1. General Provisions

This Personal Data Processing Policy is prepared in accordance with the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA) and outlines the procedure for processing personal data and the measures taken to ensure the security of personal data by Valeria Lvovna Tsoi (hereinafter referred to as the Operator).

1.1. The Operator considers the observance of human and civil rights and freedoms when processing personal data, including the protection of the right to privacy, personal and family life, as its highest priority and a key condition for conducting its activities.

1.2. This Policy of the Operator regarding the processing of personal data (hereinafter referred to as the Policy) applies to all information that the Operator may obtain about visitors to the website https://dognature.ca/.

2. Basic Terms Used in the Policy

2.1. Automated processing of personal data – processing using computing equipment.

2.2. Blocking of personal data – temporary suspension of processing (except when needed for clarification).

2.3. Website – a collection of visual, informational, and software resources available online at https://dognature.ca/.

2.4. Personal data information system – a set of databases and technologies used for data processing.

2.5. Depersonalization – actions that make it impossible to identify the data subject without additional information.

2.6. Processing – any operation with personal data, including collection, recording, systematization, accumulation, storage, updating, retrieval, use, transfer, depersonalization, blocking, deletion, and destruction.

2.7. Operator – a person or entity that organizes or performs personal data processing and defines its purpose, content, and actions.

2.8. Personal data – any information related directly or indirectly to a user of the website https://dognature.ca/.

2.9. Publicly available personal data – data disclosed with the subject’s consent under PIPEDA.

2.10. User – any visitor to the website https://dognature.ca/.

2.11. Provision – actions aimed at disclosing data to a specific person or group.

2.12. Dissemination – actions aimed at making data available to an indefinite group or the public.

2.13. Cross-border transfer – transferring data to foreign entities or authorities.

2.14. Destruction – actions resulting in the irreversible deletion of data or data carriers.

3. Operator’s Rights and Responsibilities

3.1. The Operator has the right to:
– Obtain accurate information and/or documents from the data subject;
– Continue processing personal data without consent when legally permitted;
– Independently determine the measures necessary to fulfill legal obligations under PIPEDA.

3.2. The Operator must:
– Provide the data subject with information about data processing upon request;
– Organize data processing according to applicable Canadian law;
– Respond to inquiries from data subjects and their legal representatives;
– Provide required information to regulatory authorities upon request;
– Publish or otherwise make this Policy available to the public;
– Take legal, organizational, and technical steps to protect data from unauthorized access or misuse;
– Cease processing and destroy personal data when legally required;
– Fulfill other obligations prescribed by PIPEDA.

4. Rights and Responsibilities of Personal Data Subjects

4.1. Data subjects have the right to:
– Receive information about their personal data processing, unless otherwise restricted by law;
– Request correction, blocking, or deletion of inaccurate or unlawfully obtained data;
– Require prior consent for the use of personal data in marketing;
– Withdraw consent at any time;
– File complaints with data protection authorities or the courts;
– Exercise other rights as prescribed by Canadian law.

4.2. Data subjects must:
– Provide accurate personal data;
– Inform the Operator about updates or corrections.

4.3. Persons who provide false information or data without consent are held liable in accordance with the law.

5. Principles of Personal Data Processing

5.1. Data processing must be lawful and fair.

5.2. It must serve specific, pre-defined, and legitimate purposes.

5.3. Combining databases with incompatible purposes is not permitted.

5.4. Only relevant data shall be processed.

5.5. The scope and content of processed data must correspond to stated purposes.

5.6. Accuracy, sufficiency, and relevance of data must be ensured.

5.7. Data must be stored no longer than necessary, unless otherwise required by law or contract. Upon achieving the purpose or losing the need, data is deleted or depersonalized.

6. Purpose of Data Processing

Purpose: Informing users via email, calling phone numbers, messaging via Instagram Direct.

Personal Data:
– Full name.
– Email address.
– Phone numbers.
– Instagram account.

Legal Basis: The Privacy Act and PIPEDA.

Types of Processing:
– Collection, recording, systematization, accumulation, storage, destruction, depersonalization.
– Sending emails.
– Calling phone numbers.
– Messaging via Instagram Direct.

7. Conditions for Personal Data Processing

7.1. With the data subject’s consent.

7.2. When required by law or international agreement.

7.3. When needed for legal proceedings or execution of judicial acts.

7.4. When necessary to fulfill or initiate a contract with the data subject.

7.5. For the legitimate interests of the Operator or third parties, provided rights are not violated.

7.6. For publicly available data provided by the data subject.

7.7. For data required to be disclosed by law.

8. Collection, Storage, Transmission, and Other Processing of Personal Data

Data security is ensured by legal, organizational, and technical measures in compliance with current data protection legislation.

8.1. The Operator ensures data integrity and prevents unauthorized access.

8.2. Personal data will not be transferred to third parties without legal grounds or consent, unless required by law.

8.3. Users may update their data by emailing Valerie.tsoi@gmail.com with the subject “Personal Data Update.”

8.4. Data processing continues until the stated purpose is achieved or consent is withdrawn.

8.5. Data collected by third-party services (e.g., payment systems, communication platforms) is processed under their own Privacy Policies and Terms of Use. The Operator is not responsible for third-party actions.

8.6. Restrictions on dissemination do not apply when processing serves public interests defined by law.

8.7. The Operator ensures data confidentiality.

8.8. Data is stored only as long as necessary unless otherwise stipulated by law or contract.

8.9. Processing may end upon reaching the objective, consent withdrawal, or detection of unlawful processing.

9. List of Actions with Personal Data

9.1. The Operator performs collection, recording, systematization, accumulation, storage, updating, retrieval, usage, transfer, depersonalization, blocking, deletion, and destruction.

9.2. Automated processing may include data exchange over networks.

10. Cross-Border Transfer of Personal Data

10.1. The Operator must notify the authorized data protection body before initiating cross-border transfers.

10.2. Prior to notification, the Operator must obtain relevant information from foreign entities.

11. Confidentiality of Personal Data

The Operator and others with access must not disclose personal data without the subject’s consent unless legally required.

12. Final Provisions

12.1. Users may request clarifications by contacting the Operator at Valerie.tsoi@gmail.com.

12.2. This Policy is valid indefinitely until replaced with a new version.

12.3. The current version is publicly available at https://dognature.ca/privacy.