Philosophy surrounding Privacy:
As part of our commitment to treat your personal information with respect, we operate in accordance with the following ten principles (the “Principles”):
Principle 1 – Accountability
Principle 2 – Identifying Purposes
Principle 3 – Consent
Principle 4 – Limiting Collection
Principle 5 – Limiting Use, Disclosure and Retention
Principle 6 – Accuracy
Principle 7 – Safeguards
Principle 8 – Openness
Principle 9 – Individual Access
Principle 10 – Handling Complaints and Inquiries
The purposes for which personal information is collected by us will be identified to you before or at the time the information is collected.
Personal information will only be collected, used, or disclosed with the consent of the individual, except in certain circumstances permitted or required by law. The way in which we seek consent may vary depending upon the sensitivity of the information. We will seek express consent in cases where the personal information involved is considered sensitive, such as income or health information. Typically, we will seek consent for the use or disclosure of personal information at the time of collection. However, additional consent will be sought after the personal information has been collected, if it is required for a new purpose. In certain circumstances, obtaining consent would be inappropriate. The federal Personal Information Protection and Electronic Documents Act and provincial privacy laws provide for exceptions where it is impossible or impractical to obtain consent.
The personal information collected by us shall be limited to those details necessary for the purposes identified to you. Principle 5 – Limiting Use, Disclosure and Retention We will not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as required or permitted by law. Subject to any applicable business, legal, or regulatory requirements, we will ensure that the personal information is destroyed in a secure manner, erased, or made anonymous when it is no longer required to fulfil the purposes we have identified to you.
We shall make every reasonable effort to ensure your personal information is maintained in an accurate, complete and up-to-date form.
We shall utilize industry standard security safeguards to protect your personal information.
Upon your request, we shall inform you of (i) the type of personal information we have collected, (ii) how we have used your personal information, and (iii) whether we have disclosed your personal information to any third parties. Individuals may verify the accuracy and completeness of their personal information, and may request that it be amended, if appropriate. There may be circumstances where we are unable to provide access to all of your personal information. We may deny access for legally permissible reasons, such as situations where the information contains references to other individuals and is not reasonably severable, or where it cannot be disclosed for legal, security, or commercial proprietary reasons. We will advise the individual of any reason for denying an access request. When an individual successfully demonstrates the inaccuracy or incompleteness of personal information held by us, we will correct or update the information as required. Please note that before we are able to provide you with any information or correct any inaccuracies we will ask you to verify your identity and to provide other details to help us to respond to your request.
Individuals may direct any questions or inquiries with respect to the Principles or about our information handling practices by contacting: Baicorp Financial Inc. Privacy Officer Messay Tesema – 1290 Cornwall Rd, Unit C, Oakville, Ontario Phone:1 (800) 680-9780 Fax: 1 (905) 844-8820 Email: email@example.com
SPECIFIC HANDLING PRACTICES
Why We Gather Personal Information:
At Baicorp, we gather and use personal information to:
Some or all of the personal information we collect may be stored or processed in jurisdictions outside of Canada. As a result, this information may be subject to access requests from governments, courts, or law enforcement in those jurisdictions according to laws in those jurisdictions. We only use personal information for the purposes that we have disclosed to you. If for any reason your information is required to fulfill a different purpose, we will obtain your consent before we proceed.
The type of personal information we may ask for depends on and is related to the reason (or purpose) such personal information was provided to us. For instance, for the purposes of managing your Health Spending Account, we will collect information in respect of, and for the purposes of processing your claim. In addition to the foregoing, the following is a description of the type of personal information that we may ask for:
The choice to provide us with your personal information, either directly or through a third party, is always yours. However, your decision to withhold particular information may limit our ability to provide you with the services or products you requested.
We may gather such personal information from you in person, via the Internet, via email, over the telephone or by corresponding with you via mail, facsimile, or from third parties who have your authority to disclose such personal information to us such as:
WHILE WE TRY TO ENSURE THAT EVERY THIRD PARTY WHO DISCLOSES PERSONAL INFORMATION TO US HAS YOUR CONSENT TO DO SO, IF YOU BELIEVE THAT A THIRD PARTY HAS INAPPROPRIATELY DISCLOSED YOUR PERSONAL INFORMATION TO US, PLEASE CONTACT THAT THIRD PARTY. IF THEY DO NOT ADEQUATELY RESPOND TO YOUR INQUIRIES, PLEASE LET US KNOW IMMEDIATELY.
For purposes of maintaining quality service, calls to our customer service lines may be recorded. A recorded message given prior to your call being answered will let you know if your call may be the subject of our random call recording quality assurance program.
When you visit Baicorp’s websites, we may collect information that is automatically sent to us by your web browser. This information may include your domain name, and your numerical IP address. We may also collect other information, such as the type of browser you use, which pages you view, and the files you request.
We use this information to better understand how visitors use our websites, and to improve our websites to better meet your needs. The amount of information that is sent by your web browser depends on the browser and settings you use. Please refer to the instructions provided by your browser if you want to learn more about what information it sends to websites you visit, or how you may change or restrict this.
Baicorp may use “cookies” and other similar devices on its websites to enhance functionality and provide more relevant offers for products and services. These devices may track information which includes, but is not limited to: (i) IP address; (ii) the type of web browser and operating system used; (iii) the pages of the website visited. If you wish to disable cookies, refer to your browser help menu to learn how. If you disable cookies, you may be unable to access some features on Baicorp’s websites.
Our websites are not directed to individuals under the age of 18, and we request that these individuals do not provide personal information through our website.
We may disclose your personal information to third parties as follows:
In the event we disclose personal information to our service providers, we require our service providers to agree to contractual requirements that are consistent with applicable privacy laws. We prohibit our service providers from using personal information except for the specific purpose for which we supply it to them.
The type of information we are legally required to disclose may relate to criminal investigations or government tax reporting requirements. In some instances such as a legal proceeding or court order, we may also be required to disclose certain information to authorities. Only the information specifically requested is disclosed and we take precautions to satisfy ourselves that the authorities that are making the request have legitimate grounds to do so.
There are some situations where we are legally permitted to disclose personal information such as employing reasonable and legal methods to enforce our rights or to investigate suspicion of illegal activities.
We use industry standard technologies and maintain current security standards to ensure that your personal information is protected against unauthorized access, disclosure, inappropriate alteration or misuse.
Electronic files which contain personal information are kept in a highly secured environment with restricted access. Paper-based files are stored in a secure area and access is also restricted.
We manage our server environment appropriately and our firewall infrastructure is strictly adhered to. Our security practices are reviewed on a regular basis and we routinely employ current technologies to ensure that the confidentiality and privacy of your information is not compromised.
Our web site uses Secure Socket Layer (SSL) and 128 bit encryption technologies to enhance security when you visit the secured areas of these sites. SSL is the industry standard tool for protecting and maintaining the security of message transmissions over the Internet. When you access your account(s) or send information from secured sites, encryption will scramble your data into an unreadable format to inhibit unauthorized access by others.
To safeguard against unauthorized access to your account(s), you are required to “login” with a user name and a password to certain secured areas of the Baicorp web site. Both user id and password are encrypted when sent over the Internet. If you are unable to provide the correct password, you will not be able to access these sections.
When you call our customer service centre you will be required to verify your identity by providing some personally identifying information as well as your group number and client id.
In the course of daily operations, access to private, sensitive and confidential information is restricted to authorized employees who have a legitimate business purpose and reason for accessing it. For example, when you call us, our designated employees will access your personal information to verify who you are and to assist you in fulfilling your requests.
As a condition of their employment, all employees of Baicorp are required to abide by the privacy standards we have established. Employees are informed about the importance of privacy and they are required to agree to standard business practice policies that prohibit the disclosure of any individual’s information to unauthorized individuals or parties.
Unauthorized access to and/or disclosure of personal information by an employee of Baicorp is strictly prohibited. All employees are expected to maintain the confidentiality of personal information at all times and failing to do so will result in appropriate disciplinary measures, which may include dismissal.
You have the right to access, verify and amend the information held in your personal files. You may access and verify any of your information by calling our customer contact centre at 1 (800) 680-9709 and ask for Messay Tesema
To help us keep your personal information up-to-date, we encourage you to amend inaccuracies and make corrections as often as necessary. Despite our efforts, errors sometimes do occur. Should you identify any incorrect or out-of-date information in your file(s), we will make the proper changes. Where appropriate, we will communicate these changes to other parties who may have unintentionally received incorrect information from us.
If you have a question, concern or complaint about privacy, confidentiality or the personal information handling practices of Baicorp, our employees or service suppliers, please contact: Baicorp Financial Inc. Mr. Messay Tesema, Office Manager; 1290 Cornwall Rd, Unit C, Oakville, Ontario L6J 7W5 Phone:1 (800) 680-9709 Ext Fax: 1 (4905) 844-8663 Email: firstname.lastname@example.org
Before Baicorp is able to provide you with any information or correct any inaccuracies, we may ask you to verify your identity and to provide other details to help us to respond to your request. We will endeavor to respond within an appropriate time frame.