DōMatcha® Privacy Policy

This website http://www.domatcha.com/ (the “Site”) is owned and provided by Andrews & George Company Limited, a company incorporated in the province of British Columbia, Canada (the “Company”, “we”, “us” or “our”). We are the controller and are responsible for your Personal Information.

This Privacy Policy describes how your Personal Information is collected, used, and shared when you visit or make a purchase from the Site.

We have appointed a privacy officer who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact our privacy officer using the details set out under the “Contact Us” section at the end of this Privacy Policy.

MINORS

This Site is not directed to, and we do not knowingly collect Personal Information from, persons under the age of majority. If you are under the age of majority in your home country, please do not use or access this Site. If we are made aware that we have collected any Personal Information from a minor without parental consent, and are asked to erase such information from our database, we will do so without undue delay.

PERSONAL INFORMATION WE COLLECT

Personal Information means any information about an individual from which the person can be identified. It does not include information where the identity has been removed (anonymous data) or information concerning corporate or commercial entities. The term “Personal Information” in this Privacy Policy includes Device Information, Usage Information and Order Information.

When you visit the Site, we automatically collect certain information about your device, including information about your web browser type, IP address, device type, operating system, time zone, and some of the cookies that are installed on your device (collectively, “Device Information”). Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site (collectively, “Usage Information”).

We collect Device Information and Usage Information using cookies, log files, web beacons, tags and pixels. Please refer to the section entitled “Cookies Usage” for more information on the technologies that we use to collect Device Information and Usage Information. Additionally when you sign up for an account, subscribe to our newsletters, make a purchase or attempt to make a purchase through the Site, we collect certain information directly from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number (collective, “Order Information”).

HOW DO WE USE YOUR PERSONAL INFORMATION?

We have set out below, in a table format, a description of the ways we plan to use your Personal Information, and which of the legal basis we rely on to do so. We have also identified what our legitimate interests are where appropriate.

We may process your Personal Information for more than one lawful ground depending on the specific purpose for which we are using your Personal Information.

 Purpose  Type of Data Lawful Basis
To register you as a new client Order Information (name, address, phone number, email address)  Performance of a contract with you
Fulfill your order placed through the Site (including process your payment information, arranging for shipping, and providing you with invoices and/or order confirmations) Order Information (name, address, phone number, email address, payment information) Performance of a contract with you Necessary for our legitimate interest (e.g. to recover payments due to us)
To communicate with you (including notifying you about changes to our terms or privacy policy, asking you to provide feedback, and asking you to complete surveys)

Order Information (name, address, email address, phone number)

Usage Information

Performance of a contract with you

Necessary to comply with a legal obligation

Necessary for our legitimate interest (to understand how customers use our products/services)

 To provide you with information or advertising relating to our products/services in line with the preferences you have shared with us

Order Information (name, address, email address, phone number)

Usage Information

Performance of a contract with you

Necessary for our legitimate interest (to understand how customers use our products/services, to maintain our relationship with you and grow our business)

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you Order Information (name, address, email address, phone number) Usage Information Performance of a contract with you Necessary for our legitimate interest (to understand how customers use our products/services, to grow our business and to inform our marketing strategy)
To screen for potential risk and fraud, to administer and protect our business and the Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) Device Information Necessary to comply with a legal obligation Necessary for our legitimate interest (for running our business, provision of administration and IT services, network security, to prevent fraud)
To improve and optimize our Site including using data analytics to improve the Site, products/services, marketing and customer relationships and experiences.

Device Information

Usage Information

Necessary for our legitimate interests (to keep the Site updated and relevant, to develop our business and to inform our marketing strategy)

 

The purposes provided above are a reasonably necessary part of your relationship with us.

When your Personal Information is to be used for a purpose not previously identified, the new purpose will be disclosed to you prior to such use, and your consent will be sought unless the use is authorized or required by applicable laws and regulations.

We may use collected Personal Information for further purposes without consent if the information was collected on the basis of a contractual obligation between you and the Company, a legitimate interest of the Company, or for protecting your vital interests and where these further purposes are compatible with an originally stated purpose.

COOKIES USAGE

We use the following cookies and tracking technologies:

• necessary cookies to allow the Site to function; and

• non-necessary tracking technologies such as Google Analytics to allow us to track visitor numbers and related information;

“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies allow us to collect information such as browser type, time spent on the Site, pages visited, and other web traffic data. We use the information for security purposes, to facilitate online navigation, to display information more effective, to personalize your experience while using the Site, to understand how you use the Site, and to otherwise analyze user activity.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the Site. For more information about Cookies and how to disable them, please visit http://www.allaboutcookies.org.

You can learn about Google’s practices in connection with information collected by Google Analytics and how to opt-out of it by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

In additional to cookies, we also use:

• “Log files” to track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

• “Web beacons,” “tags,” and “pixels” and similar electronic files to record information about how you browse the Site, measure the success of marketing activities, and compile statistics about usage of the Site and response rates.

SHARING YOUR PERSONAL INFORMATION

We may share your Personal Information with the following third parties for the purposes listed in this Privacy Policy:

  • Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy;
  • PayPal to process payment - you can read more about how PayPal uses your Personal Information here: https://www.paypal.com/ee/webapps/mpp/ua/legalhub-full;
  • Mailchimp to deliver our promotional and marketing emails. If you accept to receive marketing, you will go onto our subscriber list for Mailchimp. You can read more about how Mailchimp uses your Personal Information here: https://mailchimp.com/legal/privacy/
  • Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout;
  • our banking company(s);
  • our logistic company(s);
  • our agent(s), supplier(s) and contractor(s); public bodies to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights; and
  • third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, the new owners may use your Personal Information in the same way as set out in this Privacy Policy.

CONSENT

We will seek consent to collect, use or share your Personal Information except where we are authorized or required by applicable laws and regulations to process your Personal Information without consent.

Where we do rely on consent, you may withdraw your consent at any time, subject to legal or contractual restrictions, provided reasonable written notice of withdrawal of consent is given by you to us. Upon receipt of your written notice, we will inform you of the likely consequences of the withdrawal, which may include the inability of us to provide certain products or services for which the delivery of that information is a prerequisite.

AUTOMATED DECISION MAKING

Automated decision making takes place when our electronic systems process your Personal Information to make a decision about you without human intervention.

You will not be subject to decisions that will have a legal or significant impact on you based solely on automated processing, unless we have a lawful basis for doing so and we have notified you.

BEHAVIOURAL ADVERTISING

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

FACEBOOK - https://www.facebook.com/settings/?tab=ads

GOOGLE - https://www.google.com/settings/ads/anonymous

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

DO NOT TRACK

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.

INTERNATIONAL TRANSFERS

If you access the Site from outside of Canada, please note that your Personal Information that we collect will be transferred to servers in Canada and the United States of America or to the server of a designated data processer under our control. Such transfer is necessary for the purposes set out in this Privacy Policy. By allowing us to collect your Personal Information, you consent to such transfer and the processing thereof. While your Personal Information is located outside your home jurisdiction, it may be subject to the laws of the jurisdiction in which it is retained.

YOUR RIGHTS

You have the following rights regarding your Personal Information that we hold:

(1) Right to Access

You have a right to access your Personal Information held by us. Upon written request and authentication of identity, we will provide you with your Personal Information under our control, information about the ways in which that information is being processed, sources that the information was collected from, a description of the individuals and organization to whom such information has been disclosed, and the existence of any automated decision-making and the logic involved.

We will provide you free of charge with a copy of your Personal Information, but we may charge you a fee to cover our administrative costs if you request further copies of the same information.

We will make the requested Personal Information available within 30 days or provide written notice where additional time is required to fulfill the request.

In some situations, we may not be able to provide access to certain Personal Information. We may also be prevented by law from providing access to certain Personal Information.

Where an access request is refused in whole or in part, we will notify you in writing within 30 days of request, giving the reason for refusal and outlining further steps which are available to you.

(2) Right of Correction

We will comply with your request to correct incomplete or inaccurate parts of your Personal Information, although we may need to verify the accuracy of the new information you provide us.

(3) Right to be Forgotten

If you reside in the European Economic Area, upon your request to erase your Personal Information under our control, we will do so promptly if the Personal Information is no longer necessary in relation to the purposes for which it is collected, you withdraw the consent which formed the basis of your Personal Information processing, you object to the processing of your Personal Information, the Personal Information was processed illegally, or if the Personal Information must be deleted for us to comply with our legal obligations.

When a request has been made and the Personal Information has been shared with third parties, we will take reasonable steps to inform third parties that are process the information that you have requested it to be erased.

We may decline your request for deleting if the processing of your Personal Information is necessary to comply with our legal obligations, in pursuit of a legal action, or for the performance of a task in the public interest.

(4) Right to Stop Directing Marketing

At your request, we will stop using your Personal Information for the purpose of direct marketing. If you want to stop us from calling, emailing you in connection with marketing communications, please contact us using the information provided under the Contact Us section.

Please note that even if we stop all marketing communications, you may still receive administrative communications from us.

(5) Right to Restrict Processing

At your request, we will limit the process of your Personal Information if:

  •  the accuracy of the information is contested;
  •  the information was processed unlawfully but you oppose the erasure of your Personal Information;
  • we no longer need your Personal Information but you require retention of the Personal Information in connection with a legal claim; or
  •  you object to the processing of your Personal Information pending verification of whether overriding legitimate ground for such processing exist.

We will make reasonable effort to inform third parties with whom your Personal Information has been shared of your request to restrict processing.

(6) Right to Data Portability

At your request, we will provide you free of charge with your Personal Information in a structured, commonly used and machine readable format, if you provided us with the Personal Information, the processing of your Personal Information is based on your consent or required for the performance of a contract, or if the process is carried out by automated means.

DATA RETENTION

Your Personal Information will only be used or disclosed for the purposes set out in this Privacy Policy and as authorized by applicable laws and regulations.

We will keep Personal Information for no longer than is necessary for the purposes for which the Personal Information was required. In accordance with law applicable to us, this is normally at least one year after using the Personal Information to make a decision affecting an individual.

We will destroy, erase or make anonymous documents or other records containing Personal Information as soon as it is reasonable to assume that the original purpose is no longer being served by retention of the information and retention is no longer necessary for legal or business purposes.

We will take due care when destroying Personal Information so as to prevent unauthorized access to such information.

SECURITY

We protect the Personal Information in our custody or control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.

You should be aware that confidentiality and security are not assured when information is transmitted through e-mail or wireless communication. We will not be responsible for any loss or damage suffered as a result of a breach of security or confidentiality when information is transmitted by e-mail or wireless communication.

We will take all reasonable steps to ensure that your Personal Information is handled securely and in accordance with this Privacy Policy. No transfer of your Personal Information will occur to an organization or a country unless there are adequate safeguards in place to ensure the security of your Personal Information.

SHOPIFY

Our online store is hosted on Shopify Inc. Your Personal Information is stored through Shopify’s data storage, database and the general Shopify application.

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

CHANGES

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. Please check back frequently to see any updates or changes to our Privacy Policy. If we make a material change in the way we use your personal information, we will provide prominent notice of the change on the Site and we may notify you using the contact information we have about your (including email address).

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@domatcha.com or by mail using the details provided below:

John Harrison
125 West 3rd Ave
Vancouver, BC V5Y 1E6
Canada

If you reside in the European Economic Area, you are entitled to make a compliant to the Data Protection Authority in the Member State in which you habitually reside. However, we would appreciate the chance to deal with your concerns before you approach the Authority so please contact us in the first instance.