Effective Date: 2017
Last Updated: 2025

1. Introduction

VegHeadsTO ("we," "us," or "our") is a holistic wellness company that merges ancient Ayurvedic wisdom with modern science. We offer personalized plant-based coaching, gut health programs, educational content, and nourishing plant-based food products. This Privacy Policy explains how we collect, use, disclose, and safeguard your information across all our services.

Our Services Include:

• Online programs and health coaching

• Plant-based food products (sauces, condiments, and future product lines)

• Educational content, newsletters, and wellness resources

• Online community platforms and consultation services

Contact Information:

• Business Name: VegHeadsTO

• Email: contact@vegheadsto

• Website: vegheadsto.com

2. Information We Collect

Personal Information You Provide

Health and Wellness Services:

• Assessment Participation: Name, email, responses to gut health and dosha questionnaires

• Program Enrollment: Full name, email, phone number, health goals, dietary preferences

• Coaching Sessions: Health history, symptoms, lifestyle factors, progress updates

• Community Participation: Forum posts, group interactions, progress sharing

Product Purchases:

• Order Information: Name, shipping address, billing address, phone number

• Payment Details: Credit card information, billing preferences, purchase history

• Dietary Restrictions: Allergies, preferences, special requirements for product recommendations

General Interactions:

• Website Engagement: Account creation, newsletter subscriptions, content downloads

• Communications: Email correspondence, support requests, feedback, testimonials

• Event Participation: Workshop registrations, webinar attendance, consultation bookings

Automatically Collected Information

Website and Digital Analytics:

• Technical Data: IP address, browser type, device information, operating system

• Usage Patterns: Pages visited, time spent, click-through rates, download behavior

• Cookies and Tracking: Login sessions, preferences, shopping cart contents

• Email Engagement: Open rates, link clicks, unsubscribe patterns

Mobile App Data (if applicable):

• Device Information: Mobile device ID, app version, push notification preferences

• Usage Analytics: Feature usage, session duration, in-app behaviors

Health and Wellness Information

Program-Specific Data:

• Assessment Results: Dosha type, digestive health status, wellness goals

• Progress Tracking: Symptom improvements, habit tracking, goal achievements

• Coaching Notes: Session summaries, recommendations, action plans (with consent)

• Health Journals: Food diaries, symptom logs, wellness observations

Product-Related Health Data:

• Allergy Information: Food sensitivities, ingredient restrictions

• Dietary Preferences: Plant-based choices, nutritional requirements

• Purchase Patterns: Product preferences, reorder frequency, taste preferences

3. How We Use Your Information

Primary Service Delivery

Health Coaching and Programs:

• Providing personalized wellness consultations and program content

• Customizing recommendations based on dosha type and health assessments

• Tracking progress and adjusting program elements for optimal results

• Facilitating community interactions and peer support

Product Services:

• Processing and fulfilling food product orders

• Recommending products based on dietary needs and preferences

• Managing shipping, delivery, and customer service inquiries

• Developing new products based on customer feedback and demand

Educational Content:

• Delivering relevant health tips, recipes, and wellness information

• Personalizing content recommendations based on interests and engagement

• Providing access to exclusive materials and member-only resources

Communication and Marketing

Program Communications:

• Sending course updates, coaching reminders, and educational materials

• Providing technical support and answering program-related questions

• Sharing community highlights and success stories (with permission)

Product Marketing:

• Announcing new product launches and availability updates

• Sending promotional offers, discounts, and seasonal recommendations

• Sharing recipes, usage tips, and nutritional information

General Marketing:

• Newsletter distribution with wellness tips and company updates

• Social media engagement and community building

• Event announcements and workshop invitations

Business Operations and Analytics

Service Improvement:

• Analyzing program effectiveness and user engagement patterns

• Gathering feedback to enhance product formulations and offerings

• Understanding customer preferences to guide business decisions

Legal and Compliance:

• Meeting regulatory requirements for food products and health services

• Protecting intellectual property and business interests

• Responding to legal requests and maintaining business records

4. Information Sharing and Disclosure

Third-Party Service Providers

We share information with trusted partners who help us operate our business:

Technology and Platform Providers:

• Website Hosting: Squarespace (website functionality and hosting)

• E-commerce: Shopify or similar platforms (online store operations)

• Email Marketing: ConvertKit, Mailchimp (newsletters and automation)

• Payment Processing: Stripe, PayPal (secure payment handling)

• Analytics: Google Analytics, Facebook Pixel (performance tracking)

Fulfillment and Logistics:

• Shipping Partners: Canada Post, UPS, FedEx (product delivery)

• Warehouse Services: Third-party fulfillment centers (inventory management)

• Manufacturing Partners: Co-packers and production facilities (product creation)

Customer Support and Communication:

• Help Desk Platforms: Customer service management systems

• Video Conferencing: Zoom, Google Meet (coaching sessions)

• Community Platforms: Facebook Groups, Discord (member interactions)

Business Services:

• Accounting Software: QuickBooks (financial management)

• CRM Systems: Customer relationship management platforms

• Legal Services: Law firms for compliance and business matters

Product-Specific Sharing

Food Product Compliance:

• Regulatory Authorities: Health Canada, FDA (as required for food safety)

• Certification Bodies: Organic certifiers, allergen testing labs

• Supply Chain Partners: Ingredient suppliers, quality assurance providers

Health Coaching Compliance:

• Professional Organizations: Relevant coaching and wellness associations

• Insurance Providers: Professional liability insurance companies

• Continuing Education: Training organizations and certification bodies

Legal and Emergency Disclosures

We may share information when legally required or to protect our business:

• Legal Compliance: Court orders, government investigations, regulatory requests

• Safety Protection: Preventing fraud, protecting rights and property

• Business Transfers: Mergers, acquisitions, or asset sales

• Emergency Situations: Immediate health or safety concerns

5. Data Security and Protection

Technical Safeguards

Data Transmission:

• SSL/TLS Encryption: All data transmitted securely between devices and servers

• Secure Payment Processing: PCI DSS compliant payment handling

• API Security: Encrypted connections for all third-party integrations

Data Storage:

• Access Controls: Role-based access with minimum necessary permissions

• Regular Backups: Automated, encrypted backup systems

• Server Security: Firewall protection, intrusion detection, regular updates

Application Security:

• Authentication: Strong password requirements, optional two-factor authentication

• Session Management: Automatic logout, secure session handling

• Regular Audits: Security assessments and vulnerability testing

Physical and Administrative Safeguards

Physical Security:

• Secure Facilities: Restricted access to offices and storage areas

• Device Management: Encrypted laptops, secure mobile device policies

• Disposal Procedures: Secure destruction of physical documents and devices

Administrative Controls:

• Staff Training: Regular privacy and security education for all team members

• Incident Response: Documented procedures for data breach response

• Vendor Management: Security requirements for all third-party service providers

6. International Data Transfers and Compliance

Cross-Border Data Handling

For Canadian Residents (PIPEDA Compliance):

• We comply with the Personal Information Protection and Electronic Documents Act

• Cross-border transfers maintain appropriate safeguards through contractual protections

• You have rights to access, correct, and withdraw consent for your personal information

For US Residents:

• State-Specific Rights: Compliance with California CCPA, Virginia CDPA, and other applicable state laws

• Data Minimization: Collection limited to information necessary for stated purposes

• Opt-Out Rights: Options to limit sale or sharing of personal information

For EU Residents (GDPR Compliance):

• Legal Basis: Processing based on consent, legitimate interests, or contractual necessity

• Data Subject Rights: Access, rectification, erasure, portability, and objection rights

• International Transfers: Standard Contractual Clauses and adequacy decisions ensure protection

Product-Specific International Considerations

Food Product Exports:

• Customs Documentation: Ingredient lists, nutritional information, safety certificates

• Regulatory Compliance: Meeting import requirements for destination countries

• Shipping Restrictions: Temperature control, expiration date management

Digital Service Access:

• Geographic Restrictions: Some services may be limited based on local regulations

• Currency and Pricing: Localized pricing and payment methods where possible

• Language Accessibility: Content translation for international markets