smallreads ("we", "us", or "our") operates the website smallreads.ca. This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
By using smallreads, you consent to the practices described in this policy. If you do not agree, please do not use our service.
We may collect the following types of personal information:
We use your personal information to:
We do not sell your personal information to third parties.
We may use privacy-friendly analytics tools (such as Umami) to collect anonymized, aggregate usage metrics. These tools do not use cookies, do not collect personally identifiable information, and do not track you across websites. This data helps us understand how the service is used so we can improve it.
smallreads uses only essential cookies required for authentication and session management. We do not use advertising, tracking, or non-essential cookies. Because we only use strictly necessary cookies, no cookie consent banner is required.
smallreads is operated from Canada. However, some of our hosting infrastructure and service providers are located in the United States (US West region). This means your personal information may be transferred to, stored, and processed in the United States.
When your data is stored or processed outside of Canada, it may be subject to the laws of that jurisdiction, including lawful access requests by US law enforcement or government agencies. We take steps to ensure that any third-party service providers handling your data are contractually obligated to protect it with safeguards comparable to those required under Canadian privacy law.
We retain your personal information for as long as your account is active or as needed to provide you with our services. If you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it by law.
Under PIPEDA, you have the right to:
To exercise any of these rights, please contact us at the address below.
We implement reasonable technical and organizational safeguards to protect your personal information, including encryption in transit (TLS) and at rest, access controls, and secure authentication practices. However, no method of transmission or storage is 100% secure.
In the event of a data breach that poses a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required under PIPEDA's breach notification requirements.
We may use third-party services for authentication (e.g. Google Sign-In), hosting, and email delivery. These providers only receive the minimum information necessary to perform their services and are bound by their own privacy policies.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of smallreads after changes are posted constitutes acceptance of the revised policy.
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:
Email: d@velunny.com