Kite Wings logo Kite Wings Festival and event organization

Privacy Policy of Kite Wings (kitewings.ca)

Effective date: March 28, 2026

Last updated: March 28, 2026

This Privacy Policy explains how Kite Wings (“we”, “us”, “our”, the “Site”) collects, uses, discloses, stores, and protects users’ personal information.

1. Applicable laws

We process personal information in accordance with applicable Canadian privacy laws, including:

  • Personal Information Protection and Electronic Documents Act (PIPEDA);
  • Personal Information Protection Act (British Columbia, PIPA BC), where applicable;
  • Act respecting the protection of personal information in the private sector (Quebec, chapter P-39.1, Law 25), where applicable.

For commercial electronic communications, we also comply with Canada’s Anti-Spam Legislation (CASL), where applicable.

2. Person responsible for personal information

Role: Privacy Officer
Organization: Kite Wings
Email: [email protected]

If you have questions about collection, use, correction, deletion, or protection of your personal information, please contact our Privacy Officer.

3. Personal information we collect

Depending on how you use the Site, we may collect:

  • identity and contact data: first name, last name, phone number, email address, address;
  • event and registration form data: age, emergency contact, participation date, family participation details, experience, equipment details;
  • technical data: IP address, user-agent, request date/time.

We collect only information that is necessary and proportionate to the stated purposes.

4. Purposes of processing

  • to receive and process event and volunteer applications;
  • to communicate with you regarding participation, logistics, and safety;
  • to respond to your inquiries;
  • to maintain Site operation and security;
  • to meet legal obligations and protect legitimate interests.

5. Legal basis for processing

We process personal information based on:

  • your consent (including submission of forms);
  • the need to fulfill your request or provide services;
  • compliance with legal obligations;
  • other grounds permitted by applicable federal or provincial law.

6. Disclosure to third parties

We do not sell personal information. We may disclose it only:

  • to service providers (for example, hosting or technical support) that process data under our instructions;
  • to public authorities or courts where required by law;
  • in other cases expressly permitted by law, including fraud prevention and protection of rights and safety.

7. Cross-border data processing

Personal information may be processed in other Canadian provinces or outside Canada (for example, through cloud service providers). In such cases, we apply contractual, organizational, and technical safeguards. Where Quebec law applies, we follow additional requirements for risk assessment and protection for transfers outside Quebec.

8. Security safeguards

We apply reasonable administrative, technical, and physical safeguards to protect personal information against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

9. Retention and deletion

We retain personal information only as long as necessary for the purposes identified, to meet legal obligations, and to resolve disputes.

If information is used to make a decision that directly affects an individual, we retain that information for at least 1 year after the decision where required by law, then delete or de-identify it within a reasonable time unless further retention is required by law.

10. Privacy incidents (data breaches)

In the event of a privacy incident, we act in accordance with applicable law:

  • assess the risk of harm to affected individuals;
  • take steps to mitigate impact and prevent recurrence;
  • notify regulators and affected individuals when required by law (including under PIPEDA and Quebec law);
  • maintain incident records where required by law (including at least 24 months under PIPEDA).

11. Your rights

You have the right, subject to applicable law, to:

  • know what personal information we process and why;
  • request access to your personal information;
  • request correction of inaccurate or incomplete information;
  • withdraw consent where processing is based on consent;
  • file a complaint with a competent privacy regulator.

To exercise your rights, contact us at [email protected]. We may request identity verification before completing your request.

Access/correction requests and complaints are handled within timelines required by applicable law (typically within 30 days, with extensions where permitted).

12. Minors

If you provide personal information about minors, you confirm that you have proper legal authority to do so. Where Quebec law applies, personal information of a child under 14 is processed with parental or legal guardian consent, unless otherwise permitted by law.

13. Complaints to regulators

If you believe your privacy rights were violated, you may contact:

  • Office of the Privacy Commissioner of Canada (OPC);
  • Office of the Information and Privacy Commissioner for British Columbia (OIPC BC);
  • Commission d’accès à l’information du Quebec (CAI), where applicable.

Before contacting a regulator, you may submit a complaint directly to our Privacy Officer. We will acknowledge receipt and respond within timelines required by law.

14. Changes to this Policy

We may update this Privacy Policy to reflect legal changes or updates to our data processing practices. The current version will always be published on this page with the last updated date.

Continued use of the Site after updates means you acknowledge the revised Policy.