Privacy

Machin­ery Safe­ty 101 is a blog owned and pub­lished by Com­pli­ance InSight Con­sult­ing Inc. Our activ­i­ties are sub­ject to Cana­di­an Fed­er­al pri­va­cy leg­is­la­tion.

Download the Policy

Pol­i­cy Num­ber 8.2, Revi­sion 1, 26-Mar-08Adobe Acrobat

Approved by: Doug Nix

Summary

The Per­son­al Infor­ma­tion Pro­tec­tion and Elec­tron­ic Doc­u­ments Act (PIPEDA) is a Cana­di­an Fed­er­al Law that reg­u­lates the col­lec­tion and use of per­son­al infor­ma­tion with­in Cana­da. Com­pli­ance InSight Con­sult­ing (CIC) and Machin­ery Safe­ty 101 are oblig­at­ed to com­ply with this Act when­ev­er per­son­al infor­ma­tion is col­lect­ed.

Application

This pol­i­cy applies to the col­lec­tion and use of per­son­al infor­ma­tion exceed­ing that which is pub­licly avail­able and includes the stor­age of that infor­ma­tion. Specif­i­cal­ly exclud­ed from this pol­i­cy under the PIPEDA are:

  • An employee’s name, title, busi­ness address or tele­phone num­ber;
  • Employ­ee infor­ma­tion.

Oth­er fed­er­al and provin­cial laws may reg­u­late this infor­ma­tion.

Responsibilities

All CIC direc­tors, employ­ees and sub­con­trac­tors are respon­si­ble for keep­ing this pol­i­cy.

Policy

Ten Pri­va­cy Prin­ci­ples have been set out by the Fed­er­al Depart­ment of Jus­tice and the Pri­va­cy Com­mis­sion­er. These prin­ci­ples were first artic­u­lat­ed in CSA Q830-96, Mod­el Code for the Pro­tec­tion of Per­son­al Infor­ma­tion.

CIC is com­mit­ted to apply­ing these prin­ci­ples in our busi­ness deal­ings with com­pa­nies and indi­vid­u­als.

Privacy Principles

  1. Account­abil­i­ty: An orga­ni­za­tion is respon­si­ble for per­son­al infor­ma­tion under its con­trol and shall des­ig­nate an indi­vid­ual or indi­vid­u­als who are account­able for the organization’s com­pli­ance with the fol­low­ing prin­ci­ples.
  2. Iden­ti­fy­ing Pur­pos­es: The pur­pos­es for which per­son­al infor­ma­tion is col­lect­ed shall be iden­ti­fied by the orga­ni­za­tion at or before the time the infor­ma­tion is col­lect­ed.
  3. Con­sent: The knowl­edge and con­sent of the indi­vid­ual are required for the col­lec­tion, use or dis­clo­sure of per­son­al infor­ma­tion, except when inap­pro­pri­ate.
  4. Lim­it­ing Col­lec­tion: The col­lec­tion of per­son­al infor­ma­tion shall be lim­it­ed to that which is nec­es­sary for the pur­pos­es iden­ti­fied by the orga­ni­za­tion. Infor­ma­tion shall be col­lect­ed by fair and law­ful means.
  5. Lim­it­ing Use, Dis­clo­sure, and Reten­tion: Per­son­al infor­ma­tion shall not be used or dis­closed for pur­pos­es oth­er than those for which it was col­lect­ed, except with the con­sent of the indi­vid­ual or as required by the law. Per­son­al infor­ma­tion shall be retained only as long as nec­es­sary for ful­fil­ment of those pur­pos­es.
  6. Accu­ra­cy: Per­son­al infor­ma­tion shall be as accu­rate, com­plete, and up-to-date as is nec­es­sary for the pur­pos­es for which it is to be used.
  7. Safe­guards: Per­son­al infor­ma­tion shall be pro­tect­ed by secu­ri­ty safe­guards appro­pri­ate to the sen­si­tiv­i­ty of the infor­ma­tion.
  8. Open­ness: An orga­ni­za­tion shall make read­i­ly avail­able to indi­vid­u­als spe­cif­ic infor­ma­tion about its poli­cies and prac­tices relat­ing to the man­age­ment of per­son­al infor­ma­tion.
  9. Indi­vid­ual Access: Upon request, an indi­vid­ual shall be informed of the exis­tence, use and dis­clo­sure of his or her per­son­al infor­ma­tion and shall be giv­en access to that infor­ma­tion. An indi­vid­ual shall be able to chal­lenge the accu­ra­cy and com­plete­ness of the infor­ma­tion and have it amend­ed as appro­pri­ate.
  10. Chal­leng­ing Com­pli­ance: An indi­vid­ual shall be able to address a chal­lenge con­cern­ing com­pli­ance with the above prin­ci­ples to the des­ig­nat­ed indi­vid­ual or indi­vid­u­als for the organization’s com­pli­ance.

To meet these prin­ci­ples, CIC makes these com­mit­ments:

  1. The Man­ag­ing Direc­tors of the cor­po­ra­tion are respon­si­ble for the imple­men­ta­tion and main­te­nance of this pol­i­cy.
  2. Wher­ev­er CIC gath­ers infor­ma­tion on indi­vid­u­als, this infor­ma­tion will be main­tained in a con­fi­den­tial man­ner. CIC will not sell, lease, lend or oth­er­wise dis­close per­son­al infor­ma­tion col­lect­ed for any pur­pose except where per­mit­ted or required by Cana­di­an Fed­er­al or Provin­cial law. A notice will be post­ed on web pages and oth­er doc­u­ments where per­son­al infor­ma­tion may be gath­ered inform­ing indi­vid­u­als that their infor­ma­tion is being col­lect­ed for a spe­cif­ic pur­pose, out­lin­ing that pur­pose and their rights under the PIPEDA.
  3. Where per­son­al infor­ma­tion exceed­ing that which is pub­licly avail­able is gath­ered on an indi­vid­ual, a request for con­sent to gath­er that infor­ma­tion will be made. Refus­ing to give con­sent may pre­vent the indi­vid­ual from obtain­ing access to cer­tain prod­ucts or ser­vices. Where this is the case, a notice will be clear­ly made indi­cat­ing the rea­sons for refusal of ser­vice.
  4. CIC will lim­it the col­lec­tion of per­son­al infor­ma­tion to that specif­i­cal­ly required for the stat­ed pur­pos­es.
  5. Per­son­al for­ma­tion exceed­ing that which is pub­licly avail­able will only be used for the orig­i­nal pur­pose for which it was obtained. CIC will not sell, lease, lend or oth­er­wise dis­close per­son­al infor­ma­tion col­lect­ed for any pur­pose except where per­mit­ted or required by Cana­di­an Fed­er­al or Provin­cial law. Per­son­al infor­ma­tion will be retained for a lim­it­ed peri­od not exceed­ing five (5) years after which time it shall be secure­ly destroyed.
  6. Every effort will be made to ensure that the infor­ma­tion gath­ered is accu­rate and up-to-date as nec­es­sary for the pur­pose. Indi­vid­u­als have the right to request access to the infor­ma­tion that is held by CIC, and to make cor­rec­tions, addi­tions or dele­tions at any time. A request must be sub­mit­ted in writ­ing, along with accept­able iden­ti­fi­ca­tion to allow CIC offi­cers to deter­mine that the indi­vid­ual request­ing the changes is the indi­vid­ual whose infor­ma­tion will be affect­ed. Wher­ev­er pos­si­ble, CIC will pro­vide the means for indi­vid­u­als to secure­ly view and mod­i­fy their per­son­al infor­ma­tion direct­ly.
  7. CIC will employ suit­able secu­ri­ty mea­sures to pro­tect per­son­al infor­ma­tion from unau­tho­rized use by any indi­vid­ual or orga­ni­za­tion.
  8. CIC poli­cies and pro­ce­dures on col­lec­tion and use of per­son­al infor­ma­tion shall be made pub­licly avail­able.
  9. Indi­vid­u­als have the right to free access to their per­son­al infor­ma­tion. Any­one who believes that CIC may hold their per­son­al infor­ma­tion will be giv­en free access to that infor­ma­tion as out­lined else­where in this pol­i­cy. Wher­ev­er pos­si­ble, means will be pro­vid­ed to facil­i­tate direct access to per­son­al infor­ma­tion by the indi­vid­ual.
  10. Chal­lenges to this pol­i­cy or to CIC com­pli­ance with this pol­i­cy and the PIPEDA shall be direct­ed to the indi­vid­u­als respon­si­ble for imple­men­ta­tion and main­te­nance of this pol­i­cy as giv­en in Sec­tion I of this pol­i­cy.

Managing Directors

Dou­glas Nix, A.Sc.T., Man­ag­ing Direc­tor, Sales and Oper­a­tions and Prin­ci­pal Con­sul­tant

Kim­ber­ly Nix, Man­ag­ing Direc­tor, Finance, Mar­ket­ing and Edu­ca­tion­al Design

Or write us at:

Com­pli­ance InSight Con­sult­ing Inc.
145 Deer Ridge Dri­ve,
Kitch­en­er, Ontario N2P 2K9
CANADA

Phone: +1(519) 650‑4753
Fax: +1 (519) 653‑1318