PIPEDA Privacy Code
To address the privacy concerns of Canadians, the federal government enacted the Personal Information and Electronic Documents Act (PIPEDA). The purpose of PIPEDA, in general terms, is to regulate private sector collection, use and disclosure of personal information.
This legislation establishes rules and principles for the use and disclosure of personal information based on the ten privacy principles developed by the Canadian Standards Association (CSA). These principles recognize that we live in an era where commercial information is exchanged and circulated by electronic means. It balances the individual’s right to privacy in personal information with the reasonable need of organizations to collect, use, or disclose personal information only for a purpose that a reasonable person would consider to be appropriate in the circumstances.
PIPEDA requires ASAP Secured to provide the same safeguards for privacy and confidentiality that we have always provided on both a voluntary and a mandated basis as required under the Private Investigators and Security Guard Act. Our Privacy Code sets out these principles in simple terms. It explains how we ensure that your privacy and the confidentiality of the personal information you provide are protected. Persons needing additional information or wishing to express a concern can contact our chief security officer (CPO) by email at email@example.com
The ASAP Secured Inc. Privacy Code
Protecting the confidentiality of our client’s personal information has always been an important part of the way ASAP does business. To ensure that we protect the privacy of companies and individuals, ASAP has adopted a Privacy Code. This Code sets out how and why we collect and use personal information about our clients and those subjects we investigate. It also explains limited circumstances during which we may need or be required to disclose it.
Definitions: “Personal Information” means information that identifies you as a specific individual. It does not include the sort of general information that could be found in a business directory or a telephone book.
“Client” means a current and former user of our investigative services or an authorized agent of the company, organization, or representative which it represents.
A “subject” of investigation means a party that the client is legally charged with their well-being in an employment environment, is designated with their supervision, and is obligated to provide and ensure an essence of safety and security.
To collect, use, or disclose personal information, ASAP Secured must:
- Identify the purpose for the collection
- Obtain consent for the collection
- Limit our collection of personal information
- Limit the use, disclosure and retention of personal information
- Keep personal information accurate
- Safeguard personal information
- Maintain openness concerning our privacy practices
- Allow client’s access to personal information
- Meet challenging compliance standards
As a client of ASAP Secured Inc., you have a right to expect that—in the information you provide or request of us and the investigations conducted by ASAP on your behalf—we are accountable for the personal information collected and used as your designated investigative body. We are responsible for maintaining and protecting all personal information provided while it is under our control. This includes any personal information that may need to be disclosed to third parties for inquiries, processing, or other administrative functions. To help ensure the confidentiality of your personal information, we have established policies and procedures to ensure that we comply with PIPEDA. We have designated a privacy officer who is responsible for our company’s compliance with the ten privacy principles dictated by the Canadian Standard’s Association (CSA). If you have any questions or inquiries about how your personal information is stored, or when it may need to be disclosed to others, our privacy officer is there to assist and explain our policies to you.
Identifying our purpose for the collection, use or disclosure of Personal Information
Before or when we collect information, we will explain how we intend to use it. ASAP collects personal information only for the following purposes:
- To provide ongoing service to our clients.
- To conduct inquiries, research, surveillance and gather evidence which may be required by law pursuant to the terms of the Private Investigator’s and Security Guard Act – Ontario.
- To develop, enhance, market, or provide security and investigative training products and professional services.
- To meet our legal and regulatory requirements under the Private Investigator’s and Security Guard Act and other statutes.
Unless required by law, ASAP will not use or disclose any personal information that has been collected without obtaining the client’s consent. The information provided to ASAP by the client is considered privileged and may not be divulged to anyone other than the client without implied or express permission granted by the client in writing. Only information acquired relevant to an investigation may be conveyed to the authorized client representative by ASAP in written, oral, and or electronic format.
Where it is required that a third party be provided privileged information falling under the auspices of PIPEDA to effect service under the Private Investigation and Security Guard Act – Ontario, only required information will be provided to an authorized third party in order to ensure verification and or accuracy of the information acquired. Where any information is received by ASAP, it will be retained and secured and provided only to the authorized client or where required by law.
Limiting our Collection of Personal Information
ASAP will always limit the collection of personal information to that which is necessary for the identified purposes. Typically, this is information that is required to enable us to conduct accurate and responsible inquiries and investigate specific matters. We may need to collect personal information from other sources, including persons or institutions providing information relative to our inquiries.
Under certain circumstances, we need to collect information to assist us in investigating unsubstantiated claims or to prove or disprove allegations concerning a subject of investigation. This may involve the use of licensed and regulated independent investigators, contractors, and forensic experts or engineers whose skills lend to evidence gathering. We will always collect personal information by fair and lawful means.
Limiting the Use, Disclosure and Retention of Personal Information
Personal information will not be used or disclosed for purposes other than for which it was collected, except with your consent or as permitted or required by law. Personal information provided will be retained only as long as it is necessary to fulfill those purposes. ASAP may disclose personal information to the following organizations:
- A corporation or persons as part of conducting business. This may include a person or company or administrative personnel subject to agreeing to manage personal information in accordance with these privacy principles.
- Persons or corporations involved in supplying us with support services. This may include licensed independent investigators, fire or forensic experts, engineers, and contractors whose skills lends to the gathering of evidence.
- A company or individuals employed by ASAP to perform data processing, accounting, actuarial, or statistical functions on our behalf.
- A company or individuals involved in the development, enhancement, marketing, or provision of our investigative products and services. This may include a professional marketing agent or sales representative.
- An agent or agency to evaluate creditworthiness or to collect outstanding accounts. This may include credit grantors and reporting agencies.
- A public authority or agent of a public authority if the information is required to verify compliance or verify whether there exists a breach of federal, provincial, municipal or corporate statute or governing regulations.
- A law enforcement agency, where our client consents to such disclosure or disclosure is required by law or emergency.
ASAP does not provide or sell its customer lists to any outside company for use in marketing or solicitation. Only employees with a business “need to know” or those whose duties require it are granted access to personal information about our clients and subjects of investigation. We keep personal information only as long as it remains necessary or relevant for the identified purposes or as required by law. Personal information that is no longer necessary or relevant for the identified purposes or required to be retained by law is destroyed, erased, or made anonymous.
Keeping Personal Information Accurate
ASAP makes every effort to ensure that personal information about its clients is as accurate, complete, and up to date as is necessary for the purposes for which it was collected. This may require contact from time to time to confirm or update personal information for contact purposes. If you have any questions about the accuracy and completeness of the personal information that we have collected or retained, please do not hesitate to contact our privacy officer. If you need to update some aspect of your personal information, please contact our administrative personnel or your personal representative contact.
Safeguarding Your Personal Information
ASAP takes steps to protect personal information with security safeguards appropriate to the sensitivity of the information. Specifically, we have stringent security measures in place to protect personal information against such risks as loss or theft, computer hackers, unauthorized access, disclosure, copying, use, modification, or destruction. ASAP protects your personal information regardless of the format in which it is held. We also protect personal information we disclose to third parties by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used. Our employees with access to personal information are required as a condition of their employment to respect the confidentiality of personal information.
Openness Concerning our Privacy Practices
ASAP pursues a policy of openness about the procedures it uses to manage personal information. We will make specific information about our policies and practices relating to the management of personal information available to clients upon request. We ensure openness by providing you with the following information:
- The title and address for the privacy officer accountable for our compliance with the policy.
- The name of the individual to whom inquiries or complaints can be forwarded.
- The means of gaining access to personal information held by our agency.
- A description of the type of personal information held by us, including a general account of its use.
ASAP makes information available to help our clients exercise informed choices regarding the use of their personal information.
Client Access to Personal Information
ASAP informs its clients of the existence, use, and disclosure of the personal information provided upon request and provides access to that information. Our clients are able to challenge or correct the accuracy and completeness of their personal information and have it amended when appropriate.
When a request is made in writing, we will inform you in a timely fashion of the existence, use, and disclosure of your personal information, and you will be given access to that information. In certain situations, we may not be able to provide you with access to all of the personal information we hold.
Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, information that is subject to solicitor-client or litigation privilege, or, in certain circumstances, information of a medical nature and or in the case where a confidential source of information has provided required information. If this is the case, ASAP will provide the reason for denying access upon request. Clients can obtain information or seek access to their individual file by contacting our designated chief privacy officer at our Milton corporate facility.
A client has the right to challenge ASAP compliance with the above principles by contacting the privacy officer accountable for our compliance with the policy.
For further Information please contact our chief privacy officer at firstname.lastname@example.org