Concord Consulting Corporation (“Concord”)
Concord deals with personal information in compliance with Alberta’s Personal Information Protection Act (PIPA) and, as applicable, in compliance with Canada’s privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA) and with applicable international privacy law.
Concord recognizes the importance of privacy and the sensitivity of personal information that we may have concerning clients and other individuals associated with our firm. We are committed to safeguarding the personal information we have concerning any individual.
What is personal information?
Personal information is information about an identifiable individual, and includes name, home address, home phone number, personal e-mail address, ID numbers, personal financial information, credit card numbers, educational qualifications, medical information, social insurance numbers, and specifically in our business data collected for the purpose of providing our consultation and search services. In Alberta, business contact information (such as office address, job title, business phone number, business email address or business fax number) is not considered personal information.
Why do we collect, use and disclose personal information?
We collect, use, and disclose personal information in order to provide client services in the context of our proprietary instruments CCI Surveys ™ and the Pro.file Performance System ™ (PRO.FILE), and more generally in providing a range of consulting services to clients. Without limiting the generality of the forgoing, we may need to collect, use, or disclose personal information:
- to establish, and manage, our relationship with you;
- to assist you and or the firm with which you are associated with immediate and ongoing consulting needs on a high-quality basis;
- to ensure accuracy of information;
- to comply with the law; and
- to comply with our obligations of service to you and or your firm.
The specific purposes for collection, use and disclosure of personal information depend on the nature of the specific relationship and may change in the course of that relationship.
How do we collect, use, retain and disclose personal information?
We collect, use and disclose personal information by lawful, fair and reasonable means, and only for lawful, fair and reasonable purposes. When possible and practical, we collect personal information directly from the individual to whom the information relates. In order to provide high quality consulting services, we need to collect a range of personal information; we may also have the need to disclose personal information to third parties and or to transfer personal information internationally in the course of our business with them.
Within reasonable legal limits, we collect, use, retain and disclose personal information only with the consent of the individual involved. We may ask you for consent to collect, use, retain and disclose your personal information at the start of an assignment or during the course of our representation. We may collect, use or disclose your personal information without your knowledge or consent where required or permitted by law or regulation. Generally, by providing your personal information to Concord and continuing to deal with us, your consent to the collection, use, retention, and disclosure of information in accordance with this Policy is implied.
We will not disclose or sell your personal information or business contact information to third parties to enable them to market their products and services.
Subject to reasonable and lawful conditions, an individual may withdraw or vary consent for our collection, use, retention and disclosure of his or her personal information at any time with reasonable written notice. If at any time you have questions or concerns about your personal information or this Policy, we encourage you to contact our Privacy Officer.
Individuals situated in the European Union have a right to have their personal information erased from our systems upon request and in limited circumstances.
How do we manage your personal information?
The staff of Concord are aware of this Policy, that the Policy is binding on the staff of Concord and are aware of the importance of keeping your personal information accurate and secure.
Accuracy: Concord is committed to keeping your personal information accurate and current in the context of providing Concord’s services. If during the course of our relationship, any of your information changes, please inform us so that we can make the necessary changes.
Security: Concord will endeavour to keep your personal information technologically and physically secure from loss, theft or unauthorized access, disclosure, copying, use or modification.
Retention: Concord retains personal information in compliance with this Policy as required to meet the purposes for which it was collected or as required by law.
Can you access your personal information?
You may request correction of or access to the personal information we have about you. The request must be in writing and directed to our Privacy Officer.
Access to your personal information will be denied if access would disclose personal information about a third party, or where denial is permitted or required by law.
The Privacy Officer will assist the individual with the access request and respond in a timely manner, advising whether access to the requested records will be granted, and if so, how access will be given. If any part of an access request is refused, reasons for the refusal will be provided. The Privacy Officer will also inform the applicant that he or she may seek a review of the decision from the appropriate supervisory authority.
Responding to Personal Data Breaches
A ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal information transmitted, stored, or otherwise processed. In the event of a personal data breach, in certain circumstances we are legally obliged to report the breach to the appropriate Privacy Commissioner. In accordance with privacy legislation, we will also notify the individuals directly affected by the breach, as appropriate in the circumstances.
How do we respond to your specific privacy concerns?
If you have questions or concerns regarding your personal information or about this Policy, please contact our Privacy Officer:
Concord Consulting Corporation
The Office of the Information and Privacy Commissioner of Alberta oversees the administration and enforcement of Alberta’s privacy legislation. You may visit their website at: http://www.oipc.ab.ca/.
This Policy may be revised from time to time as required or permitted by law.