Last updated: January 2021
Policy objectives and governance
Canning Consulting is committed to protecting the rights and privacy of all our prospects, customers and employees. We commit to honouring the spirit and letter of the relevant laws of Canada both the Privacy Act and the Personal Information Protection and Electronic Documents Act (PIPEDA). We follow the 10 fair information principles to protect personal information, which are set out in Schedule 1 of PIPEDA: https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/p_principle/. We will do so by being clear, transparent, and accountable when dealing with any confidential information that you may consent to share with us. This policy is governed by Canning Consulting’s Board of Directors and is reviewed annually and revised as required.
Why and what personal information do we collect?
In delivering our services, we often gather and use personal information. Personal information is any personal identifiable information we maintain regarding any person, whether a current, former, or prospective customer. This includes, but is not limited to, biographical data, and other types of information which would reasonably be considered to be confidential. Where a person uses their home contact information as business contact information, we consider that the contact information provided is business contact information and is not subject to protection as personal information.
Cookies are data files that are placed on your device and often include an anonymous unique identifier.
Overall, cookies help provide you with a better website experience, by enabling us to monitor which pages you find useful and which you do not. A cookie does not give access to your computer or any information about you, other than the data you choose to share with us. Log files track actions occurring on this website, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps. Web beacons, tags, and pixels are electronic files used to record information about how you browse this website.
Canning Consulting’s Privacy & Confidentiality Practices
Personal information gathered by Canning Consulting is kept confidential. Our employees will utilize personal information only for the reason that it was intended. Safeguards are in place to ensure that the information is not disclosed or shared beyond its original purpose. We also take measures to ensure that the integrity of this information is maintained and to prevent it from being lost or destroyed. We collect, use, and disclose personal information only for purposes that a reasonable person would consider appropriate. Canning Consulting will carefully protect this information and will obtain consent to utilize the information for any other purpose, such as programs, publications or other materials. Canning Consulting does not sell, rent, exchange, or otherwise share its list of employees, prospective, current or past customers.
Wherever possible, we seek a person’s consent before we collect their personal information. The form of consent may vary depending on the circumstances and the type of information being requested. Consent can be expressed or implied, and can be provided directly by the individual or by an authorized representative.
Express consent is preferred. Express consent can be given orally, electronically or in writing. Implied consent may be reasonably inferred from a person’s action or inaction. For example, providing a name and address to receive a publication or providing a name and telephone number to receive a response to a question. When determining the appropriate form of consent, we take into account the sensitivity of the personal information, the reasons we are collecting it, and the reasonable expectations of the person. When using personal information for a new purpose, we will document that new purpose and ask for consent again.
When do we collect information?
We do not collect data at an individual level for browsing, but rather are able to see an overview of the number of page views, average time a page is viewed for, and other interactions with our site. This helps us know whether our site is user-friendly, and which content is the most useful and relevant.
How can you opt-out, remove, or modify Information you have provided?
To modify your email subscription, click the link at the bottom of our newsletters to update your preferences or unsubscribe from future emails.
CASL (Canadian Legislation)
The Canadian Anti-Spam Legislation (CASL) establishes requirements for communications, gives recipients the right to have emails stopped from being sent to them, and penalizes violators. Under CASL, we obtain consent to send electronic messages such as email. Consent will be obtained predominately through express consent which will be attained by the recipient taking a proactive action to indicate their express consent (ie. Opting-in via our newsletter sign-up).
Once express consent is obtained, electronic messages will be sent until the recipient unsubscribes or notifies us that they no longer want to receive messages.
Implied consent for sending electronic messages will be relied on under certain conditions such as through an existing relationship whereby a previous transaction has taken place such as a financial transaction, or when an email address has been made publicly available.
No matter the type of consent we have received, if the recipient requests to stop receiving electronic messages, communication will cease within 10 business days. Up-to-date contact lists and records will be kept based on continued consent.
CAN-SPAM Act (American Legislation)
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to: send information, respond to inquiries, and/or other requests or questions. We may choose to send marketing emails to our clients after the original contact has occurred.
To be in accordance with CAN-SPAM we agree to NOT use false, or misleading subjects or email addresses. We will identify the message as an advertisement in some reasonable way, include the physical address of our business or site headquarters, monitor third party email marketing services for compliance if one is used, honour opt-out/unsubscribe requests quickly, and allow users to unsubscribe by using the link at the bottom of each marketing email.
EU General Data Protection Regulation (European Legislation)
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Data and Record Retention
Per Canada Revenue Agencies (CRA) guidelines, Canning Consulting retains business records for a minimum of six years from the end of the latest year to which they relate unless written permission is given by the Canada Revenue Agency (CRA).
Canning Consulting reserves the right to destroy customer information that does not relate to current business needs.
Canning Consulting regularly reviews its privacy and confidentiality practices and updates our policy and procedures when necessary. Please check our website for our most recent policy.
Questions, concerns, or complaints relating to Canning Consulting’s Privacy & Confidentiality Policy or the treatment of personal information should be made to:
Anne Canning / Privacy Officer