Background
INFOR Financial Inc. (IFI) is committed to keeping your personal information confidential and fully complying with the Federal government’s privacy legislation, called The Personal Information Protection and Electronic Document Act (PIPEDA or “the Act”)..
What is Personal Information?
Personal information is defined under the Act as any factual or subjective information, recorded or not, about an identifiable individual. This includes information such as:
- A person’s age
- Name (unless related to a business)
- ID number (such as a driver’s license or passport number)
- Ethnic origin
- Social status, disciplinary action, credit files, loan records
- Income, assets, and other information specific to a person
Principals of Privacy Legislation
PIPEDA is based on the following 10 principals:
- Give Individual Access
- When requested, inform individuals if you have personal information about them
- Explain how it is or has been used, and provide a list of organizations to which it has been disclosed
- Give individuals access to their information
- Correct or amend any personal information if its accuracy or completeness is challenged and found to be deficient
- An organization should note any disagreement on file and advise third parties when appropriate
- Use Appropriate Safeguards
- Protect personal information against loss
- Safeguard the information from unauthorized access, disclosure, copying, use or modification
- Be Accurate
- Minimize the possibility of using incorrect information when making a decision about the individual or when disclosing information to a third party
- Limit Collection
- Do not collect information which is not required
- Do not mislead individuals about reasons for collecting personal information
- Identify Purposes
- Before or when any personal information is collected, identify why it is needed and how it will be used
- Document why the information is collected
- Inform the individual from whom the information is collected why it is needed
- Identify any new purpose for the information and obtain the individual’s consent before using it
- Accountability
- This requires an organization to comply with all 10 principles of PIPEDA
- Appoint an individual to be responsible for privacy
- Protect all personal information held at the organization
- Develop and implement personal information policies and procedures
- Obtain Consent
- Inform the individual of the purpose of collecting, using, or disclosing personal data
- Obtain the individual’s consent before or at the time of collecting the information, or whenever a new purpose for the information is identified
- Limit Use, Disclosure and Retention
- Use or disclose the personal information only for the purposes for which it was collected, unless the individual has consented to other uses of the information, or as required by law
- Keep personal information only as long as necessary to satisfy the purpose
- Put guidelines and procedures in place for retaining and destroying personal information
- Destroy, or erase information that is no longer required after the information retention limits
- Be Open
- Inform customers and employees that you have policies and practices for the management of personal information
- Make these policies and practices understandable and easily available
- Provide Recourse
- Develop simple and easily accessible complaint procedures
- Inform complainants of their avenues of recourse, both internal and external
- Investigate all complaints received
- Have appropriate measures to correct information handling practices and policies
Privacy Officer
If you have any questions or a compliant about IFI’s Privacy Policy, please contact Brian Nguyen at [email protected] or 416-646-2663.