This version in effect since January 1, 2020.
Buyatab Online Inc. (“Buyatab”, “we”, or “us”) is committed to protecting and respecting your privacy. This policy sets out the basis on which Buyatab will use and disclose any personal information that you provide to us, or we collect from you, as a user of our services and our website (collectively, our “Services”).
our personal information enables users like you to place orders for gift cards from the merchants, companies, and organizations with whom we do business (“Merchants”) for delivery to yourself, other people, or entities (“Recipients”). Our Services may be embedded on the websites, mobile apps, and social media sites of our Merchants. When you use our Services on those sites, you may also be providing information to Merchants, and the Merchants’ privacy policies will apply to their collection, use, and disclosure of such information.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information you give us. You may give us information about you when using the Services or by corresponding with us by phone, e-mail, or otherwise.
The information you give us may include your name and your Recipient’s name; your address and your Recipient’s address; your e-mail address and your Recipient’s e-mail address; your phone number and your Recipient’s phone number; your payment method and payment information, including credit card information; your order transaction details; your personal message(s); or photograph(s), images, or other content that you provide.
By submitting personal information in respect of you and anyone else, you warrant that you have the full authority to do so and are not violating any applicable law, including privacy law regarding minors, by providing it.
- Information we collect about you. Information we may automatically collect may include technical information, such as IP address; device type and identity; login information, browser type and version, time zone setting, browser plug-in types and versions, and operating system and platform; information about your visit, including the full Uniform Resource Locators clickstream to, through, and from our Services (including date and time); products you viewed or searched for; page response times, download errors, and length of visits to certain pages; page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page; and any phone number or email address used to contact our customer service specialists.
- Information we receive from other sources. We may receive information about you if you use or visit any internet sites & services that use our Services or if you transact with our Merchants or any other third parties with whom we do business.
We may also collect information about you as required or permitted by law.
We may use the following types of cookies to help us to provide you with a good experience when you visit internet sites & services that use our Services:
- Strictly necessary cookies to help support the structure of the internet sites & services that are displayed to you when using our Services. These enhance the look and feel of our Services. They also help to improve navigation and allow you to return to webpages you have previously visited.
- Performance cookies to provide aggregated statistics on users of our Services and their browsing behaviour. This enables us to make the use of our Services easier for you, and if necessary, to make improvements. The data is aggregated and anonymized to provide generalized, anonymized information.
You can find more information about the individual cookies we use and purposes for which we use them in the table below:
Cookie Purpose Duration AWSALB Used for load balancing infrastructure Expires in 40 days Anti-forgery token Used to prevent fraudulent transactions Expires in 30 days Session beacon Used to ensure that the checkout process is completed by the original Expires in 30 days Shopping cart Used to store any incomplete shopping cart information on the user’s machine Deleted upon completion of the checkout process or until the browser cache is cleared Google Analytics Used for to track visitors and for site performance analytics Expire after 2 years
You can set your browser to accept or reject all specific cookies. You can also set your browser to alert you each time a cookie is presented to your device or opt out of Google Analytics by installing Google’s opt-out browser add-on. You can delete cookies that have been stored on your device, but if you prevent us from placing cookies on your device, or if you subsequently delete a cookie, it may not be possible for you to use our Services effectively.
USES MADE OF THE INFORMATION
We may use information about you for the following purposes:
- to process and fulfil your order;
- to communicate with you, including to notify you about changes to policies or terms and conditions and to provide you with information about other goods or services that are similar to those that you have already purchased or enquired about, subject to applicable law;
- to ensure that content from our Services are presented in the most effective manner for you and for your device;
- to administer and improve our Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to allow you to participate in interactive features of our Services, when you choose to do so;
- as part of our efforts to keep our Services safe and secure;
- for risk control, fraud detection and prevention, and compliance with laws and regulations; and
- as required or permitted by law.
DISCLOSURE OF YOUR INFORMATION
We may share your personal information with members of our group, which means our subsidiaries and related companies.
We may share your information with selected third parties including:
- The Merchant and your Recipient to which the gift card relate to fulfil your order.
- Suppliers and subcontractors we engage to provide services to us (such as data storage, technical, infrastructure, platform, or applications services or payment processing or order fulfilment services).
- Market researchers, advertisers, or other parties, not to disclose information about identifiable individuals to such parties, but to provide them with aggregate anonymized information about our users.
- Analytics and search engine providers that assist us in the improvement and optimization of our Services.
We may also disclose your information to third parties in the following circumstances:
- In the event that we decide to sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets.
- If substantially all of our assets are acquired by a third party, in which case personal information held will be one of the transferred assets.
- In order to comply with legitimate governmental requests, subpoenas, court orders, or legal obligations; or in order to enforce or apply the terms and conditions of our Services or other agreements; or to protect the rights, property, or safety of Buyatab, our customers, or other parties. This includes exchanging information with other companies and organizations for the purposes of fraud detection and prevention and risk control.
- As required or permitted by law.
WHERE WE STORE YOUR PERSONAL INFORMATION
Buyatab is a Vancouver, British Columbia, Canada-based company and our Merchants, suppliers, and subcontractors may be located worldwide.
In the event that we share your personal information with our Merchants, suppliers, or subcontractors as described in this policy, your information may be processed and stored in the country where they are located.
Personal information may be subject to disclosure under the laws of jurisdictions where the personal information is stored or handled and it may be accessible to law enforcement and national security authorities of those jurisdictions.
For information about Buyatab’s use of suppliers and subcontractors outside Canada to process personal information, please contact us at the address provided below.
The data controller is Buyatab Online Inc., B1 – 788 Beatty Street, Vancouver, BC, V6B 2M1 Canada.
Our Privacy Officer can be reached by e-mail at firstname.lastname@example.org.
Buyatab does not sell or share personal information with third parties for their marketing purposes. Pursuant to the California Consumer Protection Act, under certain circumstances, California consumers have the right to request that Buyatab disclose or delete the specific pieces of personal information Buyatab collected about that consumer.
If you are a California consumer, you may submit a request for this information or for deletion of this information by e-mail at email@example.com. If required to do so, Buyatab will respond to your request in the manner and time provided for in the California Consumer Protection Act.
YOUR RESPONSIBILITY FOR PRIVACY
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Ultimately, you are responsible for maintaining the secrecy of your password and/or any personal information in your possession. Always be careful and responsible regarding your personal information.
SECURITY OF YOUR PERSONAL INFORMATION IS IMPORTANT TO US
Buyatab takes commercially reasonable steps to ensure that personal information is kept safe from loss, unauthorized access, modification, or disclosure. Among the steps we take in order to protect your information are:
- premises security;
- restricted data access to personal information;
- deploying technological safeguards like security software and firewalls to prevent hacking or unauthorized computer access; and
- internal password and security policies.
Except where we are required by law to disclose personal information, we will use contractual arrangements to protect personal information disclosed to third parties.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our Services or the internet sites & services that use our Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
WITHDRAWAL OF CONSENT
Individuals have the right to withdraw their consent to the collection, use, or disclosure of personal information at any time, except where that withdrawal would frustrate the performance of a legal obligation by Buyatab. Upon reasonable written notice given to Buyatab, such personal information held by Buyatab that is identifiable to that individual will be removed from our records and a notice of the impact of that removal will be provided to the individual. Notwithstanding the foregoing, if you withdraw consent, Buyatab nonetheless reserves the right to retain, collect, use, and disclose personal information without your consent where we are permitted or required by law to do so.
You may wish to opt out of receiving certain information and marketing or promotional materials from us. You may do so by using the unsubscribe mechanism provided in the message or by contacting us at the address set out below.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
Personal information will be retained in accordance with this policy for as long as may be necessary or relevant for the purpose of collection, or as may be required or permitted by law.
Our Services may, from time to time, contain links to and from the internet sites & services of other parties. If you follow a link to any of these internet sites & services, please note that these parties may have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to other internet sites & services.
ACCESS TO INFORMATION
You have the right to access the personal information that we have about you and to request correction of personal information that you believe to be inaccurate. If you wish to access your personal information or request a correction of your personal information, you should contact our Privacy Officer at the address set out below who will be pleased to assist you. Upon receiving a written access and/or correction request and any handling fee that may be required by Buyatab to the extent permitted by applicable law, and where the identity of the requestor can be confirmed, personal information held by Buyatab that is identifiable to the requestor, as well as information on all use and disclosures of that personal information, will be released to the requestor within 30 days, except where denial of that release is required or permitted by law, and if necessary Buyatab will correct the personal information of the requestor. If we deny your request for access to or refuse a request to correct personal information, we will explain why.