Fit4Duty – The Ethical Standard™
Effective Date: January 1, 2020
Next Annual Review: on or before January 1, 2021
Therefore, Fit4Duty – The Ethical Standard™ does not subscribe to the Advanced Tracking service provided by its website host, Google Analytics, Facebook Pixel, Pinterest Meta Tag or Google AdSense. This policy does not apply to personal information collected by third-party service providers, (other than what is addressed in this Policy). The third-party service providers used by Fit4Duty – The Ethical Standard™ and their Privacy Policies are:
The Ten Principles of PIPEDA Summarized
Fit4Duty – The Ethical Standard™ follows these PIPEDA principles:
1. Accountability: Fit4Duty – The Ethical Standard™ is accountable for the Personal information we collect, use, retain and disclose in the course of their commercial activities;
2. Identifying Purposes: Fit4Duty – The Ethical Standard™ explains the purposes for which the information is being used at the time of collection and can only be used for those purposes;
3. Consent: Fit4Duty – The Ethical Standard™ obtains an Individual’s express or implied consent when we collect, use, or disclose the individual’s Personal information;
4. Limiting Collection: the collection of Personal information is limited to only the amount and type that is reasonably necessary for the identified purposes;
5. Limiting Use, Disclosure and Retention: Personal information is used for only the identified purposes, and is not disclosed to third parties unless the Individual consents to the alternative use or disclosure;
6. Accuracy: Fit4Duty – The Ethical Standard™ keeps Personal information in active files accurate and up-to-date;
7. Safeguards: Fit4Duty – The Ethical Standard™ uses physical, organizational, and technological
safeguards to protect Personal information from unauthorized access or disclosure.
8. Openness: Fit4Duty – The Ethical Standard™ informs our clients and trains our employees about our privacy policies and procedures;
9. Individual Access: an individual has a right to access Personal information held by Fit4Duty – The Ethical Standard™ and to challenge its accuracy if need be; and
10. Provide Recourse: Fit4Duty – The Ethical Standard™ informs clients and employees of how to bring a request for access, or complaint, to the Chief Privacy Officer (“CPO”), and respond promptly to a request or complaint by the individual.
"Personal information" means any information about an identifiable individual. It includes, without limitation, information relating to identity, ethnic origin, age, gender, address, telephone number, e-mail address, Social Insurance Number, date of birth, marital status, education, employment health history, evaluations, personal opinions or views of an Individual, comments, social status, disciplinary actions, employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs). Personal information does not include the name, title, business address or telephone number of a person or employee of an organization if that information was used or disclosed solely for the purpose of communicating with that person in relation to their employment or profession.
"Client" means the business (including sole proprietorships and individuals carrying on business in a partnership) or an individual who makes contact with Fit4Duty – The Ethical Standard™ in the course of a commercial activity.
"File" means all information collected in the course of an investigation, consulting work or training, as well as information collected to update or maintain an existing business relationship.
"Express consent" means the individual provides Fit4Duty – The Ethical Standard™ with permission to collect, use, and disclose the individual's personal information either in writing or recorded orally for the purposes set out in the client agreement, form or discussion.
"Implied consent" means Fit4Duty – The Ethical Standard™ may assume that the individual consents to the information being used, retained and disclosed for the original purposes, unless notified by the individual.
1. Accountability of Fit4Duty – The Ethical Standard™
Fit4Duty – The Ethical Standard™ will comply with all 10 principles of Personal Information Protection and Electronic Documents Act (“PIPEDA”).
Fit4Duty – The Ethical Standard™ will appoint someone to be responsible for PIPEDA compliance, that person shall hold the title of Chief Privacy Officer (“CPO”).
Fit4Duty – The Ethical Standard™ will protect all personal information, including any personal information over which we have control, that was provided by you to a third-party for processing.
2. Use of Personal Information
a. How do we use your personal information?
Whenever we collect your personal information, we will identify the purposes for which we will use that information and we will obtain your consent to such use. We may collect your personal information for a variety of reasons, including: providing services to our clients, conducting a thorough investigation; sending you information and communications; responding to inquiries and other requests; or processing transactions. We may also use, or disclose your personal information, if we have reason to believe that using or disclosing such information is necessary to protect our rights, safety or property, including by detecting and preventing fraud. We may also use your personal information as otherwise permitted by law.
Specifically, and without limiting the generality of the preceding paragraph, we collect, use and disclose personal information and business information for the following purposes: to comply with legal and regulatory requirements.
b. When and how do we obtain your consent?
We obtain your consent prior to collecting, using or disclosing your personal information for any purpose. You may provide your consent to us either orally or in writing, and that consent can either be express or implied. For example, by providing your email address and name on a newsletter sign-up form at an event, or completing an online sign-up form, you provide Express Consent to be added to the Fit4Duty – The Ethical Standard™ mailing list, managed by MailChimp.
On the other hand, Implied Consent applies to information provided by you to Fit4Duty – The Ethical Standard™ that is not solicited by Fit4Duty – The Ethical Standard™ or requested in any way.
When Fit4Duty – The Ethical Standard™ requires the consent of a child, or any individual unable to provide meaningful consent themselves, to provide personal information, express consent will be obtained from a parent or guardian.
Consent, either express or implied, can be withdrawn at any point in time by contacting the CPO, unless it is required by law or contractually.
c. Where do we store your personal information?
We store your personal information in our office in Wasaga Beach, Ontario, Canada. Your personal information is subject to Canadian laws, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies in Canada, pursuant to applicable laws.
d. How long will we use, disclose or retain your personal information?
We will use, disclose or retain your personal information for as long as necessary to fulfill the purposes for which it was collected and as permitted or required by law. We have established minimum and maximum retention periods and secure procedures for maintaining and destroying your personal information.
3. Disclosure of Personal Information
Generally, we do not disclose your personal information, and where we do, we will identify to whom and for what purposes the disclosure will be made, and will obtain your consent to such disclosure. In any case, we only disclose your personal information as permitted or required by law.
Where disclosure of personal information collected by Fit4Duty – The Ethical Standard™ is required by law, such as the case may be in a workplace investigation conducted in accordance with the Occupational Health and Safety Act, only the personal information required to fulfill the statutory requirements will be disclosed.
Fit4Duty – The Ethical Standard™ uses service providers to send marketing emails, (MailChimp), collect survey results (Survey Monkey), conduct research (FormStack), and process transactions (PayPal). When using one of these third-party service providers, you provide Express Consent directly to those third-parties and that consent can be withdrawn at any time by contacting the third-party service provider. The personal information collected about you by a third-party service provider is only used by Fit4Duty – The Ethical Standard™ to fulfill the purposes for which it was collected and as permitted or required by law.
4. Limiting Collection of Personal Information
Fit4Duty – The Ethical Standard™ collects only the personal information needed to fulfill the purposes for which it was collected.
5. Limiting Use, Disclosure and Retention
Generally, we do not disclose your personal information, and where we do, we will identify to whom and for what purposes the disclosure will be made, and will obtain your fresh consent to such disclosure, if necessary. In any case, we only disclose your personal information as permitted or required by law.
Where a new purpose for the use of personal information is identified during the course of an investigation, that purpose will be documented.
Only authorized employees of Fit4Duty – The Ethical Standard™ can access your personal information and appropriate action will be taken for any unauthorized access.
In the case of an investigation, Fit4Duty – The Ethical Standard™ will dispose of the file containing personal information by securely shredding paper files or effectively deleting electronic records on the second anniversary of the day on which the investigative report is provided to the client, in accordance with the Limitations Act, section 4, regardless of whether a client relationship still exists between Fit4Duty – The Ethical Standard™ and the client.
If the retention of your personal information is no longer necessary to fulfill the purposes for which it was collected, and is not required by law, Fit4Duty – The Ethical Standard™ will dispose of the file containing personal information by securely shredding paper files or effectively deleting electronic records six months from the date of collection, date of transaction or termination of the client relationship.
In the case of revoked consent to collect and use personal information, the file will be disposed of immediately upon request, unless it is required by law or contractually.
Fit4Duty – The Ethical Standard™ endeavours to ensure that any personal information contained in your file is accurate, current and complete as is necessary to fulfill the purposes for which the information has been collected, used, retained and disclosed, this does not apply to information, other than personal information, obtained from third-parties about you in the course of an investigation.
Clients are requested to notify Fit4Duty – The Ethical Standard™ of any change in personal or business information, that could disrupt the commercial activity.
Fit4Duty – The Ethical Standard™ uses security safeguards to ensure that physical files are protected against loss, theft, or any unauthorized access, disclosure, copying or modification, until the expiry of the retention period and successful disposal of the file.
Fit4Duty – The Ethical Standard™ uses up-to-date technological tools to provide necessary protection to all digital files, until the expiry of the retention period and successful disposal of the file.
Only those employees of Fit4Duty – The Ethical Standard™ with authorization will have access to any files containing personal information.
9. Individual Access
An Individual who wishes to review or verify what personal information is held by Fit4Duty – The Ethical Standard™, or to whom the information has been disclosed (as permitted by the Act), may make the request for access, in writing, to Fit4Duty – The Ethical Standard™ 's Chief Privacy Officer.
Upon verification of the individual's identity, the Chief Privacy Officer will respond within 30 days. Fit4Duty – The Ethical Standard™ is entitled to request sufficient Personal information to allow us to confirm whether or not we have personal information relating to you, the individual making the request.
If the individual finds that the information held by Fit4Duty – The Ethical Standard™ is inaccurate or incomplete, upon the individual providing documentary evidence to verify the correct information, Fit4Duty – The Ethical Standard™ will make the required changes to the individual's active file(s) promptly.
If an individual has a concern about Fit4Duty – The Ethical Standard™'s personal information handling practises, a complaint, in writing, may be directed to the Fit4Duty – The Ethical Standard™'s Chief Privacy Officer. Upon verification of the individual's identity, Fit4Duty – The Ethical Standard™’s Chief Privacy Officer will act promptly to investigate the complaint and provide a written report of the investigation's findings to the individual.
Where Fit4Duty – The Ethical Standard™'s Chief Privacy Officer makes a determination that the individual's complaint is well founded, the Chief Privacy Officer will take the necessary steps to correct the offending information handling practise and/or revise Fit4Duty – The Ethical Standard™'s privacy policies and procedures. Where Fit4Duty – The Ethical Standard™'s Chief Privacy Officer determines that the individual's complaint is not well founded, the individual will be notified in writing.
If the individual is dissatisfied with the finding and corresponding action taken by Fit4Duty – The Ethical Standard™'s Chief Privacy Officer, the individual may bring a complaint to the Federal Privacy Commissioner at the address below:
The Office of the Privacy Commissioner of Canada, www.priv.gc.ca.
30, Victoria Street
Fit4Duty – The Ethical Standard™
Attn: Chief Privacy Officer
9 Constance Blvd
Wasaga Beach, Ontario
Notwithstanding that we take the security precautions set out herein to protect your privacy and confidentiality, we cannot guarantee the security of your personal information or company information. E-mails or forms sent via the Internet are neither confidential nor secure and can be viewed and modified by third parties. Fit4Duty – The Ethical Standard™ will not be liable for damages arising from messages sent to it via unsecured e-mail or other messages sent electronically (SMS, etc.).
Fit4Duty – The Ethical Standard™ complies with the Canada Anti-Spam Law with respect to all commercial electronic messages we send out. At any time if you would like to unsubscribe from receiving future emails, you can email us at firstname.lastname@example.org and we will promptly remove you from ALL correspondence.