At Salvatore, we take your privacy seriously. This policy explains how we collect, use, and protect your personal information when you interact with our food plating and presentation education programs. We're based in Montreal and operate under Canadian privacy laws, specifically complying with the Personal Information Protection and Electronic Documents Act (PIPEDA).
Look, privacy policies can be dense. We've tried to make this one straightforward. If something's unclear or you have questions about how we handle your data, just reach out. We're people who care about transparency.
1 Information We Collect
We collect different types of information depending on how you interact with us. Some of it you provide directly when enrolling in programs or contacting us. Other data gets collected automatically when you browse our website.
Personal Identifiers
Your name, email address, phone number, and mailing address. We need this to communicate with you about program enrollment, send materials, and process payments.
Program Information
Details about which courses you're interested in, your current skill level, dietary preferences (relevant for our culinary programs), and any special requirements you mention.
Payment Data
When you enroll, we collect billing information. Credit card details are processed through secure third-party payment processors—we don't store full card numbers on our servers.
Website Activity
IP address, browser type, pages visited, time spent on site, and referring URLs. This helps us understand how people use our site and where we can improve the experience.
Communication Records
Emails, chat messages, or phone call notes when you contact our team. We keep these to provide better support and track any issues you've raised.
Educational Progress
If you're enrolled in a program, we track your course progress, assignment submissions, and feedback from instructors. This helps us tailor the learning experience to your needs.
What We Don't Collect
We don't collect sensitive personal information unless absolutely necessary for program delivery. We don't track your location beyond what's revealed by your IP address. And we definitely don't sell your data to third parties for marketing purposes.
2 How We Use Your Information
Everything we collect serves a purpose. We're not gathering data just to have it—each piece helps us run better programs and provide better service.
- Processing your enrollment and managing your participation in our food plating courses
- Sending you course materials, schedules, and updates about programs you've signed up for
- Responding to your questions and providing customer support
- Improving our website functionality based on how visitors navigate and interact with content
- Sending occasional newsletters about new programs or culinary techniques (you can opt out anytime)
- Meeting legal requirements like tax documentation and business record-keeping
- Analyzing trends in enrollment and course completion to make our programs more effective
We base our data processing on several legal grounds under PIPEDA. Most often, it's because processing is necessary to fulfill our contract with you (delivering the education you signed up for). Sometimes it's based on your consent, like when you opt in to marketing emails. And in some cases, we have legitimate business interests that justify processing—improving our services, for example.
3 Sharing Your Information
We don't sell your personal information. Period. But we do share data with specific third parties who help us operate.
Payment Processors Companies like Stripe or PayPal process your payments securely. They receive the financial information necessary to complete transactions but are bound by their own strict privacy policies.
Email Service Providers We use email platforms to send course updates and newsletters. These providers have access to your email address and name but are contractually prohibited from using your data for their own purposes.
Cloud Storage Services Course materials and student records are stored on secure cloud servers. These providers maintain high security standards and don't access your data except for system maintenance.
Analytics Tools We use website analytics to understand visitor behavior. These tools collect anonymized data and help us improve site usability without revealing individual identities.
Legal Requirements If required by Canadian law or court order, we may disclose information to government authorities. This happens rarely, and only when legally obligated.
All third parties we work with are required to protect your information and use it only for the specific purposes we've outlined. We vet our partners carefully and ensure they meet Canadian privacy standards.
4 Your Privacy Rights
Under Canadian privacy law, you have significant control over your personal information. Here's what you can do:
Your Rights Under PIPEDA
-
Access Your Data: Request a copy of all personal information we hold about you. We'll provide this within 30 days in an accessible format.
-
Correct Inaccuracies: If any information we have is wrong or outdated, you can ask us to update it. We'll make corrections promptly and notify any third parties if necessary.
-
Withdraw Consent: For processing based on consent (like marketing emails), you can withdraw that consent anytime. Your access to educational programs won't be affected.
-
Request Deletion: Ask us to delete your personal information, subject to certain legal exceptions. We'll comply unless we're required to retain data for legal or regulatory reasons.
-
Object to Processing: Challenge how we use your data if you believe it's inappropriate or unnecessary. We'll review your concerns and adjust our practices if warranted.
-
Data Portability: Request your information in a structured, commonly used format so you can transfer it to another service provider if desired.
To exercise any of these rights, send an email to contact@sallvattore.top with "Privacy Request" in the subject line. Include your full name and the email address associated with your account. We'll verify your identity before processing the request and respond within 30 days. There's no fee for reasonable requests, though we may charge for excessive or repetitive inquiries.
Filing Complaints
If you're not satisfied with how we've handled your privacy concerns, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada. They're the federal authority overseeing PIPEDA compliance. We hope it doesn't come to that—we'd rather work things out directly—but you should know the option exists.
5 Data Security Measures
We take technical and organizational steps to protect your information from unauthorized access, loss, or misuse. Security isn't just a checkbox for us—it's an ongoing commitment.
Technical Safeguards
Our website uses SSL/TLS encryption to protect data in transit. Sensitive information stored on our servers is encrypted at rest. We use firewalls, intrusion detection systems, and regular security audits to identify and address vulnerabilities. Access to personal data is restricted to employees who need it for their roles, and all access is logged.
Organizational Practices
Staff members receive privacy and security training annually. We have clear policies about data handling, and everyone who works with personal information signs confidentiality agreements. Regular audits ensure we're following our own procedures. When we contract with third parties, we include strict data protection requirements in our agreements.
Incident Response
Despite our best efforts, no system is completely immune to breaches. If a security incident occurs that affects your personal information, we'll notify you within 72 hours and explain what happened, what data was involved, and what steps we're taking. We'll also report to the Privacy Commissioner as required by law.
6 Data Retention and Deletion
We don't keep your information indefinitely. Retention periods depend on the type of data and why we collected it.
|
Data Type
|
Retention Period
|
Reason
|
|
Enrollment Records
|
7 years after program completion
|
Tax and regulatory compliance requirements
|
|
Course Progress Data
|
3 years after completion
|
Providing alumni support and certificates
|
|
Marketing Communications
|
Until you unsubscribe
|
Ongoing consent to receive updates
|
|
Website Analytics
|
26 months
|
Standard practice for trend analysis
|
|
Support Inquiries
|
2 years after resolution
|
Quality improvement and issue tracking
|
|
Payment Information
|
7 years
|
Financial record-keeping and audits
|
After these periods, we securely delete or anonymize your data. Deletion means permanently removing information from our active systems and backups. Anonymization means stripping identifying details so the data can't be traced back to you. You can request earlier deletion, but we may need to retain certain records to meet legal obligations.
7 Cookies and Tracking Technologies
Our website uses cookies—small text files stored on your device—to improve functionality and understand how visitors use the site. Some cookies are essential for the site to work properly. Others help us analyze traffic or remember your preferences.
Types of Cookies We Use
-
Essential Cookies: Required for basic site functions like maintaining your session when you navigate between pages. These can't be disabled without breaking the site.
-
Analytics Cookies: Track how visitors interact with our site—which pages are most popular, where people drop off, and how long they spend reading content. This data is aggregated and anonymized.
-
Preference Cookies: Remember your choices, like language preferences or whether you've dismissed certain notices. These enhance your experience but aren't strictly necessary.
-
Marketing Cookies: Used if you've opted in to receive targeted information about programs that might interest you based on your browsing behavior. You can opt out anytime.
Most browsers let you control cookies through their settings. You can block all cookies, accept only certain types, or delete cookies after each session. Keep in mind that blocking essential cookies will affect site functionality. Our site doesn't use third-party advertising cookies or tracking pixels from social media platforms.
8 International Data Transfers
We're based in Canada, and we primarily store data on Canadian servers. However, some of our service providers operate internationally. When your data is transferred outside Canada, we ensure appropriate safeguards are in place.
For transfers to countries without adequate privacy protections (as determined by the Privacy Commissioner), we use standard contractual clauses or other approved mechanisms. These legal instruments require recipients to protect your data according to standards comparable to PIPEDA. You have the right to request details about where your data is stored and what safeguards apply.
9 Children's Privacy
Our programs are designed for adults, and we don't knowingly collect information from anyone under 16. If a parent or guardian believes we've inadvertently collected data from a minor, contact us immediately and we'll delete it promptly. For participants aged 16-18, we may require parental consent before enrollment depending on the program.
10 Changes to This Policy
Privacy practices evolve, and so does this policy. We review and update it at least annually or whenever we make significant changes to our data handling practices. When we make material changes, we'll notify you via email (if you've provided one) and post a notice on our website at least 30 days before the changes take effect.
The "Last Updated" date at the top of this policy shows when it was most recently revised. We encourage you to review this page periodically, especially before enrolling in a new program or providing additional personal information.
