information is no longer required for the purposes we collected it, and we no longer have a legal or business need to retain it, we will securely delete, destroy, or anonymize the information. For example, we may purge outdated documents from our system or anonymize customer data in our databases so it can no longer be linked to you.

We have internal policies that govern the retention and deletion of client information. The exact time frames for retention can vary depending on the type of information and the legal requirements. We strive not to keep personal data for longer than necessary.

Data Storage and Security:
Personal information collected through our website is stored on secure servers or systems. We may use cloud-based databases and storage services provided by third-party companies (for instance, data you submit might be stored in our account with HubSpot or on secure cloud servers provided by reputable providers). We and our service providers store data electronically; any physical copies of personal information (if any) are kept securely in our offices or facilities with controlled access.

All data is stored in accordance with this Privacy Policy and subject to strict security measures (see Security Measures below for details on how we protect data). For example, our website operates with Secure Sockets Layer (SSL) encryption which protects data during transmission (you can see the padlock icon in your browser when accessing our site, indicating an encrypted connection). Sensitive information (such as identification details or financial data) that we store is protected with appropriate access controls — meaning only authorized personnel who need to see that information for their job duties can access it. Our service providers are also required to implement robust security to protect the data we entrust to them.

In some cases, we may retain certain information in backup archives that are not in active use (for example, in routine back-ups of our systems for disaster recovery). If we delete your data from our active systems, it’s possible it might remain for a period in these secured backups until those backups are cycled out.

If you have specific questions about how long we keep a certain type of information, or if you believe we might be keeping your data longer than necessary, please contact us. We will be transparent about our data retention practices and will honor legitimate requests to delete data (as described in Your Rights and Choices below) in accordance with applicable law.

Security Measures

Mehmi Group takes the security of your personal information seriously. We employ a range of administrative, technical, and physical security measures to protect your data from unauthorized access, disclosure, alteration, and destruction. While no method of transmission over the Internet or electronic storage is 100% secure, we follow industry best practices to safeguard your information.

Technical Safeguards: We use encryption and secure protocols to protect data. Our website uses HTTPS/SSL encryption for all data transfer, which means that information you enter on our site (such as personal details on forms) is encrypted in transit between your browser and our servers. We maintain up-to-date firewall protection and intrusion detection systems to guard our network and servers against unauthorized access. Where possible, we encrypt sensitive personal information at rest (stored in our databases or servers) or apply pseudonymization techniques, so that even if data were accessed without authorization, it would be of limited use. Access to our systems requires authentication (such as strong passwords and, for administrative access, multi-factor authentication), and we regularly update and patch our software to address security vulnerabilities.

Administrative and Organizational Measures: We restrict access to personal information within our organization on a need-to-know basis. This means that only employees or contractors who require your information to perform their duties (for example, a financing specialist reviewing your application, or our customer service staff assisting you) are granted access. Our team members are trained on the importance of privacy and security, and we have internal policies in place to govern how we handle personal data. We also have a designated individual or team responsible for overseeing information security and compliance with privacy regulations, ensuring that we remain vigilant and up-to-date on best practices.

Physical Security: If any personal information is stored or accessible at our physical office locations (for instance, in printed form or on local servers), we implement physical security controls. This may include locked file cabinets for paper records, controlled access to offices (keys or access cards), and security alarm systems. For data centers or cloud providers we use, we rely on their physical security measures which typically include 24/7 security personnel, surveillance cameras, and strict access controls at their facilities.

Monitoring and Testing: We monitor our systems for potential vulnerabilities and unauthorized activity. We may perform security testing and audits (directly or through external specialists) to assess the strength of our protections. If we detect any suspicious activity or potential security issues, we act promptly to investigate and mitigate them.

Incident Response: In the unlikely event of a data breach or security incident involving your personal information, we have procedures in place to respond swiftly. This includes containing the breach, assessing the scope of impact, notifying affected individuals and relevant authorities as required by law (for example, under PIPEDA, significant breaches must be reported to the Office of the Privacy Commissioner of Canada and affected individuals), and taking steps to prevent future incidents.

While we are committed to protecting your information, it’s important to understand that you also play a role in security. Ensure that any credentials (like an account login, if we provide one) are kept secure and that you use a strong password. Be cautious about phishing attempts or fraudulent communications pretending to be us — we will never ask for sensitive information like passwords via email.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of an account you have with us has been compromised), please contact us immediately so we can work with you to resolve the issue.

Age of Consent

Our website and services are intended for use by adults. By using this website, you represent that you are at least the age of majority in your province or territory of residence (which is 18 or 19 years old in Canada, depending on the province), or that you are the parent or guardian of a minor who is using our site with your consent. We do not knowingly solicit or collect personal information from children under the age of 13.

If you are under the age of majority in your jurisdiction, you must not use our website or services without verifiable parental consent. Parents or legal guardians should supervise the use of our services by minors and are responsible for ensuring that minors’ use is in accordance with this Privacy Policy.

If we become aware that we have inadvertently collected personal information from someone under the age of 13 (or under the age of majority without proper consent), we will take steps to promptly delete that information from our records. If you are a parent or guardian and you believe your child (who is under the applicable age) has provided us with personal information without your consent, please contact us and we will work to remove that information.

Your Rights and Choices

We believe in being transparent and giving you control over your personal information. Under applicable privacy laws (such as PIPEDA in Canada, and other data protection laws in other jurisdictions), you have certain rights with respect to your personal information that we hold. These rights include:

  • Right to Access: You have the right to request access to the personal information we have about you. This means you can ask us to confirm whether we are processing your personal information, and you can request a copy of that information. We will provide you with the information in our records, typically within a reasonable time frame. We may need to verify your identity before releasing data to ensure we don’t disclose it to the wrong person.
  • Right to Correction (Rectification): If any of your personal information we have is inaccurate or incomplete, you have the right to request that we correct or update it. For example, if you realize we have a misspelled name or an outdated address, you can ask us to fix it. We rely on you to provide us with accurate information, and we encourage you to keep your details up to date.
  • Right to Withdraw Consent: As noted in the Consent and Withdrawal section, if you have given consent for a specific use of your information (such as receiving marketing emails), you can withdraw that consent at any time. We will then stop the processing of your data for that purpose. (Note: If the processing is based on another legal basis, like a legal obligation, we might not be able to cease processing that is mandatory, but we will inform you if that is the case.)
  • Right to Deletion (Erasure): You may request that we delete your personal information from our records. This is sometimes referred to as the “right to be forgotten.” For example, if you no longer want us to have your data, you can ask that we remove it. We will honor such requests to the extent possible; however, please note that this right is not absolute. We may need to retain certain information for a period of time to meet legal obligations or legitimate business needs (for instance, we cannot delete records that we are required by law to keep, such as certain financial transaction records, and we might retain some basic info to avoid duplicate entries in case you contact us again). If we cannot fully comply with your deletion request, we will inform you of the reasons (subject to any legal restrictions).
  • Right to Challenge Compliance: If you have concerns about our privacy practices, you have the right to raise a question or complaint about how we handle your personal information. We encourage you to contact us first, so we can address your concern. We will investigate and respond to any complaints we receive. If you are not satisfied with our response, you also have the right to escalate your complaint to an external authority. In Canada, you can contact the Office of the Privacy Commissioner of Canada (OPC) or your provincial Privacy Commissioner (if applicable) about our personal information handling practices. Similarly, if you reside in another country, you may have the right to contact your local data protection authority.

General Data Protection Regulation (GDPR) or UK Data Protection Act. These can include the right to object to processing, the right to data portability, and the right to restrict processing under certain conditions. While our business is primarily focused in Canada, we will endeavor to respect these rights for international users where applicable. If you are an EU resident and wish to exercise GDPR rights, please contact us and we will assist you in accordance with applicable law.

Exercising Your Rights: To exercise any of your rights, please contact us using the information provided in the Contact Information section below. Please clearly describe your request – for example, if you want a copy of your data, let us know what information you are seeking. We may need to ask for specific information to verify your identity (such as providing identifying details that match our records) before we fulfill your request. This is to ensure we protect your data from unauthorized access.

We will respond to your request within a reasonable timeframe. For access requests or more complex inquiries, we will aim to respond within 30 days as required by PIPEDA (or within the timeframe required by other applicable laws). There is no fee for making a request, though in rare cases, if your request is unusually extensive, we might charge a minimal fee as permitted by law (we would inform you in advance in such a case).

Managing Communication Preferences: Even if you do not want to make a formal request as above, you can still control certain aspects of how we interact with you. For instance, you can unsubscribe from marketing emails by clicking the “unsubscribe” link in any promotional email, or by contacting us to be removed from our mailing list. You can also ask us not to call you for marketing purposes by letting us know. We will respect your preferences and ensure that you are opted out from further marketing contact if you so choose (however, we may still contact you for transactional or account-related matters, such as messages about an ongoing application or service you are using, as those are not promotional).

We are dedicated to upholding your rights and ensuring your satisfaction. If you have any questions or concerns about your rights or how to exercise them, please reach out to us – we’re here to help.

Changes to the Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will revise the “Last updated” date at the top of this policy (or the Effective Date noted in the Introduction).

How We Notify You of Changes: If the changes are minor or primarily editorial (for example, clarifying language), we may simply post the revised Privacy Policy on our website. For significant changes that materially affect how we handle personal information, we will provide a more prominent notice of the update. This could include a notice on our website’s homepage, a pop-up or banner notification on the site, or an email to users for whom we have contact information, notifying you of the change.

Where required by law, we will also seek your consent for material changes in how we use personal information (for example, if we ever plan to use your data for a new purpose that requires consent).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website or services after any changes to this Privacy Policy have been posted will be deemed acceptance of those changes. However, we will not apply changes retroactively to personal information collected previously without your consent, unless required by law.

If you do not agree with the changes to the Privacy Policy, you should stop using our services and you may contact us if you have concerns.

Your Rights and Choices

We welcome any questions, concerns, or feedback you may have about this Privacy Policy or our privacy practices. If you:

  • have questions or comments about this policy,
  • need to access or correct your information,
  • want to withdraw consent or request deletion of your data,
  • or have a complaint or concern about how we handle your personal information,

please do not hesitate to contact us.


Contact us at:
Email: support@mehmigroup.com
Toll-Free Phone: +1 (437) 777-5901
Mailing Address: Mehmi Group Corp. Suite 501, 77 City Centre Drive, Mississauga, ON  L5B 1M5, Canada

We will do our best to address and resolve any issues you bring to our attention. If you contact us with a privacy-related request or complaint, please include your name and contact information and a detailed description of your request/concern. We may reach out to you for further clarification if needed.

If you are not satisfied with our response to a privacy issue, you may contact the Office of the Privacy Commissioner of Canada or your local Privacy Commissioner/Data Protection Authority for further guidance or to file a complaint.

Thank you for trusting Mehmi Group with your personal information. We are committed to protecting your privacy and ensuring that your personal data is handled with care and respect.

Chat on WhatsApp