Sham Vegan Restaurant is committed to maintaining the security, confidentiality and privacy of your personal information.
Scope of policy
This Policy applies to our collection, use and disclosure of your personal information in connection with our website and services. This Policy does not impose any limits on our collection, use or disclosure of the following information:
• business contact information; and
• certain publicly available information.
We have designated a Privacy Officer who is responsible for our compliance with this Policy. The Privacy Officer may be contacted as described below.
When collecting personal information, we will state the purpose of collection and will provide, on request, contact information for the Privacy Officer who can answer questions about the collection. We collect, use and disclose your personal information for the following purposes: to respond to or follow-up regarding any comments you submit to us to open an account if you wish to purchase or register an Sham Vegan gift card online or exchange an Sham Vegan paper gift certificate for a Sham Vegan gift card to authenticate your identity and process your payment through our third party payment processors to reinstate any remaining balance on lost or stolen Sham Vegan gift card that you registered with us to protect us, you and others from fraud and error and to safeguard our business interests to comply with legal and regulatory requirements You may instruct us to refrain from using or sharing your personal information in any or all of the four ways described above at any time by providing written notification to our Privacy Officer. We acknowledge that the sharing of your personal information in any or all of the four ways described above is at your option and we will not refuse you access to any product or service merely because you have advised us to stop using or sharing your personal information in any or all of the four ways shown. When your personal information is to be used for a purpose not previously identified, the new purpose will be disclosed to you prior to such use, and your consent will be sought unless the use is authorized or required by law.
Limits for using, disclosing and retaining personal information
Your personal information will only be used or disclosed for the purposes set out above and as authorized by law. We will keep personal information used to make a decision affecting you for at least one year after using it to make the decision, except to the extent that you delete or remove that information yourself. If you choose to end your membership with us, it is your responsibility to delete your information if you do not want us to retain it for this one-year period. We will destroy, erase or make anonymous documents or other records containing personal information as soon as it is reasonable to assume that the original purpose is no longer being served by retention of the information and retention is no longer necessary for a legal or business purpose. We will take due care when destroying personal information so as to prevent unauthorized access to the information.
We will make a reasonable effort to ensure that personal information we are using or disclosing is accurate and complete. If you demonstrate the inaccuracy or incompleteness of personal information, we will amend the information as required. If appropriate, we will send the amended information to third parties to whom the information has been disclosed. When a challenge regarding the accuracy of personal information is not resolved to your satisfaction, we will annotate the personal information under our control with a note that the correction was requested but not made.
Safeguarding personal information
We protect the personal information in our custody or control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks. We will take reasonable steps, through contractual or other reasonable means, to ensure that a comparable level of personal information protection is implemented by the suppliers and agents who assist in providing services to us. Some specific safeguards may include: physical measures such as locked filing cabinets; organizational measures such as restricting employee access to files and databases as appropriate; electronic measures such as passwords and firewalls; and investigative measures where we have reasonable grounds to believe that personal information is being inappropriately collected, used or disclosed. Note that confidentiality and security are not assured when information is transmitted through e-mail or other wireless communication. Please notify our Privacy Officer in writing if you do not want us to communicate with you through these means.
You have a right to access your personal information held by us. Upon written request and authentication of identity, we will provide you your personal information under our control. We will also give you information about the ways in which that information is being used and a description of the individuals and organizations to whom that information has been disclosed. We may charge you a reasonable fee for doing so. We will make the information available within 30 days of receiving a written request or provide written notice where additional time is required to fulfill the request. In some situations, we may not be able to provide access to certain personal information (e.g., if disclosure would reveal personal information about another individual, the personal information is protected by solicitor/client privilege, the information was collected for the purposes of an investigation or where disclosure of the information would reveal confidential commercial information that could harm the competitive position of us). We may also be prevented by law from providing access to certain personal information. Where an access request is refused, we will notify you in writing, document the reasons for refusal and outline further steps which are available to you.