PRIVACY POLICY

 

This Privacy Policy applies to: www.studioartsessions.ca

Last update: April 20, 2021

 

The respect of your private life is of the utmost importance for Studio Art Sessions Inc.,

who is responsible for this website.

This Privacy Policy aims to lay out :

the way your personal information is collected and processed. "Personal

information" means any information that could identify you, such as your name,

your mailing address, your email address, your location and your IP address.

"Personal information" is a synonym for "personal data" within the meaning of the

Regulation 2016/679 of the European Union (General Data Protection Regulation);

your rights regarding your personal information;

who is responsible for the processing of the collected and processed information;

to whom the information is transmitted;

if applicable, the website's policy regarding cookies.

This Privacy Policy complement the Terms and Conditions that you may find at the

following address:

https://www.studioartsessions.ca/terms-conditions

1. COLLECTION OF PERSONAL INFORMATION

We collect the following personal information:

Last Name

First name

Mailing address

Postal code

2/10

Email address

Phone and/or fax number

Credit card number

The personal information we collect is collected through the collection methods

described in the following section.

2. FORMS AND METHODS OF COLLECTION

Your personal information is collected through the following methods:

Website registration form

Order form

Survey form

Contest

We use the collected data for the following purposes:

Order tracking

Special offers

Statistics

Contact

3. INTERACTIVITY

Your personal information is also collected through the interactivity between you and the

website. This personal information is collected through the following methods:

Comments

Correspondence

3/10

Information for promotional offers

We use the personal information thus collected for the following purposes:

Statistics

Contact

Website management

4. COOKIES AND LOG FILES

We collect information through log files and cookies. These allow us to process statistics

and information on traffic on the Website, to ease navigation and improve your

experience for your comfort.

Under the General Data Protection Regulation (European Regulation 2016/679), the use

of cookies and log files that involves personal information saving and analysis requires

your consent.

Your consent is considered to be valid for a maximum period of thirteen (13) months. At

the end of that period, we will ask again for your consent to save cookies and log files on

your hard disk.

a) Cookies used by the Website

The cookie files used on the Website are the following:

IP address

Operating system

Pages visited and queries

Day and time of connection

Other:

- content of electronic shopping carts

- provenance of users of the website

The use of such files allows us to achieve the following purposes:

4/10

Improvement of the service and personalized welcome

Personalized consumption profiles

Order tracking

Statistical surveys

Other:

- promotional purposes

-managing website

By using the Website, cookies from the following third parties may be saved on your

hard disk:

- Stripe Inc.

- PayPal Holdings, Inc.

The website also embeds sharing and social media networks buttons that allow you to

share your activity on the Website. Cookies and log files from the social media networks

may be saved on your computer when you use these features.

These websites have their own privacy policy and terms and condition that may be

different than ours. We invite to look at the privacy policies and terms and conditions

from these websites.

b) Objection to the use of cookies and log files by the Website

You have the right to object to the recording of these cookies and log files by configuring

your web browser.

Once you have deactivated cookies and log files, you may continue your use of the

Website. However, any malfunction resulting from this deactivation may not be

considered of our making.

5. SHARING PERSONAL INFORMATION

The personal information collected by the Website is not transmitted to any third party

and is processed only by us.

5/10

6. STORAGE PERIOD OF PERSONAL INFORMATION

The controller will keep in its computer systems, in reasonable security conditions, the

entirety of the personal information collected for the following duration: 10 years.

7. HOSTING OF PERSONAL INFORMATION

Our website is hosted by: 10 Dollar Domain Names Inc., located at the following

address:

10 Dollar Domain Names Inc. (10Dollar.ca) 5863 Leslie St. Suite 307 Toronto, ON

M2H 1J8 Canada.

The host may be contacted at the following phone number: (647) 660-2460.

Personal information we collect and process is exclusively hosted in Canada.

This transfer of personal information outside of the EU is justified by the fact that our

headquarters are located in Canada.

8. CONTROLLER

a) Controller

The "Controller" is: Elizabeth Figliuzzi. The Controller may be contacted as follows:

The controller may be joined by email adrienne@studioartsessions.ca

The Controller is in charge of determining the purposes for which personal information is

processed and the means at the service of such processing.

b) Obligations of the Controller

The Controller is committed to protecting the personal information collected, not to

transmit it to third parties without informing you, and to respect the purposes for which

personal information was collected.

In the event that the integrity, confidentiality or security of your personal information is

6/10

compromised, the Controller is committed to notify you.

9. RIGHT OF OBJECTION AND OF WITHDRAWAL

You have the right to object to the processing of your personal information by the

Website ("right to object"). You also have the right to request that your personal

information does not appear, for example, on a mailing list ("right to withdraw").

If you wish to exercise the right to object or the right to withdraw, you must follow the

procedure described hereinafter:

The user must submit a request by email to the Controller as indicated above.

10. RIGHT OF ACCESS, OF RECTIFICATION AND OF REMOVAL

You have the right to consult, update, modify or request the removal of information about

you by following the procedure described hereinafter:

The user must submit a request by email to the Controller as indicated above.

If you have a personal account, you may request its removal by following the procedure

described hereinafter:

The user must send an email to the data controller. This email must contain the

information on the account (associated email address as well as account number).

The email must be sent to the controller using the address provided above.

11. GENERAL PRINCIPLES RELATING TO THE COLLECTION AND PROCESSING

OF PERSONAL DATA UNDER EUROPEAN REGULATION 2016/679

In accordance with the provisions of Article 5 of European Regulation 2016/679, the

collection and processing of your personal data comply with the following principles:

Lawfulness, fairness and transparency: your personal data may only be collected

and processed with your consent. Every time your personal data is collected, you

will be informed that your personal data is collected and for which reasons your

7/10

personal data is collected;

Limits purposes: the data is collected and processed for one or more purposes set

out in this Privacy Policy;

Data minimization: only personal data necessary for the purpose to which it is

necessary is collected;

Storage limited in time: personal data is stored for a limited time, of which you are

notified;

Integrity and confidentiality of collected and processed personal data: the

Controller is committed to guarantee the integrity and confidentiality of the

collected personal data.

In order to be lawful and to comply with Article 6 or European Regulation 2016/679,

collection and processing will only occur if one of the following applies:

You have given your express consent;

Processing is necessary for the performance of a contract;

Processing is necessary for compliance with a legal obligation;

Processing is necessary in order to protect your vital interests or those of another

physical person;

Processing is necessary for the performance of a task carried out in the public

interest or in the exercise of official authority;

Processing is necessary for the purposes of the legitimate interests pursued by the

Controller or a third party.

12. ADDITIONAL RIGHTS PURSUANT TO EUROPEAN REGULATION 2016/679

In accordance with European regulation relating to the processing of personal data, you

also have the rights listed below.

In order for the Controller to grant your request, you must provide your first and last

name, your email address, and if relevant, your personal account or membership

number.

The Controller must answer your request within a period of thirty (30) days.

a) Right to portability of personal data

You have the right to request the portability of your personal data held by the Website to

another site by following the procedure described below:

8/10

The user must send an email to the data controller to the email address provided

above and include all information on the account.

b) Right of not being the object of a decision based only on automated processing

In accordance with the provisions of the European Regulation 2016/679, you have the

right of not being the subject of decision based solely on automated processing if the

decision produces legal affecting concerning you or significantly affects you.

c) Right to submit a complaint to the competent authority

In the event that the Controller does not answer your request, you wish to challenge his

or her decision or you believe one of your rights has been infringed upon, you have the

right to submit a complaint to the competent authority.

13. SECURITY

Personal information we collect is stored in a secured environment. People working for

us are obligated to respect the confidentiality of your personal information.

To ensure the security of your personal information, we use the following methods:

SET (Secure Electronic Transaction) Protocol

Access management - person authorized

Access management - person concerned

Username/password

We are committed to maintaining a high degree of confidentiality by integrating the latest

technological innovations that allow us to ensure the confidentiality of your transactions.

Nevertheless, no mechanism can ensure a complete security and transmitting personal

information on the Internet always entail a part of risk.

14. PERSONAL DATA OF MINORS UNDER EUROPEAN REGULATION 2016/679

9/10

In accordance with the provisions of Article 8 of Regulation 2016/679, only minors over

15 years of age may consent to the processing of their personal data.

If you are a minor under the age of 15, the consent of a legal representative is required

in order for your personal data to be collected and processed.

We reserve the right to verify by any means that you are over 15 years of age or that

you have obtained the consent of a legal representative before using our Website.

15. CHANGES TO OUR PRIVACY POLICY

Our Privacy Policy may be viewed at all times at the following address:

www.studioartsessions.ca/privacy-policy

We reserve the right to modify our Privacy Policy in order to guarantee its compliance

with the applicable law.

You are therefore invited to regularly consult our Privacy Policy to be informed of the

latest changes.

However, in the event of a substantial change to our Privacy Policy, we will notify you as

follows:

-email to the users email address

16. ACCEPTANCE OF OUR PRIVACY POLICY

By using our Website, you certify that you have read and understood this Privacy Policy

and accept its conditions, more specifically conditions relating to the collection and

processing of personal information, and the use of cookies.

17. APPLICABLE LAW

We are committed to respect the legislative provisions as specified in:

Personal Information Protection and Electronic Documents Act, SC 2000, c 5; and/or

10/10

Act Respecting the Protection of Personal Information in the Private Sector, CQLR

cP-39.1 ; and

General Data Protection Regulation, Regulation (EU) 2016/679 of the European

Parliament and the Council of 27 April 2016 for the protection of natural persons with

regard to the processing of personal data and on the free movement of such data, and

repealing Directive 95/46/EC.