Who we are
Our website address is: https://evcomech.com
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where your data is sent
Visitor comments may be checked through an automated spam detection service.
Privacy Policy for Internal Financial Dashboard
Last Updated: December 2025
1. Purpose This application is an internal business tool used exclusively by EVCO Plumbing & Gas Corp. for automated bookkeeping and cash flow monitoring. It is not available to the general public or external consumers.
2. Data Collection We use Plaid to retrieve bank transaction history, account balances, and liability data from accounts owned by the business. We do not collect or store bank login credentials; these are handled exclusively by Plaid.
3. Data Usage Data retrieved is used solely for internal financial reporting and is stored in a private, MFA-protected Google Sheet. We do not sell, share, or disclose this data to any third parties.
4. Data Security Data is protected by Google’s AES-256 encryption at rest and TLS 1.2+ encryption in transit. Access is limited to the account owner via mandatory Multi-Factor Authentication (MFA).
5. Contact For questions regarding this internal policy, contact webchefdev at gmail dot com.
Data Retention & Deletion Policy
1. Purpose and Scope This policy governs the retention and disposal of financial data retrieved via the Plaid API for internal business use by EVCO Plumbing & Gas Corp. As an Alberta-based organization, we comply with the Personal Information Protection Act (PIPA) and federal CRA record-keeping requirements.
2. Retention Period In accordance with the Income Tax Act (Canada), we retain all books, records, and supporting financial data for a minimum of six (6) years from the end of the last tax year to which they relate. In practice, we maintain a seven (7) year retention cycle to ensure full compliance with potential CRA audits or reassessment windows.
3. Data Deletion & Disposal Personal and financial information that is no longer required to fulfill legal or business purposes is securely destroyed.
- Revocation: Upon unlinking a financial institution, the Plaid “access_token” is immediately revoked, severing the connection to the bank.
- Digital Purging: Data stored within the Google Workspace environment (Google Sheets) is manually deleted. Once moved to the “Trash,” Google’s infrastructure ensures that the data is overwritten and rendered irretrievable within 30 days.
- Decommissioning: If this tool is no longer in use, all API credentials will be deleted from the Plaid Dashboard, and all historical data in the associated Google Sheet will be permanently erased.
4. Data Security during Retention While data is retained for the mandatory 6-7 year period, it is protected by:
- MFA: Multi-Factor Authentication is required for all access to the storage environment.
- Encryption: Data is encrypted at rest using AES-256 and in transit via TLS 1.2+.
5. Annual Review This policy is reviewed annually to ensure that data is not held longer than necessary and that disposal methods remain effective under Alberta’s PIPA and Canadian federal standards.