Privacy Statement (CA)

This privacy statement was last changed on 24 February 2023, last checked on 30 August 2023, and applies to citizens and legal permanent residents of Canada.

In this privacy statement, we explain what we do with the data we obtain about you via https://csretreats.ca. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
we first request your explicit consent to process your personal data in cases requiring your consent;
we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

2. Sharing with other parties

We only share or disclose this data to other recipients for the following purposes:

Purpose of the data transfer: Courses
Country or state in which this service provider is located: United States
Purpose of the data transfer: ECommerce
Country or state in which this service provider is located: United States
Purpose of the data transfer: Payment Service
Country or state in which this service provider is located: United States
Purpose of the data transfer: Cache
Country or state in which this service provider is located: United States
Purpose of the data transfer: Anti-spam Service
Country or state in which this service provider is located: United States

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

4. How we respond to Do Not Track signals & Global Privacy Control

Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.

5. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Cookie Policy (CA) webpage.

The inclusion of full IP addresses is blocked by us.

6. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

Login Security
DKIM, SPF, DMARC and other specific DNS settings
(START)TLS / SSL / DANE Encryption
Website Hardening/Security Features
Security measures of hardware that contain, or process personal data.
ISO27001/27002 Certification
HTTP Strict Transport Security and related Security Headers and Browser Policies

7. Third party websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

8. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

9. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below.

9.1 You have the following rights with respect to your personal data

You may submit a request for access to the data we process about you.
You may request an overview, in a commonly used format, of the data we process about you.
You may request correction or deletion of the data if it is incorrect or not or no longer relevant. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You will be informed of the implications of such withdrawal.
You have the right to address a challenge concerning non-compliance with PIPEDA to our organization and, if the issue is not resolved, to the Office of the Privacy Commissioner of Canada.
We shall give access to personal information in an alternative format to an individual with a sensory disability who has a right of access to personal information under PIPEDA and who requests that it be transmitted in the alternative format if (a) a version of the information already exists in that format; or (b) its conversion into that format is reasonable and necessary in order for the individual to be able to exercise rights.

10. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

11. Contact details

CS Retreats
1331 Eaglet Cres, Prince George, BC, Canada
Canada
Website: https://csretreats.ca
Email: cmilner@csretreats.ca

We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded:
Chris Milner, Data Protection Officer
1331 Eaglet Cres, Prince George, BC, Canada

Annex

Privacy Statement (annex)

CS Retreats is committed to respecting your privacy and will ensure the personal information you provide will be protected and processed following all applicable data protection laws. The detailed information in this privacy policy provides you with important information about how CS Retreats collects and uses your personal information, how we ensure the privacy and protection of this information, and your data protection rights. Please read this policy to ensure that you fully appreciate the purpose of CS Retreats processing of your personal information. Personal information we may collect Some of the services offered on our website require you to provide CS Retreats with personal information. This information may include your name, postal address, email address, telephone and mobile number, and payment information. We may collect other information about you on our website, including details about your computer, IP address, browser type, and browsing activities. If you register an account for access to a CS Retreats secure area, we will capture your username and other security information. We may collect your information to allow us to understand your marketing preferences or capture the information you provide in any communication when you participate in any blog or course on the CS Retreats site. If you contact us by email, letter, or phone, through the CS Retreats website or any other means, we may also collect any personal information that you may provide to CS Retreats from time to time. Why we use your personal information We use your personal information to provide our computer science coaching products and services to you and to manage our relationship with you, which may include notifying you about changes to the CS Retreats service. Additionally, we use your information on sign up for an online account to manage the registration process and your account usage. Your information may be processed if we ask you to leave a review, take a survey or communicate with you and manage your involvement in CS Retreats promotions, offers, and market research. Your information may be required to respond to inquiries from you, third parties, and law enforcement agencies. We may use your information to evaluate the usefulness of the advertising CS Retreats provides you. Furthermore, your information may be used to conform to appropriate legal requirements, relevant industry standards, contractual obligations and allow CS Retreats to establish, exercise, or defend our legal rights and legal claims. Please note that the personal information collected and processed by CS Retreats will be limited to the purposes specified in the privacy policy. How we collect your personal information We collect your personal information in various ways, including communicating with us through our website or completing forms, when you interact with the CS Retreats website or complete a CS Retreats survey, register an online account through our website, or contact us via email, phone, post, or mail, by signing up for a CS Retreats newsletter or publication, when you provide feedback on our products and services or contact us through our social media channels, or direct marketing communications. We may also receive your information through a third party or obtain information from publicly available information. Our basis for processing your information CS Retreats will only ever process your personal information if we have a legal basis to do so. The legal bases we rely on are; The processing of your information is required by CS Retreats to meet a contractual arrangement that we have agreed with you. Where CS Retreats rely on your explicit or implied consent to process your data for a particular purpose. If CS Retreats has a statutory or other legal obligation to process your information to comply with any applicable law. Who do we share your data with? CS Retreats may share personal information with third parties for the following purposes:

Third-party providers that support CS Retreats operate our business, including PayPal, and Hostinger our hosting provider, and analytics, technical services, marketing, and advertising providers.
Law enforcement agencies and regulators that CS Retreats engage with regarding are legal responsibilities and process requests or orders received from those bodies.
Courts, legal counsels, or other parties, where required by CS Retreats, and in respect of legal proceedings, claims, and complaints in this context.
If CS Retreats are sold or combined with another organisation, we may share your information with our advisers or any potential purchaser and their advisers.

Your confidentiality is of great importance to CS Retreats. We would only sell your personal information where it is legal to do so, and we have identified to you the purchasing party. WooCommerce This includes the basics around what personal data our e-store may be collecting, storing and sharing, as well as who may have access to that data. We collect information about you during the checkout process on our store. What we collect and store While you visit our site, we’ll track: Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order! We’ll also use cookies to keep track of cart contents while you’re browsing our site. When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

Send you information about your account and order
Respond to your requests, including refunds and complaints
Process payments and prevent fraud
Set up your account for our store
Comply with any legal obligations we have, such as calculating taxes
Improve our store offerings

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 3 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses. Who on our team has access Members of our team have access to the information you provide us. Order information like what was purchased, when it was purchased and where it should be sent, and Customer information like your name, email address, and billing and shipping information. Our team members have access to this information to help fulfil orders, process refunds and support you. What we share with others We share information with third parties who help us provide our orders and store services to you; We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information. LearnDash LMS We collect information about you during the course purchase process, as well as information relating to your course progression and quiz performance. What we collect and store We store course progress, including completion status, quiz scores, assignments and/or essay submissions. Any additional information added in your WordPress User Profile can also be visible to the administrator(s). Complianz This website uses the Privacy Suite for WordPress from Complianz to collect records of consent. For this functionality your IP address is anonymized and stored in our database. LiteSpeed Cache This site utilizes caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary, and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary. We may use QUIC.cloud services to process & cache your data temporarily. Akismet We collect information about visitors who comment on Sites that use our Akismet anti-spam service. Marketing Communications CS Retreats may process your personal information for marketing activities. If you wish to opt-out of such communications in the future, you can do so at any time by contacting us at cmilner@csretreats.ca. After opt-out, you will no longer receive any marketing emails from CS Retreats. However, we will continue to have other communications with you to provide any billing services or support you via email. Data retention CS Retreats will not retain your personal information for longer than is necessary for the purpose it was collected, which means your information will be destroyed when it is no longer required. In this case, the retention of your information will be for the period we provide you with access to our services, or where your account with CS Retreats remains active or as needed to provide you with our services or the agreed period set out in any relevant contract you have with CS Retreats. However, please note that to comply with our legal and regulatory responsibilities, we may retain personal data for a longer period. In some cases, CS Retreats may anonymise your personal information for research or statistical purposes, which means it is no longer attributed to you, in which case CS Retreats may use this information indefinitely, without notice. Your rights Under certain circumstances, and where appliable data protection laws apply, you may request access to your personal information that we process; request that we correct your personal information that you believe is inaccurate, ask that we delete your information, and let us know that you wish to opt-out of marketing communications. To make a request, or if you have a concern, please refer to the "Contact information” section for our contact details. If you are not satisfied with how we have addressed your concern, you have the right to make a complaint to the Office of the Privacy Commissioner. Data transfer CS Retreats may transfer your personal information outside of Canada for the purposes described in this privacy policy to provide you with our products and services. CS Retreats will only transfer your personal information outside of Canada where we are satisfied an appropriate level of security is present to protect the integrity and security of your personal information, or suitable security procedures are followed and under all relevant data protection laws. Contact information If you have any questions about this policy or wish to exercise any of your rights or make a complaint, please contact us at cmilner@csretreats.ca

1. Purpose and categories of data

1.1 Contact - Through phone, mail, email and/or webforms

1.2 Payments

1.3 Registering an account

1.4 To support services or products that a customer wants to buy or has purchased

1.5 To be able to comply with legal obligations

1.6 Compiling and analyzing statistics for website improvement.

1.7 To be able to offer personalized products and services