Credential Sentry Inc. (the “Company,” or “Credential Sentry,” used interchangeably) is committed to maintaining the highest level of confidentiality regarding the use of personal information that is shared with us. Respecting your privacy is a value which we firmly honour. In light of this commitment, the Company is guided and governed by the Personal Information Protection and Electronic Documents Act (PIPEDA) which regulates the private sector’s collection, use and disclosure of personal information.
We Are Accountable
The Company recognizes that it is responsible for the personal information provided to us. As such, we have established practices and procedures to ensure that this information is appropriately protected and have appointed a Privacy Officer to administer the process. All employees of the Company must abide by the privacy principles described in further detail below.
Identifying the Purpose of Collecting Personal Information
Personal information, under PIPEDA, includes, but is not limited to, your name, address and telephone number, birth date, social insurance, passport or driver’s license number and photo, as well as your financial information. This information may be collected in the course of opening accounts on the Company website, or through direct correspondence with you. We collect this and other information about you in order to properly identify you, to contact you, to understand your contemplated transaction, and to provide technology guidance in respect of your transaction.
Obtaining Your Consent
The Credential Sentry Account Opening Agreement contains a number of sections in which you are requested to supply personal information about yourself. By completing and signing this agreement or by providing personal information about yourself by any other means, you are consenting to the collection of your personal information and any subsequent personal information that is collected by us for the purposes which we have set out. You may withdraw your consent at any time, subject to legal and contractual conditions; however, this may have an impact on the services that we are able to provide to you.
Collecting Only Essential Information
Our accounting, compliance and account service personnel are aware that only information necessary for the opening and operating of your Credential Sentry account is to be requested and collected.
Limiting the Use, Disclosure, and Retention of Your Personal Information
Confidentiality of account holder information is a fundamental principle of the Company. No employee may release confidential account holder information, including the fact that a person is or is not an account holder of Credential Sentry unless required by law or with the account holder’s express consent.
All employees of Credential Sentry are accountable for safeguarding and maintaining the privacy of all personal information under their control. Our accounting, compliance, account service and administrative personnel have been appropriately instructed and trained to ensure that account information, when requested, is only supplied to people who are expressly authorized recipients other than yourself for your account. To maintain awareness of our policies and practices in this regard, annually we have all of our employees sign a confidentiality agreement affirming their undertaking to faithfully abide by these practices. To satisfy regulatory requirements, personal information will be retained for at least seven years.
We will not disclose your personal information to third parties, except to the extent required to fulfill the purposes we have set out. We use service providers in various aspects of the services we provide to you, including, but not limited to, lawyers and other third parties. These third parties are only provided with the information necessary to perform the required services, and we require, under written agreements, that these third parties protect the privacy of your information.
We may be required to disclose your personal information to domestic and international governments, and other regulators. We will only do so when required by law.
Ensuring the Accuracy of Personal Information
Staff who are in regular contact understand that they have a responsibility to update the central database whenever they learn of changes in your personal information. As well, update forms are circulated periodically to give you the opportunity to revise your personal information. Should you have any concerns about the accuracy of your personal information which we have on file, please contact firstname.lastname@example.org.
Using Appropriate Safeguards
In the course of establishing a secure environment for the operation of our Company’s activities, Credential Sentry has implemented a number of steps to safeguard the integrity of all account holder personal information.
Hard copies of account documentation for open and recently closed accounts are stored in locked cabinets which are available only to those staff that need to work with this material. Protection of Credential Sentry premises is secured through limited access only to those in possession of secure pass cards.
Personal information in the form of electronic data is stored within our computer system using passwords.
When electronic data is backed up at an offsite storage facility, such facility maintains industry standard security systems.
Being Open and Transparent About Our Processes Relating to Personal Information
Making Personal Information Accessible to Account Holders
You may access your personal information that we have on file by contacting email@example.com. Requests for information will be responded to within 30 days.
Responding to Inquiries and Complaints
Inquiries or complaints will be dealt with promptly. Please direct your communication in writing to firstname.lastname@example.org. The Privacy Officer will acknowledge your query, investigate and provide you with a response within 30 days.