Emerald Massage Clinic & Spa Inc.
← Back to site
Emerald Massage Clinic & Spa Inc. (“Emerald,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, protect, and retain your personal information—including sensitive health information—in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL), and applicable Ontario law.
1. Who we are
Emerald Massage Clinic & Spa Inc. is a massage, spa, and wellness clinic in Ontario, Canada. We are responsible for the personal information in our custody and control. Our Privacy Officer can be reached using the contact details in section 15.
2. What personal information we collect
We only collect what we need to serve you safely and run our clinic:
- Contact details: your name, phone number, and email address.
- Appointment details: the service you choose, preferred date and time, preferred provider, your preferred contact method, whether it is your first visit, and any notes you provide.
- Health information (sensitive): information you give on our intake/health form—such as relevant conditions, injuries, allergies, medications, pregnancy, pressure preferences, and areas of focus.
- Messages: the content of messages you send us through the website or by email.
- Newsletter email: your email address, if you choose to subscribe.
- Limited technical data: basic information needed to keep the site secure (for example, to rate-limit abuse). We do not use advertising or third-party tracking technologies.
3. Why we collect it
- To receive, confirm, schedule, reschedule, and manage your appointments.
- To provide your treatment safely and tailor it to your needs.
- To send you appointment confirmations and reminders.
- To respond to your questions and messages.
- To issue receipts and keep business and financial records as required by law.
- To send you news and promotions only if you have opted in (see section 8).
- To protect the security and integrity of our website.
4. Consent
By providing your information and requesting services, you consent to our collecting, using, and disclosing it for the purposes described above. For sensitive health information and for marketing emails, we rely on your express consent. You may withdraw your consent at any time (subject to legal or contractual limits) by contacting us—see section 11.
5. Your health information
You are never required to share more than you are comfortable with; however, withholding relevant health information may affect our ability to treat you safely, and we may modify or decline a treatment as a result.
6. How we store & protect your information
- Your information is stored on our own secured systems, not sold to or warehoused by data brokers.
- The website is served over an encrypted connection (HTTPS).
- Access to personal and health information is restricted to authorized staff with role-based sign-in.
- We keep secure backups so your records are not lost, and those backups are not publicly accessible.
- While no method of storage is perfectly secure, we use reasonable safeguards appropriate to the sensitivity of the information.
7. Sharing & disclosure
We do not sell, rent, or trade your personal information. We may disclose information only:
- to trusted service providers who help us operate (for example, our website host or email-delivery provider), and only as needed to provide their service;
- when required or permitted by law (for example, a valid legal request); or
- with your consent.
8. Email & anti-spam (CASL)
Our newsletter is opt-in. Every marketing email we send includes our business name and mailing address and a one-click unsubscribe link, as required by Canada’s Anti-Spam Legislation. If you unsubscribe, we stop sending marketing emails promptly. We may still send you essential, non-marketing messages related to a specific appointment (such as a confirmation or reminder).
9. Cookies & tracking
The public website does not use advertising cookies or third-party tracking. We use a single secure session cookie only for staff to sign in to the private admin area. We do not build advertising profiles about you.
10. How long we keep your information
We keep your information only as long as needed for the purposes above or as required by law. Business and financial records (such as appointment and receipt records) are generally retained for the period required by the Canada Revenue Agency (typically about six to seven years). Health records are retained as required by applicable professional and legal requirements. When information is no longer required, we securely delete or anonymize it.
11. Your rights
Subject to legal limits, you may:
- Access the personal information we hold about you;
- Correct information that is inaccurate or incomplete;
- Withdraw consent or unsubscribe from marketing at any time;
- Request deletion of your information where we are not legally required to keep it.
To make a request, contact us using section 15. We will respond within a reasonable time and may need to verify your identity first.
12. Data breaches
If a breach of security safeguards creates a real risk of significant harm to you, we will notify you and the Office of the Privacy Commissioner of Canada, and keep records of the breach, as required by PIPEDA.
13. Concerns & complaints
If you have a privacy concern, please contact our Privacy Officer first—we want to make it right. If you are not satisfied, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca or 1-800-282-1376.
14. Changes to this policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top shows the current version. Material changes will be posted on this page.
15. Contact us
To ask a question, make a privacy request, or reach our Privacy Officer:
- Emerald Massage Clinic & Spa Inc. — Privacy Officer
- Unit 15 - 398 Steeles Ave West, Thornhill, ON L4J 6X3, Canada
- Phone: 647-706-6977
- Email: [email protected]
Your privacy matters to us. We collect only what we need, protect it carefully, and never sell it.