This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from C&A Store’s website (the “Site”).
We may collect personal details that you provide when you use our Site, including:
Name
Email address
Phone number
Billing and shipping address
Payment details (processed securely through Stripe)
We use your information to:
Provide and improve our services
Fulfill and deliver orders
Send updates and respond to inquiries
Send marketing communications (only if you have opted in, with the option to unsubscribe at any time)
We use secure servers, SSL encryption (HTTPS), and industry-standard safeguards to protect your personal information. Payment information is processed through Stripe, a PCI Level 1 Service Provider. We do not store sensitive payment details (such as credit card numbers or CVV codes) on our servers.
We do not sell, rent, or trade your personal information. We may share your data only with trusted service providers when necessary to:
Process transactions (e.g., Stripe for payment processing)
Deliver orders (e.g., shipping providers)
Provide essential business services (e.g., IT or customer support)
If you are a Canadian resident, you have the right to:
Access the personal information we hold about you
Request corrections or updates
To exercise these rights, please contact via support@candagrocery.com .
We take the security of your payment information very seriously. Our website is compliant with the Payment Card Industry Data Security Standard (PCI DSS), which is a set of security standards designed to protect cardholder data.
How We Ensure PCI Compliance:
We do not store any credit or debit card numbers, CVV codes, or sensitive payment data on our servers.
All payment transactions on our website are securely processed by Stripe, a PCI Level 1 Service Provider (the highest level of PCI compliance).
Our website uses SSL encryption (HTTPS) to protect data during transmission.
We follow secure coding practices and regularly review our systems for security.
Our payment process meets all PCI DSS requirements as managed by Stripe.
By using our Site, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. You may withdraw your consent at any time, subject to legal or contractual restrictions, by contacting us.
We may use cookies or similar technologies to enhance your experience, analyze site performance, and support order processing. You can adjust your browser settings to decline cookies, but this may affect some website functionality
Our Site is not directed at children under the age of 13. We do not knowingly collect personal information from children. If we discover that we have inadvertently collected information from a child, we will delete it promptly.
You will be required to enter your debit/credit card details manually. We need this information to process and fulfill your order and maintain your account successfully.
Be rest assured. All payment transactions on our website are processed through Stripe, a trusted and secure payment provider that complies with PCI DSS (Payment Card Industry Data Security Standard).
These services are responsible for securely storing and handling your payment information. We do not store your credit or debit card details on our servers. Please review Stripe’s Privacy Policy for more information on how they protect your data.
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “last modified” date. We encourage you to review this page periodically to stay informed.