Personal information is defined under PIPEDA as any information that is identifiable or directly attributable to an individual. It does not cover information about an individual that is available from a public source, such as a telephone directory, court record, or land registry office. It also does not cover aggregated data, used for statistical and reporting purposes, from which data the client’s identity cannot be determined.
PURPOSES FOR COLLECTING PERSONAL INFORMATION
Greater Assurance Inc. collects personal information for the following limited purposes:
- To represent the client as set out in the agreement;
- To establish and maintain client lists for collection of fees, record keeping and statistical purposes; and
- To establish and maintain mailing lists for newsletters, notification of workshops and seminars, or updates that Greater Assurance believes might be informative or of benefit to the client
CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF PERSONAL INFORMATION
Greater Assurance will not use client’s personal information for any purposes other than that consented to by the client, either by express or implied consent. Greater Assurance does not sell, barter, or lease personal information it obtains from its client to third parties (i.e. Greater Assurance would not provide our client mailing list to another firm or business).
If the client requests additional services of Greater Assurance beyond that of the original agreement, the client is giving implied consent to Greater Assurance using the personal information already held for the original purpose, as well as any new personal information collected for the new purpose and no signature will be required on a new or amended agreement.
Under PIPEDA and other Federal and Provincial Legislation, Greater Assurance may disclose personal information without client consent to:
- government or legal enforcement agencies if Greater Assurance determines that the client has provided incorrect information for fraudulent or illegal purposes;
- legal enforcement agency if Greater Assurance determines that there is imminent risk of death or serious bodily harm, including psychological harm, to an identifiable person or group of persons;
- disclosure to a third party individual or organization if so ordered by a Court or Tribunal of competent jurisdiction; and
- defend against allegations of criminal or civil liability, or professional malpractice or misconduct, by the client or former client.
ACCURACY OF A CLIENT’S PERSONAL INFORMATION
Greater Assurance endeavors to ensure that all personal information provided by the client and in its possession, is accurate, current and as complete as is necessary for the purposes for which the personal information was collected, used and maintained in an active file. Upon notification by a client that the personal information requires correction or updating, Greater Assurance will make the necessary amendments to the client’s active file where applicable.
Personal information contained in files that have been closed or deemed inactive will not be actively updated or maintained.
Greater Assurance will retain personal information until the agreement is closed or terminated by either the client or Greater Assurance. All personal information will be returned to the client and only information pertaining to the services or agreement for which Greater Assurance was retained will be maintained in the file once it is closed.
- Closed files are retained for the period prescribed by relevant Federal and Provincial legislation
Greater Assurance has implemented a number of physical, organizational and technological safeguards appropriate to the sensitivity of the client’s personal information, including but not limited to:
Client files are maintained in filing cabinets, located in areas where access is restricted to authorized personnel. Clients only have walk-through access to these areas if they are escorted by an authorized employee.
Only Greater Assurance agents and employees working on the client’s file will have access to the personal information contained in the file.
Any third party individual or organization is required to sign a non-disclosure agreement prior to the client’s personal information being transferred to a third party as required to fulfill the purposes for which Greater Assurance was retained.
Greater Assurance utilizes the most current firewall, virus protection and other technological safeguards to protect personal information that is retained on the computer network. Greater Assurance has developed and implemented safe Internet and email use protocols for its agents and employees to reduce the risk of inadvertent disclosure as a result of Internet-sourced viruses or cookies.
Regarding electronic transmission of personal information (i.e. email), there is no method of transmitting or storing data that is completely secure. Greater Assurance uses all available technological security in the transmission of the client’s personal information, either in the course of communicating with the client, or in the course of communication with third party service providers. Notwithstanding these technological safeguards, all Internet transmissions are susceptible to possible loss, misrouting, interception and misuse. For this reason, as part of the agreement that the client signs with Greater Assurance, consent will be granted by the client to transmit information via the Internet.
On our website, like other commercial websites, we may monitor traffic patterns, site usage and related site information in order to optimize our web service. We may provide aggregated information to third parties, but these statistics do not include any identifiable personal information.
Greater Assurance makes available its privacy policies and procedures regarding the handling of personal information that it collects for the duration of the agreement on the Internet website at www.greaterassurance.com. As well, any inquiries regarding personal information management practises may be directed to the Chief Privacy Officer.
Under PIPEDA, an individual is entitled to access to the personal information held about them with the following exceptions as permitted under the Federal Privacy Legislation:
- Greater Assurance will deny access if the individual seeking access fails to produce sufficient identification to verify that they are the individual about whose personal information access is being sought;
- No access will be granted to personal information that is not about the individual seeking access;
- No access will be granted to information that is part of a criminal investigation;
- No access will be granted where such access would harm or interfere with law enforcement activities and other investigative functions of a body authorized by statute to perform such functions;
- No access will be granted to information where such access might threaten the life, safety and security, including psychological safety, of the individual seeking access;
- No access will be granted to the individual who is a minor or mentally incompetent;
- Greater Assurance reserves the right to refuse access that it believes is repetitious, frivolous, or vexatious.
Upon receiving a request for access in writing, Greater Assurance will endeavor to have the information available to the individual seeking access within 60 days of verification of the individual’s identity.
Greater Assurance has the right to provide the requested information at nominal cost to the individual.
The individual entitled to access may challenge the completeness of their personal information under Greater Assurance’s care and control. Upon successful demonstration that there is an error in the personal information held by Greater Assurance, Greater Assurance will amend the information where appropriate.
The Chief Privacy Officer will investigate all concerns or complaints that are received in writing with respect to the handling of personal information under the control of Greater Assurance. As promptly as possible, the Chief Privacy Officer will report to the individual the results of the investigation and, where the complaint is found to be justified, steps will be taken to resolve the matter.
If the individual is dissatisfied with the report provided by the Chief Privacy Officer, or feels that the corrective action taken by Greater Assurance is insufficient, the individual may direct a complaint to the Federal Privacy Commissioner in writing.
If a question arises regarding access to your personal information held by Greater Assurance, or there is a concern about the manner in which Greater Assurance collects, uses, retains and discloses your personal information as a client of Greater Assurance, please contact: