Privacy Policy

Your privacy is important to us. Read Auracle's privacy policy to understand how we collect, store, and protect your data when you shop or browse our site.

Privacy Policy

PRIVACY POLICY

Auracle and Amrit Wellness by Amrit Singh (Amrit Singh Acupuncture Professional Corporation)

Last Updated: January 26, 2026


1. Introduction

Auracle and Amrit Wellness by Amrit Singh ("we," "us," or "our") is a Canadian-based business. We are committed to protecting your privacy, particularly regarding the sensitive health information you entrust to us. This policy outlines how we handle personal and health data in compliance with PIPEDA (Canada) and GDPR (EU/UK).

2. Information We Collect & How We Store It

  • Retail Data (Shopify): We collect your name, shipping address, and contact info to fulfill orders. Payments are processed via Shopify’s secure gateway; we do not store your credit card numbers.
  • Health & Wellness Data (Jane): When you book a treatment, we collect health history, symptoms, and treatment notes. This sensitive data is stored in Jane, a secure, encrypted practice management system compliant with PIPEDA, HIPAA, PHIPA, SOC 2 Type II, GDPR-ready (EU) and provincial health privacy laws.
  • Marketing Data (Flodesk): If you explicitly opt-in, your name and email are stored in Flodesk for our newsletter.
  • Automatic Data Collection (Cookies): Our website uses cookies to function. These track site performance and your shopping cart. You can manage these via your browser or our cookie banner.

3. Data Retention

We adhere to strict legal retention windows:

  • Retail & Marketing Data: Retained for 2 years of customer inactivity before being purged.
  • Clinical Health Records: Retained for 7 years following your last appointment (or the age of majority plus 10 years for minors), as required by Canadian healthcare regulations and the CTCMPAO.

4. International Transfers (EU/UK Residents)

By using our services and products, you acknowledge your data will be processed in Canada and the United States. We ensure these transfers are protected by Standard Contractual Clauses to maintain your privacy rights to GDPR standards.

5. Your Rights

You have the right to access, correct, or request the deletion of your personal data.

  • Health Records: Please note that we cannot delete clinical health records until the legal 7-year retention period has passed.
  • Marketing: You may "Unsubscribe" from Flodesk emails at any time via the link in the footer.
  • Complaints: You have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada or your local Data Protection Authority in the EU/UK.

6. Security

As a Professional Corporation, we treat health data with the highest security. Jane uses bank-grade encryption for all treatment notes. We recommend you use a strong, unique password for your accounts with us.

7. Contact Us

For all privacy inquiries or to request a copy of your records, contact: Amrit Singh Email: book@acuwithamrit.com Mailing Address: 145 King St. West, Toronto, Ontario, Canada