Privacy and Security
House of Anansi respects the privacy of all of our customers, our e-newsletter subscribers, those who participate in our contests and surveys, and all those who use our Site. Our policy is laid out below under the headings relating to the 10 principles of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). We are also compliant with the European Union General Data Protection Regulation (GDPR).
We are responsible for the personal information in our possession and we have designated a Privacy Officer with responsibility for our complying with all applicable privacy laws. We inform and train staff on our privacy policies and procedures.
When we work with third party service providers who carry out services on our behalf (for example sending e-newsletters, managing and hosting data, shipping book purchases, processing credit card payments) we disclose your personal information to them only to the extent necessary to enable them to provide these specific services to you. We require these third parties to manage and guard all personal information in accordance with Canadian laws.
We may provide links from the Site to other websites run by third parties. If we have provided links to other websites we make no representations whatsoever about the privacy practices of these websites, and we encourage you to read the privacy policies of any site to which you provide personal information.
2. Purpose of Data Collection
We will clearly inform you about the specific purpose for which we collect personal information at the point at which we collect it. In most cases, you will be asked to provide personal and account information as appropriate for us to provide service to you.
Examples of specific purposes for which we will collect personal information from you are:
- opening an account
- verifying creditworthiness
- processing a book order
- processing an e-newsletter subscription
- identifying customer preferences
- establishing customer eligibility for special offers or discounts.
- Collect each Site visitor’s domain name, browser type, and IP address. We collect this information from all visitors to track and evaluate aggregate usage of the Site for analytical purposes, in order to help us improve those services. Such basic Internet traffic statistics are not correlated with any personal information.
- Identify a shopper with his or her cart during a shopping session, to make it easier to order a second time, and to allow subscribers to store passwords if they desire.
- Personalize a visitor’s experience on our Site by alerting him or her to features and information we think may be of interest to them.
If you do not want us to deploy cookies in your browser, you can set your browser to reject cookies or to notify you when a website tries to put a cookie in your browser software. Rejecting cookies may affect your ability to use of some of the products and/or services on the Site.
We will inform you of the purposes for the collection, use or disclosure of personal data and we will obtain your consent before or at the time of collection, as well as when a new use is identified.
In seeking your consent we will take into consideration your reasonable expectations as a user of the Site, the circumstances surrounding the collection of the personal information, and the sensitivity of the information involved. We will seek your express consent for use of your personal information whenever possible and in all cases when the personal information is considered sensitive.
We will not attempt to obtain consent by deceptive means.
We will not use or disclose your personal information without your knowledge and consent unless it is permitted or required by law as outlined in PIPEDA.
You may withdraw your consent at any time and we will delete your personal information, subject to legal or contractual restrictions and reasonable notice.
You have the right to request access to your personal data in an accessible format.
If you believe that your personal data is incorrect, incomplete, or inaccurate, you have the right to have it rectified or completed without undue delay.
In the event of a data breach, we will provide immediate notification to all affected parties and update them with relevant information about the extent of the breach as information becomes available.
We do not intend to collect or solicit personal information from anyone under the age of sixteen. If you are under the age of sixteen, do not attempt to register or send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we learn that we have collected personal information from an individual under the age of sixteen, we will remove that information as quickly as possible.
Parents and legal guardians can withdraw consent to their child’s participation and use of their personal information at any time by contacting us at email@example.com.
4. Limits to Collection of Information
We will not collect personal information indiscriminately nor will we mislead you about our reasons for collecting personal information from you.
5. Limits to Use, Disclosure and Retention of Information
We will use or disclose your personal information only for the purpose for which it was collected, unless we have your consent or the use or disclosure is authorized by law.
The information will be kept only as long as necessary to satisfy the purposes for which we collected it.
We will keep your personal information as accurate, complete, and up-to-date as necessary, taking into account the purposes for which it is used.
We will protect your personal information against unauthorized access, disclosure, copying, use, or modification using safeguards appropriate to the sensitivity of the information. These safeguards include technological tools such as passwords, encryption, and firewalls, and organizational controls such as limiting staff access to systems containing personal information on a “need-to-know” basis.
Transmission of the personal information you provide when you create an online account and place an online order is secured using Secure Socket Layers (SSL) encryption technology, and our service providers operate in compliance with the Payment Card Industry (PCI) Data Security Standard (DSS).
Information about our specific practices relating to the management of your personal information will be made available to you on request.
9. Individual Access to Information
Upon request, we will inform you if we have personal information relating to you, give you a copy of that information, and explain how it has been used and/or to whom it has been disclosed. If you find that the information is inaccurate or incomplete you have the right to challenge it and we will amend it as appropriate. In certain circumstances under the law, we will not disclose information to you. Examples of such circumstances are if the information is subject to solicitor-client privilege, or if the information contains confidential commercial information, or if disclosure of the information could harm an individual’s life or security. If we will not disclose information to you we will give you our reasons for not doing so.
10. Contacting Us Concerning the Policy
House of Anansi Press Inc.
128 Sterling Rd, Lower Level
Toronto, ON M6R 2B7
Individuals who write to us with a complaint about our compliance with the Policy will receive from the Privacy Officer information about our complaint procedures and other possible avenues of recourse. The Privacy Officer will investigate the complaint and should the complaint be found to be justified will take appropriate measures, including, if necessary, adjusting our information handling practices and policies.