Privacy Policy | Wiebe Consulting

Last updated: April 21, 2026

Wiebe Consulting is a business name registered in Ontario, Canada (Ontario BIN 1001249860), based in Windsor, Ontario, Canada ("Company," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our website and services.

Not Legal Advice. Nothing in this Privacy Policy is legal, regulatory, tax, financial, or medical advice. If you have compliance questions specific to your business or jurisdiction, consult qualified legal counsel.

Clinic OS Pro Users

If you are a user of Clinic OS Pro (our SaaS platform) or the 60-Day Sprint program, please see our Clinic OS Pro Privacy Policy which covers the specific data practices for our software platform.

When we access or process Protected Health Information (PHI) on behalf of a US healthcare client, our Business Associate Agreement (BAA) governs that processing and supplements this policy. This Privacy Policy primarily addresses information we collect in our consulting business and on wiebe-consulting.com.

1. Information We Collect

1.1 Information You Provide

Contact information (name, email address, phone number, company name, job title)
Business information you share during consultations
Communications (emails, chat messages, call recordings and transcripts)
Payment information (processed securely by third-party payment providers)
Information about your clinic, patients (in aggregate), and business operations

1.2 Automatically Collected Information

IP address and device information
Browser type and operating system
Pages visited and time spent on our website
Referring website or source
Cookies and similar tracking technologies

1.3 Call Recordings and Transcriptions

We may record and transcribe calls and meetings using AI-powered tools. These recordings may create voice profiles ("voiceprints") for speaker identification purposes. See Section 8 for more details on biometric data.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our consulting and retention platform services
Communicate with you about our services, appointments, and updates
Process payments and manage billing
Send marketing communications (with your consent)
Create meeting notes, documentation, and action items
Analyze usage patterns to improve user experience
Comply with legal obligations
Protect our rights and prevent fraud

3. Information Sharing and Disclosure

We do NOT sell your personal information. We may share information with:

Service Providers: Cloud hosting, payment processing, AI tools, analytics, and email services that help us operate our business
Professional Advisors: Accountants, lawyers, and other professionals as needed
Legal Requirements: When required by law, subpoena, court order, or government request
Business Transfers: In connection with any merger, acquisition, or sale of assets
With Your Consent: When you explicitly authorize us to share information

4. AI Tools and Third-Party Services

We use various AI tools and third-party services that may process your information, including but not limited to:

OpenAI (GPT-4, ChatGPT API)
Anthropic (Claude API)
AI transcription services (Zoom, Fathom, Otter.ai, Fireflies, or similar)
Analytics tools (Google Analytics or similar)
Cloud hosting providers
Email marketing platforms

These providers have their own privacy policies. Where the provider offers controls, we configure AI tools so that your content is not used to train public models. However, we cannot guarantee that every provider honors those settings in all circumstances, and model training controls vary by provider and plan.

PHI and AI Tools: You are responsible for ensuring that any Protected Health Information (PHI) or other regulated data you share with us or enter into AI-assisted workflows complies with applicable law. Do not input PHI into any AI tool or workflow we use unless we have a signed BAA in place and you have confirmed that the specific tool is covered by that BAA.

5. Cookies and Tracking Technologies

We use cookies and similar technologies for:

Essential Functionality: Required for the website to function properly
Analytics: To understand how visitors use our website
Marketing: To deliver relevant advertisements (if applicable)

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

6. Data Security

We implement reasonable technical and organizational measures to protect your information, including:

Encryption in transit (HTTPS/TLS)
Secure password practices
Access controls and authentication
Regular security reviews

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

7. Data Retention

We retain information as long as necessary to:

Provide our services
Comply with legal obligations
Resolve disputes
Enforce our agreements

Typical retention periods:

Client records: 7 years after engagement ends
Call recordings and transcripts: 2 years
Marketing contacts: Until opt-out or 3 years of inactivity
Biometric data (voiceprints): 2 years or when purpose is satisfied

8. Call Recording and Biometric Data

IMPORTANT NOTICE

Please read this section carefully. It describes our practices regarding call recording and biometric data collection.

8.1 Recording of Communications

We record and transcribe client calls and meetings for documentation, quality assurance, and training purposes. Recordings may be made using various platforms including Zoom, Google Meet, Microsoft Teams, and AI-powered transcription tools.

8.2 Biometric Data Collection

We are committed to complying with the Illinois Biometric Information Privacy Act (BIPA) and similar state biometric privacy laws where applicable. AI transcription tools may create voice profiles or "voiceprints" to identify and distinguish between speakers. These voiceprints may constitute biometric identifiers or biometric information under BIPA and similar state laws.

8.3 Purpose of Biometric Data Collection

Biometric data (voiceprints) is collected solely for:

Accurate speaker identification in meeting transcripts
Creating attributed meeting notes and action items
Quality documentation of client engagements

8.4 Retention and Destruction of Biometric Data

Biometric data will be retained for no longer than 2 years from collection, or when the purpose for collection has been satisfied, whichever comes first. Biometric data will be permanently destroyed by securely deleting recordings and associated transcripts when:

The retention period expires
You request deletion in writing
The business relationship ends and the retention period expires

8.5 No Sale of Biometric Data

We will NOT sell, lease, trade, or otherwise profit from your biometric data. Biometric data is disclosed only to service providers necessary for transcription services.

8.6 Consent and Opt-Out

Before or at the time we collect biometric data, we obtain written or electronic consent that describes the specific purpose and duration of collection. By signing a client service agreement or by continuing to participate in a recorded session after being notified of recording, you provide that consent. You may withdraw consent and opt out of biometric data collection for any future meeting by notifying us in writing at ben@wiebe-consulting.com before the meeting begins. Withdrawal of consent does not affect data already collected.

9. Healthcare Clients and Protected Health Information (PHI)

For healthcare clients subject to HIPAA (Health Insurance Portability and Accountability Act):

A separate Business Associate Agreement (BAA) will be executed before we access any Protected Health Information
We will implement appropriate safeguards as required by HIPAA
PHI will NOT be processed through consumer AI tools that are not HIPAA-compliant
We will use only the minimum necessary PHI to perform our services

10. Your Rights

Depending on your location, you may have rights regarding your personal information:

10.1 General Rights

Access: Request a copy of your personal information
Correction: Request correction of inaccurate information
Deletion: Request deletion of your information (subject to legal retention requirements)
Objection: Object to certain processing activities
Portability: Request your data in a portable format
Withdraw Consent: Withdraw consent where processing is based on consent
Opt-Out of Marketing: Unsubscribe from marketing communications

Note for Healthcare Clients: These rights apply to information we hold about you as a client. Patient rights regarding Protected Health Information (access, amendment, accounting of disclosures) must be exercised directly with your clinic as the Covered Entity. We will assist you in fulfilling patient rights requests as required by our BAA, but we cannot respond directly to requests from your patients.

10.2 California Residents (CCPA/CPRA) - Do Not Sell My Personal Information

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to know what personal information we collect and how it is used
Right to delete personal information
Right to opt-out of "sales" of personal information
Right to non-discrimination for exercising your rights
Right to correct inaccurate personal information
Right to limit use of sensitive personal information

We Do Not Sell Your Personal Information

Wiebe Consulting does NOT sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. We do not engage in the "sale" of personal information as defined under CCPA/CPRA.

To exercise your CCPA/CPRA rights, please contact us at ben@wiebe-consulting.com with "CCPA Request" in the subject line. We will respond to verified requests within 45 days as required by law.

10.3 Canadian Residents (PIPEDA)

Canadian residents have rights under PIPEDA to access and correct their personal information. Contact us to exercise these rights.

10.4 European Union / UK Residents (GDPR)

If you are in the EU or UK:

Legal Basis: We process data based on contract performance, legitimate interests, or consent
Data Transfers: We may transfer data to Canada and the United States
Supervisory Authority: You may lodge complaints with your local data protection authority

To exercise your rights, contact us at: ben@wiebe-consulting.com

11. International Data Transfers

We are based in Canada and may transfer your information to the United States and other countries where our service providers operate. For transfers of personal data from the EU or UK to the United States or other countries not deemed adequate by the European Commission, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent transfer mechanisms recognized under applicable law. Our Data Processing Addendum (DPA) incorporates SCCs by reference and is available upon request for EU and UK clients.

12. Children's Privacy

Our services are intended for businesses and professionals, not for children. We do not knowingly collect personal information from individuals under 18 years of age. If we learn that we have collected personal information from a child, we will take steps to delete that information promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of our services after changes constitutes acceptance of the updated policy.

14. Accessibility

Wiebe Consulting is committed to ensuring digital accessibility for people with disabilities. We are continually improving the user experience for everyone and applying the relevant accessibility standards.

14.1 Conformance Status

We strive to conform to the Web Content Accessibility Guidelines (WCAG) 2.1 Level AA standards. These guidelines help make web content more accessible to people with disabilities, including those with visual, auditory, physical, speech, cognitive, language, learning, and neurological disabilities.

14.2 Accessibility Features

We have implemented the following measures to ensure accessibility:

Semantic HTML structure for screen reader compatibility
Alternative text for images
Sufficient color contrast ratios
Keyboard navigation support
Responsive design for various devices and screen sizes
Clear and consistent navigation

14.3 Feedback and Assistance

We welcome your feedback on the accessibility of our website. If you encounter accessibility barriers or need assistance:

Email: ben@wiebe-consulting.com
Please include "Accessibility" in the subject line
Describe the specific accessibility issue or barrier you encountered
Provide the URL or page where you experienced the issue

We will make reasonable efforts to address accessibility concerns and provide the information or service you need through an alternative communication method that is accessible for you.

14.4 Limitations

Despite our best efforts to ensure accessibility, there may be some limitations. Below is a description of known limitations:

Third-party content: Some content provided by third parties may not be fully accessible
Legacy content: Older content may not meet all current accessibility standards
PDF documents: Some PDF documents may not be fully accessible; contact us for alternative formats

If you need information from this website in a different format, please contact us and we will do our best to provide it in an accessible format.

15. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Wiebe Consulting
Windsor, Ontario, Canada
Email: ben@wiebe-consulting.com
Website: wiebe-consulting.com

By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy.