support home

Back to website
Login  Sign up


Hello. I paid for this in order to get a privacy policy that contains the CASL and PIPEDA clauses because the business is located in canada, but it is not there. I need this now, or I would like a refund. What do I do?
  • Hi there, this is Simon from iubenda. First of all let me state that it's completely ok to request your money back if you find iubenda is not doing what you need it to do. For that you can just get in touch with our support team at info at iubenda dot com and someone will help you out. Regarding CASL and PIPEDA. iubenda works this way: we try and work in the strongest possible rules so the text reflects these strong laws. Most of these strict rules (that don't exist in the US, for instance) come from European regulations, but we usually don't mention what the reasons are for their existence in our texts. So for PIPEDA for instance you wouldn't find a setting called PIPEDA, or a sentence relating to PIPEDA explicitly in our service. However, since we are in touch about these things with people all over the world, we usually react quickly, if something needs to be changed. Have you found something in particular that you think we should take a look at? Regarding CASL however we are talking about something slightly different. CASL takes care of the spam/emailing requirements that are quite strict in Canada, but it doesn't find it's way into the privacy policy directly. You can check out our clauses called "newsletter" or "DEM" or "Mailchimp" that should give you an idea about what the service does. Also, I suggest for you to check out something that Mailchimp wrote about CASL which is easily understandable: Let us know if you have any further questions, or do let us know privately whether we should help you getting your money back. Best regards from iubenda HQ.
  • Thanks for your response, Simon. With regard to CASL, is it generally necessary to mention in the privacy policy that we use double opt-in, since that applies to all Canadian customers?
  • Hi there again, I guess it depends. Please understand that we can't give you any definite answers on things that we don't have full insights on. Consider that it's never wrong to go the extra mile and describe things that are relevant for people to know, even though it might not necessarily be *required*. Consider that a properly configured double opt-in is the safest thing you can do under most circumstances, I'm at this moment not aware of any requirement to actually also disclose this to users by way of a privacy policy.
Login or Signup to post a comment