The
Steele O’Neil and Associates, inc. Privacy Code sets out
our privacy commitment to the protection of our employees, and
clients, personal information. This privacy code is built on the
ten principles of Canadian Standards Association (CSA) Model Code
for the protection of Personal Information which was published
in March 1996 as a National Standard of Canada that have now been
incorporated into both federal and provincial laws.
Definitions
“Contact
Information” means information to enable an individual at
a place of business to be contacted and includes the name, position
name or title, business telephone number, business address, business
email or business fax number of the individual.
“Employee
personal information” means personal information about an
individual that is collected, used or disclosed solely for the
purposes reasonably required to establish, manage or terminate
an employment relationship between the organization and that individual,
but does not include personal information that is not about an
individuals employment.
“Organization”
means a person, an unincorporated association, a trade union,
a trust or a not for profit organization, but does not include:
a) an individual acting in a personal or domestic capacity or
acting as an employee;
b) a public body;
c) the Provincial Court, the Supreme Court of the Court Appeal;
d) private trust for the benefit of one or more designated individuals
who are friends or members of the family of the settler.
“Personal
Information” means information about an identifiable individual
and includes employee personal information but does not include
contact information or work product information.
“Company”
means Steele O’Neil and Associates, Inc., or SON
Introduction
Steele
O’Neil and Associates, Inc. is a British Columbia Company
providing employment and consulting services. As a leading government
contract management company, privacy of personal information is
a critical employee and client criteria and priority.
This
Privacy Code is intended to set our commitment to our clients
and employees regarding the protection of personal information
provided by our employees and clients as reflected in the following
principles, policies and procedures. It is also intended to set
out the choices available for individuals regarding our collection,
use or disclosure of their personal information.
The
purpose of this Privacy Code is to articulate clearly our privacy
practices respecting the management of personal information collected
and used by our Company and ensure compliance with the federal
and provincial laws. It is the intention of this Privacy Code
to recognize the needs of our Company to collect, use or disclose
personal information versus the right of individuals to protect
their personal information. The standard for the collection of
personal information by our Company is one of what a reasonable
person would consider appropriate in the circumstances.
Steele
O’Neil and Associates, Inc. is further committed to a continual
review and updating of our Privacy Code to ensure that we are
keeping pace with the changes in technology and industry practices
and meet the on-going needs of our employees and clients.
Guiding
Principles
The
following ten principles are the basis of the Steele O’Neil
and Associates, Inc. Privacy Code and shall guide Steele O’Neil’s
management of personal information and its privacy practices together
with the statutory requirments of the BC Personal Information
Protection Act.
1.
Accountability
Steele
O’Neil and Associates, Inc. (herein “SON”) is
accountable for all personal information under its control. SON’s
privacy officer is the Managing Partner who is designated as responsible
for SON’s privacy policiy. The privacy officer can be reached
by:
• E-mail, at smsteele@telus.net
• Telephone, at (250) 489-4180
• Fax, at (250) 489-0412
• Mail, at:
36
- 11th Avenue S
Cranbrook
BC
V1C-2P1
Canada
Any
questions about SON’s handling of personal information should
be directed to the privacy officer. Please see below for more
information about the process of referring questions about SON’s
handling of personal information.
2.
Purpose of Personal Information
The
purpose for which SON collects personal information will be identified
at or before the time information is collected.
SON
collects personal information about its clients in order to:
• Manage and administer the employment counseling or business
consulting relationship, and,
• To comply with the provincial or federal requirements,
regulations and policies regarding client participation on employment
services or programs, and/or referral to alternate agencies for
service.
SON
also collects a certain amount of personal information about its
employees in order to:
• Manage and administer the employment relationships, and,
• To comply with legal and regulatory requirments.
All
personal information about clients and employees is protected
through appropriate security safeguards, the confidentiality of
information when dealing with other agencies, and by keeping information
accurate and up-to-date, and by responding to client and employees
requests. SON will not sell, share, transfer and/or otherwise
use personal information for any other purpose than identified
and authorized by the client or employee at or before the time
of collection.
3.
Consent
SON
seeks consent for all personal information we collect, use and
disclose through information provided to individuals prior to
collection or at the time of collection.
Clients
consent to their personal information being disclosed to the government
agency that funds the program they are participating in through
signed consent.
If
you have voluntarily provided information, you have consented
to the collection, use and disclosure of your personally identifiable
information as described in this privacy policy. As required by
the CSA Model Code, SON will not use personal information for
any purpose other than that for which you consented. Should SON
require personal information for a new purpose, we will contact
you to seek consent for that new use.
4.
Limiting Collection of Personal Information
SON
does not collect personal information of individuals except when
individuals give consent and provide the information on a voluntary
basis. There may be occasions where more specific personal information
is necessary for us to proceed with a request for information,
or provide you with a product or service. In such cases, we will
provide you with a description of the information we need. In
all cases, SON limits the amount and type of information collected
to only personal information that is required to provide you with
the requested information, product, or service. We collect only
information that is authorized by you and undertake that such
information will be kept strictly confidential.
5.
Limiting use, Disclosure and Retention of Personal Information
SON
does not use or disclose personal information of individuals except
when individuals give consent, or as provided by law.
We
retain personal information only as long as is necessary to provide
individuals with the requested product, service or information
and delete or destroy this information after that time.
The
personal information will only be used for the period that a file
is active plus one year and will then be deleted or destroyed.
In some cases, however, legal reporting and retention requirments
necessitate that SON retain information for a specific amount
of time, or return the information to the government agency, for
which SON is delivering service. In general, SON retains information
for a period not longer than one (1) year beyond file closure.
6.
Accuracy of Personal Information
SON
makes every effort to keep personal information as accurate, complete,
current and relevent as necessary for the identified purposes.
7.
Safeguarding Personal Information
SON
respects the privacy of our clients, partners, potential web site
visitors and internet users and will protect that privacy as vigorously
as possible. We store personal information in electronic and physical
files that our secure. Our security measures include:
• Physical files are kept in locked metal file cabinets
• After the maximum retention period expires the file is
shredded and the paper recycled.
Electronic files exist and are protected by:
• Passwords
• Firewalls
• Anti Virus Software
• Access to records and equipment restricted to specific
employees
• On completion, client data is erased
• We do not allow the use of personal names in email transmissions.
Unfortunately,
no data transmission over the internet can be guaranteed to be
100% secure. As a result, while we strive to protect all personal
information, we cannot ensure or warrant the security of any information
transmitted to us or received from us electronically. This is
especially true for information transmitted to us via e-mail.
We have no way of protecting that information until it reaches
us. Once we receive a transmission, we make our best efforts to
ensure its security on our servers.
8.
Openness Concerning Policies and Practices
SON
shall ensure that information is made available to employees and
clients regarding this Privacy Code and our privacy practices
regarding personal information.
9.
Client and Employee Access to Personal Information
The
SON makes readily available to individuals our Privacy Policy
and related procedures for managing personal information. We provide
access to the Privacy Policy and related procedures to individuals
on SON’s web site and in written form. Any questions about
the handling of personal information by the SON can be raised
with our privacy officer.
10.
Challenging Compliance
At
the written request of an individual, he or she may view or edit
their personal information as collected by SON. SON will inform
them of what personal information we have about the individual,
what it is being used for and, in cases where it has been disclosed,
to whom it has been disclosed. There may be exceptional circumstances
as provided by the CSA Model Code under which SON may not be able
to give an individual access to the persoanl information about
her or him held by SON. In this case SON will explain the reason
for this lack of access, as provided by the CSA Model Code.
To
make a request, please contact the Privacy Officer at the above
mentioned address. In your request, please include the following
information:
• Name,
• Contact details,
• The nature of your request, including whether you wish
to view and/or edit information or inquire regarding use and/or
disclosure.
SON
will reply to a request in no later than thirty days after receipt
of the request, or if we are not able to respond within this time
period, we will send a notice of extension. If we are not able
to disclose all the personal information we hold on an individual,
we will give a reason for our inability to do so, unless prohibited
by law.
