Introduction
KLJ Computer Solutions is committed to keeping personal information confidential and secure.
Our Privacy Policy is based on the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA – see http://www.privcom.gc.ca for more information). This policy describes how KLJ Computer Solutions adheres to the ten principles of privacy set out in this Act.
Definition Of Terms Used In This Privacy Policy
“Sub-contractor” means a non-affiliated service provider contracted to provide services on KLJ Computer Solutions’ behalf. Examples of such activity include soliciting sales, conducting market research, providing product support, or responding to requests for information.
“Individual” means a member of the public or an organization who contacts or is contacted by KLJ Computer Solutions or a sub-contractor for the purpose of soliciting sales, conducting market research, providing product support, or responding to requests for information.
“Personal Information” means information that individually or in combination could identify a specific individual. Examples include first and last name, home postal address or personal email address.
“Privacy Officer” means the person at KLJ Computer Solutions who is responsible for ensuring the protection of individuals’ personal information.
The Ten Principles of Privacy
1. Accountability
An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.
KLJ Computer Solutions has designated the office of the Privacy Officer to be responsible for overall personal information protection and KLJ Computer Solutions’ compliance with the PIPEDA.
2. Identifying Purposes
The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
When our employees or Sub-contractors contact individuals by telephone or in-person, they state the purpose of their contact, which is that KLJ Computer Solutions is soliciting sales, conducting market research, providing product support, or responding to requests for information.
3. Consent
The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except when inappropriate.
While KLJ Computer Solutions does not require an individual to provide personal information, further contact and follow-up can only be undertaken if personal information is collected. Generally, personal information collected is not disclosed to other parties. Occasionally, however, a partner or affiliated company or another client of KLJ Computer Solutions may request to contact individuals directly. In these cases, KLJ Computer Solutions does not disclose an individual’s personal information to another party unless it has first clearly explained to the individual the purpose of such disclosure and has obtained the individual’s express or written consent.
An individual may refuse to answer certain questions or withdraw consent at any time.
4. Limiting Collection
The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means .
KLJ Computer Solutions limits the amount and type of personal information it collects. We collect only the amount and type of information needed for the purposes identified to the individual.
Except as permitted by law, KLJ Computer Solutions will only collect personal information from external sources, such as client organizations, if individuals have consented to such collection.
5. Limiting Use, Disclosure, and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by the law. Personal information shall be retained only as long as necessary for fulfillment of those purposes.
KLJ Computer Solutions uses or discloses personal information only for the reasons it was collected, unless an individual gives consent to use or disclose it for another reason.
KLJ Computer Solutions keeps personal information only as long as necessary for the identified purposes. Personal information that is no longer needed for its identified purposes or for legal requirements is destroyed, erased or made anonymous.
6. Accuracy
Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
KLJ Computer Solutions makes reasonable efforts to keep personal information it uses on an on-going basis accurate, complete, current and relevant, based on the most recent information available.
KLJ Computer Solutions updates personal information only if it is necessary for the purposes for which it was collected.
7. Safeguards
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
KLJ Computer Solutions safeguards personal information in its possession or control from loss or theft and from unauthorized access, disclosure, duplication, use or modification.
Some information is stored electronically. Recent paper records containing individuals’ personal information are stored onsite at our office. Older records containing individuals’ personal information may be stored at an offsite storage facility.
KLJ Computer Solutions safeguards personal information in its possession or control through security measures, such as:
- Physical security – restricted access to offices and filing cabinets
- Organizational security – controlled entry in offices and limited access to relevant information
- Electronic security – firewalls and passwords
KLJ Computer Solutions uses care when disposing of or destroying personal information in order to prevent unauthorized access to the information.
8. Openness
An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
KLJ Computer Solutions is open about its procedures used to manage personal information. Individuals have access to information about these procedures through this Privacy Policy or by contacting the Privacy Officer.
If we make a material change to this policy or our privacy practices, we will post a prominent notice on our website (www.kljsolutions.com) for 30 calendar days prior to the implementation of the material change. Following the implementation of the material change, we will record at the introduction of this policy when the policy was last revised.
9. Individual Access
Upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
When an individual makes a written request to the Privacy Officer, KLJ Computer Solutions will advise the individual what personal information it has in its possession or control about the individual, what it is being used for, and to whom it has been disclosed.
When an individual requests it, KLJ Computer Solutions will give an individual access to personal information about them which is in the possession or control of KLJ Computer Solutions. In certain situations, however, KLJ Computer Solutions may not be able to give individuals access to all of their personal information. This may occur when:
- Providing access to personal information would be likely to reveal personal information about a third party;
- Disclosing the information would reveal confidential commercial information;
- The information has been collected for the purposes of a legal investigation.
If KLJ Computer Solutions denies the individual’s request for access to personal information, it will advise the individual of the reason for the refusal.
10. Provide Recourse
An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals for the organization’s compliance.
Individuals may challenge KLJ Computer Solutions’s compliance with this Privacy Policy. Individuals are advised to direct their complaints and questions in writing to the Privacy Officer.
KLJ Computer Solutions will investigate all complaints and attempt to resolve those that it finds are justified. If necessary, KLJ Computer Solutions will amend its policies and procedures.
If individuals are not satisfied with the way KLJ Computer Solutions responded to their complaint, they can contact the Federal Privacy Commissioner. They can also contact The Marketing Research and Intelligence Association (MRIA), a Canadian not-for-profit association representing all aspects of the market intelligence and survey research industry.