FootCare on Bay
Book an Appointment

Privacy Policy

Effective date: [September 20th, 2025]

FootCare on Bay (“FootCare on Bay,” “we,” “our,” or “us”) operates footcareonbay.com (the “Site”) and provides clinical foot care and related services at our Toronto location.

We are located in Ontario, Canada and handle personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, Ontario’s Personal Health Information Protection Act (PHIPA). Depending on where you reside, additional regional rights may apply, including Quebec Law 25, the EU and UK General Data Protection Regulation (GDPR), and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA).

Contact for privacy matters

  • Mailing address: FootCare on Bay, 905 Bay Street, Toronto, Ontario M5S 3L6, Canada

  • Email: general@footcareonbay.com

  • Phone: (416) 962-0062

1. Information we collect

  • Identifiers and contact details – name, email, phone, mailing address, IP address, device and cookie identifiers.

  • Appointment and service information – requested services, appointment history, notes needed to deliver care and operations.

  • Health information – information you provide in intake or consent forms related to foot health and related conditions. We collect only what is reasonably necessary for care, operations, and legal requirements under PHIPA.

  • Payment information – billing details needed to process payments through our processors. We do not store full card numbers on our systems.

  • Marketing and analytics data – cookie and pixel data, browsing activity on the Site, ad interactions, referrers, and approximate location.

  • User content – questions, messages, reviews, or feedback you submit.

2. Sources of information

  • Directly from you – forms, bookings, calls, emails, messages.

  • Automatically – via cookies, pixels, tags, SDKs, and similar technologies.

  • From service providers – analytics, advertising platforms, booking and payments, anti-fraud and security tools.

3. How we use information

  • Provide, schedule, and manage appointments and services.

  • Communicate with you and respond to requests.

  • Operate, secure, and improve the Site and our systems.

  • Personalize the Site and measure performance.

  • Send marketing communications where permitted by law. You can unsubscribe anytime.

  • Comply with legal, regulatory, and insurance obligations.

Google technologies and remarketing

We use GA4, Google Ads, and related tags for measurement and advertising, including remarketing that may show ads based on your visits. Google may use cookies or device identifiers. Manage Google ad settings at https://adssettings.google.com and see opt-out tools at https://youradchoices.ca and https://optout.networkadvertising.org.

Meta technologies

We use the Meta Pixel to measure conversions and reach relevant audiences on Meta platforms. See Meta’s controls at https://www.facebook.com/privacy/center/ and Ad Preferences.

Consent requirements

If you are in the EEA, UK, Switzerland, or Quebec, we request consent for non-essential cookies and personalized advertising where required. You can update your cookie and tracking choices via our cookie banner or preference center.

4. Legal bases

  • Canada – consent and other lawful bases under PIPEDA and PHIPA, including providing requested services, meeting legal obligations, and legitimate interests consistent with reasonable expectations.

  • Quebec Law 25 – where applicable, express consent for non-essential cookies and profiling. A designated privacy officer oversees compliance.

  • EEA/UK GDPR – where applicable, legal bases include consent, contract, legitimate interests, and legal obligations. We seek prior consent for non-essential cookies and personalized ads.

  • California CCPA/CPRA – we do not sell personal information. If we ever “share” personal information for cross-context behavioral advertising, we will provide a “Do Not Sell or Share My Personal Information” link and honor Global Privacy Control signals.

5. Cookies and tracking technologies

We use:

  • Strictly necessary cookies – core features, security, and network management.

  • Functional cookies – remember choices such as location and preferences.

  • Analytics cookies – understand how the Site is used.

  • Advertising cookies – deliver and measure ads.

You can control cookies through our banner, your browser settings, and the links above. Disabling cookies may affect some features.

6. Disclosures of information

We share information with:

  • Service providers – hosting, analytics, advertising platforms, booking and payment providers, communications and security vendors. They must protect your information and follow our instructions.

  • Professional advisors and insurers – as needed for operations and claims.

  • Authorities – when required by law or to protect rights, safety, and property.

  • Successors – in the event of a merger, acquisition, or asset transfer.

We do not allow service providers to use your personal information for their own marketing.

7. International transfers

Your information may be processed outside Ontario or Canada, including in the United States and the EEA. We use appropriate safeguards, such as contractual protections and technical measures.

8. Retention

We keep personal information only as long as needed for the purposes described or as required by law. Health records are retained in accordance with PHIPA and applicable professional guidance. When no longer required, we securely delete or anonymize data.

9. Security

We use administrative, technical, and physical safeguards, including encryption in transit, access controls, logging, vulnerability management, and staff training. No method is perfectly secure.

10. Your rights

Your rights vary by jurisdiction and may include the right to access, correct, delete, restrict, or object to processing, withdraw consent, and data portability. You can also lodge a complaint with your privacy authority.

  • Canada – Office of the Privacy Commissioner of Canada

  • Ontario – Information and Privacy Commissioner of Ontario

  • Quebec – Commission d’accès à l’information du Québec

  • EEA/UK – your local Data Protection Authority

  • California – rights to know, correct, delete, and limit use of sensitive information, and to opt out of sale or sharing

Requests: email general@footcareonbay.com. We may need to verify your identity.

11. CASL compliance

We send commercial electronic messages only with consent or as permitted. Unsubscribe using the link in our messages or contact us.

12. Children’s privacy

The Site is not directed to children under 13. We do not knowingly collect personal information from children without appropriate consent. If you believe a child provided personal information, contact us to request deletion.

13. Changes to this policy

We may update this policy. We will post changes with a new effective date. Significant changes will be highlighted.