Skip to main content

Privacy Policy

Last updated: January 29, 2025

1. Introduction

Cangoods ("we", "us", "our") operates an e-commerce platform that sources premium Canadian products and delivers them to customers in the Philippines. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website and services.

By using our website or registering an account, you agree to the practices described in this policy.

2. Information We Collect

Personal Information

  • First name and last name
  • Email address
  • Phone number
  • Contact preference (email, phone, or SMS)

Delivery Information

  • Delivery addresses (street, barangay, city, province, region, postal code)
  • Delivery method preference (pickup, delivered, COD, or COP)
  • Courier preference (LBC or JRS)
  • Recipient name (if different from account holder)

Account Information

  • Email and password (password is hashed and never stored in plain text)
  • Google account information if you sign in with Google OAuth

Information We Do Not Collect

  • Credit card or bank account numbers — payments are handled externally via BPI bank transfer or GCash
  • Government-issued IDs
  • Analytics or behavioral tracking data

3. How We Use Your Information

  • Process and fulfill your orders
  • Communicate order status and delivery updates via email
  • Create and manage invoices through our accounting system
  • Respond to your inquiries and support requests
  • Improve our services and customer experience

4. Third-Party Services

We use the following third-party services to operate our platform. We only share the minimum data necessary for each service to function.

ServicePurposeData Shared
SupabaseDatabase hosting & authenticationAll account data (encrypted at rest)
VercelWebsite hostingServer logs
Zoho BooksInvoicing & accountingName, email, phone
ResendTransactional email deliveryEmail address, name
Google OAuthOptional login methodGoogle account info (only if you choose to sign in with Google)

We do not sell, rent, or trade your personal information to any third party for marketing or advertising purposes.

5. Cookies

We use only essential cookies required for the website to function:

  • Authentication cookies — Secure, httpOnly cookies that maintain your login session. These are set automatically when you log in and expire when you log out or after your session ends.

We do not use analytics cookies, advertising cookies, or any third-party tracking scripts.

6. Data Security

We take reasonable measures to protect your personal information:

  • All data transmitted over HTTPS encryption
  • Passwords are cryptographically hashed (never stored in plain text)
  • Database access protected by row-level security policies
  • Authentication cookies are httpOnly (inaccessible to JavaScript)
  • Server-side credentials are never exposed to the browser

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention & Deletion

We retain your personal information for as long as your account is active or as needed to provide our services. You may request deletion of your account and associated data by contacting us at the email address below.

Upon receiving a deletion request, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., completed transaction records for accounting).

8. Your Rights

Under the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), you have the right to:

  • Access — Request a copy of your personal data
  • Correction — Update or correct inaccurate information
  • Erasure — Request deletion of your personal data
  • Object — Object to processing of your data
  • Portability — Receive your data in a portable format

To exercise any of these rights, contact us using the information below.

9. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending an email. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

  • Email: goodiescanada@gmail.com
  • Phone: +1 514-692-1589
  • WhatsApp: +1 514-690-0134