Privacy Policy
Overview
The right to privacy and the need to protect personal information entrusted to CollateralGuard RC
by our clients is important to CollateralGuard RC. We recognize that when you choose to provide
us with information about yourself and your clients, you trust us to act in a responsible
manner. We also understand the obligations for our clients to comply with the provisions
of the Personal Information and Electronics Document Act (PIPEDA). CollateralGuard RC will aid
our clients to provide timely and accurate responses, as the act requires, and protect
our clients' information in accordance with current best practices. CollateralGuard RC has executed
a formal privacy policy to describe how we manage the information entrusted to us
by our clients and has appointed a privacy officer who is accountable for the organization's
compliance to this policy.
Accountability
CollateralGuard RC is responsible for personal information under its control and has a designated
Privacy/Security Officer who is accountable for the organization's compliance with
the following principles. CollateralGuard RC shall provide reference to CollateralGuard RC's policies and procedures
within each contract to ensure that the information entrusted to CollateralGuard RC is not compromised,
sold, or disclosed to any party without a client's consent or contractual obligation.
The Privacy /Security Officer shall ensure that CollateralGuard RC complies with all privacy policies
and liaise with clients to aid them with any privacy issues or requests that may
arise. The identity of CollateralGuard RC's Privacy/Security Officer or the Officer's delegate
shall be released upon request. CollateralGuard RC is responsible for personal information in
its possession or custody, including information that has been transferred to CollateralGuard RC
acting as a third party for processing. CollateralGuard RC has implemented policies and practices
to give effect to the principles of fair information practices.
Purpose
CollateralGuard RC shall, within each client contract, identify the purpose for which they are
receiving a client's information. Additionally CollateralGuard RC shall within reason verify that
the purpose for collecting the information was clearly expressed to all parties.
Consent
CollateralGuard RC shall, within each client contract, ensure that CollateralGuard RC's client has obtained
consent for CollateralGuard RC to process their information. This consent may be written, implied,
or oral. CollateralGuard RC shall track and record the type of consent obtained by the client.
Limit Collection To Use
CollateralGuard RC shall, within each client contract, specify exactly how the information is
processed and limit the collection of information in accordance to each contract.
Limit Use For Purpose
CollateralGuard RC shall also do their best to ensure that their clients limit the collection
of information to the purpose for which it was requested. If the client identifies
a secondary use of the information entrusted to CollateralGuard RC, a modification of the client's
contract to identify CollateralGuard RC's obligations, and to ensure additional consent was obtained,
should be performed.
Limit Use Of Distribution
CollateralGuard RC shall limit the use and distribution of their client’s information by contractual
agreements and shall not sell, distribute or provide a client’s information without
a client’s consent.
Limit Use Of Retention /Destruction
CollateralGuard RC limits the retention of information for the duration of the purpose for which
it was collected. Overriding factors of this limit would be contract specific orders
to destroy the information within a shorter period of time.
Safeguard
CollateralGuard RC shall implement all reasonable safeguards as outlined in CollateralGuard RC's Corporate Security
Policy to ensure that client information entrusted to CollateralGuard RC is protected against
accidental disclosure, unauthorised publication, damage, or other breach of privacy.
These safeguards are governed by CollateralGuard RC's Corporate Security Policy and related procedures.
Accuracy
CollateralGuard RC shall implement processes and other safeguards to ensure that the accuracy
of the information they process is maintained to the highest possible standards.
Openness
CollateralGuard RC shall make readily available to individuals specific information about its
policies and practices relating to the management of client and personal information
within the restraints of contractual obligations.
Individual Access
CollateralGuard RC shall make provision for clients to provide individuals to access their personal
and private information within 30 days in a form that they can understand.
Challenging Compliance
CollateralGuard RC shall put procedures in place to receive and respond to complaints or inquiries
about policies and practices relating to the handling of personal information. Details
for aiding CollateralGuard RC clients to provide complaint procedures that are accessible and
simple to use shall be determined on a client-by-client basis.
Complaints
CollateralGuard RC shall investigate all complaints. If a complaint is justified, the organization
shall take appropriate measures, including, if necessary, amending its policies
and practices.
Exemptions
Exemptions to this policy may be made for the detection and prevention of fraud
or for law enforcement. Additional exemptions may be made under the directions of
CollateralGuard RC's Executive Management, or in the cause of National Security. Additional exemptions
are detailed in the provisions of the Canadian privacy law PIPEDA.
|
|
|
|
