The federal Personal Information Protection and Electronic Documents Act (PIPEDA) has been in effect since January 1, 2004. The purpose of the PIPEDA is to set out guidelines for the management of personal information in the private sector.
SmartChoice Admin Inc. is committed to ensuring that our business practices meet the requirements of the PIPEDA.
The following ten privacy principles are outlined by the PIPEDA – practices that we comply with and follow in our daily business operations:
- Accountability: An organization must appoint an individual that will ensure the organization is complicit with legislation.
- Identification of Purpose: Individuals must be informed of the purpose for the collection of their personal data prior to or at the time the information is collected.
- Consent: Individuals must consent to the use and/or disclosure of their personal data.
- Limiting Collection: An organization should limit the collection of personal information to its stated purpose.
- Limiting Use, Disclosure, and Retention: Personal information must only be used for the purposes for which consent has been given. The information should only be retained for as long as necessary to fulfill the purpose of business.
- Accuracy: Personal information should be kept accurate. Procedures must be put in place for persons to confirm and correct their own personal information.
- Safeguards: Personal information must be stored securely and appropriate measures must be taken to ensure that security.
- Openness: Privacy policies and practices should be made readily available.
- Individual Access: The organization must have the ability to inform an individual how their information was collected, used and disclosed as well as with whom their information has been shared.
- Challenging Compliance: An individual may challenge an organization’s compliance of its privacy principles.
Please feel free to contact our Privacy Officer if you have any questions or concerns regarding our PIPEDA compliance.