Privacy Policy

Effective date November 7, 2025

1. Introduction and scope

This Privacy Policy explains how BUZZ 'A' BEAT INC. ("we", "us", "our") collects, uses, discloses, stores, and protects personal information in connection with our music lessons, related programs (including joint child-parent/guardian participation programs), before-school and after-school care services, private café, and the buzzabeat.ca website (the "Site"). This policy applies to personal information about students, parents/guardians, prospective customers, employees/contractors (where indicated), and other individuals whose information we handle in the course of our commercial activities.

2. Applicable law

We handle personal information in accordance with applicable Canadian and Ontario privacy and sector rules, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and related guidance from the Office of the Privacy Commissioner of Canada, Canada's Anti-Spam Legislation (CASL) for commercial electronic messages, and applicable Ontario child-care rules. Where information collected qualifies as personal health information, additional statutory protections may apply. We are not a health information custodian under PHIPA; basic health/allergy information is collected under PIPEDA solely for emergency response purposes. (Where reference to a specific law is necessary we will provide it on request.)

3. Personal information we collect

We collect information reasonably necessary for the provision of music lessons and before and after school care, and access to, and use of, the private café, including:

  • Participants identity and contact information (child's name, parent/guardian name, address, telephone, email)
  • Age or date of birth (to identify minors and apply appropriate consent safeguards)
  • Enrollment information and emergency contacts
  • Health or allergy information relevant to care (only when necessary)
  • Attendance records, lesson schedules, payment information (credit card, billing address), and invoices
  • Communications and consent records (including consent given by parents/guardians)
  • Use of the private café
  • Website analytics and technical information (cookies, IP address) as described below

4. Minors and parental consent

Because we provide services to children, we treat information relating to minors with particular care. For children who are too young to provide informed consent (and, consistent with regulatory guidance, generally for children under 13), we collect, use or disclose personal information only with the express consent of a parent or legal guardian. For older minors, we assess the child's capacity to consent in the circumstances; where practicable we also obtain parent/guardian consent for activities connected to lessons, care and billing. We retain parental contact details and consent records. (See "Access, correction or withdrawing consent" below for how parents may exercise access, correction or withdrawal of consent.)

5. Purposes of collection, use and disclosure

We collect, use and disclose personal information only for purposes that are reasonable and necessary, including to:

  • Provide music lessons, related programs (including joint child-parent/guardian participation programs) and before and after school care and access to, and use of, the private café
  • Register participants and manage schedules, attendance and waitlists
  • Ensure participant safety and respond to medical or other emergencies
  • Bill and collect fees and process payments
  • Communicate with parents/guardians and students about services, schedules, events, cancellations, and emergencies
  • Communicate the availability and description of Buzz 'A' Beat merchandise and related products
  • Provide the hospitality of our private café and the products offered
  • Operate, secure and improve our Site and services (including analytics)
  • Comply with legal and regulatory obligations (including child-care regulations and reporting)
  • Send marketing or promotional communications where we have obtained consent and in compliance with CASL

We will not use personal information for any purpose incompatible with the original purpose without obtaining further consent, unless otherwise permitted by law. We do not sell or rent personal information.

6. Third-party service providers and transfers outside Canada

We may disclose personal information to trusted third-party service providers who process information on our behalf (e.g., payment processors, billing platforms, secure data storage, cloud hosting, scheduling/lesson platforms, analytics providers). Where personal information is transferred or stored outside Canada we will take reasonable contractual and technical measures to protect it and will notify you where required by law.

7. Cookies and analytics

Our Site uses cookies and similar technologies to operate the Site, analyze usage, and improve user experience. You may control cookies through your browser settings; please note some Site features may not function if cookies are disabled.

8. Marketing and CASL compliance

We will only send promotional emails/SMS or other commercial electronic messages (CEMs) where we have obtained express or implied consent in accordance with CASL. Every marketing message will identify us and include a clear, easy mechanism to unsubscribe. If you opt out, we will stop sending promotional CEMs within the time required by law.

9. Security and retention

We maintain administrative, technical and physical safeguards reasonably appropriate to the sensitivity of the information to protect against unauthorized access, disclosure, loss or theft. We retain personal information only for as long as reasonably necessary to fulfill the stated purposes, comply with legal obligations, or as permitted by law. We securely dispose of or de-identify information that is no longer required.

10. Breach notification

Where required by law, we will notify affected individuals and the appropriate privacy authority of any data breach that creates a real risk of significant harm, and will keep records of privacy incidents as required by applicable law.

11. Access, correction and withdrawing consent

Parents/guardians and individuals may request access to or correction of personal information we hold about them (or their child) by contacting our Privacy Contact (below). We will respond within the time required by law. Parents/guardians may withdraw consent to particular uses (where lawful to do so); withdrawal may affect our ability to provide services (in which case we will explain those consequences).

12. Complaints and supervisory authorities

If you have a privacy complaint that we cannot resolve, you may contact: the Office of the Privacy Commissioner of Canada (for federally regulated matters) or the Information and Privacy Commissioner of Ontario (for applicable Ontario public sector matters and certain provincial issues). We will cooperate with privacy regulators and comply with applicable orders.

13. Updates to this policy

We may revise this Privacy Policy from time to time. We will post the revised policy on the Site and update the effective date. Material changes will be communicated to parents/guardians where reasonably required.

14. Contact / privacy officer

Questions, requests for access/correction, withdrawals of consent, or privacy complaints should be directed to:

Privacy Officer: Ralph Gwin
Email: ralph@buzzabeat.ca
Phone: 416-786-7817
Address: 3285 Yonge Street, Toronto, ON M4N 2L8