Critical Control acknowledges the importance of an individual's right to privacy andtherefore is committed to protecting the personal information of clients and individuals.
Our organization protects personal information in accordance with the requirements ofCanada's Protection of Personal Information and Electronic Documents Act which sets out standards pertaining to the collection, use and disclosure of personal information in the Model Code for the Protection of Personal Information. Our organization applies the ten principles of the Model Code as follows:
Our organization acknowledges that it is responsible for personal information received or processed by it or which is under its control. Our organization has taken appropriate measures to develop procedures to: (a) protect personal information; (b) receive and respond to complaints and inquiries; (c) train our employees about policies and practices relating to the protection of personal information; and (d) distribute information explaining our policies and practices relating to the protection of personal information. We have designated an individual within our organization as our privacy officer, who may be contacted as follows:
800, 140 - 10th Avenue SE
Calgary, Alberta T2G 0R1
Toll Free: 1.844.750.0568
and who shall be responsible for coordinating our organization's compliance with the following principles.
The purposes for which personal information is collected, used and disclosed by our organization are to provide any of the following services to clients: data entry, data processing, data or file conversion, document imaging, and/or data archival services as well as database management, web hosting and/or call centre services. Additional purposes for which personal information is collected, used or disclosed by our organization may be identified at the time of collection of such information.
Our organization receives express consent to the collection, use and disclosure of the personal information it receives from clients in the contractual agreement made with the client for the provision of data entry, data processing, data or file conversion, document imaging, and/or data archival services as well as database management, web hosting and/or call centre services. You may withdraw your consent upon reasonable notice, subject to legal or contractual restrictions, by contacting the privacy officer designated in principle 1.
With respect to internet and web site administration, our organization does not collect
NETBIOS information relating to the IP address of any computer, and only uses temporary (and not permanent) "cookies" which are automatically deleted from the user's browser upon logging out of our web site ("cookies" being small text files that can collect and store a variety of information).
Our organization limits the collection of personal information to that which is necessary for the purposes identified by our organization. Personal information will only be collected by our organization by fair means in accordance with applicable laws.
5. Use, Disclosure & Retention
Personal information will not be used or disclosed by our organization for purposes other than those for which it was originally collected, except with the consent of the client or as required by law. Personal information will be retained by our organization only as long as necessary for fulfillment of the purposes for which it was originally collected. Our organization shall use care when processing, storing, returning or destroying personal information in order to prevent unauthorized access.
Personal information maintained by our organization shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. If you have any concerns about the accuracy of your personal information or if any information needs to be updated to reflect a change in situation, please contact the privacy officer designated in principle 1.
Personal information used by our organization will be protected by appropriate safeguards. These safeguards include: (a) physical security measures, such as restricted access to areas where personal information is used, locked storage areas and video surveillance; (b) computer and network safeguards, such as firewalls and passwords; and (c) internal security measures, including restricted computer access and limited access to personal information.
Our organization will make specific information available about our policies and practices relating to the protection of personal information, as appropriate. Please forward any inquiries to the privacy officer designated in principle 1.
Requests by an individual for access to their personal information will normally be referred by our privacy officer to the client from whom our organization received the information. If at any time we are unable to provide you with access to all of the personal information we hold regarding you, then our organization shall provide you with the reasons for the denial of access. Requests by an individual for access to their personal information may be denied by our organization if: (i) the information includes personal information of a third party; (ii) the information is protected by solicitor-client privilege; (iii) disclosure would reveal confidential commercial information of our organization; (iv) to do so could reasonably be expected to threaten the life or security of another; (v) the information in question was collected in the course of an investigation; or (vi) the information in question was generated in the course of
formal dispute resolution. A client will be able to challenge the accuracy and completeness of the information and have it amended as appropriate. Kindly forward any inquiries to the privacy officer designated in principle 1.
An individual may address a challenge concerning our organization's compliance with the principles governing the collection, use or disclosure of personal information by referring any inquiries to the privacy officer designated in principle 1. Our organization will take appropriate measures to resolve any complaint which is justified relating to the management of personal information, including amending our policies and practices if necessary.