Free shipping on orders over $50!
Help
BAhZAAR
0
BAhZAAR
AccountOrdersWishlistCart

Shop by Department

Today's Deals
Help CenterSettings

Privacy Policy

Effective date: April 12, 2026

BAhZAAR Inc. (“BAhZAAR”, “we”, “us”, or “our”) operates the online marketplace at bahzaar.com. We are committed to protecting your personal information and your right to privacy in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), the Canadian Anti-Spam Legislation (CASL), and Quebec's Act respecting the protection of personal information in the private sector (Law 25).

This policy explains what information we collect, why we collect it, how we use and protect it, and what choices you have. By using our website or placing an order, you acknowledge that you have read and understood this policy.

1. Who We Are

BAhZAAR Inc. is a Canadian online marketplace that connects customers with products from third-party suppliers. We act as the retailer of record; we do not manufacture or warehouse goods. Our registered mailing address is:

BAhZAAR Inc.
9-2020 Lanthier Dr. #389
Ottawa, ON  K4A 3V4
Canada
support@bahzaar.com

2. Information We Collect

We collect the minimum information necessary to provide our services:

2.1 Information You Provide Directly

  • Account registration: first name, last name, email address, password (stored as a hashed value — we never see your plain-text password)
  • Orders: shipping address (street, city, province, postal code), order notes
  • Payment: payment is processed entirely by PayPal. We never receive, store, or transmit your credit card or banking credentials.
  • Product reviews: your display name and the review content you submit
  • Newsletter: your email address, collected only with your explicit consent
  • Contact form: your name, email address, and message

2.2 Information Collected Automatically

  • Usage data: pages visited, time spent, search queries, referral URLs
  • Device data: browser type, operating system, screen resolution, IP address
  • Cookies and similar technologies: see Section 6 below

2.3 Information from Third Parties

  • PayPal may share transaction confirmation data (order ID, amount, status) with us to fulfill your order.
  • If you log in via a social provider in the future, we would receive only the data you authorize that provider to share.

3. How We Use Your Information

We process your personal information only for specific, clearly stated purposes:

PurposeLegal Basis (PIPEDA)
Process and fulfill your ordersContractual necessity
Send transactional emails (order confirmation, shipping updates)Contractual necessity
Provide customer support and respond to inquiriesContractual necessity / Legitimate interest
Verify your email address and account securityLegitimate interest
Prevent fraud and protect site securityLegitimate interest
Send marketing emails and newslettersExpress consent (you opted in)
Analyse site usage to improve performanceConsent (analytics cookies)
Show personalised ads via Meta PixelConsent (marketing cookies)
Comply with legal obligationsLegal obligation

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

4. Sharing Your Information

We share personal information only when necessary and with appropriate safeguards:

  • Suppliers & fulfillment partners: Your shipping name and address are forwarded to the supplier who fulfills your order. Suppliers receive only what is needed to deliver your package.
  • PayPal (paypal.com): Payment processor. Your financial data is governed by PayPal's privacy policy. We receive only payment confirmation.
  • Google LLC — Google Analytics 4: We send anonymised event data (page views, purchases) to Google Analytics to understand how visitors use our site. This requires your analytics cookie consent. Google may process this data outside Canada; it is subject to Google's privacy policy and standard contractual clauses.
  • Meta Platforms Inc. — Meta Pixel: With your marketing cookie consent, we send conversion events (add to cart, purchase) to Meta for advertising measurement and retargeting. Meta may process data outside Canada.
  • Email / transactional email provider: We use a transactional email service to deliver order confirmations and account emails. Your email address and order information are transmitted to this service for delivery purposes only.
  • Hetzner Online GmbH (hosting): Our servers are hosted in Germany. Data stored on our servers is subject to appropriate technical and organisational safeguards compliant with applicable law.
  • Legal disclosures: We may disclose your information if required by Canadian law, court order, or to protect the rights, property, or safety of BAhZAAR, our customers, or the public.

5. Data Retention

  • Account data: retained while your account is active and for 3 years after closure, in case of dispute or regulatory requirement.
  • Order records: retained for 7 years to comply with Canadian tax and accounting obligations.
  • Marketing consent records: retained for 3 years after the end of our business relationship, as required by CASL.
  • Contact form messages: retained for 2 years, then securely deleted.
  • Analytics data: Google Analytics data is retained for 14 months (our configured retention window).

When data is no longer required for its stated purpose, we securely delete or anonymise it.

6. Cookies & Tracking Technologies

We use cookies and similar technologies. Under PIPEDA and Quebec Law 25, non-essential cookies require your prior, informed, and freely given consent.

CategoryExamplesConsent required?
EssentialShopping cart, login session, cookie consent preferenceNo — required for the site to function
AnalyticsGoogle Analytics 4 (_ga, _gid)Yes — analytics consent
MarketingMeta Pixel (_fbp, _fbc)Yes — marketing consent

You can change your cookie preferences at any time using the Cookie Settings link in our footer. You may also disable cookies in your browser, but this may affect site functionality.

7. Your Privacy Rights

Under PIPEDA and Quebec Law 25, you have the following rights:

  • Right to access: Request a copy of the personal information we hold about you.
  • Right to correction: Ask us to correct inaccurate or incomplete information.
  • Right to deletion: Request deletion of your personal information where it is no longer necessary for its stated purpose. Note that some data must be retained by law (e.g., financial records).
  • Right to data portability (Quebec): Request your data in a structured, commonly used, machine-readable format.
  • Right to withdraw consent: Withdraw consent for marketing emails at any time using the unsubscribe link in any email, or by emailing us. Withdrawal does not affect processing prior to withdrawal.
  • Right to lodge a complaint: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada (priv.gc.ca) or, for Quebec residents, the Commission d'accès à l'information (cai.gouv.qc.ca).

To exercise any of these rights, contact us at support@bahzaar.com. We will respond within 30 days. We may need to verify your identity before processing the request.

8. Marketing Communications (CASL)

We will only send you commercial electronic messages (newsletters, promotions) if you have given us express consent — for example, by subscribing via our newsletter form. Every marketing email we send includes a one-click unsubscribe link. Unsubscribe requests are processed within 10 business days as required by CASL. We maintain records of consent for a minimum of 3 years.

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it. In Quebec, we require verifiable parental consent for users under 14.

10. Security

We implement appropriate technical and organisational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include TLS/HTTPS encryption in transit, hashed password storage, and access controls on our systems. However, no internet transmission is 100% secure, and we cannot guarantee absolute security. In the event of a data breach that poses a real risk of significant harm, we will notify affected individuals and the Office of the Privacy Commissioner as required by PIPEDA.

11. International Data Transfers

Some of our service providers (Google, Meta, PayPal) are based outside Canada and may process your data in other jurisdictions, including the United States and the European Union. When data is transferred outside Canada, we rely on contractual protections (standard contractual clauses or equivalent) to ensure your information receives a comparable level of protection.

12. Links to Third-Party Sites

Our site may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you by email or a prominent notice on our website. We encourage you to review this policy periodically.

14. Contact & Privacy Officer

Questions, requests, or complaints regarding this Privacy Policy or our data practices should be directed to our Privacy Officer:

Privacy Officer — BAhZAAR Inc.
9-2020 Lanthier Dr. #389
Ottawa, ON  K4A 3V4
Canada
support@bahzaar.com

If you are not satisfied with our response, you may escalate your complaint to the Office of the Privacy Commissioner of Canada.