Privacy Policy


At Edge Imaging (“Edge”, “we”, “us”, “our”), we are firmly committed to protecting the privacy of our customers. Our pledge is to safeguard any personal information that customers provide to us or that we obtain when providing our services, and to make every reasonable effort to use this information only as

customers choose. Edge complies with its obligations under Canada’s federal Personal Information Protection and Electronics Documents Act (PIPEDA) and substantially similar provincial privacy legislation with respect to the personal information it collects from its customers. When obtaining personal information indirectly in the course of providing services to schools and other institutions, Edge safeguards such personal information as required by its institutional clients in accordance with the laws that apply to its clients such as Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA).


This Privacy notice informs customers of our privacy practices as applied to accessing, browsing and using the following Websites:,,,, (collectively the “Websites”), as well as our broader personal information protection practices as an organization. By using our services, customers agree to the terms of this Privacy notice. The notice explains what information we collect from customers or indirectly from our institutional clients and how it is used in order to continue providing customers and clients with outstanding service. For more information please contact us at the address listed in the How To Contact Us For More Information section below.

This Privacy Notice outlines in detail:

  1. Consent
  2. Personal information we collect
  3. How we use personal information
  4. How we share personal information
  5. How to access and update your personal information or preferences
  6. How we protect your personal information
  7. Customer choices about receiving email
  8. Privacy protection for children
  9. How we make updates to this policy
  10. How to contact us for more information


The highlights below summarize what information we may collect from you, how we may use it, who we may share it with, what choices you have with regard to the collection, use or disclosure of your personal information, what we will do in case of a privacy or security breach, and how to contact us. A copy of our full Privacy notice follows these highlights.

Type of InformationSourcePurposeThird-Party Sharing
Direct Identifiers
(examples: student identifier,1 image, name, contact information: mailing address, e-mail address and phone number)
-Provided by the customer or in the course of providing our services to institutional clients (e.g schools).

-When you give us another person’s name
as the gift recipient, you are letting us know that you have that person’s consent to do so.
-Providing products and services.

-Creating and maintaining accounts.

-Following up on orders, shipping and delivery of products.

-Communicating with customers.

-Sending friends, families and colleagues information on
customers’ behalf.2

-Providing customers with information related to photo day, their account and product purchases.

-Anonymizing, de- identifying and aggregating data to use for analytics and
marketing purposes.
-Companies who provide us with shipping and delivery services.

-Authorized individuals at a Board or school level for the purposes of school administration.

-Companies who work on our behalf to perform business support and information system management functions.

-Law enforcement agencies or officials where required or permitted by law.3

-Other third-parties with your consent or where required or permitted by law.

1 In the course of providing our services to institutional clients (e.g. schools), we may indirectly collect an identifier assigned to a student that may be provided to us by a school or a school board.

2 Where customers warrant to Edge that proper consents have been obtained prior to providing personal information of other individuals to Edge.

3 For example, we may provide certain information to a school or to the police in order to assist in a police investigation in compliance with applicable privacy laws.

Indirect Identifiers (examples: age, homeroom, grade, class or school)-In the course of providing our services to institutional clients (e.g schools).-Sending surveys. -Notifying customers about promotions and other products and services information, in accordance with Canada anti-spam law requirements. -Anonymizing, de-identifying and aggregating data to use for analytics and marketing purposes.
Payment Information (examples: credit card and billing information)-We do not collect this directly from you through our website, we use a third-party service.
-Credit card payments may be processed by Edge at some of our physical locations.
-Processing and fulfilling orders.-We use Moneris Solutions to process and secure all orders through our website.
User Generated Information (examples: user preferences, shopping cart contents, user ID).-From your use of our Websites.-Better understanding customer needs and interests, personalizing communications and improving a customer’s web experience.- We will only link IP address and User ID when an order is placed to identify fraudulent credit card use.
Information Generated During Edge-Customer Interactions including automatically collected (example: IP address, cookies, analytic unique identifiers, appointment times)-In the course of communications with Edge, or from third-parties including institutional clients, where permitted or required by law.-Better understanding customer needs and interests, personalizing communications and improving a customer’s web experience. -Creating photography schedules based on customers preferred appointment bookings.- Insights, not direct customer information, could be provided to our web development partner to enhance overall customer web experience.

You have the following choices:

  • Access and correction: You can access your personal information and ask us to update, correct or delete any information we have about you, subject to legal and contractual restrictions.
  • Cookies and other tracking technologies: You may disable cookies and other tracking technologies through the settings in your browser. However, doing so may affect your use of our Websites and your ability to access certain features of the Websites. However, disabling cookies will not prevent you from transacting with us.
  • Opt-outs: You may contact us to opt-out of further contact from us, including the provision of promotional communications, as well as certain other uses of your personal information, as explained in our full Privacy notice.
  • Customer choices about receiving e-mail: You may contact us to let us know your preference in terms of receiving promotional e-mails, such as special offers. You may opt-out of receiving such e-mails.

In case of a breach of security safeguards involving personal information, we will:

  • Determine whether the breach creates a real risk of significant harm to the individual, including physical, financial or reputational harm.
  • Notify the affected individual (parent or guardian), associated school Board and school, the Office of the Privacy Commissioner of Canada and any provincial Information and Privacy Commissioners, as appropriate, and any other organization or government institution that can reduce the risk or mitigate the harm from the breach.
  • Keep a record of the breach in accordance with our legal obligations.

How to contact us:

  • If you would like further information about your privacy rights, opting-out of the collection or use of your information, accessing or correcting your information, or to register a complaint, please contact our Privacy Officer at


1. Consent

We are open about the personal information we collect and have implemented mechanisms to enable you to exercise any rights you might have with respect to your personal information. We only collect, use or disclose your personal information with your consent, which may be implied by your use of our services with knowledge of how we will use your personal information, unless we are required or permitted by law to obtain your personal information without consent. When we obtain your personal information indirectly from our institutional clients, we rely on their lawful authority to collect and use your personal information and provide it to us so that we can provide you with services on behalf of our client.

We will ask for your consent if we wish to use your personal information for purposes other than those listed in this Privacy notice or if we are required to expressly request your consent under applicable law, unless an exception to consent applies (e.g. in the event of a lawful government demand for information).

Deletion of Information/Withdrawal of Consent: You may at any time ask us to stop using or delete your personal information using the contact details set out below. We will consider and comply with your request, subject to certain legal and contractual requirements.


Personal information is information about an identifiable individual and may or may not include business contact information, depending on the jurisdiction.

Our first goal in obtaining personal information is to provide customers with a meaningful, enjoyable, and personal experience on our website and in the course of offering our services. Our second goal is to develop new products and services relevant to current and potential customers. In other words, personal information allows us to provide customers with more of what they prefer and less of what they don’t.

2.1 Information customers explicitly provide

In order to establish an account, purchase products, or to participate in various online programs offered through the Websites or third-party application or software, customers will be asked to provide the following personal information to us: their name, mailing address, e-mail address and phone number. If a customer chooses to purchase products or services, they will be asked to provide a valid credit card number and expiration date along with billing and shipping address information. Credit card and billing information is not held with Edge and is secured by Moneris Solutions. No credit card information is stored on any Edge system or sent electronically using Edge email. Customers can choose not to provide this information but then they might not be able to participate in some of our services or offerings.

On some pages, customers can submit information about other people. For example, if a customer orders a gift online and wants it sent directly to the recipient, a customer will need to submit information such as the recipient’s name, address and phone number. Customers are not permitted to provide us with such information unless they have been expressly authorized by the other person to provide this information to us.

2.2 Information we may collect during the provision of our services

During the provision of our services to schools, we may collect the following information about students from the students or the school administration, for the purposes of providing our products or services:

  • Any identifying number, symbol or other particular assigned to a student that may be provided to us by a school or a school board;
    • Address, telephone number, age and sex;
    • Homeroom, grade or teacher assignment; and or
    • The student’s image, whether individually or in a group format.

2.3 Information we automatically collect

We use common internet technologies to customize parts of the website for customers.

  • Cookies: The Websites use “cookies”, a small string of text that is stored on a website user’s computer to permit the website to recognize future visits by that computer. Cookies enhance the convenience and use of the Websites. For example, a cookie would store customers’ user preferences, shopping cart contents and other information that may be used for account identification purposes.
  • Disabling cookies: A customer may choose to decline “cookies” if his or her browser permits, but doing so may affect your use of the Websites and ability to access certain features of the Websites. However, declining “cookies” will not prevent you from transacting with us.
  • Google Analytics and Advertising: We may use Google Analytics and share a unique identifier, like a user ID or a hashed email address, with Google Analytics to link the devices you use when you engage with us. This allows us to improve the customer experience by understanding how our customers interact with our Websites and services. This will also help us to tailor our advertisements and content to you.
  • IP Address: System administration may aggregate IP addresses for analysis and to gather broad demographic information. A computer’s User ID will only be linked to an IP address when customers place an order for the purpose of identifying fraudulent credit card use. Edge may share this information with the financial institution that issued the credit card within which an order was placed or with law enforcement authorities if we determine, or are notified, that the use of the credit card was fraudulent.

2.4 Information provided by third-parties, such as marketing partners and business partners

Sometimes we obtain additional information, from third-parties, such as our marketing partners or other business partners, where permitted or required by law. We may merge this information with customer information we have collected on this site. In addition, we may receive information you may have provided offline in the course of your communications with us. We use this information for the purposes listed below:

  • Creating photography schedules based on customers preferred appointment bookings.
  • Providing customers with information related to photo day, their account and product purchases.
  • Communicating with customers.

2.5 Retention of personal information

Edge will retain your personal information only for so long as is necessary to fulfill the purpose for which it was collected and to meet our legal and contractual obligations. Where personal information is no longer needed, it will be securely destroyed or permanently anonymized or de-identified.


3.1 Customer information usage

Customer information will be used to conduct business, such as:

  • providing our products and services
  • creating and maintaining accounts
  • processing, fulfilling and following up on orders
  • shipping and delivery of products
  • answering customer e-mails
  • communicating with customers
  • sending customer information to friends, families and colleagues on customers’ behalf (when expressed consent has been given)
  • sending surveys
  • notifying customers about promotions and other information regarding our products and services (see the section below entitled Customers choices about receiving e-mail)

3.2 To Improve Process and Experience

Customer Experience

We also use this personal information to provide customers with information related to their account, the products or services customers have purchased from us, to better understand their needs and interests, to improve our service and to personalize communications and a customer’s web experience. Note that we may also use de-identified or aggregate data to train or test third-party analytics software for the purposes of improving our services, customer offering and overall experience.

Improving Business Process

We may use your personal information in order to improve our production processes, including through the use of innovative technologies, such as facial recognition technology. Such technologies may be able to link names to individuals in group images or link individual images from various years or photography programs into one user account, for example, by using a digital signature that we generate from your image.


A customer’s personal information will not be rented or sold to any third-party. Edge may share this information with the following:

  • Companies who work on our behalf: We partner with other companies to perform business support and information systems management functions on our behalf, as well as companies who provide us with shipping and delivery services. These companies may be involved with limited access to personal information of our customers. Prior to partnering with any third-party company, Edge ensures that their privacy and security practices are compliant and meet Edge’s privacy and security standards. Please contact us for a current list of the companies that we are partnering with. We contractually require these companies to use the information only to provide the contracted services; they are prohibited from transferring the information to another party except as needed to provide those services. Some of these companies include secure monetary transaction sites, customer survey execution, and information systems management. Please see below section on Cross Border Transfer or storage to learn about our transfer of personal information outside of Ontario and Canada.
  • Law Enforcement: Edge may disclose personal information to third-parties without your consent for any of the following reasons: (i) to comply with any law, regulation or order of a court, administrative agency or government tribunal; (ii) to cooperate with Government investigations; (iii) to help prevent fraud or to enforce or protect the rights of Edge or its subsidiaries and to pursue available remedies or limit any damages that we may sustain; or (iv) where it is necessary to protect the rights, privacy, safety or property of an identifiable person or group.
  • Other Third-Parties: Edge may disclose personal information to other third-parties without your consent where required or permitted by law, including where: (i) the information is public as permitted by law; (ii) it is necessary to proceed with or complete a “business transaction”, such as the purchase and sale of an organization or assets, a merger or amalgamation, making of a loan, charge, lease or licensing, or other prescribed business activity; (iii) it is reasonable for the purposes of investigating a breach of an agreement, or actual or suspected illegal activity; or (vi) it is necessary to identify an individual who is injured, ill or deceased, or (vii) due to an emergency that threatens the life, health or security of an individual.

Where obliged or permitted to disclose information without consent, Edge will not disclose more information than is required.


You have the right to access personal information under our control. As registered members of, customers can review and update their member profile using their user name and password. Customers also have the option of sending an e-mail to the address noted in the How To Contact Us For More Information section below to request a change to their information or preferences. We will correct, update or delete any personal information we have about you, unless we are required to keep it by law. To protect the privacy of our customers, proof of identity is required.


Edge engages a number of security safeguards on its Websites to protect the data on Edge servers. However, no security system is impenetrable and we cannot guarantee the security of our servers. It is possible that information supplied through the Websites may be intercepted during transmission.

Edge endeavours to maintain appropriate physical, procedural and technical security with respect to its offices and information storage facilities so as to prevent any loss, misuse, unauthorized access, disclosure, or modification of personal information. This also applies to our disposal or destruction of personal information. We further protect personal information by restricting access to it to those employees that require access to the information in order that we may provide our products or services. Edge has implemented a robust Information and Security Policy in order to meet its obligations to safeguard your personal information.

6.1 Security Safeguards

  • Authentication measures: All users are given unique and identifiable usernames and the sharing of passwords with others is unacceptable behaviour and is grounds for dismissal or loss of account privileges.
  • Computer systems: All computer systems used by Edge employees are solely managed and owned by Edge. Personal devices are not permitted for any form of work at Edge. At all times these systems are secured behind a strict and monitored firewall. All laptops used in the field for the collection and retention of data are encrypted and password protected as are all databases.
  • Credit card information: Edge does not collect credit card information through its website. No credit card information is sent electronically by email. Credit card transactions made through the Edge Websites are processed by Moneris hosted paypages with all credit card details being retained by Moneris. See Moneris’ privacy policy here: Credit card payments are also processed at some of our physical locations.
  • Cross-border transfer or storage of information: We may use service providers located outside of Ontario and Canada, and, if applicable, your personal information may be processed and stored in a foreign jurisdiction, including the United States, and therefore may be subject to access by or disclosure to foreign law enforcement authorities under the laws of those jurisdictions. You may request information from Edge on the jurisdictions in which Edge and/or its service providers will process personal information.

6.2 Privacy or Security Breach

In case of a privacy or security breach: A “breach of security safeguards” is defined as the loss of, unauthorized access to or unauthorized disclosure of personal information resulting from a breach of an organization’s security safeguards or from a failure to establish those safeguards.

In case of a breach of security safeguards involving personal information under our control, we will notify the affected individual (parent or guardian), associated school Board and school and the Office of the Privacy Commissioner of Canada, as well as any provincial Information and Privacy Commissioner, as appropriate, if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to the individual, including physical, financial or reputational harm. We will also notify any other organization or government institution that can reduce the risk or mitigate the harm from the breach. We will keep a record of any breach of security safeguards in accordance with our obligations under the applicable privacy legislation.

6.3 Leaving the Websites or may contain links to and from other websites. Edge has no control over such third-party websites and is not responsible for the privacy or security practices of those websites. When you follow a link to a third-party website, you are no longer protected by our Privacy notice and we encourage customers to understand the privacy practices of those websites.

Edge cannot and does not guarantee, represent or warrant that the content or information contained in such third-party websites and resources is accurate, legal, non-infringing or inoffensive. Edge does not endorse the content or information of any third-party website or resource and, further, Edge does not warrant that such websites or resources will not contain viruses or other malicious code or will not otherwise affect your computer. By using any of our Websites to search for or link to a third-party website, you agree and understand that Edge shall not be responsible or liable, directly or indirectly, for any damages or losses caused or alleged to be caused by or in connection with your use of, or reliance on, Edge to obtain a link to a third- party website.


Customers may receive e-mail regarding their orders or their account and in response to their questions. Edge may also send customers e-mail with information and/or special offers about products and services that may be of interest to customers, unless customers indicate they do not want to receive them. Edge complies with Canada’s Anti-Spam Legislation with respect to such communications.

Customer choices about receiving email: We give customers an opportunity to let us know their preference in terms of receiving promotional e-mail when customers register for a service, provide us with their personal information, or when we send customers e-mails. If customers choose not to accept this promotional e-mail, they may not receive special offers that may be of value. This option applies to promotional e-mail only, as we may find it necessary to send customers e-mail relating to the products customers have purchased, their

account or their orders. Promotional e-mail that customers receive from Edge will tell customers how to decline receiving future promotional e-mail. Edge will never ask for your credit card or account information over e-mail.


Edge understands the special importance of protecting the privacy of children. We do not knowingly permit children under the age of 16 to become registered members of our sites, or to buy goods and services on our sites, without proven parental consent. Edge does not knowingly collect or solicit personal information about children under 16, except with their parent’s express consent.


Edge reserves the right to modify this Privacy and Security Policy from time to time at our discretion and without any prior notice unless required by applicable law. By continuing to use of the Websites, customers agree to accept the changes. We suggest you bookmark this page and periodically review this Privacy and Security Policy to ensure familiarity with the most current version. Registered members will be notified of any material changes to the Privacy notice via email. The e-mail will be sent to the address members have provided to Edge for their account.

This privacy notice was last amended on January 31, 2020.


Any questions or concerns about customer privacy when using the Edge Websites can be directed to our Privacy Officer at or at:

Privacy Officer Edge Imaging

940 Gateway Drive Burlington, ON

L7L 5K7



Edge will work with customers to resolve any concerns customers have about this Privacy notice. If we are unable to resolve your privacy concerns, you have the right to complain to the Office of the Privacy Commissioner of Canada or a provincial Information and Privacy Commissioner.