Cookie policy

CMARKET LTD. – COOKIE POLICY
Province of British Columbia, Canada
Effective Date: February 20, 2026
Applies to: CommunityMarket.ca (the “Platform”)
This Cookie Policy explains how CMarket Ltd. (“CMarket”, “we”, “us”) uses cookies and similar tracking technologies in accordance with:
British Columbia Personal Information Protection Act (PIPA)
Personal Information Protection and Electronic Documents Act (PIPEDA)
Applicable Canadian privacy principles
This Policy forms part of our Privacy Policy and Terms of Use.

1. WHAT ARE COOKIES & TRACKING TECHNOLOGIES

Cookies are small text files stored on your device when you access the Platform.
We may also use:
Local storage
Pixel tags
Web beacons
Device fingerprinting technologies (limited security context)

Server-side session identifiers
These technologies enable secure operation, fraud prevention, analytics, and functionality.
Cookies do not typically identify you directly but may become personal information when linked to your account.

2. LEGAL BASIS FOR PROCESSING

Under BC PIPA and PIPEDA, we process cookie-related information on the following bases:
Operational necessity (Strictly Necessary Cookies)
Legitimate business interests (fraud prevention, performance monitoring)
User consent (non-essential analytics or marketing cookies where applicable)
Where consent is required, it is obtained via a cookie banner or consent tool.

3. COOKIE CATEGORIES USED BY CMARKET

3.1 Strictly Necessary Cookies (Non-Optional)
Purpose:
Secure login authentication

Cart functionality
Payment session integrity
CSRF protection
Fraud prevention
Session continuity
These cookies cannot be disabled without disabling core functionality.
Legal Basis: Essential operational function.
3.2 Security & Fraud Prevention Cookies
Purpose:
Detect unusual login behavior
Prevent account takeover
Identify bot activity
Monitor high-risk chargeback patterns
Maintain transaction integrity
May collect:
IP address
Device type
Browser type
Behavioral patterns
Session timestamps
Legal Basis: Legitimate interest in fraud prevention and platform protection.

3.3 Performance & Analytics Cookies
Purpose:
Understand user navigation
Identify technical errors
Improve checkout flow
Analyze aggregated traffic patterns
Data may be anonymized or aggregated.
Third-party analytics providers (if used) operate under their own privacy policies.
Legal Basis: Consent where required or legitimate interest.
3.4 Functional Cookies
Purpose:
Remember user preferences
Store session settings
Enhance accessibility options
Non-essential but improve user experience.
3.5 Third-Party Service Cookies
Certain cookies may be set by:
Stripe (payment processing)
Hosting providers
Fraud monitoring services
Embedded services or APIs
We do not control third-party cookie mechanisms.

Users should review those providers’ privacy policies.

4. COOKIE INVENTORY TABLE (CORE TYPES)

CategoryExample FunctionRetentionMandatorySession CookieLogin AuthenticationSession onlyYesCSRF TokenSecurity ProtectionSessionYesCart IDShopping Cart PersistenceSessionYesFraud IdentifierChargeback MonitoringUp to 12 monthsYesAnalytics CookieAggregated Traffic Data6–24 monthsOptionalPreference CookieLanguage/DisplayUp to 12 monthsOptional
Actual cookie names may vary based on system configuration.

5. CONSENT MANAGEMENT

Where applicable:
Users may accept or reject non-essential cookies.
Essential cookies remain active.
Consent preferences may be modified via browser settings.
Continued use after banner acknowledgment may constitute implied consent where

permitted by law.
CMarket does not use behavioral advertising cookies unless expressly disclosed.

6. DO NOT TRACK (DNT)

Some browsers transmit “Do Not Track” signals.
Currently, there is no universal industry standard governing DNT responses.
CMarket does not alter core functionality based solely on DNT signals but respects explicit cookie preferences selected via the Platform’s consent interface.

7. MARKETPLACE STRUCTURE CLARIFICATION

CMarket operates as a multi-vendor marketplace.
We do not:
Share analytics cookie data with Vendors for marketing purposes.
Allow Vendors to independently place tracking pixels on customer devices through the Platform.
Vendors receive only limited fulfillment data as described in the Privacy Policy.

8. CROSS-BORDER DATA

PROCESSING
Certain third-party service providers may process cookie-related data outside Canada.
By using the Platform, users acknowledge that:
Data may be processed in other jurisdictions.
Privacy laws in those jurisdictions may differ from Canadian laws.
CMarket uses contractual safeguards to protect such information.

9. DATA RETENTION

Retention periods depend on category:
Session cookies: expire at browser close
Fraud monitoring identifiers: up to 12 months
Analytics cookies: up to 24 months (aggregated where possible)
Security logs: retained according to operational necessity
Data may be retained longer where required for:
Fraud investigations
Legal disputes
Regulatory compliance

10. SECURITY SAFEGUARDS

We implement commercially reasonable technical and organizational safeguards including:

Encryption in transit
Access controls
Limited data access protocols
Security monitoring tools
However, no internet system can guarantee absolute security.

11. USER CONTROL OPTIONS

Users may:
Adjust browser cookie settings
Delete stored cookies
Block third-party cookies
Use private browsing modes
Disabling cookies may impair:
Login access
Checkout functionality
Fraud prevention systems
CMarket is not liable for functional limitations caused by user-controlled browser settings.

12. POLICY UPDATES

We may update this Cookie Policy from time to time.
The updated version will be posted with a revised Effective Date.
Continued use of the Platform constitutes acceptance.

13. CONTACT

Privacy Officer
CMarket Ltd.
2319 Clarke St
Port Moody, BC V3H 1Y9
Email: [email protected]