What personal information do we collect from the people that visit our blog, website, payment and registration pages and client scheduling and support?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, phone number, credit card information or other details to facilitate the request, purchase and support your experience.
When do we collect information?
We collect information from you when you place an order, subscribe to a newsletter, request content or enter other pertinent information on our site.
How do we use your information?
We use the information we collect from you when you register, make a purchase, sign up for our newsletter, request complimentary content, respond to a survey or marketing communication, or use certain other site features in the following ways:
- To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To quickly process your transactions.
- To send periodic emails regarding your order or other products and services.
How do we protect visitor information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We want to keep your experience ‘light’ and easy.
Your personal information is contained behind secured networks and is only accessible by myself and trusted individuals who have signed a non-disclosure agreement, which extends to you and your data, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information. All transactions and credit information data are processed through trusted gateway providers and are not stored or processed on our servers.
Do we use ‘cookies’?
- Help remember and process the items in the process of transacting.
- Understand and save user’s preferences for future visits.
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
If you disable cookies off, some features will be disabled It won’t affect the user’s experience that make your site experience more efficient and some of our services will not function properly. However, you can still place orders. We aim to use the least amount of intrusive technology possible
We will not sell, trade, or otherwise transfer to outside parties your personally identifiable information. Ever. In the event of a security concern resulting from a third party provider, we will advise as soon as we are made aware of the extent of the issue.
We do not include, sell or offer third-party products or services on our website. At times we partner with collaborators in gift giveaways, guest podcasts and online summits; participants are able to request information from each partner specifically but the ‘interaction’ will be through those partner’s platforms, Tricia Murray & Light on Marketing, acts as a conduit.
We use Google Analytics to create a better user experience. Analytics tracks visitor behaviour only and collects no personally identifiable data.
We have implemented the following:
We use trusted third-party vendors, to collect pertinent data that allows us to provide the experiences, products and services you request, more seamlessly. We use very little email communication, and those you do receive include an ‘opt-out’ link at the bottom. If for any reason you don’t see your opt-out request fulfilled in a timely fashion, please email us directly.
The Personal Information Protection and Electronic Documents Act
PIPEDA sets out the ground rules for how private-sector organizations collect, use or disclose personal information in the course of commercial activities across Canada. It also applies to personal information of employees of federally-regulated works, undertakings, or businesses (organizations that are federally-regulated, such as banks, airlines, and telecommunications companies).
It should be noted that PIPEDA does not apply to organizations that are not engaged in commercial activity. As such, it does not generally apply to not-for-profit and charity groups, associations or political parties, for example—unless the organization is conducting a commercial activity (fundraising is not considered a commercial activity).
In addition, PIPEDA will not apply to an organization that operates wholly within a province that has legislation that has been deemed substantially similar to the PIPEDA, unless the personal information crosses provincial or national borders. Alberta, British Columbia and Quebec have general private-sector legislation that has been deemed substantially similar. (see following section titled “Provincial privacy laws” for more information)
Therefore, PIPEDA generally applies to:
Private-sector organizations carrying on business in Canada in the provinces or territories of Manitoba, New Brunswick, Newfoundland and Labrador, Northwest Territories, Nova Scotia, Nunavut, Ontario, Prince Edward Island, Saskatchewan, or Yukon but not their handling of employee information.
Private-sector organizations carrying on business in Canada when the personal information they collect, use or disclose crosses provincial or national borders but not their handling of employee information.
Federally-regulated organizations carrying on commercial activity in Canada, such as a bank, airline, telephone or broadcasting company, etc., including their handling of health information and employee information.
The Office of the Privacy Commissioner of Canada oversees compliance with PIPEDA.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in Canada and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via email within 3 days of becoming aware of said breach.
We also agree to the Individual Redress Principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CASL Compliance Act
The CASL Compliance Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information you’ve requested, respond to inquiries you’ve made, and/or other address requests or questions.
- Process orders and to send information and updates pertaining to orders.
- We may also send you additional information related to your product and/or service and support certain levels of service.
- Communicate with you directly before, during or after the original transaction has occurred.
To be in accordance with CASL Compliance we agree to the following:
- NOT use false or misleading subjects or email addresses. (that’s also the core definition of Coherence – to be clear and understandable).
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Engage software platforms that process opt-out/unsubscribe requests immediately.
- Allow users to unsubscribe by using the link at the bottom of each email.
If you would like to unsubscribe and traditional means aren’t working…
Following the instructions at the bottom of each email and if necessary, you can email us directly along with the email address you would like removed.
Tricia Murray | Light on Marketing
All Rights Reserved © 2021