We specialize in the development of strategic plans for the purpose of increasing the growth potential of PR firms. We are committed to protecting the privacy of any and all information we obtain in the course of carrying out our functions.
Our management and protection of personal information provided to us by PR firm management, investors, applicants, members of the public, employees and volunteers, including information that is subject to investor-client privilege, is guided by the following principles:
- All personal information in our custody and control will be collected, used, and disclosed in accordance with the Freedom of Information and Protection of Privacy Act (FIPPA), and any other applicable legislation governing the sharing and security of private information.
- We embodie a culture in which personal information is protected and respected. All employees, volunteers, interns, and service providers working on our behalf are responsible for maintaining the security of sensitive information.
All employees, volunteers and service providers working on our behalf are responsible for securing and protecting personal information in our custody and control.
All managers are responsible for overseeing the collection, use, disclosure, retention and disposal of personal information within their departments to ensure compliance with our policies.
Management will provide effective leadership on privacy.
The Information and Privacy Officer, under the supervision of management, has overall responsibility for dealing with requests for access to information under FIPPA.
The Privacy Compliance Officer, under the supervision of management, has overall responsibility for:
Ensuring that hawse have appropriate policies and processes in place to safeguard the personal information in our custody and control; and
Monitoring our compliance with privacy policies and legislative requirements.
4. What is personal information?
Schedule 1 of FIPPA defines “personal information” as recorded information about an identifiable individual other than “contact information”. Examples of personal information include an individual’s name, home address and phone number, age, financial information, and family status. The definition of “contact information” includes an individual’s name or title, business telephone number, business address, business e-mail and business fax number.
5. Purposes for collecting, using, disclosing and retaining personal information
We collect, use, disclose and retain personal information about PR firm practices, PR firm management, investors, applicants, employees and volunteers, and third parties in order to perform our duties and functions to protect the interests of our clients, including information:
- to assess and administer applications for the collection of data;
- to receive, investigate and manage complaints and conduct disciplinary investigations regarding misuse of private information;
- to act in an advisory capacity for clients;
- to audit and investigate financial records and accounts;
- to investigate client policies and procedures;
- for research and development;
- to enable our employees to carry out their functions;
- for statistical research and analysis purposes;
- to ensure compliance with any and all legal requirements;
- to inform and protect the public and clients in accordance with our duties under FIPPA;
- to receive and respond to requests for access to information in compliance with the law;
- to establish, manage and terminate the employment and volunteer relationships between our organization and its employees, interns, and volunteers.
6. Collecting personal information
We are authorized under FIPPA and other applicable law to collect personal information for certain purposes.
When collecting personal information, we will:
- limit the collection of personal information to what is necessary to undertake our functions or as permitted by applicable law;
- be open and transparent about the information that is being collected by communicating a clear and lawful purpose for the collection;
- ensure that all individuals and clients have the right to request access to the personal information we hold about them, and the right to seek correction if that personal information is incorrect; and
- only collect personal information directly from the subject of the information, unless consent is given to collect information from other sources or collection from another source is permitted by applicable law.
7. Collecting personal information over the internet
In some instances, we may collect personal information over the internet. The online forms on our website use SSL encryption to protect the data stream. Upon its submission, the personal information is retained in a secure database.
8. Using or disclosing personal information
We will only access, use or disclose personal information for the purposes for which it was collected, or for a use that is consistent with that purpose, unless consent for another access, use or disclosure has been obtained, is permitted by FIPPA Rules, or is otherwise authorized by law. Personal information will not be accessed, used or disclosed by our employees, interns, or volunteers except as authorized in the course of fulfilling their duties and responsibilities.
9. Retaining and disposing of personal information
We will only retain personal information for as long as necessary to fulfill the purposes for which the personal information was collected, including for the purpose of meeting any legal, accounting or other reporting requirements or obligations.
If we use personal information to make a decision that directly affects an individual or client, we will keep that information for at least one year after using it so that individuals or clients have a reasonable opportunity to obtain access to it.
We have a file classification system that sets out specific retention periods for different types of information within our custody and control. These schedules will be reviewed periodically to ensure that personal information is not kept for longer than necessary to serve the original purpose. When personal information is no longer required, we will dispose of it securely.
10. Safeguarding personal information
We protect personal information in accordance with applicable law. Our organization has made reasonable security arrangements to secure against the unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction of personal information. All of our employees, interns, and volunteers are required to comply with our policies and procedures, in relation to the security, management and protection of all personal information within our custody and control. Service providers working on behalf of our company are required to comply with FIPPA and will be made aware of and reminded as necessary about our privacy policies.
11. Certain matters privileged
In conducting crisis prevention practices, we handle information subject to privilege or confidentiality between PR firms and their investors. When we obtain information from any client relating to a current or former client, we assume all obligations in relation to the protection of privilege and disclosure of that information, subject to FIPPA Rules.
12. Third parties
We will not sell or rent personal information. Where we are permitted by FIPPA Rules, or otherwise authorized by law to disclose personal information to a third party, we will inform the third party that it must not disclose the personal information for any purpose other than the purpose for which we gave the personal information to the third party.
13. Service providers
Privacy protections will be in place for all service providers. All contracts entered into by our company with service providers that may have access to personal or confidential information will contain specific provisions requiring compliance with FIPPA and applicable law relating to the security and privacy of personal information. Managers may determine it is adequate for service providers to sign a confidentiality agreement if service providers do not have access to personal or confidential information or managers consider it is appropriate in the circumstances.
All service providers that may have access to personal information in our custody or control will be advised and reminded as necessary of our privacy policies and our obligations to ensure the security and protection of personal information.
14. Right to request access to personal information
Information or records available to the public through routine channels, such as our website and publications, may be disclosed to individuals without requiring the submission of a formal request.
Formal requests for access to information are processed under FIPPA. Any individual can formally request access to personal information in the custody or control of our organization by submitting a request in writing to our Information and Privacy Officer.
Before providing the personal information, we may need to ask individuals to verify their identity.
Under FIPPA, we have 30 business days after the information is requested to respond to a request. If we need more time to process the request, we will give an individual written notice before the expiry of the 30 business days.
We may refuse access to certain personal information where authorized or required by law to refuse access. In the event that access is refused, we will notify the individual of this decision in writing and outline the reasons for the refusal.
15. Right to seek correction of personal information
When an individual’s or clients personal information is in the custody and control of our company and the personal information will be used by us to make a decision that directly affects the individual, we will make every reasonable effort to ensure that the personal information is accurate and complete.
Individuals may write to us and request that any errors or omissions be corrected. If we are satisfied that a request for correction is reasonable, we will correct the personal information as soon as reasonably possible. If we do not agree with the request, we will advise the requesting party accordingly and note both the request and our reason for not making the requested change on our file.
If individuals are dissatisfied with the way we have handled their personal information, they are entitled to submit a complaint to us.
Our Privacy Compliance Officer will investigate all complaints concerning compliance with our privacy policies and information and privacy law. The Privacy Compliance Officer will make every reasonable effort to resolve complaints including, if necessary, recommending changes to policies and procedures. The complainant will be informed of the outcome of the investigation regarding his or her complaint.
1. What information do we collect when you visit your website?
When you browse our website, the following information is collected and stored:
- The IP (Internet Protocol) address of your Internet service provider or your computer which also identifies the domain name (such as shaw.ca or yourcompany.com) of your service;
- The operating system of your computer and the browser you use (Internet Explorer, Firefox, Safari, etc.);
- The time and date that you visited our site;
- Our web pages or online tools that you used.
We use this information to analyze the use and performance of the website, using Google Analytics and other tools, to enable us to improve the website, evaluate our technical infrastructure and to monitor compliance with our terms and conditions of use. We do not use this information to identify website users, unless you choose to provide your identity to us through one of the means provided on the website or we are required to do so by law.
2. What do we do with information provided directly by you?
In order to access our secure server and use our online tools, you must be an authorized user. Personal information will only be used for the purpose provided by us, or for a use consistent with that purpose, by persons authorized by us. If you believe your personal information is being used for a purpose other than what you intended, please contact our Privacy Compliance Officer.
3. How do we protect personal information?
We offer the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our database to be accessed only by those authorized with special access rights to our systems and required to keep the information confidential.
A cookie is a file that is stored on your computer by your web browser when you use an Internet site. We only use session cookies, which remain in existence only during the course of your session. In order for authorized users to access the secure section of our website, they must enable their computers to accept cookies.
5. Do we disclose any information to third parties?
We do not sell or trade personally identifiable information. Trusted third parties who assist us in operating our website and conducting our business may have access to personal information if necessary in the circumstances. Information provided by anyone through this website will be used and disclosed as necessary for regulatory and compliance purposes. In some cases we may be required to disclose information by law.
6. Third-party links
We feature links to third-party websites on our website. These third-party sites have separate and independent privacy policies. We therefore assume no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
7. Terms and Conditions
Our Terms and Conditions set out the use, disclaimers, and limitations of liability governing your use of our website.
By using our site, you accept the terms of this Privacy Statement.