hairtravel.ca

Legal

GDPR Compliance & Privacy Policy

Last updated: March 2026

1. Introduction

HairTravel.ca ("we," "our," or "us") is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR), the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), and other applicable data protection laws. This policy explains how we collect, use, store, and protect your personal information when you visit our website.

2. Data Controller

HairTravel.ca is operated from Canada and serves as the data controller for personal information collected through this website. For any privacy-related enquiries, please contact us at [email protected].

3. Information We Collect

We may collect the following types of personal information:

  • Contact Information: Name, email address, and phone number when you submit a contact form or request a quote.
  • Usage Data: Anonymous information about how you interact with our website, including pages visited, time spent on pages, and referring URLs. This data is collected through privacy-respecting analytics tools.
  • Device Information: Browser type, operating system, screen resolution, and IP address (anonymised where possible).
  • Communication Data: Any information you provide when contacting us directly via email or through our website forms.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you voluntarily submit your information through our contact forms or subscribe to communications.
  • Legitimate Interest: To improve our website, understand how visitors use our content, and provide relevant information about hair transplant options.
  • Legal Obligation: To comply with applicable laws and regulations.

5. How We Use Your Information

We use the information we collect to:

  • Respond to your enquiries and provide information about hair transplant clinics
  • Connect you with clinics you've expressed interest in (only with your explicit consent)
  • Improve our website content and user experience
  • Analyse website traffic and usage patterns (using anonymised data)
  • Comply with legal obligations

6. Data Sharing

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

  • With Clinics: If you request a quote or more information about a specific clinic, we may share your contact details with that clinic so they can respond to your enquiry. This is only done with your explicit consent.
  • Service Providers: We may use third-party services for website hosting, analytics, and email delivery. These providers are contractually obligated to protect your data.
  • Legal Requirements: We may disclose information if required by law or in response to valid legal processes.

7. Cookies and Tracking

Our website uses minimal cookies to ensure basic functionality and collect anonymous usage statistics. We do not use invasive tracking technologies or third-party advertising cookies. Our analytics are configured to respect "Do Not Track" browser settings and anonymise IP addresses.

Types of cookies we use:

  • Essential Cookies: Required for the website to function properly (e.g., session management).
  • Analytics Cookies: Help us understand how visitors interact with our website. These are privacy-respecting and do not track individuals across websites.

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to Erasure: You can request that we delete your personal data ("right to be forgotten").
  • Right to Restrict Processing: You can request that we limit how we use your data.
  • Right to Data Portability: You can request your data in a structured, commonly used, machine-readable format.
  • Right to Object: You can object to our processing of your data based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Your Rights Under PIPEDA (Canada)

As a Canadian-operated website, we also comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). Canadian visitors have the right to:

  • Know what personal information we hold about you
  • Challenge the accuracy and completeness of your information
  • Request that your information be amended or deleted
  • Withdraw consent for the collection, use, or disclosure of your information

10. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Contact form submissions are retained for up to 24 months unless you request earlier deletion. Anonymous analytics data may be retained indefinitely as it cannot be linked to individual users.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. This includes encryption of data in transit (HTTPS/TLS), secure hosting infrastructure, and regular security reviews.

12. International Data Transfers

As our website is hosted in North America and serves visitors globally, your data may be processed in countries outside your country of residence. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including standard contractual clauses or adequacy decisions as recognised by the European Commission.

13. Children's Privacy

Our website is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

14. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

15. Contact Us

If you have any questions about this privacy policy, your personal data, or wish to exercise your rights, please contact us at:

HairTravel.ca — Privacy Team

Email: [email protected]

Location: Ontario, Canada

Get My FREE Quote!