Privacy Policy

Our responsibilities under the PIPED Act are highlighted in green

The PIPED Act reflects the realities of the business world. It's based on the Canadian Standards Association's Model Code for the Protection of Personal Information, which is incorporated into the legislation. The Code came out of a collaborative effort by representatives of government, consumers and business groups, and lists 10 principles of fair information practices, which are summarized as follows:

1. Accountability: Appoint an individual (or individuals) to be responsible for your organization's compliance; protect all personal information held by your organization or transferred to third party for processing; and develop and implement personal information policies and practices. We have appointed a Privacy Officer
2. Identifying purposes: Your organization must identify the reasons for collecting personal information before or at the time of collection. Before or when any personal information is collected, identify why it is needed and how it will be used; document why the information is collected; inform the individual from whom the information is collected why it is needed; identify any new purpose for the information and obtain the individual's consent before using it. We will identify the purposes for which personal information is collected at or before the time it is collected.
3. Consent: Inform the individual in a meaningful way of the purposes for the collection, use or disclosure of personal data; obtain the individual's consent before or at the time of collection, as well as when a new use is identified. We will obtain the consent of the individual for the collection, use or disclosure of personal information, except where not required to do so by law. We will ensure the individual is advised of the purposes for which the personal information is used or disclosed in a reasonably understandable manner. This may vary from written consent to implied consent, depending upon the circumstances. We will collect, use or disclose personal information without consent, only where permitted or required by law
4. Limiting collection: Do not collect personal information indiscriminately; do not deceive or mislead individuals about the reasons for collecting personal information. We will limit the collection of personal information to that which is necessary for the identified purposes. We will only collect personal information by fair and lawful means.
5. Limiting use, disclosure, and retention: Use or disclose personal information only for the purpose for which it was collected, unless the individual consents, or the use or disclosure is authorized by the Act; keep personal information only as long as necessary to satisfy the purposes; put guidelines and procedures in place for retaining and destroying personal information; keep personal information used to make a decision about a person for a reasonable time period. This should allow the person to obtain the information after the decision and pursue redress; destroy, erase or render anonymous information that is no longer required for an identified purpose or a legal requirement. We will not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as required or permitted by law. We shall retain personal information for the period of time necessary to fulfil the purposes for which the personal information was collected and any applicable legal or regulatory requirements. Personal information no longer required to fulfil its identified purposes will be destroyed, erased or made anonymous
6. Accuracy: Minimize the possibility of using incorrect information when making a decision about the individual or when disclosing information to third parties. We will try to ensure that personal information will be as accurate, complete, and up-to-date as is possible
7. Safeguards: Protect personal information against loss or theft; safeguard the information from unauthorized access, disclosure, copying, use or modification; protect personal information regardless of the format in which it is held. We will take reasonable measures to protect all personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification
8. Openness: Inform your customers, clients and employees that you have policies and practices for the management of personal information; make these policies and practices understandable and easily available. We have policies available for individuals to review. All requests should be made to our Privacy Officer
9. Individual access: When requested, inform individuals if you have any personal information about them; explain how it is or has been used and provide a list of any organizations to which it has been disclosed; give individuals access to their information; correct or amend any personal information if its accuracy and completeness is challenged and found to be deficient; provide a copy of the information requested, or reasons for not providing access, subject to exception set out in Section 9 of the Act; an organization should note any disagreement on the file and advise third parties where appropriate. We will provide information to individuals when requested. All requests should be made to our Privacy Officer.
10. Provide recourse: Develop simple and easily accessible complaint procedures; inform complainants of avenues or recourse. These include your organization's own complaint procedures, those of industry associations, regulatory bodies and the Privacy Commissioner of Canada; investigate all complaints received; take appropriate measures to correct information handling practices and policies. All complaints should be address to our Privacy Officer.

Please address all concerns to our Privacy Officer

Privacy Officer
Steffensen & Co.
75 Main St. E Suite 11.
Milton, ON L9T 1N4