Privacy Policy

Celebrating 38 Years of Healthy Living

News & Events

May
22
Victoria Day

We are closed today. Enjoy the long weekend!

READ MORE

Apr
29
Go Sens Go!

Cheer on the Ottawa Senators & SAVE! Wear your favourite Sens jersey or t-shirt when you shop at both Rainbow F...

READ MORE

Apr
8
Local Day!

Join us for Local Day and enjoy free samples, meet local suppliers & SAVE 10% on Featured Demo products. 

READ MORE

Privacy Policy

Purpose

Rainbow Foods is committed to Personal Information Protection and Electronic Documents Act (PIPEDA) as made law on January 1, 2004, by the Federal Government of Canada.

Policy

Rainbow is committed to maintaining privacy with all customer information. We follow the Best Practice Code created for PIPEDA. This Code has been reviewed and accepted by the Canadian Standards Association.

1. Accountability:  Rainbow has a Privacy Officer to oversee all aspects of PIPEDA as it relates to Rainbow Foods.

a. Rainbow is committed to maintaining privacy and security with all customer information.

b. We regularly review our policies, practices and procedures related to the collection, use, disclosure, retentions and destruction of customer information.

c. We train those staff that handle personal information to follow our standards, policies and practices.

2. Collecting Personal Information

a. Unless the purpose of collecting personal information is obvious and the customer voluntarily provides his or her personal information for that purpose, we will communicate the purpose for which personal information is being collected, either orally or in writing, before or at the time of collection.

b. We will only collect customer information that is necessary in fulfilling purposes such as:

i. To enroll our customers in the Healthy Rewards Program

ii. To deliver requested products and services (such as special orders)

iii. To contact customers who have won prizes during promotional events

iv. To provide e-newsletters or other e-alerts

v. To identify customer preferences

vi. To understand engaging trends in our consumers buying habits

vii. To contact customers for marketing promotions

viii. To ensure a high standard of service to our customers is being met

ix. To meet any regulatory requirements

3. Consent

a. We will obtain the customers consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent).

b. Consent can be provided verbally, in writing, electronically and through authorized representative or it can be implied where the purpose for collecting, using or disclosing the personal information would be considered obvious and the customer voluntarily provides personal information for that purpose.

c. Consent may also be implied where a customer is given notice or notice is posted as in the case of video surveillance footage.

d. Subject to certain exceptions, (e.g. the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), customers can withhold or withdraw their consent for Rainbow to use their information in certain ways. A customers’ decision to withhold or withdraw their consent to certain uses of personal information may restrict our ability to provide a particular product or service. If so, we will explain the situation to assist the customer in making the decision that is in their best interest.

4. Using and Disclosing Personal Information

a. We will only use or disclose our customers’ personal information where necessary to fulfill the purposes identified at the time of collection or where implied consent is given.

b. We will not use or disclose our customers’ personal information for any additional purpose(s) unless we obtain consent to do so.

c. Rainbow will at times use third parties to help analyze consumer trends, preferences and demographics. We will ensure our third parties will have stringent privacy standards and that they will use the information we disclose only for the express purposes we define and we will  stipulate that the information is  returned or destroyed once the purpose if fulfilled.

d. At no time will Rainbow sell personal information to third parties.

5. Retaining Personal Information

a. Subject to Section 4, we will retain our customer’s personal information only as long as necessary to fulfill the identified purposes or for legal or business purposes.

b When the purpose is fulfilled, the information will be destroyed or rendered anonymous.


6. Ensuring Accuracy of Personal Information

a. We will make reasonable efforts to ensure that our customers’ information is accurate and complete.

b. Customers may request correction to their personal information in order to ensure its’ accuracy and completeness. A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought.

c. If the personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required.

7. Securing Personal Information

a. Rainbow is committed to ensuring the security of our customers’ personal information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal of similar risks.

b. The following security measures will be followed to ensure that our customers personal information is appropriately protected:

i. Passwords are required for any and all access to personal information.

ii. Other employees are restricted to accessing personal information as required (i.e. only those that need to know will have access)

iii. At no time does Rainbow sell customer lists or other personal information to Third Parties.

iv. When Rainbow hires third parties to execute specific functions, we will ensure any information provided is handled, returned and destroyed by the third parties as described in 4c.

c. We will use appropriate security measures when destroying our customers’ personal information, such as shredding documents with a professional shredding company, deleting electronically stored information and locking other information in a secured area.

8. Openness:

a. We will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security.

b. Customers can contact the Privacy Officer of Rainbow for questions or clarification on our privacy practices.

c. Rainbow welcomes questions, concerns, clarifications and complaints about our privacy practices. Details on challenges to compliance are described in point 10.

9. Providing  Customers Access to Personal Information

a. Customers have a right to access their personal information, subject to limited exceptions, such as in a solicitor-client privilege or when disclosure would reveal personal information about another individual or for health and safety.

b. A request to access personal information must be made in writing (hand written, typed or e-mail) and signed and provide sufficient detail to identify the personal information being sought. A request to access personal information should be forwarded to the Privacy Officer—Rainbow Foods. If the information has been retained by Rainbow under more than one name (as in the case of the Health Rewards Program where customers may use one account number for all family members) and all family members are listed on the account, then all family members must make the request.

c. Rainbow will respond to the request within 30 days receipt of the request. Depending on the request (e.g. purchase history) there may be a minimal fee. Rainbow will advise of any fees and wait for consent before fulfilling the request.

d. If we are unable to complete the request within 30 business days, we will provide written notice of an extension where additional time is required to fulfill the request.

e. If we must refuse the request we will provide written notice within 30 days. We would refuse a request if it compromised another’s privacy or if there were legal grounds to do so.

10. Challenging compliance


a. Rainbow welcomes questions, concerns, clarifications or complaints about our privacy practices. Our Customer Service staff are able to answer or direct your queries to the Privacy Officer of Rainbow Foods.

b. Questions can be made in person, by phone or by e-mail. Where written detail is required we can provide forms at the Customer Service Desk or it may be sent to you by e-mail.

c. If the Privacy Officer is unable to resolve the concern, the customer may also write to the Information and Privacy Commissioner of Canada and when applicable, the Information and Privacy Officer of Ontario.

Contact information for Rainbow Foods Privacy Officers is:

Sarah Kaplan, Owner
1487 Richmond Road
Ottawa, Ontario K2B 6R9
613-726-9200

Dorothy Wilson, Store Manager
1487 Richmond Road
Ottawa, Ontario K2B 6R9
613.726.9200

Any changes to this Privacy Statement and/or our information handling will be updated in this document in a timely manner. We may add, remove or modify portions of this document when we feel it is appropriate to do so.

2015 NEWSLETTER

View Newsletter >

Stay Informed

Sign up for a monthly email newsletter and let the healthy
news come to you! | Privacy Policy