Our Commitment to Privacy
The federal government enacted the Personal Information Protection and Electronic Document Act (PIPEDA) in 2000. PIPEDA extended privacy protection to personal information collected, used and disclosed for commercial purposes in the private sector and voluntary sectors. Full application of PIPEDA went into effect in January 1, 2004, although the Act previously applied to certain federally-regulated and inter-provincial transactions
OUR COMMITMENT
MTI is committed to adhering to the principles of PIPEDA thereby protecting the privacy of the personal information of its employees, directors, clients and customers of clients. MTI values the trust of those we deal with, and of the public, and recognizes that maintaining this trust requires that we be transparent and accountable in how we treat the information that individuals choose to share with us.
During the course of working on behalf of clients, MTI gathers and uses personal information. Anyone from whom we collect such information should expect that it will be carefully protected and that any use of or other dealing with this information is subject to consent.
DEFINING PERSONAL INFORMATION
Personal information is any information that can be used to distinguish, identify or contact a specific individual. This information can include opinions or beliefs, as well as facts about, or related to, the individual. Exceptions include business contact information and certain publicly available information, such as names, addresses and telephone numbers which are published in telephone directories, and therefore not considered personal information. In addition, personal information does not include the name, title or business address or telephone number of an employee of an organization.
POLICY PRINCIPLES
The model code for the Protection of Personal Information forms the backbone of PIPEDA. MTI has adopted the model code developed by the Canadian Standards Association containing the following 10 principles to be respected.
Accountability
-
The General Manager for MTI will ensure third party contracts contain a provision explicitly requiring their adherence to PIPEDA.
-
A Chief Privacy Officer will be appointed and accountable for MTI’s compliance with the following principles.
Identifying Purposes
-
The purpose for collecting personal information will be identified at or before the time personal information is collected.
Consent
-
MTI will provide a means to allow individuals to easily withdraw consent at any time and ensure that procedures are in place to respect this request.
-
The knowledge and consent of the individual or organization are required for the collection, use, or disclosure of personal information.
Limiting Collection
-
The collection of personal information shall be limited to that which is necessary for the purposes identified by MTI.
-
Information shall be collected by fair and lawful means.
Limiting Use
-
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or organization or as required by law.
-
Personal information will be retained only as long as necessary for the fulfillment of those purposes.
Accuracy
-
Personal information will be as accurate, complete and up-to-date as is possible for the purposes for which it is to be used.
Safeguards
-
MTI will initiate the use of physical measures (locked filing cabinets, restricted access to offices, etc.) organizational measures (security clearances, “need to know” access, etc.) and technological measures (passwords, encryption, etc.) for the protection of all personal information.
-
All MTI employees are required to sign an agreement related to the confidentiality of personal information.
-
In the event that we transfer your personal information to a third party for processing we will require the person or organization dealing with your personal information on our behalf to protect your personal information in a manner consistent with this Privacy Policy or as otherwise required by law.
Openness
-
MTI will make readily available to individuals or organizations specific information about its policies and practices relating to the management of personal information.
Individual Access
-
Upon request, an individual will be informed of the existence, use and disclosure of his or her personal information and will be provided access to that information.
-
An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
-
Requests for access will be responded to by the Chief Privacy Officer, Michael Waldron, within 30 days.
Challenging Compliance
-
An individual will be able to address a challenge concerning compliance with the above principles with the designated Chief Privacy Officer, Michael Waldron..