The Mentor Well Privacy Policy

Effective Date: 8 April 2025
Last Updated: 8 April 2025

The MentorWell Inc. is a youth mentorship initiative committed to safeguarding the personal information of our mentees, mentors, parents/guardians, and website visitors. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data in accordance with applicable privacy and data protection laws, including those in Canada, the United Kingdom, the European Union, and the United States.

By engaging with The MentorWell Inc., whether as a participant, parent, mentor, or visitor to our website, you acknowledge and accept the practices described in this policy. If you do not agree, please do not provide your personal information or use our services.

Information We Collect

We collect personal information directly from mentees, mentors, and parents or guardians. This may include:

  • Names and contact details

  • Demographic information (e.g. age, gender identity, pronouns)

  • Application responses and consent forms

  • Session notes and wellbeing disclosures

  • Communication records (email, phone, or in-person)

We also collect anonymized website usage data (e.g. browser type, IP address, page views) through tools such as Google Analytics. Where required, we seek your consent before placing cookies or using tracking technologies.

Use of Personal Information

We use your personal information for purposes that are reasonable and necessary in the context of our mentoring programs, including:

  • Matching mentees with appropriate mentors

  • Supporting safe, effective delivery of services

  • Responding to safeguarding or wellbeing concerns

  • Managing participation records and communication

  • Improving our programs and user experience

Where required by law, we rely on one or more of the following lawful bases for processing your data:

  • Your consent

  • The performance of a contract (e.g. participation agreement)

  • Our legitimate interests in delivering mentorship services

  • Compliance with a legal obligation

  • Protection of someone’s vital interests (e.g. in a safety situation)

Consent

We collect and process personal information only with valid consent, unless an alternative legal basis applies. For minors under 18, we obtain written, verifiable parental or guardian consent before engagement.

Where local laws require it, we also seek consent directly from the young person (e.g. over age 13 in the US, or 13–16 in the UK and EU, depending on the situation).

You may withdraw your consent at any time, subject to legal or contractual restrictions. Withdrawal of consent may limit your access to certain services.

Special Category and Sensitive Information

Some information we collect may be considered sensitive or special category data under data protection laws. This includes:

  • Minor status

  • Gender identity or pronouns

  • Mental health or emotional wellbeing

  • Disclosures of distress, safety concerns, or other sensitive issues

We only collect this information when necessary to support participant wellbeing and the safe delivery of our services. We always seek explicit and informed consent for the collection and handling of this data, and we apply additional safeguards as described below.

Where required by law, we rely on one or more of the following bases for processing such data:

  • Explicit consent

  • The need to protect someone’s vital interests

  • Safeguarding obligations or reasons of substantial public interest


Safeguards for Minors and Mental Health Data

We take additional care when handling data from minors or that relates to health or wellbeing. Our safeguards include:

  • Limiting access to only those staff and mentors who need it

  • Using secure, encrypted platforms for storage and transfer

  • Providing training on data handling and confidentiality

  • Never using sensitive data for marketing or analytics

  • Vetting third-party service providers for strong privacy protections

Disclosure of Information

We do not sell personal information. We may share limited information:

  • With assigned mentors, to support their mentee

  • With program supervisors or consultants assisting with service delivery

  • With parents or guardians when safety or wellbeing concerns arise

  • With trusted service providers (e.g. cloud storage, communications)

We may also disclose data where required by law—for example, in response to a court order or to protect someone's safety.

International Data Transfers

Some of our service providers are located in or store data in countries outside your own, including Canada, the United States, and the United Kingdom.

When we transfer personal data internationally, we ensure that appropriate safeguards are in place to protect it, such as:

  • Adequacy decisions (where applicable)

  • Standard Contractual Clauses (SCCs) approved by the EU or UK

  • Binding agreements and due diligence with non-EU/UK providers

By using our services, you acknowledge that your data may be transferred to—and processed in—jurisdictions outside your country of residence.

Data Retention and Storage

We store personal information on secure, password-protected platforms such as encrypted cloud storage, service platforms and customer relationship management (CRM) systems.

  • Most participant and mentor records are retained for one year after program exit

  • Names may be retained for an additional three years for administrative purposes

  • Marketing contact lists are kept for up to one year post last activity, unless you unsubscribe

When data is no longer required, we securely delete or anonymize it in accordance with best practices.

Cookies and Website Analytics

Our website uses cookies to enhance functionality and gather anonymized analytics. You’ll be asked to consent to cookie use when you visit the site. You can adjust or withdraw your consent at any time through your browser settings.

We do not collect any personally identifiable information through cookies, nor do we use cookie data for profiling or advertising.

Your Rights

Your rights may vary depending on your jurisdiction, but generally include the right to:

  • Access, correct, or delete your personal information

  • Withdraw consent

  • Object to or restrict certain processing

  • Request a copy of your data in portable form

  • Lodge a complaint with a data protection authority

If you are located in the European Union or United Kingdom, you also have the right to:

  • Object to processing based on legitimate interests

  • Request restriction of processing

  • File a complaint with your local data protection regulator (e.g. the Information Commissioner’s Office (ICO) in the UK)

If you are a US resident, you may have additional rights under state privacy laws (e.g. California CPRA), including the right to:

  • Know what personal data is collected

  • Request deletion of your personal data

  • Opt out of any sale or sharing of personal data (note: we do not sell data)

To exercise any of your rights, please contact us using the details below. We respond to all valid requests within the timeframes required by applicable law.

Children’s Privacy

The MentorWell Inc. does not knowingly collect information from children without verifiable parental consent. Where consent is obtained, we handle children’s data with the same care as all other users, and in compliance with relevant child protection and data privacy laws.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services or legal obligations. The “Last Updated” date will always reflect the latest version. We encourage you to review this policy periodically.

Continued use of our services after changes are posted constitutes your acceptance of the revised policy.

Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, you can contact us at:

Privacy Officer – The MentorWell Inc.
Privacy@thementorwell.com

If you are in the European Union or UK and would like to exercise your rights under data protection law, we may appoint a local representative upon request or as required by law.