The Site and Services are intended to be used by adults, and we do not knowingly collect any Personal Information from anyone under 13 years of age. If you are under age 13, please do not provide any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 13, we will delete that information as quickly as possible. If you believe that we might have any Personal Information from a child under the age of 13, be sure to contact us immediately.
- Collection of Information
We may collect certain information from you when you use our Site or are otherwise connected with Services. We collect and obtain your data in a few ways: there is information that you choose to give to us, the information we obtain through your use of our Site or Services and information we obtain from third parties. Each of these is detailed below:
We collect the Personal Information you give us when you register with the Site or use the Services, including name, address, credit card or bank information, and other Personal Information requested or the data you choose to give us.
We automatically collect certain kinds of non-personal information from you when you use the Site, including device, browser type, operating system, CPU speed, referring or exit webpages, click patterns, session ID, and your computer’s IP address.
We may, on occasion, supplement or correct the Personal Information you submit to us and your IP address with information in our other databases or information from third-party sources in order to reduce errors in our database, authenticate our users, prevent fraud and prevent abuse ices, as well as to provide more consistent, relevant experiences to our users.
We may collect general information about use of the Site or Services, such as what pages visitors access, the number of visits, average time spent on the Site or Services, and other similar factors. This information is generally collected in aggregate form, without identifying any user individually, although IP addresses and Session ID in relation to downloads may be tracked as part of our fraud prevention efforts.
- Location-Based Services
Some services may contain functionality that can enable us to access your location and tailor your experience based on your location (“Location-based Services”). To use Location-based Services, you must enable certain features of your mobile device (e.g., GPS, WiFi, or Bluetooth) to allow us to identify your location. To the extent your location is collected through WiFi or Bluetooth sensors, such sensors, and the associated data services, may be provided by a third-party that may access such information for the purpose of providing such data services to us. You agree to such access by such third parties. You may enable or disable such Location-based Services at any time via a menu within the Site. If you choose to disable any Location-based Services on your device and/or opt-out of any Location-based Services through the menu, you will not be able to utilize certain features of the Site or Services. By enabling Location-based Services on your device, you agree and acknowledge that (i) device data we collect from you is directly relevant to your use of the Site or Services; (ii) we may provide Location-based Services related to and based on your then-current location; and (iii) we may use any such information collected in connection with the provision of Location-based Services in providing the Site or Services. PLEASE NOTE THAT LOCATION DATA MAY NOT ALWAYS BE ACCURATE, AND WE DISCLAIM ANY AND ALL WARRANTIES RELATED TO LOCATION-BASED SERVICES.
We may use your location to provide you with advertisements, offers, and other promotional content as part of the Site.
- How Your Information is Used
Except as provided herein, we collect and use your personal and non-personal information for internal purposes only or for gathering aggregate and anonymized data. We may use, store, and process your information in the following ways:
To enable you to access and use the Site or Services.
To conduct routine business operations such as billing, identification, authentication, contact purposes and general research. As part of our routine business operations, we may transfer your Personal Information to certain third parties with whom we contract for the limited purpose of providing services such as web hosting, email, and credit card processing. These service providers are obligated to protect your information, and they do not use your Personal Information for their commercial purposes.
To employ internal marketing techniques such as tracking customer preferences to provide a customized experience and communicating with you about our services, special offers, and other services.
To enhance the Site or Services.
To gather generic product, location, and other contributed information to make reports based on aggregate anonymized data, which we may use internally or sell to others.
To comply with the court, provincial and governmental orders.
To fulfill another legitimate interest, when not overridden by your interests or, where applicable, your fundamental rights and freedoms that require personal information protection.
When you otherwise consent for us to do so. We may ask for your consent to process your Personal Information for a specific purpose that we communicate to you, for instance, to receive our newsletter and other such mailings you may be interested in. When you consent to our processing your Personal Information for a specified purpose, you may withdraw your consent at any time, and we will stop processing your data for that purpose.
To improve our services and provide more convenient, relevant experiences to our customers, we and our agents may use “cookies,” “web beacons,” and similar devices to track your activities. A cookie is a small amount of data that is transferred to your browser by a web server and can only be read by the server that gave it to you. It functions as your identification card and enables us to record your passwords and preferences. It cannot be executed as code or deliver viruses. A web beacon is a small transparent .gif image that is embedded in an HTML page or email used to track when the page or email has been viewed. Most browsers are initially set to accept cookies, and most services that include similar devices are typically initially activated to collect data. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. We do not support browsers’ Do Not Track features. You can enable or disable Do Not Track by visiting the preferences or settings page of your browser. If you disable cookies, you may lose some of the features and functionality of using our Site, as cookies may be necessary to track and enhance your use and access.
We may, either directly or indirectly, track your behavior on our Site or Services for purposes of our own customer support, analytics, research, product development, fraud prevention, risk assessment, regulatory compliance, or investigation, as well as to enable you to use and access the Site or Services and pay for your activities on the Site or Services. We may also track your behaviour on our Site or Services, either directly or through third parties we engage to provide services to us.
- Protecting Your Information
We use various security measures, including SSL, encryption, and authentication tools, to help protect your information. We do not retain your Personal Information for longer than is necessary for our business purposes. When we no longer need your Personal Information, we dispose of it safely.
Our security measures include standard international data protection measures and those described in the EU GDPR implementing regulations. These measures may also include periodic system-wide password resets with high password strength requirements. We strongly discourage password sharing. Due to the nature of the information and related technology, we cannot be held responsible if you share your own login credentials with others. If we learn of a security breach, then we will immediately reset your account password and attempt to notify you as per GDPR guidelines to take appropriate steps.
- Data Processing
Depending on the purpose for which we process your data from time to time, as explained below, we need to
process one or other data, which will, in general, be, depending on each case, as follows:
▪ your identity data (for example, your name, surname, image, language and country from which you interact
with us, contact data, etc.);
▪ economic and transactions information (for example, your payment or card data, information on your
purchases, orders, returns, etc.);
▪ connection, geolocation and/or browsing data (for example, the location data, the device identification
number or the advertising ID, etc.);
▪ commercial information (for example, if you have subscribed to our newsletter),
▪ information about your tastes and preferences.
Remember that when we ask you to fill in your data to give you access to any functionality or service of the Platform, we will mark specific fields as compulsory since this is information that we need to be able to provide the benefit or give you access to the functionality in question. Please take into account that, if you decide not to make such data available to us, you may be unable to complete your user registration or may not be able to enjoy those services or functionalities. In specific cases, a third party may have provided us with information about you by using a feature or service on the Platform, for example by sending you a gift card or shipping an order to your address. In these cases, we only process your data where relevant to this feature or service, as stated in this Privacy and, Cookies Policy located here https://leanora.ca/cookie-policy/. In other cases, we may collect information passively, as we may use tracking tools like browser cookies and other similar technology on our Platform and in communications we send you. Depending on how you interact with our Platform, i.e., depending on the services, products or functionalities that you wish to enjoy, we will process your personal data for the following purposes:
To manage your registration as a user of the
Platform If you decide to become a registered user of our Platform, we need to process your data to identify you as a user of the Platform and grant you access to its various functionalities, products and services available to you as a registered user. You may cancel your registered user account by contacting us through Customer Service. We hereby inform you that the data we gather regarding your activity, which have been collected through the different channels of the Platform and which include your purchases, shall remain linked to your account so that all the information can be accessed together.
- For the development, performance and execution of the purchase or services contract that you executed with Us on the PlatformThis purpose includes processing your data, mainly:
▪ To contact you for updates or informative notices related to the
contracted functionalities, products or services, including quality
surveys and to be able to establish the degree of customer satisfaction with the provided service to manage payment of the products that you purchase, regardless of the payment procedure used. For example:
▪ If on purchasing any of our products through the Website, you opt to activate the functionality of saving your payment data and your shipment address for future purchases, where this functionality is available, we need to process the indicated data for activation and
development of that functionality. Consent to the activation of this functionality enables your autocompleted payment data to appear in subsequent purchases so that you do not need to introduce them in each new process and these data will be deemed valid and effective for
subsequent purchases. You may change or cancel your payment data at any time through the section on payment information, either of your Website registered user account.
▪ To activate the mechanisms necessary to prevent and detect unauthorized uses of the Platform (for example, during the purchase and returns process) as well as potential fraud being committed against you and/or against us. If we consider that the transaction may be fraudulent or we detect abnormal behaviour which indicates attempted fraudulent use of our features, products or services, this processing may result in consequences such as the
blocking of the transaction or the deletion of your user account.
▪ To manage potential exchanges or returns after you have purchased and manage requests of availability information for articles, reservations of products through the Platform, depending on the availability of such options from time to time.
▪ For invoicing purposes and to make available to you the tickets and invoices of the purchases you have made through the Platform.
▪ To ensure that you are able to use other available functionalities or services, such as the purchase, receipt, management and use of the
Gift Card or of the Gift Voucher.
- For marketing purposes.
This purpose includes the processing of your data, mainly for:
▪ Personalize the services we offer you and enable us to give you recommendations based on your interactions with us on the Platform and an analysis of your user profile (for example, based on your purchase and browsing history).
▪ If and when you subscribe to our Newsletter, we will process your personal data to manage your subscription, including sending customized information on our products or services through various means (such as e-mail or SMS). We may also make available to you this information through push notifications in case you have activated them in your device.
▪ Accordingly, please take into account that this data processing implies analysis of your user or customer profile to establish your preferences and therefore which products and services are most fit to your style when sending you information. For example, based on your purchases and browsing history (i.e., depending on the articles that you clicked), we will make you suggestions on products that we believe may interest you and, if you are a registered user, we will provide you with the “recover cart ” functionality.
▪ Remember that you may unsubscribe from the Newsletter at any time without cost through the “Newsletter” section of the Platform, in addition to through the instructions that we provide you with in each notice. If you do not want to receive push notifications, you can deactivate this option in your device. ▪ Show you ads on the Internet which you may see when visiting websites and apps, for example, on social media. The ads you see may be random, but on other occasions, they may be ads related to your preferences or purchase and browsing history.
▪ If you use social media, we may provide the companies with which we collaborate certain information so that they, as joint controllers, 6 PURPOSE + info can show you our brand ads and, in general, offer you and users like you advertisements which take into account your profile on said social media sites. If you want information about the use of your data and how advertising works on social media, we recommend you review the privacy policies of the social media sites on which you have profiles.
▪ We also use your data to conduct measurements and segment analyses on the ads we show users on some of our collaborators’ platforms. To do this we collaborate with these third parties who offer us the necessary technology (for example, cookies, pixels, SDK) to use these services. Keep in mind that we may need to provide them with the certain information or some form of identifier each time (for example, the advertising ID associated with the device, an identifier associated with a cookie, etc.) If you would like more information in this respect, please review our Cookies Policy. Likewise, you can reset your advertising ID or disable personalized ads on your device, adjusting your preferences in the settings section of your device.
▪ Data enrichment: When we gather your personal data from a variety of sources, we may consolidate them under certain circumstances for the purpose of improving our understanding of your needs and preferences related to our products and services (including for the purposes of analyses, generating user profiles, marketing studies, quality surveys and improving our interactions with our customers). This refers, for example, to the way we may combine your information if you have a registered account and, using the same email linked to your account, you make a purchase as a guest, or to information which is automatically compiled (such as IP and MAC addresses or metadata) which we may link with the information you have provided us directly through your activity on the Platform or in our retailers (for example, information related to your purchases, whether in brickand-mortar stores or online, your preferences, etc.).
▪ To perform promotional actions (for example, for the organization of competitions or to send the list of items stored to the e-mail you designate). On participating in any promotional action, you authorise us to process the personal data that you have shared with us depending on the promotional action and disclose them through different media such as social networks or the Platform itself. In each promotional action in which you participate you will have available the terms and conditions where we will be providing more detailed information about the processing of your personal data.
▪ To disseminate in the Platform or through our channels in the social networks photographs or pictures that you shared publicly, provided that you expressly give us your consent for the purpose.
Implement appropriate technical and organizational measures to safeguard the Third-Party Data against any unauthorized or unlawful access, loss, destruction, theft, use or disclosure. We implement basic level security in accordance with Canadian law. If higher levels of security are required, please contact us.
Limit access to the Third-Party Data only to those employees who need to know it to enable the Data Processor to perform our services and shall take appropriate steps to ensure the reliability of those of our employees or subcontractors who have access to such Third-Party Data.
Not disclose the Third-Party Data to any third-party without your prior written consent. Such consent is granted on, for example, your instruction to share a dashboard with third parties (public or within a restricted group).
You represent and warrant that you have all the appropriate consents from data subjects whose personal data are submitted to us in the course of the provision of the Site or Services.
We will not share your Personal Information with third parties without your express consent, except in the limited circumstances described below:
We may share your Personal Information with third-party service providers for the limited purposes described in the section entitled “How Your Information is Used”.
We will share your Personal Information when required by law, regulation, or litigation and as necessary for purposes of national security, law enforcement, or other issues of public importance.
We may also engage third parties, including but not limited to technology services and services to help verify your identification, to conduct checks against databases such as, but not limited to, public government databases (where legally allowed), to otherwise assist us with fraud prevention and risk assessment, to assist us with customer service, to serve targeted ads, and to facilitate the payments or refunds. We may provide Personal Information about you to these third parties, or give them access to this Personal Information, for the limited purpose of allowing them to provide these services. We will ensure that such third parties have contractual obligations to protect this Personal Information and not to use it for unrelated purposes.
If we sell assets or are acquired by or merged with another entity, we may provide such entity customer information without obtaining your further consent. We may provide you with notice of such asset sales, acquisitions, or mergers.
11.Analysis of usability and quality to improve our services
If you access our Platform, we inform you that we will treat your browsing data for analytic and statistic purposes, i.e., to understand the manner in which users interact with our Platform and with the actions we implement on other websites and apps, so we can improve our services. In addition, we occasionally perform quality surveys and actions to know the degree of satisfaction of our customers and users and detect those areas in which we may improve.
- International Transfers
If you are visiting this Site or engaged in Services from a country other than Canada, the various communications you send and receive may result in the transfer of information across international boundaries. If you are located in the European Union, you should be aware that information you provide or which is otherwise collected on this Site or Services rendered may be transferred to countries (including Canada) which may not have data protection laws deemed as adequate as those in the EU.
Notwithstanding the foregoing, the Site or Services are intended for users in Canada and those not governed by privacy policies of other countries. Users outside Canada are advised not to disclose Personal Information to us.
- Your Privacy Rights
We will ensure that you can exercise your rights pertaining to your Personal Information, including rights as provided by various data protection laws. We, therefore, inform you that, where applicable under relevant law, you are entitled: to have access to your Personal Information upon simple request – that is, you may receive a copy of such data (if requested), unless such data is made directly available to you, for instance within your personal account; to have access upon simple request, and free of charge, the categories and names of addresses of third parties that have received Personal Information for direct marketing purposes; to obtain rectification of your Personal Information should it be inaccurate, incomplete or obsolete; to obtain the deletion of your Personal Information in the situations set forth by applicable data protection law (the “right to be forgotten”); to withdraw your consent to the data processing without affecting the lawfulness of processing, where your Personal Information has been collected and processed based on your consent. If at any time you wish to withdraw your consent to our processing of your data or opt-out of our use of your information for internal marketing purposes or for compiling aggregate risk reports, you may do so by sending a written notice to: email@example.com. Note that your withdrawal of consent may prevent us from providing the Site or Services to you; to object to the processing of your Personal Information (where it has been collected and processed based on our legitimate interests) in which case we may ask you to justify your request by explaining to us your situation; to request a limitation of the data processing in the situations set forth by applicable law; to have your Personal Information directly transferred by us to a third-party processor of your choice (where technically feasible and when processing is based on your consent); and for non-discrimination, as defined under relevant law, in the Site or Services or quality of Site or Services you receive from us for exercising your rights.
Under certain laws, you may also have the right to “opt-out” of having your Personal Information sold to a third party. We do not, however, sell your Personal Information to any other party. Only in the case of a merger, sale, financing, acquisition, or other transaction involving all or part of us may your information be involved in a transaction.
For deletion/“right to be forgotten” requests, we will undertake a good faith effort to accommodate requests for access to or deletion of personal information. These requests may, however, be subject to the evaluation of additional factors, including disproportionate burden or expense, or the risk to the rights, including the privacy rights, of others.
We will strive and work to resolve any inquiry you may have regarding our privacy practices. EU residents may also file a complaint before a competent data protection authority regarding the processing of their Personal Data. While we suggest that you contact us beforehand, if you wish to exercise this right, you should contact the competent data protection authority directly.
If you have any questions, would like to exercise any of these rights, or if you need any assistance with privacy-related matters, please contact us as described in the “How to Contact Us” section below. We will take the necessary steps to respond to you as soon as possible.
- Your Choices
If at any time you are uncomfortable with our use of your Personal Information for internal marketing purposes and for the purpose of creating aggregate reports, you may opt-out by email as described in “Your Privacy Rights.” Note that if you opt not to provide us with certain mandatory information, then our products and services may be unavailable to you.
You may similarly opt-out of receiving communications from us, although we may find it necessary to continue to communicate with you regarding your use of the Site or Services.
15. Governing law
16. How to Contact Us
If you have any questions regarding this Policy or our privacy practices, you can contact us at: by email at firstname.lastname@example.org or by mail at PMB 355 #35 Stonechurch Rd W, Ancaster ON, L9K 1S4, Canada.