GrantFinderBack to Home

Privacy Policy

Last updated: February 1, 2026

Encrypted Passwords

Bcrypt hashing protects your credentials

Secure Sessions

HTTP-only cookies prevent XSS attacks

HTTPS Encryption

All data transmitted securely

1. Introduction

5029749 Ontario Inc. ("Company", "we", "us", or "our") operates the GrantFinder platform ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully. By using our Service, you consent to the practices described in this policy.

2. Information We Collect

Personal Information

We may collect the following personal information when you create an account or use our Service:

  • Name and email address
  • Country, province/state, and region of residence
  • Academic level and field of study
  • Educational institution information
  • Account credentials (password stored in encrypted form only)

Usage Information

We automatically collect certain information when you use our Service:

  • Grants viewed and search queries
  • Time spent on the platform
  • Saved and applied grants
  • Session information and login activity
  • Device type and browser information
  • IP address and approximate location

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Personalize grant recommendations using AI algorithms
  • Create and manage your account
  • Communicate with you about updates, features, and support
  • Analyze usage patterns to enhance user experience
  • Protect against fraud and unauthorized access
  • Comply with legal obligations

4. Login and Password Security

We take the security of your login credentials seriously. Here's how we protect your account:

Password Protection

  • Bcrypt Encryption: Your password is hashed using bcrypt, an industry-standard algorithm that makes it computationally infeasible to reverse-engineer your original password
  • Salt Generation: Each password hash includes a unique salt, preventing rainbow table attacks
  • No Plain Text Storage: We never store your password in plain text. Even our staff cannot view your actual password

Session Security

  • Secure Session Tokens: Session data is stored securely and cannot be tampered with
  • Automatic Timeout: Sessions expire after periods of inactivity
  • HTTPS Only: All authentication data is transmitted over encrypted HTTPS connections

Additional Security Measures

  • Rate limiting to prevent brute force attacks
  • Input validation and sanitization to prevent injection attacks
  • Regular security audits and updates

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With third-party vendors who assist in operating our Service (hosting, analytics, email services), under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or governmental regulation
  • Protection of Rights: To protect the rights, property, or safety of our Company, users, or the public
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you request account deletion, we will delete your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes. Usage analytics data may be retained in anonymized form for longer periods.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request your data in a portable format
  • Opt-out: Opt out of marketing communications

To exercise these rights, please contact us at privacy@grantfinder.ca.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your preferences, and analyze Service usage. You can control cookie settings through your browser, but disabling cookies may affect Service functionality.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Canada. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

5029749 Ontario Inc.
Privacy Officer
Email: privacy@grantfinder.ca

© 2026 5029749 Ontario Inc. All rights reserved.

Terms of ServiceHome