WHO ARE WE?
We reserve the right to change this policy from time to time as industry practice, the law, and our procedures in this area may change from time to time. We will post the current version of this policy at https://edmontoncdc.org/privacy-policy/
WHAT IS PERSONAL INFORMATION?
If the policies and procedures outlined in this document do not address a specific situation, individuals are advised to contact the Company’s Privacy Officer for guidance or clarification.
WHAT PERSONAL INFORMATION DO WE COLLECT?
The Company collects and uses only the personal information that we need for providing services and operating our business. Generally, the Company collects the following personal information from individuals for the various purposes set out below:
• email address,
• video and audio collected, accessed or streamed via services offered by the Company,
• payment history,
• financial information
• credit card number,
• bank information,
• comments, and
• position data, location information accessed or collected through GPS services offered by the Company.
WHY DO WE COLLECT PERSONAL INFORMATION ABOUT YOU?
In serving your needs, it is important to have accurate information about you. We collect your personal information to:
• Establish your identity,
• Understand your needs for, and determine your suitability for, products and services,
• Manage the Company’s business and operations, including customer relationships and matters,
• Meet legal and regulatory requirements;
• Better understand an individual’s interests in our services,
• Deliver, develop, enhance or improve products and services,
• As is necessary for contemplation of a business transaction, and
• Protect you and us from error and fraud, including verifying your identity to:
– Notify you of Company and third party new products and services, special offers, Company events and general industry information
– Adhere to applicable legal requirements
We normally collect information directly from our clients. We may collect your information from other persons with your consent or as authorized by law. Before or at the time of collecting personal information, we identify the purposes for which we are collecting the information. We do not provide this notification when personal information is volunteered for an obvious purpose. If we wish to use or disclose your information for a new purpose not included in this policy, we will notify you and seek your consent.
Each time you visit our web pages, such as http://www.blueplatediner.ca/, we gather the date, time, browser type, name of the visitor’s Internet service provider, the site that referred the visitor to us, any pages that are requested, the navigation history and IP address of the visitor. The foregoing information does not generally contain anything that can identify users personally. If you object to this gathering of information, you should not use or access our web pages. We use this information for our internal security audit log, trend analysis and system administration, and to gather broad demographic information about our user base for aggregate use. This information may be shared with third parties in order to provide services to us or to analyze, store or aggregate the information.
To the extent that our websites contain links to other sites, the owners of those sites are responsible for the privacy practices or content of those other sites. We do not endorse and will not be responsible for the privacy practices on third party websites.
Ordinarily, we ask for consent to collect, use or disclose personal information, except in specific circumstances where collection, use or disclosure without consent is authorized or required by law. We may assume your consent in cases where you volunteer information for an obvious purpose.
You may withdraw consent to the use and disclosure of personal information at any time, unless the personal information is necessary for us to fulfil our reasonable business or legal obligations. We will respect your decision, but we may not be able to provide you with certain products and services if we do not have the necessary personal information.
The purpose of collecting personal information is set out in this policy. Any necessary consent shall be obtained before personal information is collected, used or disclosed.
We ask for your express consent for some purposes and may not be able to provide certain services if you are unwilling to provide consent to the collection, use or disclosure of certain personal information. Where express consent is needed, we will normally ask clients to provide their consent orally (in person, by telephone), in writing (by signing a consent form), or electronically (by clicking a button). In cases that do not involve sensitive personal information, we may rely on “opt-out” consent.
The amount and type of personal information collected by the Company shall be limited to what is necessary to fulfill the identified purpose. Personal information shall only be used or disclosed for the purposes for which it is collected. Exceptions may be made with the consent of the individual or if authorized or required by law.
Personal information collected by the Company or on behalf of the Company will be sent to the Company’s head office in Edmonton and will be subject to the laws of Canada.
WHAT DO WE DO WITH YOUR INFORMATION?
Your information will only be used by the Company for the purposes outlined above under “Why Do We Collect Personal Information from You?”. We will not disclose your personal information to any third party, except as set out below.
Our service providers/subsidiaries in Canada and the United States collect, use or disclose your personal information for the following purposes:
• data storage services,
• marketing services including the notification of new products and services special offers, some customer support services,
Whenever we engage a third-party service provider to do work for us, we confirm that its privacy and security standards meet our requirements.
We may be involved, from time to time, in transactions to sell parts of our business or assets or merge with other businesses. Since our customer information may be part of such transactions, we may use or disclose this information to other parties involved in the transaction. In such cases, the information that is shared is limited to what is necessary to accomplish the transaction, and we take appropriate steps to protect the information from improper use or disclosure.
There are exceptions where we may collect, use or disclose personal information without consent when required or permitted by law.
From time to time, we may be compelled by legal action to release information (e.g., statutory reporting obligation, search warrant, court order, bankruptcy or insolvency proceedings etc.). In certain circumstances, we may also be permitted by law to collect, use or disclose information without the consent of the individual concerned. For example, we may disclose personal information without consent if it is to be used in an emergency that threatens the life, health or security of the individual, or when collecting unpaid amounts owed or owing to us.
HOW DO I OBTAIN ACCESS TO MY PERSONAL INFORMATION?
Upon request received by the Company in writing, individuals shall be informed of the existence, use, and disclosure of their personal information records and shall be given access to that information. Requests to access personal information held by the Company should be directed to the Company’s Privacy Officer.
Requests must be made in writing or by e-mail. Individuals may be required to verify their identity in order to access their personal information. Any such documentation provided shall be used for verification purposes only.
A fee for reasonable costs incurred may be charged when responding to more complex requests. The individual will be informed of the applicable fee.
The Company will be as specific as possible when describing third parties to whom it has disclosed personal information about an individual. When it is not possible to provide a list of the organizations to which it has actually disclosed information, the Company will provide a list of organizations to which it is likely to have disclosed information.
Individuals are permitted either to view the original record or to request a copy, subject to limitations as permitted or required by law. To preserve the integrity of the record and ensure that documents are not removed from the Company, individuals wishing to view an original record will do so at the Company’s head office and under the supervision of designated Company personnel.
LIMITATION TO ACCESS
The Company will only refuse access to information about you in those circumstances permitted or required by applicable privacy legislation.
In the event that the Company refuses to provide access to information, it will provide you with the reasons for its refusal upon request. Exceptions may include information that contains references to or opinions of other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, or information that is subject to solicitor-client or litigation privilege. The Company will respond to your requests for access in accordance with applicable privacy legislation.
MAINTENANCE OF PERSONAL INFORMATION
Personal information shall be kept as accurate, complete, and up-to-date as necessary for the purposes for which it is to be used.
Individuals have the right to challenge the accuracy and completeness of the personal information that is maintained by the Company and have it amended as appropriate.
Individuals seeking a correction or amendment to their personal information should direct their requests in writing to the Company’s Privacy Officer.
If the individual is not satisfied with the results of the request, the Company shall internally document the issue, and provide a response. The existence of the unresolved challenge will be transmitted to third parties, as appropriate.
SECURITY OF PERSONAL INFORMATION
Personal information will be retained only as long as necessary and will be disposed of in a manner that is appropriate to the sensitivity of the information. We render client personal information non-identifying or destroy records containing personal information once the information is no longer needed. We use appropriate security measures when destroying client personal information, including shredding paper records and permanently deleting electronic records.
Personal information will be protected by security safeguards, appropriate to the sensitivity of the personal information.
We will notify the Office of the Information and Privacy Commissioner of Alberta, without delay, of a security breach affecting personal information if it creates a real risk of significant harm to individuals.
If you are not satisfied with the response from our Privacy Officer after making a complaint, you may have recourse to additional remedies under applicable privacy legislation. For further information, please contact the Federal Privacy Commissioner or your provincial Privacy Commissioner, as applicable.
QUESTIONS AND COMPLAINTS
If you have a question or concern about any collection, use or disclosure of personal information by the Company, or would like to request access to your own personal information, please contact: 1-780-429-0740 or email: firstname.lastname@example.org