Privacy policy

Commitment to Privacy

The appropriate collection and use of guest’s personal and basic health information is fundamental. We strive to protect the privacy and the confidentiality of this information. Every employee and contractor of Novo Spa must abide by our commitment to privacy in the handling of guests’ information.
According to that and adhering to the Personal Information Protection and Electronic Documents Act (“PIPEDA”), Novo Spa has developed this Privacy Policy.

Accountability

We take our commitment to securing guests privacy very seriously. Our employees and contractors are informed about the importance of privacy and receive information periodically to update them about our Privacy Policy.
Novo Spa has appointed its Spa Manager as the Privacy Officer responsible to ensure compliance with the requirements of PIPEDA. Any questions regarding this Privacy Policy or concerns with respect to Novo Spa compliance with the requirements of PIPEDA, should be addressed to our Privacy Officer at:

Novo Spa
Attn Privacy Officer
66 Avenue Road
Toronto ON M5R3N8
416-926-9303
info@novospa.ca

Purpose of Collecting Personal Information

Novo Spa Website

If guests buy spa treatments or products directly from Novo Spa website, guests are required to provide account information (guest name, address, email, telephone) and credit card information. All information is encrypted through a SSL.
A SSL (Secure Sockets Layer) certificate authenticates the website to make sure it is who it says it is and then encrypts any information sent from the website.
Novo Spa uses Moneris Canada s credit card gateway (Online Payment Processing third party). Moneris Canada takes seriously and prides itself on its continual efforts to maintain compliance with the payments industry’s highest security standards and programs.
Third party information is also collected when a guest provides us with the name and email address of the recipient of a gift certificate / card or product.

Personal and Basic Health Information Gathered in the Health History Form (HHF). Consent Forms

The guests of Novo Spa for their first appointment are requested to fill-out a HHF in which they provide some personal information (name, occupation, address, phone number, day of birth, etc) as well as some basic health information (allergies, current medications, health problems). Guests are asked to update their forms yearly, in case some of the information contained in the HHF has changed.
The information requested in the HHF will assist Novo Spa in providing aesthetic and / or massage treatments safely to our guests.
The information we request to our guests is used for the purpose defined.
HHF are read and analyzed by the Estheticians and/or Register Massage Therapists (RMTs) before any treatment.
We retain HHF for the time it is required by law.

Guest Information

Novo Spa Spa does not disclose its guest information to any third party. We do not provide our guest’s emails or phone numbers to other companies offering similar or different services nor to suppliers of products and services related to our or other type of businesses.

We collect our guest’s information (Client Information) with the sole purpose of open an account, verify creditworthiness, perform a payment transaction, and identify guest preferences and internal statistical purposes. Should the guest agree, we might inform her/him about the services we provide and information relating to special offers we may have available from time to time (normally once a month). At any time the guests, either via phone or email, may decide not to continue receiving such type of information.

Limiting Collection

Novo Spa will limit the collection to the purposes expressly set out above. If this information is used for statistical purposes it will be done so in a way that the aggregate data contains no references to individual guest.

Limiting Use, Disclosure and Retention

Guest information shall not be used or disclosed for any purposes other than those for which it is collected. However, as we may be required by law to provide certain information in a court issues, a subpoena or summons, or where there is an investigation by a regulatory body, for example. In those events we will ask for the express consent of the guest involved.

Safeguards: Protecting Your Information

Novo Spa takes all reasonable precautions to ensure that guest’s information is kept safe from loss, unauthorized access, modification or disclosure both online and offline. Among the steps taken to protect guest’s information are: deploying technological safeguards like security software and data encryption, firewalls to prevent hacking or unauthorized computer access, restricted file access to personal information and premises security.
Information is kept in a combination of paper and electronic files.
Paper HHFs and Consents are scanned and kept electronically; daily back ups are done. The system is password protected.
Scanned paper forms are kept locked at the Manager’s office, until its destruction (using a paper shredding machine) every 6 months. Record of destruction is kept in a binder in the Manager’s office.
The Spa Coordinators, Estheticians and/or the RMTs have access to the forms through their own assigned password. The system maintains a record of who has done what in the system.

Openness/Individual Access

Within the limitations specified in PIPEDA, the guest has the right to access her/his personal information at any time. For that purpose you may contact the Spa Manager at:

Novo Spa
Attn Privacy Officer
66 Avenue Road
Toronto ON M5R3N8
416-926-9303
info@novospa.ca

All requests for personal information will be responded as soon as reasonable, but no later than 30 days from the date the written request is received by Novo Spa. Novo Spa reserves the right to require that the individual requesting such personal information provides appropriate documentation (for example a driver’s license or passport) to confirm her/his identity prior release of any personal information. .

Challenging Compliance

Any questions or concerns about this Privacy Policy, or about compliance with PIPEDA, should be addressed to our Privacy Officer (see above under the heading “Accountability”). No satisfactory responses, may be addressed to the Privacy Commissioner of Canada at:
112 Kent Street
Ottawa, Ontario
K1A 1H3
Tel: 1-800-282-1376.

Applicability of This Privacy Policy

Novo Spa Privacy Policy applies to of all our guests’ information that is in our possession and control.

Our Privacy Policy reflects our compliance with fair information practices, applicable laws and standards of practice.

Changes to Our Privacy Policy

Novo Spa reserves the right to modify this Privacy Policy at any time, so please review it frequently. If we make material changes to this policy we will attempt to notify our guests by placing the information on our website, at our check-in desk and other places we deem appropriate so guests are aware of what information we collect, how we use it, and under what circumstances we disclose it.