Which Canadian privacy laws does ÓRIVON work with?

PIPEDA at the federal level, plus the provincial regimes: British Columbia PIPA, Alberta PIPA and Quebec Law 25. We also support organisations that operate internationally under GDPR.

Canadian organisations that need a credible, law-backed privacy and GRC programme — from regulated mid-market companies to scale-ups preparing for enterprise customers.

Vancouver, British Columbia. We work with clients across BC, Alberta and the rest of Canada.

★ Privacy-led GRC consulting · Canada

TRUST, BY DESIGN

ÓRIVON helps Canadian organisations map their personal data, assess their risk and build a privacy programme regulators, customers and boards can trust. Fluent in PIPEDA, BC PIPA and Alberta PIPA.

Take the free 10-minute assessment Book a consultation

PIPEDA
BC PIPA
Alberta PIPA
GDPR-ready

Why ÓRIVON

A practitioner-led alternative to legacy GRC firms.

We are senior privacy professionals and GRC practitioners who have run privacy programmes from the inside. We sell trust and clarity, not fear of fines — and we write the work for the people who have to act on it, not for a binder.

Privacy-led by design

We start with personal data and accountability, then connect to risk and governance.

Built by practitioners

Law-backed, certified privacy expertise. Advice you can act on.

Fluent in Canadian rules

PIPEDA and the provincial regimes are home ground.

From map to operating programme

We don't stop at findings — we help you run it and prove it.

What we do

Eight services. One privacy programme that holds together.

See all services

Privacy programme & DPO advisory

A privacy office on demand — accountable, documented, and ready for boards, regulators and customers.

Data mapping & RoPA

Know exactly what personal data you hold, where it lives and who it flows to.

Privacy impact assessments

PIAs and DPIAs that are defensible, practical and tied to the controls you actually run.

GRC framework

Risk, controls and assurance built around privacy — not bolted on after the fact.

Policies, notices & retention

Plain-language documents your team can follow and your customers can understand.

Breach & incident readiness

Playbooks, tabletop exercises and reporting workflows aligned to Canadian thresholds.

Third-party & vendor risk

Diligence, contracts and ongoing oversight for the partners that touch your data.

Training & awareness

Role-specific privacy training so the programme works on Mondays, not just in audits.

★ Free · 10 minutes

Find out where your privacy programme stands.

Answer ten focused questions about how your organisation handles personal data. You'll see a maturity score across five domains, your top three gaps and a recommended next step — mapped to PIPEDA, BC PIPA or Alberta PIPA.

Start the assessment

Results emailed to you. No spam.