Privacy Policy

This Information Security Notice is provided by Green Apple Studio. At Green Apple Studio, we are committed to preserving the privacy of our customers. Our commitment is to ensure the security of all personal information provided by our customers or obtained in the course of providing our services. We will use this information in accordance with our customers' choices as well as the law.

Green Apple Studio fully complies with the obligations stipulated by Canada's federal Personal Information Protection and Electronic Documents Act, as well as provincial privacy legislation, which is substantially similar and relates to personal information collected from our customers. When we indirectly obtain personal information in the course of providing services to schools and other institutions, we ensure the protection of this information in accordance with the laws applicable to our institutional clients, such as the Freedom of Information and Protection of Privacy Act.

The purpose of this Privacy Policy is to inform our customers about our privacy practices with respect to accessing, browsing and using the following website. It also covers our more general privacy practices as an organization. By using our services, our customers agree to the terms of this Privacy Policy. This policy explains what information we collect directly or indirectly from our institutional customers, and how this information is used to continue to provide our customers with exceptional service.

This Privacy Notice provides a detailed description of consent and the means by which we obtain consent for the use of personal information. It also describes the types of personal information we collect from our customers and how we use it. It also explains when we share your personal information with third parties. It will also explain the measures we take to protect your personal information. And finally, how to contact us if you have any questions or require further information.

Databases are provided by customers (academic institutions or service centers). This information is used to provide products and services (e.g. to provide customers with information about photo shoots). It allows us to create and manage accounts and track orders. Our customer service department uses certain information to communicate with customers. It may be used for analysis and internal marketing purposes. Sharing with third parties is only possible for shipping and delivery purposes, with companies that respect and agree to follow our privacy policy.

Our customers ensure that they have obtained the appropriate consents before providing us with personal information about others through letters, or other means of communication, to parents, primary guardians and/or students.

At all times, please note that we may disclose certain information to a school or the police to assist in a police investigation, in accordance with applicable privacy laws.


  • Account means a unique account created for you to access our service.
  • Company (referred to as "the Company", "we", "us" or "our" in this Agreement) means Green Apple Studio, 9350 de l'Esplanade Ave., Montreal, QC H2N 1V5.
  • Cookies are small files placed on your computer, mobile device or other device by a website, containing details of your browsing history on that website among its many uses.
  • Country means: Quebec, Canada
  • Device means any device that can access the Service, such as a computer, cell phone or digital tablet.
  • Personal data is any information relating to an identified or identifiable person.
  • Usage data refers to data collected with consent from the institutions to which we provide our services or either from the service infrastructure itself (for example: ordering on our website).
  • The website refers to:
  • ‘‘You’’ means the person accessing or using the Service, or the company or other legal entity on whose behalf that person accesses or uses the Service, as the case may be.

Collection and use of your personal data - Type of data collection

Personal data

We have obtained information through academic institutions or other related parties that engage us as a photographic service provider. Personally identifiable information may include, but is not limited to:

  • Student and/or Permanent Code
  • First and last name
  • Telephone number
  • Address, state, province, postal code, city
  • Other data for administrative purposes of the academic institution.

We may also ask you to provide certain personally identifiable information that may be used to contact or identify you. Personally identifiable information may include, but is not limited to:

  • Email address
  • First and last name
  • Telephone number
  • Address, state, province, postal code, city
  • Usage data

Use of your personal data

Our main motivation for collecting and using personal information is to provide our customers with an outstanding, secure and personalized service. Personal information enables us to better respond to the needs and preferences of our customers and to personalize products required by establishments (e.g. ID cards). The Company may use personal data for the following purposes:

  • To provide and maintain our service, including monitoring the use of our service.
  • To manage your account: to update your products and photos, and to track and verify your orders.
  • To fulfill a contract: the development, compliance and performance of the purchase contract for the products, items or services you have purchased or any other contract with us via the service.
  • To contact you: by email, telephone, SMS or other equivalent forms of electronic communication.
  • To provide you with news, special offers and general information about other products, services and events we offer that are similar to those you have already purchased or enquired about, unless you have opted not to receive such information.
  • To manage your requests, and/or to provide you with targeted advertising: We may use your information to develop and display content and advertising (and work with third-party providers who do so) tailored to your interests and/or location and to measure its effectiveness.
  • For business transfers: We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of all or a portion of our assets, whether as part of an ongoing operation or as part of a new business.

We may share your personal information in the following situations:

  • With service providers: we may share your personal information with service providers to monitor and analyze the use of our service, to advertise to you on third-party websites after you have visited our service, to process payments, to contact you.
  • For business transfers: We may share or transfer your personal information as part of or during negotiations for any merger, sale of company assets, financing or acquisition of all or part of our business to another company.
  • With affiliates: We may share your information with our affiliates, in which case we will require such affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
  • With your consent: we may disclose your personal information for any other purpose.

Retention of your personal data

The Company will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

The Company will also retain usage data for internal analysis purposes. Usage data is generally retained for a shorter period, except where such data is used to enhance security or improve the functionality of our service, or we are legally obliged to retain such data for longer periods.

Transfer of your personal data

Your information, including personal data, is processed at the Company's operating offices. The Company will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place.

Login / Use of personal data

Information is handled by a secure system and is kept for a limited time before being completely erased from the system. Handling is done by a very specific group of employees, on equipment that belongs to Green Apple Studio and complies with the company's pre-established security requirements. For product purchases and/or use of services (e.g. website), this system generates a unique web code for each customer, enabling them to view photos and place orders. Only the customer receives this information, and when interacting with customer service, identification measures are put in place to authenticate the customer.

We will associate the user's IP address only when an order is placed, in order to identify any fraudulent use of the credit card. The contents of the shopping cart are stored locally on the customer's premises. Personal transactional information is processed via a Moneris gateway to ensure the security of all orders placed via our website. In some cases, credit card payments may be processed by Green Apple Studio at our physical location and this payment information is used to process and fulfill orders.

Tracking technologies and cookies

Our website saves information locally to enable the site to recognize future visits to your computer. You may refuse these cookies if your browser permits. We also use Google Analytics to improve the customer experience by understanding how our customers interact with our website. A computer's user ID will only be linked to an IP address when a customer places an order, in order to identify any fraudulent use of a credit card. The tracking technologies used are tags and scripts to collect and track information and to improve and analyze our service. The technologies we use may include:

  • Cookies or browser cookies. A cookie is a small file placed on your device. You can set your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use certain parts of our service. Unless you have adjusted your browser settings to refuse cookies, our service may use cookies.
  • Flash cookies. Some features of our service may use locally stored objects (or Flash cookies) to collect and store information about your preferences or activity on our service. Flash cookies are not managed by the same browser settings as those used for browser cookies. For more information on how to delete Flash cookies, please read "Where can I change the settings for disabling or deleting local shared objects?" available at
  • Web beacons. Certain sections of our Service and our e-mails may contain small electronic files called Web beacons (also known as clear gifs, single-pixel gifs and web beacons) that allow the Company, for example, to count users who have visited those pages or whether he or she has opened an e-mail and for other related website statistics (for example, to record the popularity of a certain section and to verify system and server integrity).

Cookies can be either "persistent" or "session" cookies. Persistent cookies remain on your personal computer or mobile device when you log out, while session cookies are deleted as soon as you close your web browser. You can find out more about cookies here: All about cookies.

Disclosure of your personal data

Business transactions

If the Company is involved in a merger, asset sale or acquisition, your Personal Data may be transferred. We will inform you before Your Personal Data is transferred and becomes subject to a different privacy policy.

Enforcement of law

In certain circumstances, the company may be required to disclose your personal data if required to do so by law or in response to valid requests from public authorities (for example, a court or government agency).

Other legal requirements

The company may disclose your personal data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the Company's rights or property
  • Prevent or investigate possible wrongdoing in relation to the Service
  • Protect the personal safety of Service Users or the public
  • Protect against legal liability

Personal Data Security

The security of your personal data is important to us, but please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. Although we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

All users are given unique and identifiable usernames, and the sharing of passwords with others is strictly prohibited. Our computer systems are managed and owned exclusively by Green Apple Studio and all equipment used to access information is owned and supervised by Green Apple Studio. We have strict firewalls in place and monitor all activity at all times.

Each employee also receives training on the importance of confidentiality and security. As well as the procedures to follow to avoid compromising information.

For transactions, credit card information is not collected by us, but by Moneris' secure payment pages.

Detailed information on the processing of your personal data

The service providers we use may have access to your personal data. These third-party suppliers collect, store, use, process and transfer information about your activity on our service in accordance with their privacy policies (example: delivery, post).

Changes to your personal information

You may contact us to access your personal information and ask us to update, correct or delete any information we hold about you, subject to legal and contractual restrictions. You may also contact us to opt-out of any future contact from us.


We may use third-party service providers to monitor and analyze the use of our service.

Google Analytics is a web analysis service provided by Google that tracks and reports website traffic. Google uses the collected data to track and monitor the use of our service. This data is shared with other Google services. Google may use the data collected to contextualize and personalize ads on its own advertising network.

You can refuse to make your activity on the Service available to Google Analytics by installing the Google Analytics disabling browser add-on. The add-on prevents Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visit activity.

For more information on Google's privacy practices, please visit Google's privacy and terms of use page.

Data protection provisions about the application and use of reCAPTCHA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Email advertising

We may use your personal data to contact you with newsletters, marketing or promotional material and other information that may be of interest to you. You may opt-out of receiving any or all of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.

We may use e-mail marketing service providers to manage and send e-mails to you.

Mailchimp is an email marketing service provided by The Rocket Science Group LLC. For more information on Mailchimp's privacy practices, please see their privacy policy.


We may provide chargeable products and/or services as part of the Service. In this case, we may use third-party services to process payments (for example, payment processors).

We will not store or collect your payment card details. This information is provided directly to our third-party payment processors whose use of your personal information is governed by their privacy policies. These payment processors adhere to the standards defined by PCI-DSS, managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure processing of payment information.

Moneris: Their privacy policy can be viewed at

Archiving personal information

Your photos and information remain available for a maximum of 5 years (unless otherwise stipulated in the contract). Some of our administrative requests require photos from later years, so we keep them for the duration of each individual's schooling.

Links to other websites

Our service may contain links to other websites which are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to consult the privacy policy of each site you visit.

We have no control over, and assume no responsibility for, the content, privacy policies or practices of any third-party site or service.

Changes to this Privacy Policy

We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page.

We will notify you by email and/or by a prominent notice on our service, before the change becomes effective, and we will update the "last updated" date at the top of this privacy policy.

You are advised to periodically review this Privacy Policy for any changes. Changes to this Privacy Policy are effective when posted on this page.

In the event of a breach of security involving personal information

Affected parties will be notified, such as the individual concerned, the associated school board and school, the Office of the Privacy Commissioner of Canada, and any provincial information and privacy commissioners. We may also contact any other organization or government institution that can help reduce the risk caused by the breach. Orders will be placed on hold for a risk assessment. We determine whether the breach presents a real risk of significant harm to individuals, including physical, financial or reputational risks. Depending on the extent of the violation, orders will be released once they have been verified. Protocols will follow, such as sending new web codes to the affected customer base.

Record and history of violations

Green Apple Studio must keep a record of the violation in accordance with our legal obligations.

Contact Us

For more information about your privacy rights or for any other questions about the use of information: