1. Introduction and General Concepts
We respect and uphold individual rights to privacy and the protection of personal information. We know how important it is to protect your personal information and want to make every customer experience safe and secure. In keeping with that goal, we have developed this Policy to explain our practices for the collection, use, and disclosure of your personal information. We have appointed a Privacy Officer who is responsible for our compliance with this Policy. Information on how to contact the Privacy Officer can be found below.
(a) Personal Information
For the purposes of this Policy, “personal information” means information about an identifiable individual, including, for example, an individual’s name, home address, telephone number, social insurance number, sex, income and family status. Personal information does not include information that would enable an individual to be contacted at a place of business, for example an employee’s name, position or title, business telephone number, or business address. We will only collect, use or disclose personal information in accordance with this Policy, or in accordance with laws applicable to the collection, use and disclosure of your personal information by us (“Applicable Privacy Laws”).
(b) Non-Personal Information
On the other hand, “non-personal information” is any type of information other than personal information, and is excluded from this Policy. For example, non-personal information would include business information, or information that enables an individual to be contacted at a place of business, for example an employee’s name, position or title, business telephone number, or business address. Non-personal information also includes information that is anonymous or not about an identifiable information, such as web browsing information (such as the domain used to access the Website, or the type and version of device, browser or operating system being used to access the Service), or aggregate information that anonymizes the underlying data (like the number of visitors, what pages users visit, average time spent on the Website or on various parts of the Service). We will collect, use or disclose non-personal information in accordance with our ordinary business practices, but always in accordance with any applicable laws. This Policy, however, only covers our collection, use and disclosure of personal information.
(c) Information about Minors
We encourage parents and guardians to spend time with their children online, and to be fully familiar with the sites visited by them. However, our site is not intended for minors. We do not knowingly collect or use personal information about any person under the age of majority (usually the age of 18 or 19, but it varies in different jurisdictions), and no such person, nor any parent or guardian as it relates to such person, should submit their personal information to us for any reason. Further, pursuant to Children’s Online Privacy Protection legislation, we do not use or collect information of individuals under the age of 13. Please do not submit personal information about minors to us, whether through the Website, the Service or otherwise. We require that persons under the age of majority in their legal jurisdiction instead have a parent or guardian do so on his or her behalf, and only use this service through such parent or guardian
(d) Privacy Officer
We have appointed a Privacy Officer who is responsible for our compliance with this Policy. Information on how to contact the Privacy Officer can be found below.
2. Collection and Use of Personal Information
As indicated above, we collect two types of information through our Service: personal information and non-personal information. The types of information we collect about you will depend on the nature of your interaction with us or the Service.
(a) Information we collect from you
We may collect the following personal information from you:
· contact information such as name, email address, mailing address, phone number;
· billing information such as credit card number, and billing address;
· unique identifiers such as user name, account number, password;
· user content generated by you, such as audio, video, text and images as provided by you on the Website, which may contain personal information as provided by you;
· any information that you voluntarily enter, including personal information into any postings, comments, reviews, or forums; and
· preferences information such as order history, purchase preferences and marketing preferences.
(b) Information we automatically collect
We also automatically gather information about your computer such as your IP address, browser type, referring/exit pages, operating system, as well as which aspects of our performance metric indicators available with our technology or our licensees’ products you prefer using. Some of this may be personal information, but in typical cases it is non-personal information. Specific examples follow:
· IP, etc.—When using our Website, we may collect the Internet Protocol (IP) address of your computer, the IP address of your Internet Service Provider, the date and time you access our Website, the Internet address of the website from which you linked directly to our Website, the operating system you are using, the sections of our Website you visit, the Website pages read and images viewed, and the content you download from the Website. This information is used for Website and system administration purposes, and to improve the Website.
· Cookies—We use “cookies”, a technology that installs a small amount of information on a user’s computer to permit the Website to recognize future visits using that computer. Cookies enhance the convenience and use of the Website. For example, the information provided through cookies is used to recognize you as a previous user of the Website, to offer personalized content and information for your use, to track your activity at the Website, to respond to your needs, and to otherwise facilitate your Website experience. You may choose to decline cookies if your browser permits, but doing so may affect your use of the Website and your ability to access certain features of the Website or engage in transactions through the Website.
· Geo-Location Information—When you use the Service through a mobile device, we may track or collect your geo-location information on a real time basis only. We may also use this real-time geo-location information to address support, technical, or business issues that may arise in the course of your use of the Service. If you do not consent to the tracking of your geo-location, you may still be able to use some features of the Service, but it is intended to be used with geo-location information. For example, your location may be used on a mobile application to locate the closest health food stores for your convenience and access. You may at any time withdraw your consent as permitted through the Service, or you can turn the geo-location tracking off at the device level as permitted by the manufacturer of your device. In our experience, your mobile device informs you when geo-location is tracked by displaying the GPS arrow icon.
3. Use of Personal Information
We may use your personal information, in combination with your non-personal information, for a variety of business purposes, for example to:
· fulfill your order or enable a third party to fulfill your order;
· send you an order or appointment confirmation;
· send you requested product or service information;
· send new product or service information;
· respond to customer service requests;
· administer your account;
· to contact you when you have emailed us about the Wellness Challenge;
· send you a newsletter;
· carry out contests or promotions;
· send you marketing communications;
· respond to your questions and concerns;
· improve our Services and marketing efforts;
· conduct research and analysis;
· distribute to our payment processor for the provision of payment services;
· facilitate your transactions with other users, as applicable;
· display content based upon your interests;
· facilitate your transactions with other users; and
· execute other purposes as described in this Policy.
4. Your Consent
We will collect, use, or disclose your personal information only with your knowledge and consent, except where required or permitted by Applicable Privacy Laws. When you choose to provide us with your personal information you consent to the use of your personal information as identified in this Policy and as may be further identified at the time of collection.
(a) Express Consent
Sometimes you will be asked to give your express consent to our collection, use or disclosure of personal information – for example, by being asked to check a box to indicate your consent to receive marketing communications in compliance with Canada’s anti-spam laws.
(b) Implied Consent
Other times, you may provide your implied consent to our collection, use or disclosure of personal information when we can reasonably conclude that you have given consent by some action you have taken or an action you have decided not to take. Generally, this occurs where the purpose for the use of your personal information would be reasonably apparent to you – for example, when you provide us with your address through forms while placing an order, you provide us with implied consent to use that address in order to fulfill your order.
(c) Withdrawing Your Consent
You may notify us at any time that you wish to withdraw or change your consent to our use and disclosure or your personal information. We will accommodate your request subject to legal and contractual restrictions. The most common way of indicating this withdrawal of consent is (i) by changing your privacy preferences to the extent such functionality is made available through the Service, or (ii) deleting your account with the Service and stopping use of the Service. In other situations, you may be able to opt out of the use of your personal information. For example, if you have "opted in" or subscribed to one of our mailing lists, we will always provide you the opportunity to "opt out" or unsubscribe. For example, if you receive emails from us, we will provide a link in the email which you can use to unsubscribe from that mailing list, or you may contact us at email@example.com.
You may also choose not to provide us with your personal information. However, if you make this choice we may not be able to provide you with the Service, or information that you requested. For example, we require your email address in order to verify your account, which is necessary so that newsletters or requests for additional information to ship you a purchase may be sent to you electronically.
5. Information Obtained from Third Parties
If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us and in accordance with this Policy and such policy under which that information was collected. For example, we may collect general information from your employer, such as the number of participants expected to attend a Corporate Wellness seminar.
6. Disclosure and Sharing of Your Information
We will share your personal information with third parties only in the ways that are described in this Policy. We will not sell your personal information to third parties, however the use of our Service necessarily requires some sharing or disclosure of your personal information. Some of these activities may result in personal information collected by us being stored or processed in the United States or elsewhere outside of Canada and, as a result, your personal information may be accessible to law enforcement and regulatory authorities in accordance with the USA PATRIOT Act and other applicable laws of the United States or elsewhere.
(a) Third Party Processors
We may provide your personal information to companies that provide services to help us with the Service such as web hosting providers, payment processors, testing centers, booking providers, product shipping providers, fulfilment agencies, or customer service agencies (“Third Party Processors”). These Third Party Processors are authorized to use your personal information only as necessary to provide these services to us, and in a manner consistent with this Policy. We have selected Third Party Processors who we believe will only use your information in compliance with this Policy, but they may have their own specific policies regarding the collection, use and personal information. We will use commercially reasonable efforts to identify such Third Party Processors when we are collecting your personal information, as well as providing links to the relevant privacy policies that may apply. For example, we may use the services of a third party payment processor for placing your order (even if the payment processing is “transparent” or embedded so it appears as though you are on our Website or application). We strongly suggest that you check with the applicable third party payment processor to see if and what privacy terms apply to your use of these services.
Here are some examples of the Third Party Processors we use as part of the Service:
· The services for our Service is hosted by [Stripe], a reputable hosting platform with industry standard security and practices.
· We do not directly process payments through our Service. We use [Stripe] as a payment processor and their privacy terms are available here: https://stripe.com/ca/privacy. We only ourselves collect and store limited parts of that information to provide a record of your transaction and to prevent (such as a part of a credit card number, or a part of your billing address).
· We do not provide the Hormone, Allergy, or similar services offered through our Services. Rather, we link to a Third Party Processor, which provides a way to purchase the Third Party Processor’s test through Shopify as an e-commerce platform. We will provide your address that you input for shipment to this Third Party Provider, which will send a test kit to you, where you can follow the instructions provided in the test sent by this Third Party Processor. Once you have received the results, we will then meet to discuss the results you choose to share with us.
· When you enter information into any “comments” field through the Service, we forward certain aspects of the information you provide to [Stero Chrom lab or ZRT Labs, for testing services of any additional services where the End user provides information that goes to a third party to run a test/provide a response] to enable them to assist in performing parts of the Service. We have entered into contractual arrangements with these parties to ensure that they abide by this Policy.
· We use a third party to gather information about how you and others use our Service. For example, we will know how many users access a specific page and which links they clicked on. We use this aggregated information to understand and optimize how our site is used. We may also use unique codes, web beacons or single-pixel gif tags to compile tracking information reports regarding Service user demographics, Service traffic patterns, and other aggregated Website or Service statistics, both on the Website and in our electronic communications in order to determine which materials and links have been used by recipients. We may then provide these reports to advertisers and others. None of the tracking information in these reports can be connected to the identities or other personal information of individual users, and is used to represent a separate user their use of the Service, as opposed to identifying that particular user.
· You can log in to our Service using sign-in services such as Facebook Connect. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Services like Facebook Connect give you the option to post information about your activities on this Service to your profile page to share with others within your network.
· We make your contact information available to other users that you transact with on this site to help complete the transaction, in accordance with your selected preferences.
(b) Further Disclosures
We may also disclose your personal information (i) as required by law such as to comply with a subpoena, or similar legal process, (ii) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, or (iii) to any other third party with your prior consent to do so.
(c) Third Party Links
Our Service may contain links to other websites or Internet resources which are provided solely for your convenience and information. When you click on one of those links you are contacting another website or Internet resource. We have no responsibility or liability for, or control over, those other websites or Internet resources or their collection, use and disclosure of your personal information. We encourage you to read the privacy policies of those other websites to learn how they collect and use your personal information.
(d) Public Forums
We may from time to time provide through the Service publicly accessible blogs or community forums. We will use your personal data as provided through those services to administrate and provide you with these public services, and you will have primary control over what information you make publicly available. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.
7. Security of Personal Information
(a) General Security Practices
The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. We employ physical, administrative, contractual and technological safeguards to protect personal information, and insist that our service providers do the same. We insist that our personnel, and those of our providers, only access and use personal information in order to properly perform those duties, and even then only to the strict extent necessary to perform them.
(b) Online Security
We do not accept information that requires encrypted security as payment processing is provided by our third party providers. We believe that these third party providers that we believe encrypt the transmission of that information using secure socket layer technology (SSL); however such terms shall be provided in the applicable terms and conditions of the third party processors, which you are advised to review on their sites. No method of transmission over the Internet, or method of electronic storage, is 100% secure, so you should always exercise caution when disclosing sensitive information over the Internet.
If you have any questions about security on our Website, you can contact us at firstname.lastname@example.org.
8. Requests for Access to and Correction of Personal Information
Applicable Privacy Laws allow, to varying degrees, individuals the right to access and/or request the correction of errors or omissions in his or her personal information that is in our custody or under our control. Our Privacy Officer will assist you with such an access request. This includes:
· identification of personal information under our custody or control;
· information about how personal information under our control may be or has been used by us; and
· the names of any individuals and organizations to which the individual’s personal information has been disclosed.
We will respond to requests within the time allowed by Applicable Privacy Laws and will make every effort to respond as accurately and completely as possible. Any corrections made to personal information will be promptly sent to any organization it was disclosed to.
In certain exceptional circumstances, we may not be able to provide access to certain personal information it holds about an individual. If access cannot be provided, we will notify the individual making the request within 30 days, in writing, of the reasons for the refusal.
9. Removal of Your Information
We keep your information only as long as we need it for legitimate business purposes and to meet any legal requirements. Personal information used to make a decision that directly affects an individual will be kept for at least one year after such a decision. We have retention standards that meet these parameters. We destroy your information when it is no longer needed or required to be kept, or we remove your personally identifiable information to render it anonymous.
11. Contact Information
You can direct any questions or concerns regarding our compliance with this Policy to our Privacy Officer by writing or emailing at:
Privacy Officer HEAL Wellness Inc. 7-232 6th St. E., North Vancouver, BC, V7L 1P5Email: email@example.com
If you are not satisfied with our Privacy Officer’s response to their question or concern you may be able to make a complaint under Applicable Privacy Laws. Our Privacy Officer can provide you with the contact information to make such a complaint.