WEBSITE PRIVACY POLICY

1.0 OUR COMMITMENT TO YOUR PRIVACY

1.1 Your privacy is important to us. To better protect your privacy we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make it available on our website.

2.0 THE INFORMATION WE COLLECT

2.1 This notice applies exclusively to personal information collected or submitted through use of our website.

2.2 We use the term “personal information” as it is defined in the Personal Information Protection and Electronic Documents Act, SC 2000, c 5 (“PIPEDA”). As such, for the purposes of this policy, personal information means information about an identifiable individual, but does not include the name, title, or telephone number of an employee of an organization.

2.3 We may collect non-personally identifiable information by using cookies. Cookies are small data files that are sent to your browser and stored on your computer’s hard-drive when you visit certain websites, thereby “tracking” your use of the websites. All information collected by means of cookies is anonymous, aggregated and only used to better understand how our website is used so that we may make design improvements.

3.0 HOW WE USE YOUR INFORMATION

3.1 We only use the personal information collected through our website to communicate directly with you. We do not share your personal information with any outside parties.

4.0 HOW WE KEEP YOUR INFORMATION SECURE

4.1 We are committed to keeping your information secure and maintaining its accuracy. We make all commercially reasonable efforts to ensure that personal information collected from you is protected against loss and unauthorized access. Personal information is collected and stored by us in a secure manner.

4.2 Any other companies and individuals who we may employ from time-to-time to perform functions on our behalf are required to protect any personal information accessed in a manner consistent with this policy.

5.0 LINKS TO THIRD PARTY SITES

5.1 Our website may contain links to other third party websites. We are not responsible for the privacy practices or the content of such linked third party websites.

7.0 HOW WE COMPLY WITH CANADA’S ANTI SPAM LAW (CASL)

7.1 In accordance with Canada’s Anti-Spam legislation we may use your personal information so that we may send you commercial electronic messages (CEMS). Unless such messages are sent subject to exemption we will obtain your prior implied or express consent in accordance with this legislation.

7.2 You may withdraw your consent to receive CEMs from us at any time by using the unsubscribe mechanism contained in all of our electronic communications.

7.3 We do not install or cause to be installed any computer programs on your computer system that requires your consent under CASL.

8.0 HOW YOU CAN ACCESS, MODIFY, AND/OR REMOVE YOUR INFORMATION

8.1 You may e-mail us at info@azuremedispa.com any time to request a copy of the personal information we have in our possession about you and/or to ask us to modify or remove your information from our online database. We will take all reasonable steps to verify your identity before taking any action in respect of such requests.

8.2 Please be aware that it may not always be possible to completely modify or remove information in our database.

9.0 HOW YOU CAN CONTACT US IF YOU HAVE ANY QUESTIONS

9.1 If you have questions and/or concerns about this policy, please contact our Privacy Officer: Dr. Kent Floreani.

9.2 All Complaints will be investigated within 60 days of receipt and appropriate measures will be taken to resolve them.

10.0 HOW YOU WILL BE INFORMED OF UPDATES TO OUR PRIVACY POLICY

10.1 We reserve the right to update our privacy policy at any time without notice. All updates to our privacy policy will be made readily available and accessible through our website. The privacy policy posted shall be deemed to be the privacy policy then in effect.

10.2 Your use of or access to our website indicates your acknowledgment of this privacy policy and consent to the collection, use, and disclosure of your personal information in accordance with this privacy policy.

11.0 LEGAL DISCLOSURES

11.1 We reserve the right to co-operate fully with local, provincial and federal officials in any investigation relating to any personal or any purported unlawful activities.

 

SURVEILLANCE POLICY

Purpose

This policy applies to the collection, use, disclosure, and disposal of recorded information collected through video surveillance technology, which is used to enhance the protection and safety of Headlines Hair and Day Spa’s and Azure Medispa’s customers and invitees by reducing, deterring and assisting in the investigation of incidents of criminal activity, and protecting property and assets.

 

Scope

This policy has been created in accordance with the Guidelines for Overt Use of Video Surveillance in the Private Sector as issued by Ontario’s Information and Privacy Commissioner (March, 2008).

This policy applies to:

  • all Headlines Hair and Day Spa and Azure Medispa employees, agents, independent contractors, customers and invitees; and
  • all Headlines Hair and Day Spa and Azure Medispa owned or leased land and buildings (the “Premises”).

 

Policy and Procedures

It is the policy of Headlines Hair and Day Spa and Azure Medispa to ensure:

  • Video surveillance of the Premises is conducted in a professional, ethical and legal manner;
  • Video surveillance is used for a purpose consistent with this policy and to promote the following goals:
  • Public safety
  • Combatting unauthorized access, especially in the compound
  • Coordinating operational activities, especially in service
  • Supporting criminal investigations
  • Deterring theft and break and enter
  • Reinforcing employee safety
  • Ensuring adequate staffing for high level of customer service at customer points of contact, such as counters and reception;
  • Video surveillance is used only to the extent that less intrusive means of achieving a purpose consistent with the policy and the foregoing goals has shown to be ineffective or unworkable;
  • If cameras are adjustable by operators, this practice will be restricted, wherever possible, so that operators cannot adjust or manipulate the cameras to view spaces where individuals have a heightened expectation of privacy, (e.g. washrooms).
  • Clear understandable notice is provided about the use of video surveillance on the Premises to individuals whose images might be captured, before these individuals enter the Premises. Such notice will be in form of signs that include a contact in case individuals have questions or if they want access to images relating to them.
  • Cameras shall normally not be monitored. When cameras are monitored, the recording function shall be turned on only when unlawful activity is suspected or observed.
  • Sound is not recorded unless there is a specific need to do so.
  • A process is in place to facilitate the making and handling of complaints about the use of video surveillance by Headlines Hair and Day Spa and Azure Medispa.

 

Managing Recordings

Headlines Hair and Day Spa and Azure Medispa will retain all video surveillance recordings for a period of 30 days. Records shall only be retained for more than 30 days where the footage is required as part of an investigation or for the purposes of evidence.

While retained by Headlines Hair and Day Spa and Azure Medispa, video recordings shall be stored in a secure environment and their content shall not be altered.

Recording no longer retained by Headlines Hair and Day Spa and Azure Medispa shall be securely destroyed.

Disclosure of Recordings

 Subject to legislative exemptions, Headlines Hair and Day Spa and Azure Medispa shall not disclose recordings containing identifying information about an individual without that individual’s consent. Such exemptions include, but are not limited to, disclosure to Headlines Hair and Day Spa and Azure Medispa legal counsel, disclosure to identify an injured, ill or deceased individual, and disclosure to law enforcement where a crime has been committed or to comply with a subpoena, warrant or court order.

Individuals have a right to access recordings they appear in. When disclosing recordings to individuals who appear in them, Headlines Hair and Day Spa and Azure Medispa shall ensure that identifying information about any other individuals on the recording is not revealed. This may be done through technologies that mask identity.

 

Responsibilities

Headlines Hair and Day Spa and Azure Medispa management level employees are collectively responsible for approving and directing compliance with this policy.

The Manager is responsible for:

  • Resolving any issues or conflicts relating to this policy;
  • Implementation, administration, and evaluation of this policy;
  • Ensuring that information obtained through video surveillance is used exclusively for lawful purposes; and
  • Documenting access to recordings and the retention or disposal of recordings.

 

Policy Evaluation

The Managers will evaluate this policy periodically, at least once every three years, to:

  • Accommodate developments in the interpretation of data protection legislation;
  • Respond to developments in the technology involved with the recording of images and the use of such technologies; and
  • Ensure that the procedures comply with all applicable laws and Headlines Hair and Day Spa and Azure Medispa policies, including laws and policies relating to privacy and access to information.
Effective Date: November, 2017
Next Evaluation: November, 2020
Revision History: Version 1
Related Documents: Personal Information Protection and Electronic Documents Act and Regulations

Guidelines for Overt Video Surveillance in the Private Sector

  • All recordings will be labelled and documented appropriately with the dates and camera source.
  • All activities regarding surveillance activities- Only authorized personnel will have access to the surveillance activities
  • All recordings will be stored securely in an access-controlled area and server.
  • With the exception of requests by law enforcement agencies, individuals must submit a formal request to view recordings that will be subject to approval by the Manager.
  • In the event that any law enforcement agency requests access to Headlines Hair and Day Spa and Azure Medispa surveillance recordings, Headlines Hair and Day Spa and Azure Medispa will act in accordance with the law and provide the materials as
  • All recordings created by means of security surveillance cameras will be the sole property of Headlines Hair and Day Spa and Azure Medispa and may not be taken, reproduced or destroyed for any reason without prior written permission. Authorized personnel shall be the only parties eligible to delete recordings in accordance with this policy and following the
  • Where recordings are disposed of, they must be deleted or destroyed in such a manner as to ensure that they cannot be viewed or accessed by
  • Periodic evaluation of the need for surveillance will be done to ensure it is still meeting the needs of Headlines Hair and Day Spa and Azure Medispa with respect to the goals