We have made a commitment to respect the privacy rights of identifiable individuals (such as your employees in certain circumstances) by ensuring that their personal information (as defined by law) is collected, used and disclosed in such a manner that a reasonable person would consider appropriate in the circumstances. We adhere to the following ten principles as set out in the federal Personal Information Protection and Electronic Documents Act (PIPEDA) as a minimum standard:
We are responsible for all personal information under our control and will designate one or more individuals who will be responsible for our compliance with the policies and procedures described in our privacy handbook.
- Identifying Purposes
We will identify the purposes for which we collect personal information at or before the time the information is collected.
We will obtain the appropriate consent from individuals for the collection, use, or disclosure of their personal information, except where the law provides an exemption.
- Limiting Collection
The personal information we collect will be limited to that which is necessary for the purposes we have identified.
- Limiting Use, Disclosure, and Retention
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. We will only retain personal information as long as necessary for the fulfilment of those purposes.
The personal information we collect will be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
We will safeguard the security of personal information under our control in a manner that is appropriate to the sensitivity of the information.
We will make readily available to individuals specific information about our policies and procedures relating to the management of personal information which is under our control.
- Individual Access
Upon request, an individual will be informed of the existence, use, and disclosure of his or her personal information which is under our control, and may be given access to, and challenge the accuracy and completeness of that information.
- Challenging Compliance
An individual may address a challenge concerning compliance with the above policies and procedures to our Privacy Officer
We may use a reliable third party as our agent or service provider in connection with the provision of data processing or other services. In particular, we may use third parties in Canada and in other countries to process Personal Information on our behalf. As a result, Personal Information may be accessed under the laws of Canada or such other countries to which the information has been transferred. Whenever Personal Information is transferred to an agent or service provider, we will require that they protect the Personal Information to the standards of confidentiality and security adhered to by JLT.
To obtain details on how to contact our Privacy Officer, please view the Privacy Section of our website at www.jltcanada.com