Privacy Policy for oncanadameds.com

1. Introduction

At oncanadameds.com (“we,” “our,” or “us”), we are committed to protecting the privacy and personal data of our users. We recognize the responsibility that comes with handling your information, and we implement privacy-first practices to ensure the confidentiality, integrity, and availability of your data. This Privacy Policy outlines how we collect, use, store, share, and safeguard information across our website, and how we comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and any other relevant legislation.

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to all visitors, users, and others who access or use oncanadameds.com. We operate as the data controller for personal data that we process via our website, meaning we determine the purposes and means of processing your personal information.

If you have questions about how your data is handled, you may contact us directly at [email protected].

3. Categories of Data Processed

We may collect and process the following categories of personal data:

a) Usage Data:
Includes information such as IP address, browser type, operating system, website interactions, pages visited, and time spent on the site. This is collected automatically as users interact with our site.

b) Account Data:
Includes full name, physical address, email address, phone number, and account credentials that you provide when you sign up or place an order on oncanadameds.com.

c) Profile Data:
Includes user-generated data such as purchase history, saved preferences, browsing behavior, search activities, and product interest patterns.

d) Communication Data:
Includes correspondence records, customer support interactions, messages submitted via our contact forms, and responses to surveys or inquiries.

e) Technical Data:
Includes information about the device you use, browser settings, network type, language settings, system configurations, and diagnostic logs.

f) Transaction Data:
Includes payment method details (processed via secure, PCI-compliant payment processors), order history, shipping information, delivery status, and invoice records.

g) Preference Data:
Includes your opt-in or opt-out settings for newsletters, marketing communications, and product update alerts, as well as any indicated product interests or consents.

4. Legal Bases for Processing

We process personal data only when it is lawful to do so. The legal grounds upon which we rely include:

– Consent: When you give clear, informed permission for us to process your data for specific purposes, such as marketing communications.
– Contractual Necessity: To fulfill a contract with you or in preparation for entering into a contract (e.g., processing transactions or delivering products).
– Legitimate Interests: To improve our services, enhance user experience, prevent fraud, and maintain network security, provided such interests are not overridden by your rights and freedoms.
– Legal Obligation: When processing is necessary to comply with legal or regulatory requirements.

5. Your Rights

If you are subject to GDPR, CCPA, or other data protection regimes, you may have the following rights with respect to your personal data:

– Right of Access: Obtain a copy of your personal data we hold.
– Right of Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): Request deletion of your data under certain conditions.
– Right to Restriction of Processing: Request limited processing of your data when, for example, accuracy is contested.
– Right to Data Portability: Receive your data in a machine-readable format and transmit it to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right Not to Be Subject to Automated Decision-Making: Where applicable, object to significant decisions made without human involvement.

To exercise any of these rights, please contact us at [email protected]. Verification of identity may be required to protect your data.

6. Security Measures

Protecting your information is a top priority. We implement and maintain appropriate technical and organizational measures, including but not limited to:

– AES256 encryption for sensitive data;
– HTTPS-secured communication channels with SSL certificates;
– Access controls ensuring only authorized personnel have access;
– Regular security and vulnerability testing;
– Employee training on data protection and compliance;
– Secure backup and disaster recovery planning to ensure business continuity.

7. International Data Transfers

Data collected through oncanadameds.com may be processed or stored in servers located in jurisdictions outside of your country of residence. Where personal data is transferred from the European Economic Area (EEA) or other jurisdictions with data transfer restrictions, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses (SCCs), adequacy decisions where applicable, and supplemental security measures as needed.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, tax, accounting, or reporting obligations. Specific durations include:

– Account Data and Communication Data: retained for as long as the account is active and up to 6 years thereafter.
– Transaction Data: retained for tax, auditing, and regulatory compliance, typically up to 7 years.
– Usage and Technical Data: anonymized and/or retained for up to 3 years for analytics and system integrity.
– Preference Data: retained until you withdraw consent, or for up to 24 months.

9. Cookie Policy

oncanadameds.com uses cookies and similar tracking technologies to provide an optimized, secure, and personalized user experience. Cookies used on this site may include:

– Essential Cookies: Necessary for website function, including navigation, security, and shopping cart functionality.
– Functional Cookies: Remember user preferences such as language, region, and previous sessions.
– Analytics Cookies: Collect aggregated data on site usage to help us improve site design and content.
– Performance Cookies: Monitor and enhance site performance for faster load times and user responsiveness.

10. Cookie Management and Compliance

You may manage or disable cookies at any time via your browser settings or through the cookie consent banner available on our website. We honor “Do Not Track” signals and provide opt-out mechanisms for relevant cookies under both GDPR and CCPA. Where required, your explicit consent will be obtained for non-essential cookies.

11. Children’s Privacy

oncanadameds.com does not knowingly collect or process personal data from individuals under the age of 13. If you believe that a minor has provided us with personal data without parental or guardian consent, please contact us immediately at [email protected], and we will take prompt steps to delete such information.

12. Policy Updates and User Notification

We reserve the right to amend or update this Privacy Policy at any time in response to legal, technical, or business developments. Any material changes will be communicated prominently on the website, and where required, we will obtain your consent to any changes that significantly impact the nature of data processing or your rights.

We encourage you to review this policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or our data practices, please contact us at:

Email: [email protected]

We are committed to ensuring compliance with all applicable privacy regulations including GDPR, CCPA, and others. If you believe your privacy rights under applicable law have been violated, you also have the right to lodge a complaint with your relevant supervisory authority.

At oncanadameds.com, your privacy is our priority. Don’t hesitate to reach out with questions or concerns regarding how your information is handled.