Chief Privacy Officer: the person within Encompass Privacy Solutions Inc. who is responsible for ensuring compliance with privacy obligations, including this policy, with respect to the collection, use, disclosure and handling of personal information by Encompass Privacy Solutions Inc., its employees, contractors, officers and authorized agents.
Collection: refers to the act of gathering, acquiring, recording or obtaining personal information from any source, by any means.
Consent: voluntary agreement to the collection, use and disclosure of personal information for defined purposes. Consent can be express or implied and can be provided directly by the individual or by an authorized representative. Express consent can be given orally, electronically or in writing but is always unequivocal and does not require any inference on the part of Encompass Privacy Solutions Inc. Implied consent can be reasonably inferred from an individual’s action or inaction.
Disclosure: the act of making personal information available to others outside Encompass Privacy Solutions Inc.
Personal Information: information about an identifiable individual that is recorded in any form, not including the individual’s name, business title, business address or business phone number. Personal information does not include aggregate information that cannot be associated with a specific individual.
Retention: refers to the act of keeping personal information as long as is necessary to fulfill the stated purposes, or as long as otherwise specified by law.
Third Party: any individual or organization aside from this Encompass Privacy Solutions Inc. and its customers.
Use: refers to the treatment, handling and management of personal information by Encompass Privacy Solutions Inc.
Encompass Privacy Solutions Inc. is committed to protecting and securing the personal information entrusted to us by our customers. We take great care in managing your personal information. Our priority is to comply with the privacy laws that apply to our business, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and any other data protection laws that apply to Encompass Privacy Solutions Inc. from time to time. This privacy policy stands as a reflection of our commitment to privacy.
Encompass Privacy Solutions Inc. is responsible for personal information under its control. Toward that end, it has established internal procedures to comply with this Policy and has designated a Chief Privacy Officer to be accountable for compliance with the following principles.
1.1. Responsibility for ensuring compliance with the provisions inherent in this policy rests with the Privacy Office and the Chief Privacy Officer of Encompass Privacy Inc. The Chief Privacy Officer will then delegate responsibilities to one or more employees to act on his or her behalf, and to oversee the day-to-day management of personal information handling practices and procedures.
1.2. Encompass Privacy Solutions Inc. shall make known, upon request, the Chief Privacy Officer and the person or persons designated to oversee Encompass Privacy Solutions Inc.’s compliance with this policy.
1.3. Encompass Privacy Solutions Inc. is responsible for personal information in its possession or control. It shall use contractual or other means to ensure that third parties provide a comparable level of protection while information is being processed by them.
1.4. To give effect to the principles of privacy, in addition to developing this policy, Encompass Privacy Solutions Inc. has: a) Developed and implemented procedures to protect personal information; b) Established procedures to receive and respond to privacy inquiries or complaints; c) Established a training program and regular staff communications regarding Encompass Privacy Solutions Inc.’s privacy policies and practices; and d) Developed public information to explain Encompass Privacy Solutions Inc.’s privacy policies and practices.
Encompass Privacy Solutions Inc. identifies the purposes for which personal information is collected at or before the time the information is collected.
2.1. Encompass Privacy Solutions Inc. collects personal information only for the following purposes: a) to provide the products and perform the services expected by our customers as set out in contractual obligations with our customers; b) to understand customer needs; c) to develop, enhance, market or provide products and services; and e) to meet legal and regulatory requirements.
2.2. Encompass Privacy Solutions Inc. shall make reasonable efforts to ensure that it only collects and uses personal information that is necessary for the purposes identified in section 2.1.
2.3. Encompass Privacy Solutions Inc. shall specify orally, electronically or in writing the identified purposes to the customer at or before the time personal information is collected. Upon request, persons collecting personal information shall explain these identified purposes or refer the individual to a designated person with Encompass Privacy Solutions Inc. who shall explain the purposes.
2.4. Unless required by law, Encompass Privacy Solutions Inc. shall not use or disclose for any new purpose, personal information that has been collected without first identifying and documenting the new purpose and obtaining the consent of the customer.
The knowledge and consent of a customer is required for the collection, use or disclosure of personal information, except where inappropriate.
3.1. In obtaining consent, Encompass Privacy Solutions Inc. shall use reasonable efforts to ensure that a customer is advised of the identified purposes for which personal information collected will be used or disclosed.
3.2. Encompass Privacy Solutions Inc. shall seek consent to use and disclose personal information for a new purpose, before it is so used or disclosed.
3.3. Encompass Privacy Solutions Inc. will only require customers to consent to the collection, use or disclosure of personal information as a condition to the supply of a product or service if such collection, use or disclosure is required to fulfill the identified purposes (see Principle 2.1.)
3.4. In determining the appropriate form of consent, Encompass Privacy Solutions Inc. shall take into account the sensitivity of the personal information and the reasonable expectations of its customers.
3.5. In general terms, the continued use of products and services by a customer constitutes implied consent for Encompass Privacy Solutions Inc. to continue collecting, using and disclosing personal information for all identified purposes.
3.6. A customer may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Encompass Privacy Solutions Inc. will inform customers of the implications of withdrawing consent.
Encompass Privacy Solutions Inc. limits the collection of personal information to that which is necessary for purposes identified by Encompass Privacy Solutions Inc. Personal information is collected by fair and lawful means.
4.1. Encompass Privacy Solutions Inc. shall specify both the amount and type of information to be collected, limited to that which is necessary to fulfill the purposes identified, in accordance with Encompass Privacy Solutions Inc.’s policies and procedures.
4.2. Encompass Privacy Solutions Inc. collects personal information from its clients and may also collect personal information from other sources, with the consent of the individual or where permitted or required by law, including but not limited to employers, personal references or credit agencies.
4.3. Encompass Privacy Solutions Inc. will make reasonable efforts to ensure that it only collects and receives information that is necessary for the purposes identified, and that the data is used only for the purpose for which it was obtained.
Encompass Privacy Solutions Inc. does not use or disclose personal information for purposes other than those for which it is collected, except with the consent of the individual or as required by law. Encompass Privacy Solutions Inc. retains personal information only as long as necessary for the fulfillment of those purposes, or as required by law.
5.1. Encompass Privacy Solutions Inc. may disclose personal information to: a) an agent or third party retained by Encompass Privacy Solutions Inc. in order to assist Encompass Privacy Solutions Inc. fulfill the purposes set out in Section 2.1, provided the third party commits to protecting personal information in accordance with this policy; b) credit grantors and reporting agencies; c) a person who, in the reasonable judgment of Encompass Privacy Solutions Inc. based on identification provided, is seeking the information as an agent of the customer; d) a third party or parties, where the customer consents to such disclosure; or f) comply with any legal obligation that requires or permits the disclosure of personal information (for example, in the context of an investigation of any contravention of a law).
5.2. Only Encompass Privacy Solutions Inc.’s employees with a business-related need to know, or whose duties reasonably so require, are granted access to personal information about customers.
5.3. Encompass Privacy Solutions Inc. does not and will not sell any personal information to third parties for marketing or any other commercial purposes.
5.5. Encompass Privacy Solutions Inc. retains personal information only as long as it is deemed necessary, as set out in Encompass Privacy Solutions Inc.’s record retention policies, to fulfil the identified purposes for which the information was collected.
5.6. Personal information no longer necessary or relevant for the identified purposes or no longer required to be retained by law, shall be securely destroyed, erased or made anonymous. Encompass Privacy Solutions Inc. shall maintain reasonable and systematic controls, schedules and practices for such information, its retention and destruction.
Encompass Privacy Solutions Inc. makes reasonable efforts to keep personal information as accurate, complete and up-to-date as is necessary to fulfil the purposes for which the information is to be used.
6.1. Encompass Privacy Solutions Inc. relies upon its customers to ensure accuracy of the personal information provided to us.
6.2. Encompass Privacy Solutions Inc. shall update personal information about customers as and when necessary to fulfill the identified purposes, or upon notification by the individual.
6.3. Encompass Privacy Solutions Inc. has established internal procedures to preserve the accuracy of the personal information received by customers in accordance with reasonable commercial standards.
Encompass Privacy Solutions Inc. protects personal information with security safeguards appropriate to the sensitivity of the information.
7.1. With the use of appropriate physical, administrative and technical security measures, Encompass Privacy Solutions Inc. protects personal information against a variety of risks, such as, loss, theft, unauthorized access, disclosure, copying, use, modification or destruction of such information.
7.2. Encompass Privacy Solutions Inc. uses commercially reasonable efforts to ensure the protection of personal information it discloses to third parties. For example, contracts with third parties stipulate responsibilities to protect personal information and only use it for specific purposes.
7.3. All of Encompass Privacy Solutions Inc.’s employees with access to personal information shall be required, as a condition of employment, to respect the privacy of personal information accessible by the employee. All employees are required to sign a procedure for the safeguarding of personal information upon hire, and annually thereafter.
Encompass Privacy Solutions Inc. makes readily available specific information about its personal information management policies and practices to its customers and the public upon request.
8.1. This information includes: a) the name, title and address of the Chief Privacy Officer to whom inquiries or complaints can be forwarded; b) the means of gaining access to personal information held by Encompass Privacy Solutions Inc.; c) a description of the type of personal information held by Encompass Privacy Solutions Inc., including a general account of its use and disclosure; and d) a copy of any brochures or other information that explains Encompass Privacy Solutions Inc.’s policies or information handling practices.
8.3. Encompass Privacy Solutions Inc. makes information available to help customers exercise choices regarding the use and disclosure of their personal information.
Encompass Privacy Solutions Inc. informs customer of the existence, use and disclosure of his or her personal information upon request, and gives the individual access to that information. A customer is given the opportunity to challenge the accuracy and completeness of their information and have it amended as appropriate.
9.1. Upon request, Encompass Privacy Solutions Inc. will afford customers a reasonable opportunity to review the personal information in the individual’s file. Personal information shall be provided in understandable form within a reasonable time, and at a minimal or no cost to the individual, as set out in Encompass Privacy Solutions Inc.’s Access to Personal Information Procedure.
9.2. Upon request, Encompass Privacy Solutions Inc. will provide an account of the use and disclosure of the customer’s personal information and, where reasonably possible, will state the source of the information. In providing an account of disclosure, Encompass Privacy Solutions Inc. will provide a list of organizations to which it may have disclosed personal information about the individual, when it is not possible to provide an actual list.
9.3. In order to safeguard personal information, a customer may be required to provide sufficient identification information in order for Encompass Privacy Solutions Inc. to authorize access to the individual’s file.
9.4. Encompass Privacy Solutions Inc. shall promptly correct or complete any personal information found to be inaccurate or incomplete. Any unresolved differences as to accuracy or completeness shall be noted in the individual’s file. Where appropriate, Encompass Privacy Solutions Inc. shall transmit to third parties having access to the personal information in question, any amended information or information regarding the existence of any unresolved differences.
9.5. Customers can seek access to their individual files by contacting their account manager at Encompass Privacy Solutions Inc. or by contacting the Chief Privacy Officer as described below.
A customer shall address a challenge concerning Encompass Privacy Solutions Inc.’s compliance with the principles set out in this privacy policy to the Chief Privacy Officer.
10.1. Encompass Privacy Solutions Inc. maintains procedures for addressing and responding to all inquiries and complaints by customers with regards to Encompass Privacy Solutions Inc.’s handling of personal information.
10.2. All complaints concerning compliance with this privacy policy shall be investigated by Encompass Privacy Solutions Inc. in accordance with its Privacy Breach Response Policy. If a complaint is found to be justified, Encompass Privacy Solutions Inc. shall take appropriate measures to resolve the complaint including, if necessary, amending its policies and procedures.
For more information, please contact:
Robert Gilbert
Chief Privacy Officer
Encompass Privacy Solutions Inc.
1-333 Metcalfe Street
Phone # (613) 447-8800