top of page

PRIVACY POLICY

Last Updated: November 25, 2024

​

​

1. INTRODUCTION

​

This Privacy Policy (“Policy”) describes how Rest Easy Custom (“we,” “us,” “our,” or the “Company”), located at 191 25 Street NE, Salmon Arm, BC Canada, V1E 2A8, collects, uses, stores, protects, and discloses personal information obtained from users (“you,” “your,” or “User”) of our services and website (collectively, the “Services”).

​

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this Policy, please discontinue use of our Services immediately.

​

2. SCOPE AND CONSENT

​

2.1. This Privacy Policy applies to all personal information collected through our Services, whether you are located in Canada, the United States, or elsewhere. By using our Services, you expressly consent to the collection, use, disclosure, and retention of your personal information in accordance with this Policy and applicable laws.

​

2.2. If you are accessing our Services from the European Economic Area (EEA), additional rights and obligations may apply, as detailed in Section 12 of this Policy.

​

3. INFORMATION WE COLLECT

​

3.1. Personal Information

​

We collect the following categories of personal information:

​

a)  Contact Information:

​

  • Name

  • Email address

  • Postal address

  • Phone number

  • Other contact details you provide

​

b)   Technical and Usage Data:

​

  • IP address

  • Browser type and version

  • Operating system

  • Device information

  • Geographic location

  • Time zone setting

  • Browser plug-in types and versions

  • Pages visited

  • Access times and dates

  • Page interaction information

  • Referring website addresses

​

c)   Cookie and Tracking Data:

As detailed in Section 4 below.

3.2. Collection Methods

We collect information through:

​

  • Direct user input

  • Automated technologies

  • Third-party sources

  • Public sources

  • Customer service interactions

​

4. COOKIES AND TRACKING TECHNOLOGIES

​

4.1. Cookie Types and Purposes

a)   Essential Cookies:

  • Purpose: Website functionality, security, fraud detection

  • Duration: Session to 2 years

  • Type: First-party

  • Opt-out Available: No

b)   Performance Cookies:

  • Purpose: Analytics, performance monitoring

  • Duration: Up to 2 years

  • Type: First and third-party

  • Opt-out Available: Yes

c)   Tracking Cookies:

  • Purpose: Error monitoring, session tracking

  • Duration: Session to 1 year

  • Type: First and third-party

  • Opt-out Available: Yes

​

4.2. Additional Tracking Technologies

We employ the following tracking technologies:

a)   Web Beacons:

  • Purpose: Email engagement tracking, webpage loading verification

  • Data Collected: Page views, email opens

  • Duration: Permanent

  • Opt-out Available: Yes

b)   Pixels:

  • Purpose: Conversion tracking, audience targeting

  • Data Collected: User behavior, conversion events

  • Duration: Up to 180 days

  • Opt-out Available: Yes

c)   Local Storage:

  • Purpose: User preferences, settings retention

  • Data Collected: User preferences

  • Duration: Until cleared

  • Opt-out Available: Yes

d)   Session Storage:

  • Purpose: Temporary data storage

  • Data Collected: Session state

  • Duration: Session only

  • Opt-out Available: No

​

5. USE OF PERSONAL INFORMATION

​

5.1. Primary Purposes

We use collected personal information for the following purposes:

a)   Service Provision:

  • Account creation and management

  • Service delivery and customization

  • Transaction processing

  • Customer support

  • Communication regarding service updates

b)   Security and Fraud Prevention:

  • Identity verification

  • Fraud detection and prevention

  • System and data security

  • Legal compliance

  • Audit requirements

c)   Service Improvement:

  • Analytics and statistical analysis

  • Product development

  • User experience enhancement

  • Technical troubleshooting

  • Performance optimization

5.2. Secondary Purposes

With your explicit consent, we may use your information for:

  • Marketing communications

  • Product recommendations

  • Service personalization

  • Market research

  • Customer satisfaction surveys

​

6. DATA SHARING AND DISCLOSURE

​

6.1. Third-Party Service Providers

We share personal information with the following categories of service providers:

a)   Cloud Services and Infrastructure:

  • Amazon Web Services EMEA SARL (United States)

  • Amazon Web Services LLC (United States)

  • Google Ireland Ltd (Ireland)

  • Snowflake (United States)

b)   Content Delivery and Performance:

  • Fastly (United States)

  • New Relic (United States)

  • Confluent (United States)

c)    Communication Services:

  • SendGrid (United States)

  • Sparkpost (United States)

  • Twilio (United States)

d)   Security and Support:

  • Perimeter-X (United States)

  • Postmastery (Netherlands)

  • VoxPro - Telus International (Ireland, Guatemala, Philippines)

6.2. Data Transfer Safeguards

For international data transfers, we implement the following safeguards:

  • Standard Contractual Clauses (SCCs)

  • Data Processing Agreements (DPAs)

  • Privacy Shield certification (where applicable)

  • Appropriate technical and organizational measures

  • Regular security assessments

  • Contractual confidentiality obligations

6.3. Legal Requirements

We may disclose personal information if required:

  • By law or legal process

  • To protect our rights or property

  • To prevent fraud or abuse

  • To protect public safety

  • In response to government requests

When legally permitted, we will notify affected users of such disclosures.

​

7. DATA RETENTION AND DELETION

​

7.1. Retention Period

We retain personal information for:

  • Active accounts: Duration of account activity

  • Deleted accounts: 2 years following account deletion

  • Transaction records: As required by law

  • Security logs: Up to 2 years

  • Marketing data: Until consent withdrawal

7.2. Deletion Requests

a)   Process:

  • Submit request to resteasycustom@gmail.com

  • Verification of identity required

  • Confirmation email sent within 48 hours

  • Processing completed within 30 days

  • Final confirmation email sent

b)   Exceptions:

  • Legal requirements

  • Fraud prevention

  • Security purposes

  • Contract fulfillment

  • Technical limitations

​

8. DATA SECURITY

​

8.1. Security Infrastructure

We implement and maintain the following security measures:

a)   Physical Security:

  • Secure data centers with 24/7 monitoring

  • Access control systems

  • Environmental controls

  • Redundant power systems

  • Fire detection and suppression systems

b)   Technical Security:

  • TLS v1.2 or higher encryption

  • AES-256 data encryption at rest

  • Firewalls and intrusion detection

  • Regular vulnerability scanning

  • Penetration testing

  • Multi-factor authentication

  • Access logging and monitoring

c)   Organizational Security:

  • ISO 27001 and 27018 compliance

  • PCI Level 1 certification

  • Regular security audits

  • Employee background checks

  • Security awareness training

  • Incident response procedures

8.2. Data Backup and Recovery

We maintain comprehensive backup procedures including:

  • Real-time data replication

  • Daily incremental backups

  • Weekly full backups

  • Monthly archive backups

  • Regular recovery testing

  • Geographically distributed backup storage

​

9. CHILDREN’S PRIVACY

​

9.1. Age Restrictions

We do not knowingly collect or solicit personal information from children under 13 years of age. If you are under 13, please do not:

  • Attempt to register for our Services

  • Send any personal information to us

  • Use our Services

9.2. Age Verification

We implement the following age verification measures:

  • Age confirmation checkbox during registration

  • Account suspension upon discovery of underage users

  • Prompt deletion of underage user data

  • Parental notification when possible

  • Regular monitoring for potential underage users

9.3. Parental Rights

Parents or legal guardians may:

  • Review their child’s personal information

  • Request deletion of their child’s personal information

  • Prevent further collection or use of their child’s information

  • Direct any questions about children’s privacy to resteasycustom@gmail.com

​

10. POLICY UPDATES

​

10.1. Modification Process

We reserve the right to modify this Privacy Policy at any time, subject to the following conditions:

a)   Notice Requirements:

  • Email notification 30 days prior to changes

  • Website announcement

  • Updated “Last Modified” date

  • Summary of material changes

  • Comparison version available upon request

b)   Continued Access:

  • Archive of previous versions maintained

  • Access to historical versions upon request

  • Documentation of change justification

10.2. User Rights

Following notification of changes:

  • Right to review modifications

  • Option to accept or reject changes

  • Right to close account if changes are unacceptable

  • Continued use constitutes acceptance 

​

11. USER RIGHTS AND CHOICES

​

11.1. Access Rights

Users may request:

  • Confirmation of personal data processing

  • Access to personal data copies

  • Processing purposes

  • Categories of personal data

  • Recipients of personal data

  • Retention periods

  • Source of personal data

11.2. Control Rights

Users may exercise the following rights:

  • Data correction or completion

  • Data deletion

  • Processing restriction

  • Data portability

  • Processing objection

  • Automated decision-making objection

​

12. INTERNATIONAL DATA TRANSFERS

​

12.1. Transfer Mechanisms

For international data transfers, we employ the following mechanisms:

a)   Legal Bases:

  • Standard Contractual Clauses (SCCs)

  • Binding Corporate Rules (BCRs)

  • Adequacy decisions

  • Explicit consent

  • Contractual necessity

b)   Safeguard Implementation:

  • Data minimization principles

  • Encryption during transfer

  • Access controls

  • Regular compliance audits

  • Vendor assessment procedures

  • Documentation maintenance

12.2. Transfer Impact Assessments

We conduct and maintain:

  • Regular transfer impact assessments

  • Destination country evaluations

  • Risk mitigation measures

  • Alternative transfer method assessments

  • Documentation of necessity justification

  • Regular review and updates

​

13. CONTACT INFORMATION

​

13.1. Privacy Inquiries

For privacy-related matters, contact:

  • Email: resteasycustom@gmail.com

  • Address: 191 25 Street NE, Salmon Arm, BC Canada, V1E 2A8

  • Response Time: Within 48 hours

13.2. Complaint Resolution

For unresolved privacy concerns:

  • Internal escalation procedures

  • Alternative dispute resolution

  • Regulatory authority referral

  • Legal remedies preservation

​

14. DEFINITIONS

​

14.1. For the purposes of this Privacy Policy:

“Personal Information” means any information relating to an identified or identifiable natural person.

“Processing” means any operation performed on personal information, whether or not by automated means.

“Service Providers” means third-party entities that process personal information on our behalf.

“User” means any individual who accesses or uses our Services.

“Website” means all web pages, materials, and services operated by Rest Easy Custom.

​

15. SEVERABILITY

​

If any provision of this Privacy Policy, or any portion thereof, is held to be invalid, illegal, void, or unenforceable by any court or tribunal of competent jurisdiction, the remainder of this Privacy Policy shall remain in full force and effect to the maximum extent permitted by law. The parties agree that any such invalid, illegal, void, or unenforceable provision shall be modified and limited in its effect to the extent necessary to cause it to be enforceable, or if such modification is not possible, shall be deemed severed from this Privacy Policy. In such event, we shall amend the Privacy Policy to reflect such modification while preserving the intent of these provisions. The invalidity or unenforceability of any provision in one jurisdiction shall not affect the validity or enforceability of such provision in any other jurisdiction.

​

16. GOVERNING LAW

​

This Privacy Policy shall be governed by and construed in accordance with the laws of the Province of British Columbia and the federal laws of Canada applicable therein, without giving effect to any principles of conflicts of law. Any dispute arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of British Columbia.

bottom of page