Privacy Policy for Scrunchie Girls Inc.

Effective Date: March 22, 2025

Scrunchie Girls Inc. (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy complies with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada Anti-Spam Legislation (CASL), applicable Ontario laws, and international data protection standards, including the General Data Protection Regulation (GDPR). It outlines how we collect, use, disclose, and protect your information and your rights regarding your data.

By using our website, www.scrunchiegirls.com, you consent to the practices described in this policy.

       1.Who We Are

       2.Governing Laws This Privacy Policy adheres to the following Canadian and international privacy laws:

2.1. Personal Information Protection and Electronic Documents Act (PIPEDA):

  • Governs how private-sector organizations collect, use, and disclose personal information in the course of commercial activities.

2.2. Canada Anti-Spam Legislation (CASL):

  • Regulates the sending of commercial electronic messages, requiring express consent for promotional communications.

2.3. Ontario Consumer Protection Act (CPA):

  • Establishes rules for fair business practices and protects consumer rights.

2.4. Ontario Freedom of Information and Protection of Privacy Act (FIPPA):

  • Governs the handling of personal information in public organizations.

2.5. Ontario Electronic Commerce Act (ECA):

  • Governs electronic transactions and agreements.

2.6. General Data Protection Regulation (GDPR) (if applicable):

  • Applies to users accessing our services from the European Union and ensures robust data protection.

       3.What Personal Information We Collect We collect the following categories of information:

3.1. Identifying Information:

  • Full name
  • Contact details (email address, mailing address, phone number)

3.2. Transaction Information:

  • Order details (products purchased, amounts paid, and order history)
  • Payment information (processed securely through third-party providers and not stored by us)

3.3. Technical Information:

  • IP address, device type, browser type, and operating system
  • Browsing behavior on our website, collected via cookies and analytics tools

3.4. Communication Information:

  • Messages, emails, or correspondence with customer support

3.5. User-Generated Content:

  • Any content voluntarily submitted by users, such as reviews or testimonials

3.6. Employee and Contractor Data:

  • Personal data collected from employees and contractors in the course of employment or contractual agreements, managed in compliance with applicable labor and privacy laws.

3.7. Data Accuracy Commitment:

  • We strive to keep your personal information accurate, complete, and up to date. You may update your information by contacting us directly.

       4.Cookies and Tracking Technologies

Our website uses cookies and other tracking technologies to enhance your browsing experience and provide personalized services. We use the following types of cookies:

4.1. Essential Cookies: Necessary for the proper functioning of the website.

4.2. Performance Cookies: Track how visitors use the website to improve performance.

4.3. Functional Cookies: Enable personalization and enhance user experience.

4.4. Advertising Cookies: Track user behavior to deliver targeted ads.

Managing Cookies: You may adjust your browser settings to disable cookies or receive notifications when cookies are used. Please note that disabling cookies may affect website functionality.

       5.Data Retention and Deletion We retain personal data only as long as necessary for:

5.1. Legal and regulatory compliance (e.g., tax records for 7 years).

5.2. Fulfilling business needs (e.g., maintaining transaction history).

5.3. Customer Support and Warranty: To provide ongoing support and honor any warranty or service obligations.

Data Deletion: Upon the expiration of the retention period, personal information will be securely deleted or anonymized to ensure your privacy. Requests for data deletion will be processed promptly, subject to legal retention requirements.

       6.Security Measures We employ industry-standard security measures to protect your data, including:

6.1. Encryption: Using SSL/TLS protocols to encrypt data transmission.

6.2. Access Controls: Limiting access to personal information to authorized personnel only.

6.3. Secure Payment Processing: Using PCI-DSS compliant payment gateways to secure transactions.

6.4. Monitoring and Auditing: Regularly auditing security practices and conducting vulnerability assessments.

6.5. Data Integrity: Ensuring that personal information remains accurate, complete, and reliable throughout its lifecycle.

7.Automated Decision-Making and Profiling We do not use automated decision-making or profiling that could significantly affect your rights.

       8.Third-Party Service Providers We may share your information with the following categories of third parties:

8.1. Payment Processors: To securely process transactions.

8.2. Shipping Companies: To fulfill and deliver orders.

8.3. Marketing Partners: To facilitate promotional activities (with your consent).

8.4. Analytics Providers: To monitor website performance and user interactions.

8.5. Legal and Regulatory Authorities: As required to comply with applicable laws.

All third parties are required to adhere to strict data protection agreements to ensure your information remains secure.

       9.International Data Transfers Your data may be transferred to and stored in countries outside of your jurisdiction. We take steps to ensure adequate data protection measures are in place, including:

9.1. Implementing Standard Contractual Clauses (SCCs).

9.2. Conducting Data Protection Impact Assessments (DPIAs).

9.3. Ensuring third-party compliance with GDPR and PIPEDA standards.

10.Legal Recourse and Dispute Resolution

If a dispute arises concerning data protection or privacy, we encourage users to contact us directly at info@scrunchiegirls.com. We will make every effort to resolve the issue amicably. Should a resolution not be possible, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) or the appropriate regulatory authority.

       11.Data Breach Response In the event of a data breach, we will:

11.1. Notify affected users as soon as reasonably possible.

11.2. Report the breach to the relevant data protection authority, as required by law.

11.3. Conduct an internal investigation and implement remedial measures to prevent future breaches.

11.4. Maintain records of data breaches and follow-up actions taken.

12.Updates to This Privacy Policy We reserve the right to update this policy to reflect changes in legal requirements or business practices. Updates will be posted on our website with the revised “Effective Date.”

13.Contact Information For questions or concerns about this Privacy Policy or your personal information, please contact us:

  • Email: info@scrunchiegirls.com
  • Address: Ontario, Canada

This comprehensive Privacy Policy ensures compliance with Canadian and international data protection laws while safeguarding your rights and interests.

Thank you for trusting Scrunchie Girls Inc. with your personal information.