Cookie Policy

1. Introduction

This Cookie Policy explains how CHeCS Canada (“we,” “our,” or “us”) uses cookies and similar tracking technologies on the CHeCS website at https://checs.ca (the “Site”) and within the CHeCS compliance management platform (the “Service”). It supplements our Privacy Policy, which provides additional detail about how we collect, use, and protect Personal Information.

This Cookie Policy is structured as follows: Section 2 (What Cookies Are), Section 3 (How We Use Cookies), Section 4 (Cookies on the Site), Section 5 (Cookies Within the Service), Section 6 (Other Tracking Technologies), Section 7 (Consent and Your Choices), Section 8 (Browser Controls), Section 9 (Do Not Track), Section 10 (Changes to This Policy), and Section 11 (Contact Us).

Capitalized terms not defined here have the meaning given in our Privacy Policy.

2. What cookies are

Cookies are small text files that a website stores on your device (computer, tablet, or mobile phone) when you visit. Similar technologies include local storage and session storage in your browser. Cookies serve a variety of purposes, including remembering your preferences, supporting authentication, analyzing how you use a website, and (in some contexts) supporting advertising.

This Policy uses the term “cookies” loosely to include cookies and other browser storage technologies described in Section 6.

3. How we use cookies

We use cookies and similar technologies in four categories:

Strictly necessary: required for the Site or the Service to function. These cannot be disabled without breaking core functionality.
Analytics: help us understand how visitors and Authorized Users interact with the Site and the Service so that we can improve content, design, and functionality.
Functional: remember your preferences and choices to personalize your experience.
Marketing: help us measure the effectiveness of our marketing communications and, where consent is granted, attribute interactions back to specific marketing activities.

We do not load analytics, functional, or marketing cookies on the Site until you grant consent through our cookie banner. The default state is that only strictly necessary security-related storage is active. We describe the consent mechanism in Section 7.

4. Cookies on the Site

The Site (checs.ca) uses the following cookies and similar technologies.

4.1 Strictly necessary

Consent preference storage: when you make a choice in our cookie banner, your preference is saved to your browser’s local storage so that the banner is not shown again on subsequent visits. This storage contains only your consent preference; it does not contain personally identifying information.
Tag management framework: a small script loads on every page to manage other tags conditionally based on your consent. The tag management framework itself does not set cookies or collect identifiable analytics or marketing data; it only controls whether other tags are permitted to load.

4.2 Analytics (consent-gated)

If you grant consent for analytics, we may use:

Site analytics cookies: set by our web analytics provider to measure pageviews, sessions, traffic sources, and basic interaction metrics. These cookies typically have a lifespan ranging from the duration of your browser session to up to two (2) years.
Marketing CRM analytics cookies: set by our marketing CRM provider to recognize repeat visitors and to attribute form submissions to specific traffic sources. These cookies typically have a lifespan of up to thirteen (13) months.

These analytics cookies are configured to collect only the information described above; they do not collect identifiable health information.

4.3 Marketing (consent-gated)

We do not currently run paid advertising campaigns on the Site, and we do not load advertising or retargeting cookies. If we begin running such campaigns in the future, we will update this Policy in advance to describe the specific advertising and retargeting cookies used, and any such cookies will continue to be consent-gated through our cookie banner.

4.4 Functional (consent-gated)

We do not currently load functional cookies that go beyond the strictly necessary category described in Section 4.1. If we add functional cookies in the future (for example, to remember language or display preferences), we will update this Policy and require consent before loading them.

5. Cookies within the Service

The Service (the CHeCS compliance management platform) uses a small set of cookies and similar technologies that are necessary for the Service to function. These are all strictly necessary and are not subject to the consent banner described in Section 7.

Authentication and session management: cookies and similar tokens used to maintain your authenticated session in the Service after you sign in through your organization’s identity provider. These are deleted when you sign out or when your session expires.
Security and abuse protection: cookies used by our network security provider to detect and mitigate denial-of-service attacks, malicious traffic, and abuse.

The Service does not load analytics, advertising, or marketing cookies on Authorized User devices. Service usage is tracked through our internal activity log described in our Privacy Policy, not through cookies.

6. Other tracking technologies

In addition to cookies, we use the following browser storage and similar technologies:

Local storage: persistent storage on your device used to save your cookie consent preference on the Site (see Section 4.1).
Session storage: temporary storage cleared when you close your browser; used for transient state within the Service.

We do not currently use:

Web beacons or pixel tags for analytics purposes outside of those described above.
Device fingerprinting.
Cross-site tracking technologies.
Heat-mapping or session-replay tools.

If we add any of these technologies in the future, we will update this Policy and, where required, obtain consent before deploying them.

7. Consent and your choices

When you first visit the Site, we display a cookie banner allowing you to accept or reject non-essential cookies. Our cookie banner uses a “consent mode” framework with the following defaults before you make a choice:

Strictly necessary security-related storage: enabled.
Analytics storage: denied.
Advertising storage: denied.
Functional and personalization storage: denied.

This means that until you grant consent, the cookies and tags described in Sections 4.2, 4.3, and 4.4 do not store identifiers, set tracking cookies, or transmit identifiable analytics or marketing data. Our tag management framework loads on every page so that it can conditionally load other tags based on your consent, but it does not collect or store data itself.

Your consent choice is saved to your browser’s local storage. To change your cookie preferences after providing initial consent, you may:

Use the “Cookie Settings” link in the Site footer, which will re-open the cookie banner and allow you to make a new choice;
Clear your browser’s site storage for our Site, which will also cause the banner to reappear on your next visit; or
Contact our Privacy Officer at the address in Section 11.

8. Browser controls

In addition to the consent banner, you can manage cookies through your browser settings. Most browsers allow you to:

View and delete cookies that are already stored on your device.
Block all cookies or only third-party cookies.
Clear cookies automatically when you close your browser.
Set exceptions for specific websites.

The procedure varies by browser. Browser vendor documentation is available at the following locations:

Blocking or deleting strictly necessary cookies may prevent the Site or the Service from working correctly.

Opt-out of interest-based advertising

We do not currently run interest-based advertising on the Site, but if you want to opt out of interest-based advertising across the web more broadly, you can use the following industry tools:

Digital Advertising Alliance of Canada: External link (opens in new window): https://youradchoices.ca
Digital Advertising Alliance (US): External link (opens in new window): https://optout.aboutads.info
Network Advertising Initiative: External link (opens in new window): https://www.networkadvertising.org/choices

Mobile device settings

On mobile devices, you can manage tracking through your operating system settings:

iOS: Settings → Privacy & Security → Tracking
Android: Settings → Google → Ads

9. Do Not Track

Some browsers offer a “Do Not Track” (DNT) signal that asks websites not to track you. There is currently no industry standard for how websites should respond to DNT signals. We do not currently respond to DNT signals at the browser level; instead, we honour the cookie preferences you set through our consent banner and through your browser settings.

10. Changes to this Policy

We may update this Cookie Policy from time to time to reflect changes in the cookies and tracking technologies we use, changes in applicable law, or changes in our practices. When we make material changes, we will update the “Last updated” date at the top of this Policy and, where appropriate, provide additional notice (for example, by re-prompting for consent if the change affects what categories of cookies we use).

If we begin using a category of cookies or technology not described in this Policy (for example, advertising cookies, functional cookies that go beyond the strictly necessary category, or session-replay tools), we will update this Policy before deploying the new technology and obtain consent where required.

11. Contact us

If you have questions about our use of cookies or this Policy, please contact us:

Privacy Officer: legal@checs.ca
General inquiries: hello@checs.ca

For more information about how we handle Personal Information generally, please see our Privacy Policy.