OB OrayBest

Privacy Policy

Last updated:

This Privacy Policy explains how OrayBest (“we”, “us”) collects, uses, and shares personal information when you visit our website, place an order, or interact with us. We are based in Canada and aim to comply with applicable Canadian privacy laws (including PIPEDA).

Contents

  1. Who we are & contact
  2. Scope
  3. Information we collect
  4. Cookies & similar technologies
  5. How we use information
  6. Sharing & disclosures
  7. Retention
  8. Security
  9. Your rights & choices
  10. International transfers
  11. Children’s privacy
  12. Changes to this policy
  13. How to contact us

1) Who we are & contact

OrayBest is a made-to-order sweets studio serving customers across Canada.

2) Scope

This policy applies to our website, order forms, customer communications, and social channels. It does not cover third-party websites or services that we do not control.

3) Information we collect

Information you provide — name, email, phone number, event date, city/province, order details (flavours, servings, theme), messages, and files you share (e.g., inspiration photos).

Information collected automatically — basic device and usage data (e.g., browser type, pages viewed, timestamps) and approximate location (from IP). See Cookies.

Information from third parties — if you interact with us on social media or pay via a payment provider, we may receive limited data as permitted by that service.

4) Cookies & similar technologies

We use essential cookies to run the site. With your consent, we may use analytics and marketing cookies to improve your experience. You can change your cookie preferences at any time via our banner or by visiting Cookie Policy.

5) How we use information

  • Provide, personalise, and deliver our products and services.
  • Respond to inquiries, provide quotes, and manage orders.
  • Improve site performance, quality, and user experience.
  • Send service messages (e.g., order updates) and, with consent where required, marketing communications (you can unsubscribe anytime).
  • Detect, prevent, and address fraud, abuse, or security issues.
  • Comply with legal obligations and enforce our Terms of Service.

6) Sharing & disclosures

We do not sell personal information. We may share it with:

  • Service providers (e.g., hosting, analytics, couriers, payment processors) under contract.
  • Legal and safety authorities when required by law or to protect rights and safety.
  • Business transfers in case of merger, acquisition, or asset sale (with notice where required).

7) Retention

We keep personal information only as long as necessary for the purposes described above, unless a longer period is required by law. We use reasonable criteria (e.g., order lifecycle, legal/accounting requirements) to determine retention.

8) Security

We apply administrative, technical, and physical safeguards appropriate to the sensitivity of the information. No method of transmission or storage is 100% secure.

9) Your rights & choices

  • Access & correction: You may request a copy of your information and ask us to correct inaccuracies.
  • Withdraw consent: Where we rely on consent (e.g., marketing cookies or emails), you can withdraw it at any time.
  • Marketing opt-out: Use unsubscribe links or contact us.
  • Cookies: Adjust preferences via our banner or browser settings. See Cookie Policy.

If you are in the EEA/UK or certain other regions, additional rights (e.g., portability, objection) may apply under local law.

10) International transfers

Our service providers may process data outside your province or country (including the United States). Where required, we use appropriate safeguards for such transfers.

11) Children’s privacy

Our services are not directed to children under the age required by applicable law. If you believe a child provided personal information, please contact us to remove it.

12) Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top indicates the latest revision. Material changes will be highlighted on this page.

13) How to contact us

If you have questions or would like to exercise your privacy rights, contact us:

This page is provided for transparency about our practices. It is not legal advice.