プライバシーポリシー

翻訳通知：このプライバシーポリシーは日本語への専門的な翻訳が保留中です。正式版は英語版です。不一致がある場合、英語版が優先されます。
Translation notice: This Privacy Policy is pending professional translation into Japanese.

Privacy Policy

Last updated: May 2, 2026 Effective date: May 2, 2026

Anahana Wellness Inc. (“Anahana”, “we”, “us”, or “our”) operates the https://www.anahana.com website (the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our Service, and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used here have the same meanings as in our Terms and Conditions.

Data Controller

The data controller responsible for your personal data is:

Anahana Wellness Inc. 19 Glenview Ave. Toronto, ON M4R 1P5 Canada Email: [email protected]

For questions about this Privacy Policy or to exercise any of your rights, please contact us at the email address above.

Definitions

Service — the https://www.anahana.com website operated by Anahana Wellness Inc.
Personal Data — data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data — data collected automatically, generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies — small files stored on your device.
Data Controller — the natural or legal person who determines the purposes for which and the manner in which any personal data is processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
Data Processor — any natural or legal person who processes the data on behalf of the Data Controller.
Data Subject — any living individual who is using our Service and is the subject of Personal Data.

Information We Collect

We collect several types of information for various purposes to provide and improve our Service.

Personal Data. While using our Service, we may ask you to provide certain personally identifiable information that can be used to contact or identify you, including:

Email address
First name and last name
Country / region (when relevant to localization)
Cookies and Usage Data

We may use your Personal Data to contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may opt out of receiving any of these communications by following the unsubscribe link in any email we send or by contacting us.

Usage Data. We collect information that your browser sends whenever you visit our Service, including your computer’s Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, time spent on those pages, unique device identifiers, and other diagnostic data.

Location Data. With your permission, we may use and store information about your approximate location. You can enable or disable location services through your device settings at any time.

Tracking and Cookies Data. We use cookies and similar tracking technologies to track activity on our Service and store certain information. See the Cookies and Similar Technologies section below for details.

How We Use Your Information

Anahana Wellness Inc. uses the collected data for the following purposes:

To provide and maintain our Service
To notify you about changes to our Service
To allow you to participate in interactive features of our Service when you choose to do so
To provide customer support
To gather analysis or valuable information to improve our Service
To monitor the usage of our Service
To detect, prevent, and address technical issues
To serve advertisements and measure their effectiveness
To provide you with news, special offers, and general information about other goods, services, and events that may be of interest to you, unless you opt out of receiving such information

If you are a resident of the European Economic Area (EEA), the United Kingdom, or Switzerland, our legal basis for collecting and using the Personal Data described in this policy depends on the data we collect and the specific context:

Consent — for personalized advertising, marketing communications, and optional analytics, we rely on your consent (which you can withdraw at any time through our consent management platform).
Legitimate interests — for security, fraud prevention, basic site analytics, and improving our Service, we rely on legitimate interests, balanced against your fundamental rights.
Contract — where processing is necessary to perform a contract with you (e.g., delivering a digital product you have purchased).
Legal obligation — where we must process data to comply with applicable laws.

Cookies and Similar Technologies

We use cookies and similar tracking technologies. Cookies are small files placed on your device. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period or until you delete them).

Categories of cookies we use:

Strictly necessary — required for the Service to function. These cannot be disabled and do not require consent.
Analytics — help us understand how visitors interact with the Service. Includes Google Analytics 4 and Microsoft Clarity.
Advertising and personalization — used to deliver and measure advertisements, including personalized ads. Includes Google AdSense, Google Ad Manager, and Google Ads remarketing cookies (DoubleClick).

Managing your preferences. For visitors in the European Economic Area, the United Kingdom, and Switzerland, we display a consent banner on your first visit that allows you to accept or refuse non-essential cookies. You can change your preferences at any time by clearing your browser cookies and revisiting our Service, or by using your browser’s cookie controls.

Advertising and Third-Party Vendors

Our Service displays advertisements served by Google and other third parties.

Google AdSense and Ad Manager. Third-party vendors, including Google, use cookies to serve ads based on a user’s prior visits to this website or other websites. Google’s use of advertising cookies enables it and its partners to serve ads to our users based on their visit to our sites and/or other sites on the Internet. Users may opt out of personalized advertising by visiting Google’s Ads Settings.

DoubleClick cookies. We use Google’s DoubleClick cookie (and similar identifiers operated by Google) for ad personalization, frequency capping, conversion measurement, and ad serving optimization. You can manage DoubleClick preferences through Google’s Ads Settings link above.

IAB Transparency and Consent Framework (TCF). For visitors in the European Economic Area, the United Kingdom, and Switzerland, we participate in the IAB Europe Transparency and Consent Framework and comply with its specifications and policies. Our Consent Management Platform identifier is 300 (Google FundingChoices). You can review the current list of ad technology partners with whom data may be shared via the consent banner on our Service.

Other third-party advertising opt-outs. In addition to Google’s Ads Settings, you may opt out of personalized advertising from many advertising networks via the following industry-led mechanisms:

These opt-outs are device- and browser-specific. If you change devices, browsers, or clear your cookies, you may need to repeat the process.

Service Providers and Third Parties

We may employ third-party companies and individuals to facilitate our Service (“Service Providers”), provide the Service on our behalf, perform Service-related services, or assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics:

Google Analytics 4 — provided by Google LLC. Tracks and reports website traffic. For more information, see Google’s Privacy & Terms.
Microsoft Clarity — provided by Microsoft Corporation. Captures session recordings, click maps, and scroll heatmaps to help us improve user experience. Clarity does not record passwords, credit card information, or data entered into form fields by default. For more information, see Microsoft’s Privacy Statement.

Advertising:

Google AdSense (publisher ID: pub-3367397398996558)
Google Ad Manager (network ID: 22905068637)
Google Ads (remarketing) — provided by Google LLC

Tag management and consent:

Google Tag Manager — provided by Google LLC, used to manage tags on the Service.
Google FundingChoices — provided by Google LLC, our IAB-certified Consent Management Platform (TCF v2).

Infrastructure:

Cloudflare, Inc. — provides our content delivery network (CDN), DDoS protection, and edge security analytics. Cloudflare may collect IP addresses and request metadata for security and performance purposes. See Cloudflare’s Privacy Policy.
SuperSchema — first-party analytics pixel used by us for technical performance monitoring.

Disclosure of Data

Legal requirements. Anahana Wellness Inc. may disclose your Personal Data in the good-faith belief that such action is necessary to:

comply with a legal obligation
protect and defend the rights or property of Anahana Wellness Inc.
prevent or investigate possible wrongdoing in connection with the Service
protect the personal safety of users of the Service or the public
protect against legal liability

Business transfers. If Anahana Wellness Inc. is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or governmental jurisdiction where data protection laws may differ from those of your jurisdiction. Anahana Wellness Inc. is based in Canada, and your data is generally processed in Canada and in the United States by our Service Providers.

When transferring Personal Data from the European Economic Area, the United Kingdom, or Switzerland to countries that have not received an adequacy decision from the European Commission, we rely on appropriate safeguards, including the European Commission’s Standard Contractual Clauses (SCCs) and supplementary measures where necessary, to ensure that your data receives a level of protection essentially equivalent to that guaranteed under European law.

Your submission of information to the Service represents your agreement to that transfer.

Data Retention

We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, or as required by law:

Account / contact information — retained while you remain subscribed to our communications, plus a reasonable period to comply with legal obligations.
Usage / analytics data — retained for up to 26 months in Google Analytics (default), and up to 13 months in Microsoft Clarity, after which it is aggregated or deleted.
Advertising cookies and identifiers — retained per the lifetime defined for each specific cookie (typically 30 days to 24 months).
Customer support communications — retained for up to 3 years to handle follow-up inquiries.
Transaction / payment records — retained as required by Canadian tax and accounting law, typically 6-7 years.

We will retain and use your Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.

Security

The security of your data is important to us. We use commercially reasonable administrative, technical, and physical safeguards to protect your Personal Data, including HTTPS encryption in transit and access controls on stored data. No method of transmission over the Internet or electronic storage is 100% secure; while we strive to protect your Personal Data, we cannot guarantee its absolute security.

Your Data Protection Rights

Rights under the General Data Protection Regulation (GDPR) and UK GDPR. If you are a resident of the European Economic Area, the United Kingdom, or Switzerland, you have the following rights:

Right of access (Art. 15) — to request information about whether we hold Personal Data about you and to receive a copy.
Right to rectification (Art. 16) — to have inaccurate or incomplete data corrected.
Right to erasure (“right to be forgotten”, Art. 17) — to request deletion of your Personal Data, subject to certain exceptions.
Right to restrict processing (Art. 18) — to request that we limit how we process your data in certain circumstances.
Right to data portability (Art. 20) — to receive your Personal Data in a structured, machine-readable format and to transmit it to another controller.
Right to object (Art. 21) — to object to processing based on legitimate interests, including profiling for direct marketing.
Right to withdraw consent (Art. 7(3)) — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at [email protected]. We may ask you to verify your identity before responding.

Right to lodge a complaint. You also have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your Personal Data infringes the GDPR. A list of EU supervisory authorities is available here.

California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act (CPRA), including:

Right to know what categories of personal information we have collected about you, the sources, the purposes, and the categories of third parties with whom we share it.
Right to delete personal information we have collected (subject to exceptions).
Right to correct inaccurate personal information.
Right to opt out of the sale or sharing of personal information. Anahana does not sell personal information for monetary consideration. To the extent that the use of cookies and similar technologies for cross-context behavioral advertising constitutes “sharing” under the CPRA, you may opt out by adjusting your cookie preferences via our consent banner or by enabling the Global Privacy Control (GPC) signal in your browser.
Right to limit use of sensitive personal information.
Right to non-discrimination for exercising your CCPA / CPRA rights.

To exercise these rights, email [email protected] with the subject line “California Privacy Request”. We will respond within 45 days.

EU Digital Services Act (DSA) Contact

For matters related to the EU Digital Services Act, including notice-and-action mechanisms, illegal content reports, and other DSA-related communications, you may contact us at [email protected]. This contact point may be addressed in English or in any official language of the EU member state in which you reside.

Children’s Privacy

Our Service is not directed to children. We do not knowingly collect Personal Data from individuals under 13 years of age in the United States, or under 16 years of age in the European Economic Area, the United Kingdom, or Switzerland. If you are a parent or guardian and you believe that your child has provided us with Personal Data, please contact us at [email protected] so that we can take appropriate action to remove the information from our records.

“Do Not Track” Signals

Some web browsers offer a “Do Not Track” (“DNT”) setting. Because there is no industry consensus on how to interpret DNT signals, our Service does not currently respond to DNT signals. We do, however, honor the Global Privacy Control (GPC) signal as an opt-out of the sale or sharing of personal information for California residents.

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date at the top. Where required by law, we will provide more prominent notice (such as via email or a banner on the Service) and, where necessary, seek fresh consent.

You are advised to review this Privacy Policy periodically for any changes. Changes are effective when posted on this page.

Contact Us

If you have any questions about this Privacy Policy, you can contact us:

Anahana Wellness Inc. 19 Glenview Ave. Toronto, ON M4R 1P5 Canada

By email: [email protected]