CANalitica

Privacy Policy

Who we are

Our website address is: https://canalitica.ca.

At CANalitica (“we”, “us” or “our”), we recognize the importance of your privacy. We are committed to using your personal information responsibly and only to the limited extent needed to serve you better.

This Privacy Policy regulates how we internally collect, use and disclose to third parties during commercial activities any personal information within our possession. It applies to our partners, employees, contractors and authorized representatives (“Staff”). It is at all times, subject to the requirements of the Personal Information Protection and Electronic Documents Act (Canada) S.C., 2000, c. 5 (“PIPEDA”). Any term not defined here has the meaning that PIPEDA attributes to it and this policy is meant to be consistent with PIPEDA.

This Privacy Policy is governed by the laws of Ontario and the laws of Canada as applicable herein. It is not a contract and will be treated as a non-contractual set of policies and practices meant to give effect to the principles set out in Schedule 1 of PIPEDA

Contact Information

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@canalitica.ca.  The identity of our Privacy Information Officer (PIO) is available upon written request as required by Principle 4.1.2 (PIPEDA, Schedule 1). The Privacy Information Officer is always a single individual who is a CANalitica owner.

The PIO is responsible for,

(a)implementing procedures contained in this Privacy Policy to protect personal information;

(b)enforcing this Privacy Policy and correcting any potential or actual instances of breach; and

(c)reviewing and responding to any communication or notice relating to this Privacy Policy or PIPEDA.

When a Privacy Team member responds to a privacy-related inquiry, that response must be in writing and must include the name and contact details of the Privacy Team member providing the response. For more information, see below under the heading Your Ability to Access Your Information.

Our Purpose

We are a consultancy firm who collects, uses and discloses personal information in order to:

• Provide consulting services to our clients including advice and deliverables in the areas set out at www.canalitica.ca;
• Prepare and distribute marketing materials and useful management information to prospective and existing clients, and generally to develop business. We also use personal information to prepare an electronic subscription list for our newsletters and law blogs;
• Screen our clients and administer financial arrangements with them. This includes evaluating credit standing, avoiding conflicts of interest, preparing agreements, issuing invoices, collecting and processing payments, maintaining records and enforcing our right to collect unpaid accounts;
• Evaluate new and prospective Staff and hire new employees;
• Conduct market research and evaluate client satisfaction;
• Efficiently deliver services to our client, manage our operations and improve our service. This may include disclosure of personal information to outside professionals and consultants.
• Detect and protect against error, negligence, breach of contract, fraud, theft and other illegal activity, and where necessary to meet our insurance requirements;

If we change our Purpose we will post an updated Privacy Policy on our website.

Personal Information We Collect, Use and Disclose

To fulfill our Purpose, we collect the following kinds of personal information:

Device Information

Examples include version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.  

Contact Information

Including but not limited to full name, address (both postal and email), telephone number(s).

Identification Information

Including but not limited to company name and address (if applicable), position or title within the company, business registration details

Financial Information

Payment details (such as credit card or bank account information, especially for billing purposes), tax identification numbers (if necessary for invoicing or reporting)

Contractual Information

Information contained in contracts, agreements, proposals, and other transactional documents that detail the scope of services, terms, and conditions.

Communications

Records of communications, including emails, phone calls, and meeting notes, which might contain personal information disclosed during consultations.

Consent

When collecting, using and disclosing personal information about you, we rely on your implied consent when you give us your personal information on request of your own free will. This is provided that we collect that information in the ordinary course of our business in accordance with our Purpose.

When PIPEDA allows us to proceed without consent, or we imply your consent (as discussed above), we do not seek express consent. In all other cases, our Staff will contact you (either by telephone, e-mail or in person), identify a new purpose for which we need your information and seek your express consent.

If we are collecting the information online, we will request that you supply personal information in fields on web pages containing a link to this Privacy Policy. You will be able to expressly consent by checking a checkbox and submitting the information electronically.

We do not knowingly collect personal information from children (anyone under 18 years of age) over the telephone or in person without a parent’s express oral consent. When collecting personal information electronically (by web-form or e-mail) we do not verify the age of the person from whom we are collecting information. In the absence of any indication to the contrary, we will assume anyone supplying us with information online is over 18 years of age. Parents are strongly encouraged to discuss responsible Internet use and personal information disclosure with their children.

You can withdraw your consent at any time by sending an e-mail to our Privacy Information Officer at the contact information above. We will inform you of any implications connected to withdrawing your consent.

Limiting Collection, Use, Disclosure and Retention

We use our best efforts to limit the personal information we collect, use and disclose solely those details we need to fulfill our Purpose. We have designed our standard forms only to collect the information that we foresee we will need. We do not collect, use and disclose personal information using deceptive, fraudulent or unlawful means, and we do not conduct video surveillance.

Need-to-Know Disclosure

When using and disclosing information to third parties like printers, consultants, professionals and suppliers, we only disclose on a need-to-know basis. Also it is our practice to disclose only after ensuring that the appropriate contractual safeguards are in place as contemplated in Principle 4.1.3 of Schedule 1 of PIPEDA.

Retaining Records

We keep records of the work performed and services provided by us in accordance with applicable regulatory requirements and professional standards. These records may include personal information. Our records are stored with safeguards against inappropriate or unauthorized access. We retain contact information about individuals for the period of time the individual subscribes to our newsletters, blogs and seminars and does not opt-out or continues to respond to such services.

Destruction of Personal Information

We destroy electronic information by deleting it and, when hardware is discarded, we ensure that the hard drive is physically destroyed.

Ensuring Accuracy

In order to fulfill our Purpose to a high quality standard, we ask you to update your personal information and maintain appropriate contact preferences from time to time. You also have the right to contact us in order to verify that the information we have on file is accurate.

We do not, as a practice, contact you in order to ensure that the personal information we have is accurate. We may take reasonable steps to do so when using that information in the course of providing you with an ongoing product or service, so long as our Staff is in regular contact with you. Otherwise, we strongly encourage you to contact us and ensure that the information we have in your file is up-to-date.

Our Safeguards to Protect You

We respect the privacy of our clients and Staff and will protect that privacy as vigorously as possible. The methods we use include:

• Storing personal information in electronic and physical files that are secure and to which access is restricted;
• Physical premises that are monitored by security 24 hours a day, 7 days a week; and
• Password-protectedcomputers (including on laptops, desktops andsmart-phones) and the use of technology safeguards, such as firewalls, encryption and intrusion detection, to prevent hacking or unauthorized computer access.

Unfortunately, no data transmission over the Internet or by electronic mail can be guaranteed to be 100% secure. As a result, we cannot ensure that any information transmitted to us electronically will always be protected.

Mobile Devices and Remote Access

When using laptops and mobile devices outside the office, Staff must take reasonable steps to ensure that these devices are not lost or stolen. These devices may not be stored in vehicles or left unattended for any reason while out of the office.

Staff may also remotely access the office network from a personal computer. Such access is only permitted if the computer has technology safeguards equal to, or better than, those on the computers belonging to our organization. Under no circumstances may Staff store data from our office network on a personal computer.

Regular Review of Safeguards

We recognize that technology and security measures evolve at a remarkable pace. So at CANalitica we annually review our personal information safeguards with our Information Technology consultants and in-house experts. We want to ensure that our safeguards exceed industry best- practice.

Your Ability to Access Your Information

If you are a client, you may review any personal information we have on you in our files by contacting us at the email above.

Please include sufficient details in your request about the type of information that you would like to see about yourself. Please sign your request and we will contact you within 30 days of receipt. We only respond if you are making a request relating to your own personal information. We will not grant access to personal information about someone else.

We will be pleased to provide you with access to your personal information as long as it does not fall within an express PIPEDA exception. Examples of such exceptions include information generated in the course of a formal dispute resolution process; information about another individual where disclosure would reveal confidential commercial information; or information disclosed to the police or other lawful authorities where we are required to withhold disclosure.

Please note that summary information is available on request, subject to the terms above, but more detailed requests requiring archive or other retrieval costs may be subject to a professional and disbursement fees.

Questions or Concerns

Should you have any questions or concerns about this Privacy Policy or how we handle your information-access request, please direct them to our Privacy Information Officer. He or she will be pleased to respond and if necessary investigate the matter.

We reserve the right to change our Privacy Policy at any time by posting a new version on our web site. In the event of a conflict between this version and another, the version that is later in time prevails.