Objective

This policy aims to define the principles and procedures to ensure adequate protection of personal information collected, used and disclosed in the course of our business activities, in compliance with Canadian privacy laws, including the Privacy Act. Protection of Personal Information and Electronic Documents (PIPEDA).

Principles:

1. Consent: We will obtain consent from individuals before collecting, using or disclosing their personal information, except as permitted by law.

2. Limited Purpose: Personal information will be collected for a specific purpose and will be used only to the extent necessary to achieve that purpose.

3. Limiting Collection: We will only collect personal information necessary for the identified purposes, and we will limit the collection of excessive information.

4. Security: We will take reasonable security measures to protect personal information against loss, theft, unauthorized access, disclosure, copying, use or modification.

5. Transparency: We will inform individuals about our privacy practices, including our privacy policies, our data collection practices, and the purposes for collecting personal information.

​

Access and Correction: We will grant individuals the right to access their personal information held by our organization and to request corrections if that information is inaccurate or incomplete.

​

Procedures:

Collection of Information: We will only collect personal information necessary for the identified purposes, and we will inform individuals of the reasons for collecting this information.

Use and Disclosure: We will not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or where permitted by law.

Data Security: We will implement appropriate physical, technological and administrative security measures to protect personal information from unauthorized access, disclosure, alteration or destruction.

Access and Correction: We will provide individuals with means to access their personal information and request corrections where necessary, consistent with applicable law.

Responsibilities:

Management is responsible for ensuring that this policy is implemented and respected at all levels of the organization. Each employee is required to respect this policy and take appropriate measures to protect the personal information they become aware of in the course of their duties.

Policy Review:

This policy will be reviewed periodically to ensure that it remains compliant with Canadian privacy laws and best practices for the protection of personal information. Any significant changes will be communicated to the relevant stakeholders.