CEFA Store Privacy Commitment
Protecting your personal data and privacy is a top priority at CEFA Early Learning. When you shop with us, you trust us with your information.
It is important to us to give you clear and transparent information about the personal data we collect, why it is needed, how it is used and your rights over it.
CEFA PERSONAL DATA HANDLING IN BRIEF
What information do we collect?
When you make a purchase, we collect details such as your name, address, and email. When you browse our store, we also receive your computer’s IP address to understand your browser and operating system. If you give consent, we may use your email to send updates about our store and new products.
How do you give consent?
By providing personal information to complete a purchase, arrange delivery, or process a return, you consent to us using it for that purpose. If we ask for your data for a secondary reason (such as marketing), we will ask directly or give you the option to say no.
How can you withdraw consent?
If you change your mind after opting in, you can withdraw consent at any time by contacting cefastore@cefa.ca.
Do we disclose your data?
We may disclose your information if required by law or if you violate our Terms of Service.
Where is your data stored?
Our store is hosted by Shopify Inc., which provides our e-commerce platform. Your data is stored on secure Shopify servers behind a firewall.
How is payment information handled?
If you pay using a direct gateway, Shopify stores your credit card data securely. It is encrypted and protected under PCI-DSS (Payment Card Industry Data Security Standard). Shopify and its providers follow these standards to ensure safe handling of payment data. Your purchase transaction information is only stored as long as necessary to complete the transaction. For more details, see Shopify’s Terms of Service or Shopify’s Privacy Policy.
Do third parties handle your data?
We share your information only with third-party providers who enable services like payment processing or shipping. These providers may have their own privacy policies and may process data in other jurisdictions. For example, if a transaction is handled in the U.S., your data may be subject to U.S. law (such as the Patriot Act).
What happens if I leave CEFA’s site?
When you click links on our store, you may be directed to third-party sites. Their privacy practices are not governed by CEFA. We recommend reviewing their policies.
Do we use analytics?
Yes. CEFA Store uses Google Analytics to understand site traffic and browsing behavior.
Security
We take precautions and follow industry best practices to protect your data. Payment details are encrypted using SSL and AES-256 encryption. While no method of internet transmission is 100% secure, we comply with PCI-DSS and accepted industry standards.
Cookies used on our site include:
_session_id: unique token, sessional; stores session details (referrer, landing page, etc.)
_shopify_visit: no data held, 30 minutes from last visit; used for internal stats
_shopify_uniq: no data held, expires midnight of the next day; counts visits by a single customer
cart: unique token, 2 weeks; stores cart contents
_secure_session_id: unique token, sessional
storefront_digest: unique token, indefinite; used to verify access if the shop has a password
PREF: set by Google Analytics, tracks site visitors and location, expires quickly.
Age of Consent
By using this site, you confirm you are at least the age of majority in your province, or that you have given consent for your dependents to use this site.
Changes to This Policy
We may update this Privacy Policy at any time. Changes take effect immediately upon posting. If CEFA Store is acquired or merged, your information may transfer to the new owners so we can continue serving you.
Your Rights & Contact Information
You may request access, correction, or deletion of your personal data at any time. To exercise your rights, register a complaint, or ask questions, contact us at cefastore@cefa.ca.