1.1 The Ten Principles of PIPEDA Summarized
2.0 Purposes of Collecting Personal Information
Personal information is collected in order to assess the clients needs, and provide service if applicable. Only that information which is required to provide the service effectively will be collected.
An individuals express, written consent will be obtained before or at the time of collecting personal information. The purposes for the collection, use or disclosure of the personal information will be provided to the individual at the time of seeking his or her consent. Once consent is obtained from the individual to use his or her information for those purposes, Palisade Group of Companies Inc. has the individuals implied consent to collect or receive any supplementary information that is necessary to fulfil the same purposes. Express consent will also be obtained if, or when, a new use is identified.
By signing the application and/or other forms, implied consent is granted by the individual to obtain and/or to verify information from third parties such as banks, credit bureaus, other lenders, and insurance companies in the process of completing the terms of service for a client. An individual can choose not to provide some or all of the personal information requested, however, services may not be able to be delivered effectively.
4.0 Limiting Collection
5.0 Limiting Use, Disclosure and Retention
5.1 Use of Personal Information
Personal information will be used for only those purposes to which the individual has consented with the following exceptions, as permitted under PIPEDA:
Palisade Group of Companies Inc. will use personal information without the individual's consent, where:
• the organization has reasonable grounds to believe the information could be useful when investigating a contravention of a federal, provincial or foreign law and the information is used for that investigation;
• an emergency exists that threatens an individuals life, health or security;
• the information is for statistical study or research;
• the information is publicly available;
• the use is clearly in the individuals interest, and consent is not available in a timely way;
• knowledge and consent would compromise the availability or accuracy of the information, and
• collection is required to investigate a breach of an agreement.
5.2 Disclosure and Transfer of Personal Information
Personal information will be disclosed to only those Palisade Group of Companies Inc. employees, members of Palisade Group of Companies Inc. committees, and the Board of Directors that need to know the information for the purposes of their work.
Personal information will be disclosed to third parties with the individual's knowledge and consent.
PIPEDA permits Palisade Group of Companies Inc. to disclose personal information to third parties, without an individual's knowledge and consent, to:
• a lawyer representing Palisade Group of Companies Inc.;
• collect a debt owed to Palisade Group of Companies Inc. by the client;
• comply with a subpoena, a warrant or an order made by a court or other body with appropriate jurisdiction;
• a law enforcement agency in the process of a civil or criminal investigation;
• a government agency or department requesting the information; or,
• as required by law.
PIPEDA permits Palisade Group of Companies Inc. to transfer personal information to a third party, without the individual's knowledge or consent, if the transfer is simply for processing purposes and the third party only uses the information for the purposes for which it was transferred. Palisade Group of Companies Inc. will ensure, by contractual or other means, that the third party protects the information and uses it only for the purposes for which it was transferred.
5.3 Retention of Personal Information
Personal information will be retained in client files as long as the file is active and for such periods of time as may be prescribed by applicable laws and regulations.
A file will be deemed inactive if the terms of service are cancelled, or contractual agreement has expired. Information contained in an inactive file will be retained for a period of seven (7) years.
Palisade Group of Companies Inc. endeavours to ensure that any personal information provided by the individual in his or her active file(s) is accurate, current and complete as is necessary to fulfill the purposes for which the information has been collected, used, retained and disclosed. Individuals are requested to notify Palisade Group of Companies Inc. of any change in personal or business information. Information contained in inactive files is not updated.
Organizational Safeguards: Access to personal information will be limited to the Privacy Officer, President, Vice President, and Board of Directors. Personal information provided to members of Palisade Group of Companies Inc. committee(s) will be limited to only that information required to carry out the mandate of that committee. Members of the Palisade Group of Companies Inc. committee(s) and/or Board of Directors are not permitted to copy or retain any personal information on individuals or clients and must return for destruction all such information given to them to review once the purpose for being provided with this information has been fulfilled. Employees and members of Palisade Group of Companies Inc. committee(s) and/or Board of Directors are required to sign a confidentiality agreement binding them to maintaining the confidentiality of all personal information to which they have access.
Physical Safeguards: Active files are stored in locked filing cabinets when not in use. Access to work areas where active files may be in use is restricted to Palisade Group of Companies Inc. employees only and authorized third parties.
All inactive files or personal information no longer required are shredded prior to disposal to prevent inadvertent disclosure to unauthorized persons.
Technological Safeguards: Personal information contained in Palisade Group of Companies Inc. computers and electronic data bases are password protected. Access to any of the Palisade Group of Companies Inc. computers also is password protected. Palisade Group of Companies Inc. Internet server has firewall protection sufficient to protect personal and confidential business information against virus attacks and "sniffer" software arising from Internet activity. Personal information is not transferred to the Board of Directors, or third parties by e-mail or other electronic form.
9.0 Individual Access
An Individual who wishes to review or verify what personal information is held by Palisade Group of Companies Inc., or to whom the information has been disclosed (as permitted by the Act), may make the request for access, in writing, to the Palisade Group of Companies Inc. Chief Privacy Officer. Upon verification of the individual's identity, the Chief Privacy Officer will respond within 30 days.
If the individual finds that the information held by Palisade Group of Companies Inc. is inaccurate or incomplete, upon the individual providing documentary evidence to verify the correct information, Palisade Group of Companies Inc. will make the required changes to the individual's active file(s) promptly.
If an individual has a concern about Palisade Group of Companies Inc. personal information handling practices, a complaint, in writing, may be directed to the Palisade Group of Companies Inc. Chief Privacy Officer.
Upon verification of the individual's identity, Palisade Group of Companies Inc. Chief Privacy Officer will act promptly to investigate the complaint and provide a written report of the investigation's findings to the individual.
Where Palisade Group of Companies Inc. Chief Privacy Officer makes a determination that the individual's complaint is well founded, the Chief Privacy Officer will take the necessary steps to correct the offending information handling practice and/or revise Palisade Group of Companies Inc. privacy policies and procedures.
Where Palisade Group of Companies Inc. Chief Privacy Officer determines that the individual's complaint is not well founded, the individual will be notified in writing. If the individual is dissatisfied with the finding and corresponding action taken by Palisade Group of Companies Inc. Chief Privacy Officer, the individual may bring a complaint to the Federal Privacy Commissioner at the address below:
The Privacy Commissioner of Canada Email address: www.privcom.gc.ca.
112 Kent Street, Ottawa,
Ontario K1A 1H3
Chief Privacy Officer Email address: email@example.com
Palisade Group of Companies Inc.
11086 - 156 St.
Edmonton, AB T5P 4M8
Amendment to Palisade Group of Companies Inc. Privacy Policies