ABOUT US MEMBERSHIPS CLUB LIFE THE CARS
VENUE NEWS MEDIA CONTACT US LOGIN

Book a Tour!

HOME ABOUT US MEMBERSHIPS CLUB LIFE THE CARS VENUE NEWS MEDIA CONTACT US

Sign In



LOGIN

Book a Tour

Privacy Policy

TWENTY7 WHOLESALE CANADA LTD.
CUSTOMER PRIVACY POLICY

JANUARY 1, 2017

This Privacy Policy explains our privacy practices for customer information we collect, use or disclose, including at the Twenty7 club and through our websites (including through Twenty7.ca and other Internet sites, mobile apps, and social media sites, which we will refer to collectively as “Sites”), as well as our customer service interactions with you.

In this Privacy Policy, the terms “Twenty7,” “we” and “our”refer to Twenty7 Ltd. and all of its subsidiaries with respect to its operations in Canada, unless otherwise indicated. Personal information that you provide when you visit non-Canadian Twenty7 websites are governed by the privacy policies that are posted on those websites.

This Privacy Policy is incorporated into the Terms and Conditions of Use for our Sites and into the terms applicable to Twenty7 members and persons applying for Twenty7 membership. By using our Sites, by applying for membership, or by using a membership, you are consenting to this Privacy Policy.

1. Twenty7’s Commitment to Privacy

Twenty7 is committed to protecting the privacy of its customers. We have and will take measures that protect the privacy of personal information and personal health information held by us. This Privacy Policy provides you with details regarding:

• why we collect personal information;

• what we do with that information;

• what steps we take to ensure that the information is secure;

• who you should contact if you have questions or concerns about our policies or practices.

Since we regularly review our policies and practices, your comments are always welcome. We reserve the right to change this Privacy Policy at any time; however, any changes or additions to Section 5 regarding the reasons we use personal information will not apply to you unless you consent to them. We will alert you that changes have been made by indicating at the top of the Privacy Policy the date that it was last updated. We encourage you to review our Privacy Policy carefully to make sure that you understand how information that you provide will be used or disclosed.

2. What is personal information?

In general terms, personal information means any information about an identifiable individual. For example, this includes your name, postal and email address, telephone number, credit card number, the photograph included on your Twenty7 membership card, demographic information and purchasing history.

Personal information does not include aggregate information, such as data about a group or category of products, services or customers, from which individual customer identities have been removed. For example, information about how you use a service may be collected and combined with information about how others use the same service, but no personal information will be included in the resulting data. Likewise, information about the products you purchase may be collected and combined with information about the products purchased by others.

We may also gather aggregate information about how Twenty7 customers use our Sites. Aggregate information about product purchases helps us understand trends and customer needs, and assists us in product selection, product ordering and sizing, and the introduction of new products and services. It can also assist us in determining where it would be appropriate to build new warehouses by looking at the geographic location of members or to build new Site functions by looking at anonymized browsing activities.

We may automatically collect some information when you visit our Sites, such as your computer’s network address and operating system, the site from which you linked to us, and the time and date of your visit and purchases. This information is not linked by us to personal information, but rather is only used to compile aggregate information. This information may be collected through the use of cookies (see our “Online privacy practices” in Section 12 below).

3. When we collect personal information

We only collect such personal information as is strictly necessary for the purposes outlined in Section 5. We collect personal information when you:

• apply for membership (including information about your credit history that may be collected, used, or disclosed if you choose to pay by cheque);

• renew your membership;

• contact us with questions, inquiries, comments, complaints or requests;

• sign up for certain products and services (such as the Twenty7 Services program and other business and consumer services, collectively known as the “Twenty7 Services”);

• use our Sites;

• participate in any of our programs;

• place orders, make purchases, return or exchange items, or seek further information about our products and services;

• place orders or make purchases, return or exchange items, or seek further information through our affiliated companies, including Twenty7 Ltd (Twenty7 and its affiliates are referred to collectively as the “Twenty7 Affiliates”);

• enter into a contest or sweepstakes or respond to one of our surveys; and

• ask us to place you on a “Do Not Email” list so that we can ensure that your wishes are respected.

Please note that Twenty7 Services may be provided by third-party suppliers. We collect from such third-party suppliers a list of our customers who have signed up for Twenty7 Services and information about the use our customers make of such Twenty7 Services (for example, frequency of use and customer feedback).

We may also take video footage on our properties to protect the rights, property or safety of Twenty7, its customers, employees, or the public.

4. How we use personal information

As part of our business operations, we hold and use certain personal information pertaining to you inorder to process your requests, provide you with Twenty7 Services, and to understand your needs so that we can serve you better.

Specifically, we may use personal information for the following purposes:

• Notifying you of recalls or safety issues;

• Approving you as a member when you apply for membership;

• Managing the provision of goods, services and privileges to you, including monitoring your membership, processing exchanges or returns, to conduct a credit check if you choose to pay by cheque, to determine your credit status and for fraud detection and identification purposes;

• Managing invoicing, accounting and information security services related to our transactions with you;

• Monitoring your satisfaction with our programs, including the Executive Membership program, the services offered by our suppliers of Twenty7 Services and contacting you regarding the status of such programs and services (for example, to inform you of changes to or the termination of particular Twenty7 Services);

• Protecting against harm to the rights, property or safety of Twenty7, its customers, employees, or the public;

• Internal management purposes, including planning, resource allocation, policy development, quality improvement, monitoring, audit, evaluation and reporting;

• As described in our “Online privacy practices” in Section 12 below;

• Managing our “Do Not Email” lists; and

• Using personal information to create aggregate information as described above in Section 2.

If you ask us to, we will also tell you about news, promotions, special offers and other information from Twenty7, regarding Twenty7, Twenty7 Affiliates and selected partners, such as our promotional programs. You may unsubscribe from these kinds of messages at any time by visiting Twenty7.ca and setting your Communication Preferences.

5. When we share personal information

Personal information we collect in accordance with this Privacy Policy may be shared with the Twenty7 Affiliates, for the purposes listed above, provided that such shared information is required for and is used and disclosed for such purposes only. Personal information may also be disclosed to unaffiliated third parties in connection with the sale, assignment or other transfer of our business, in which case we will require such third parties to adhere to the terms of this Privacy Policy. We will also disclose personal information in accordance with Section 12 below when the information is collected online at our Sites.

From time to time we engage unaffiliated third parties and their affiliates, agents and subcontractors (“Service Providers”) to perform certain technological or administrative services. For example, a Service Provider may be asked to perform credit card processing services, administer a contest or be asked to run a computer program that identifies which of our members purchased a particular product so we can notify those members of special programs regarding the same or similar products. We also may use a Service Provider to host and administer one or more of our Sites, process and store data, and fulfill similar technology-related functions on our behalf. In these circumstances, the personal information that the Service Provider receives is limited to only the personal information held by us that they need in order to render their service to us. The companies that are provided with the personal information are first required to sign an agreement that obligates them to keep the information confidential and secure and prohibits them from using it for unauthorized purposes.

We have engaged Service Providers to provide us with cloud computing services. Cloud computing is the provision of network-based services, located on remote computers, that allow individuals and businesses to use software and hardware operated by third parties. Examples of these services include online file storage, webmail and online business applications. Service Providers have policies and processes in place to ensure that the confidentiality of information in their care is properly safeguarded at all times. As of the date of this policy, our cloud computing Service Provider processes and stores information in the United States and Canada. This may change from time to time.

You acknowledge that if Service Providers provide services from other countries (such as the ones named above), your personal information may be processed and stored in these countries and the governments, courts or law enforcement or regulatory agencies of these jurisdictions may be able to obtain disclosure of your personal information through a lawful order.

As outlined above, Twenty7 Services (such as the Executive Membership program, and other business and consumer services) may be provided by Service Providers. When you sign up for Twenty7 Services, we will share your name, membership status, membership number and type and such other personal information as is necessary with the Service Provider so they can confirm your eligibility for the Twenty7 Service you requested. Service Providers who are suppliers of Twenty7 Services can only use the personal information that we share with them to provide the Twenty7 Services or, if you have consented, to notify you of their offerings and to evaluate new and existing products, offerings or services. We are not responsible for any additional information you provide directly to these Service Providers, and we encourage you to become familiar with their privacy and security practices and policies before disclosing information to them.

We may disclose personal information without your knowledge or consent if a law, regulation, search warrant, subpoena or court order legally authorizes us or requires us to do so. We may also disclose personal information to protect the rights, property or personal safety of Twenty7, its customers, employees or other members of the public.

Except as set out above, we do not sell, rent, share or disclose the personal information or personal health information we hold or make our membership list available to others for a fee without your consent.

6. How long do we hold personal information?

Personal information is retained only for so long as is necessary for the purposes set out above. When no longer required, we will destroy, erase or de-personalize the personal information and personal health information. Legal requirements may necessitate our retaining some or all of the personal information we hold for a period of time that is longer than we might otherwise hold it. However, Twenty7 will restrict access to such information to prevent it from being used except for the fulfillment of these legal requirements.

7. Accuracy

To ensure that the personal information you provided is accurate, complete and up-to- date, we urge you to provide us with updates regarding such information and to inform us of any errors affecting the personal information we hold. You may update, review or correct your Twenty7.ca online account information at any time by accessing your password-protected registration page via the “My Account” area of the Sites. To update any other information, please visit the Membership Counter in our club with your membership card to confirm your identity.

8. Security measures

We will continue to keep in place security measures in an effort to protect personal information held by us from unauthorized use, access, disclosure, distribution, loss or alteration. We employ physical, administrative, contractual and technological safeguards to protect personal information, and insist that our Service Providers do the same. We will continue to keep in place security measures in an effort to protect personal information and personal health information held by us from unauthorized use, access, disclosure, distribution, loss or alteration. We employ physical, administrative, contractual and technological safeguards to protect personal information, and insist that our Service Providers do the same. Please be aware though that, despite these efforts, no security measures are perfect and no systems are impenetrable. Your privacy can be enhanced by taking care to use suitably strong passwords that others cannot guess, that are kept safe by you, and that are not re-used on other sites.

Taking steps like avoiding dictionary words or proper names, and adding extra character and punctuation marks can also help protect you. If you believe your password has been compromised, you should change it immediately.

Access to personal information will be restricted to authorized personnel who require the information in order to perform their duties properly. In addition, access will be limited to only that information that is strictly necessary for the performance of those duties. Please also see our “Online privacy practices” in Section 12 below.

We periodically update our policies regarding information security measures in an effort to protect the personal information and personal health information held by us in the most effective manner possible.

9. Accessing personal information

Our customers are entitled to access the personal information held by us concerning them. In recognition of the importance we attach to each customer’s personal information, you can only access personal information we hold about you, but not personal information about your spouse or others who may have been issued a membership card on your account. Under limited circumstances, we may give you access to personal information that we hold about others, but only if required or permitted by law (for example, a parent or guardian may, in certain instances, be given access to the personal information of a child or a person who requires a substitute decision maker).

You can access your personal information by showing your membership card at the Membership Counter to confirm your identity and completing a written request for such information on a form we provide. We will generally respond to your request for information within thirty (30) days, unless, for reasons beyond our control, a longer response time is necessary, in which case you will be advised accordingly. While our response will generally be provided at no cost, you will be informed in advance of any charges that apply in connection with the information request. Charges may relate to the transcription, reproduction or transmission of personal information held by us.

In very limited circumstances, we may not be able to supply personal information for reasons of a legal nature, including privileged communications between professional and client or a pending judicial proceeding. In each case, we will provide written reasons outlining why your request for access has not been granted.

10. Online privacy practices

Collection: We may collect personal information online when you visit our Sites as described in Sections 4 and 7.

In addition, we may collect cookie and Web beacon information when you browse the Sites. Cookies are small files that are stored on your computer, and Web beacons are electronic images that allow us to count visitors visiting certain Web pages, to access cookies, and to analyze whether advertising banners on our site or other sites were effective. At Twenty7.ca, we may use cookies and beacons to help optimize your shopping experience, to evaluate use of the Sites, and to support Site analytics and marketing campaigns. In doing so, we may collect technical information such as your IP address, your browser type, the addresses of referring Sites, and your path through the Sites.

Cookies help us to customize our home page for you and to better display pages according to your browser type. While cookies are optional for browsing Twenty7.ca, they are required for registering, logging on, purchasing or adding items to your cart. If you wish to purchase items or set up an account on Twenty7.ca, you will need to accept a Twenty7.ca cookie. (In order to control the ability of website providers to place cookies on your computer, you should consult your browser’s “Options” and “Help” pages to learn how to adjust your settings to suit your privacy preferences.)

Use: We use personal information and personal health information collected online as described in Sections 5 and 7 above. In addition, we use personal information and personal health information:

• to facilitate and monitor certain features of the Sites that you choose to interact with, such as online forums, feeds and chatrooms;

• to respond to your questions and concerns and to understand your needs and preferences;

• to conduct surveys and other research;

• to provide you with customized Site content and advertising;

• to fulfill your online orders for products and services and to facilitate product deliveries, pickups and returns;

• to detect, prevent, or otherwise address fraud, security or technical issues; or

• to protect against harm to the rights, property or safety of Twenty7, its users or the public as required or permitted by law.

Sharing: We share personal information collected online as described in Sections 6 and 7 above. In addition, we may provide Service Providers with certain information that is necessary to fulfill an order you have placed with us. For example, if you request shipment for a purchase, we may provide your address to the shipping carrier and customs Service Provider, and if you pay by credit or debit card, your card number and sales transaction information are passed to the card processor and/or issuer (including their service providers such as fraud verification services). We also may use Service Providers to host and administer the Sites, process and store data, and fulfill other technology related functions on our behalf. However, we only give or permit access to vendors, suppliers and other Service Providers involved in Site administration and the commerce distribution chain the limited information needed to perform their duties and provide you with the products and services you order. We are not responsible for any additional information you provide directly to these parties.

Protection: Personal information we collect on our Sites is stored electronically, and may be combined with other off-line information. Personal information entered on our Sites is encrypted using a security protocol called SSL (Secure Sockets Layer). SSL encrypts information entered on our site before it is sent over the Internet. SSL also allows you to view securely your online account and registration information. Account information is accessible online only through the use of a password. To protect the confidentiality of personal information, you must keep your password confidential and not disclose it to any other person. You are responsible for all uses of our Sites by any person using your password. You are advised that, unlike communication within our Sites, we have no control over the privacy of your email communications with us while in transit. We recommend that you do not include confidential, proprietary, personal or personal health information in emails, including credit card numbers, passwords, prescriptions and other similar information. Also, if other people have access to your email account, they may be able to access your password and obtain personal information about you (such as your credit card information), or change information about your user profile. You should not use an email account operated by your employer because many employers have the legal right to access such email accounts. Please advise us immediately by email or phone if you believe your password has been misused.

Online links to other sites: Through links provided on our Sites, you can link to other sites of third parties who have agreed to offer goods and services to our members. Any personal information you provide on the linked pages is provided directly to that third party and is subject to that third partys’ privacy policy. Except as described above, we are not responsible for the content or privacy and security practices and policies of sites to which we provide links. Links from our Sites to third parties or to other sites are provided for your convenience. We encourage you to learn about their privacy and security practices and policies before providing them with personal information.

11. Complaint process

If you are not completely satisfied with or wish to submit comments concerning this Privacy Policy or its application by us, we invite you to convey your concerns or suggestions to Twenty7 Ltd 6380 Northwest Drive Attention: Privacy Officer. We will reply as quickly as possible and inform you of the steps, if any, that have been or will be taken in order to address the concern or implement the suggestion. You can also file a complaint with the Privacy Commissioner in the province in which you reside or with the Office of the Privacy Commissioner in Ottawa.

12. Choice

If you previously consented to the sharing of the personal information you provided or are a Business Member and you do not want us to disclose information about your purchases, you can change your mind by sending us an email.

If you wish to unsubscribe from electronic messages providing news, promotions, special offers and other information from Twenty7, regarding Twenty7, Twenty7 Affiliates and selected partners, such as our promotional programs, you may do so at any time by visiting Twenty7.ca and setting your Communication Preferences.