Policies

1. ACCOUNTABILITY

The Company is responsible for protecting all personal information held by it or transferred to a third party for processing. The Company has appointed a Privacy Officer who is responsible for the Company’s compliance with the Act. The Privacy Officer may be contacted by e-mail at privacy@collega.com or by post at 210 Lesmill Road, North York, Ontario, M3B 2T5. 

The Company has developed personal information policies and practices that: 

• protect personal information
• require any third party contracting with the Company to guarantee the same level of protection
• train employees on privacy policies and procedures
• make the privacy policy available to individuals
   

2. PURPOSE

The Company identifies the purposes for which it collects personal information before or at the time of collection. Before or when personal information is collected, the Company identifies, documents, and informs the individual why it is needed and how it will be used. The Company obtains the individual’s consent, either verbally or in writing, before using the personal information for any new purpose. 

The Company collects personal information for the following purposes:

• opening an account
• verifying creditworthiness
• communicating information and offers to individuals
• understanding and analyzing sales, needs and preferences
• developing and providing services
• marketing and advertising products and services
• booking appointments
• participating in promotions and programs
• participating in research or focus groups
• processing exchanges or returns
• improving services, school, and store appearances
• responding to requests and/or complaints
• processing product orders
• scheduling enrollment in education programs
   

3. CONSENT

The Company makes every reasonable effort to obtain express consent for the collection, use or disclosure of personal information. However, consent will be implied by an individual giving the Company his or her personal information either in person, over the telephone, or over the internet for all of the purposes set out in section 2. The Company makes every effort to explain how it will use the personal information, that consent may be withdrawn, and any consequences arising from the withdrawal. The Company does not accept consent from a party lacking the capacity to give it.
 

4. LIMITING COLLECTION

The Company does not collect personal information indiscriminately and does not deceive or mislead individuals about the reasons for collecting it. The Company limits the amount and type of information gathered to what is necessary for the identified purpose. The Company obtains personal information in the following manner:

1. Verbally: over the telephone or in person through interaction with our Territory Managers, Client Services Representatives, Aveda Advisors, Managers and Team Leaders.
2. In Writing: through registration forms, application forms, authorizations, surveys, questionnaires, and resumes communicated by e-mail, regular mail, fax, and the internet or through exchange and refund transactions.
    

5. LIMIT USE DISCLOSURE AND RETENTION

The Company uses or discloses personal information only for the purposes that it was collected, unless the individual consents or the use or disclosure is authorized by the Act. The Company only keeps personal information as long as necessary to satisfy the purpose. The Company does not give or sell client/guest lists to any organization or individual other than companies contracted to implement direct mailings/marketing or to analyze data. The Company has guidelines and procedures in place for retaining and destroying personal information. Any personal information that has not been used for its identified purpose within a consecutive 48 month period or 4 years is destroyed or deleted, unless otherwise dictated by legislation.
 

6. ACCURACY

The Company keeps personal information as accurate, complete and up-to-date as necessary, taking into account its use and the interests of the individual. The Company updates personal information from time to time as provided by the individual.
 

7. SAFEGUARDS

The Company protects personal information against loss or theft and safeguards it from unauthorized access, disclosure, copying, use or modification regardless of the format in which it is held. 

The Company has implemented security safeguards including, but not limited to,:

• physical measures (locked filing cabinets, restricting access to offices, alarm systems)
• technological tools (passwords, encryption, firewalls, security policy)
• organizational controls (limiting access on a “need-to-know” basis and to secure areas)
   

8. OPENNESS

The Company makes policies and practices for the management of personal information available and easily understandable. Individuals are encouraged to contact the Privacy Officer to discuss the Company’s privacy policies, how to obtain access to his or her personal information, and to make privacy related complaints, comments, or recommendations.
 

9. ACCESS

Upon request, the Company will provide individuals access to their personal information. All requests should be forwarded to the Privacy Officer. The Company may ask the individual to supply enough information to enable it to account for the existence, use and disclosure of the personal information, including a recent form of identification. The Company will attempt to respond to requests within thirty (30) business days. This time frame may be extended pursuant to the Act. The Company will correct or amend any personal information if its accuracy and completeness is challenged and found to be deficient. All amended information will be sent to third parties having access to it, where appropriate. In the event that access is denied, the Company will provide written reasons. The Company will also delete any personal information upon request (i.e. indiviudals may “unsubscribe” from receiving e-mail communications).
 

10. MARKETING AND ADVERTISING

We may from time to time leverage display advertising to promote the programs and services available at the Aveda Institute, including Google Adwords, and remarketing or similar audiences to advertise online. We reserve the right to use third party vendors, including Google to show our ads on sites across the internet. These third party vendors, including Google, use cookies to serve our ads based on someone’s past visits to this website. You can opt out of Google’s use of cookies by visiting the Ads Preferences Manager. Alternatively, you opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page.
 

11. RECOURSE

An individual may make a complaint in writing to the Privacy Officer. The Company has a procedure in place and will investigate all complaints. The Company will notify individuals of the outcome of investigations within sixty (60) business days of receipt of a complaint. If justified, the Company will correct any inaccurate Personal Information or modify policies and procedures based on the outcome of the investigation and ensure that all relevant staff is aware of any change.

WHO WE ARE

Suggested text: Our website address is: https://eikonicacademy.ca.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

MEDIA

Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

COOKIES

Suggested text: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

EMBEDBED CONTENT FROM OTHER WEBSITES

Suggested text: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

WHO WE SHARE YOUR DATA WITH

Suggested text: If you request a password reset, your IP address will be included in the reset email.

HOW LONG WE RETAIN YOUR DATA

Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

WHAT RIGHTS YOU HAVE OVER YOUR DATA

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

WHERE WE SEND YOUR DATA

Visitor comments may be checked through an automated spam detection service.