We collect no personal information about you when you visit this Web site, unless otherwise stated or unless you choose to provide this information to us. However, we collect and store certain information automatically for traffic analysis purpose. What we collect and store automatically is:
The Internet Protocol (IP) address of the domain from which you access the Internet (e.g., 123.456.789.012) whether yours individually or provided as a proxy by your Internet Service Provider (ISP)
The date and time you access our site
The pages you peruse (recorded by the text and graphics files that compose that page)
And, the Internet address of the Web site from which you linked directly to our site. We use the summary statistics to help us make our site more useful to visitors, such as assessing what information is of most and least interest to visitors, and for other purposes such as determining the site’s technical design specifications and identifying system performance or problem areas. This information is not shared with anyone beyond the support staff to this Web site, except when required by law enforcement investigation, and is used only as a source of anonymous statistical information.
sophicu is committed to compliance, in both letter and spirit, with Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDa”)“ as enshrined in the following ten principles of fair information practices of PIPEDa:
sophicu takes full responsibility for the management and confidentiality of the personal information gathered after January 1, 2004 that is under its control, whether personal information is held within the sophicu organization or transferred to a third party for processing sophicu has appointed a Chief Privacy Officer who is the corporate officer immediately responsible to sophicu compliance with PIPEDa and other applicable privacy legislation.
Under its accountability obligations, sophicu shall (a) analyze all personal information handling practices within its organization including ongoing activities and new initiatives to ensure that they meet the fair information practices, (b) develop and implement personal information policies and practices, (c) inform and train staff on privacy policies and procedures; (d) make information available explaining these policies and procedures to sophicu. suppliers and customers (e.g. in brochures and on web sites); and (e) Include appropriate personal information protection provisions in contracts to ensure that the third party processors provides the same level of protection as sophicu does.
The purposes for which personal information is collected, used and disclosed shall be identified by sophicu., either orally or in writing, at or before the time personal information is first collected from any individual. sophicu shall define the purposes for collecting personal information as clearly and narrowly as reasonably possible so each individual from whom personal information is collected can understand how sophicu will use and disclose his or her personal information sophicu will not use personal information for any purposes other than those originally identified to an individual, without first contacting the individual(s) concerned and identifying the new purpose(s).
The knowledge and consent of an individual shall be required for the collection, use or disclosure of personal information about such individual by sophicu except for certain limited exemptions as expressly permitted under PIPEDa. In carrying out its obligations under this principle sophicu shall (a) Inform each individual personally in a meaningful way of the purposes for the collection, use or disclosure of personal data and obtain that individual’s consent before or at the time of collection; (b) repeat the procedure for obtaining consent whenever the new or expanded purposes are identified for personal information on file; (c) obtain consent only from the individual whose personal information is collected, used or disclosed except only for an individual who is a minor, seriously ill, or mentally incapacitated, where consent may be obtained from a legal guardian, or person having power of attorney or unless consent is otherwise exempted under PIPEDa; (d) obtain express consent whenever possible and in all cases when the personal information is considered sensitive; and (e) review all personal information in its control prior to the coming into force of PIPEDa and shall either destroy or anonymize such personal information or shall contact all affected individuals and obtain their consent to use such personal information for expressly identified purposes.
The collection of personal information shall be limited to that necessary for the purposes identified by sophicu. Personal information shall be collected by sophicu using fair and lawful means.
Limiting Use, Disclosure and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected by sophicu., except with the consent of the individual or as otherwise expressly authorized by PIPEDa. Personal information could be retained only as long as was necessary for fulfilment of those purposes sophicu shall destroy, erase or render anonymous personal information that is no longer required for an identified purpose or a legal requirement. sophicu keep archives of computer files, artwork and source material created for clients indefinitely, unless requested otherwise in writing by the client.
sophicu shall ensure that personal information is accurate, complete and up-to-date for the purposes for which it was collected. sophicu will not seek independent verification of any personal information supplied by an individual without that individual’s permission.
sophicu shall ensure that personal information under its control shall be protected by security safeguards appropriate to the sensitivity of the personal information concerned. As part of its obligations under this principle sophicu shall (a) develop and implement appropriate security policies and procedures to protect personal information, taking into account the sensitivity of the personal information concerned; (b) Use security safeguards, as appropriate, to provide necessary protection including physical measures (locked filing cabinets), technological tools (passwords, encryption software, firewalls) and organizational controls (confidentiality agreements); and (c) train its employees or contractors on the importance of maintaining the security and confidentiality of personal information.
sophicu shall be required to make specific information about its policies and practices relating to the management of personal information readily available to the general public.
Upon written request by any individual, sophicu shall inform such individual, within the time periods prescribed under PIPEDa, whether or not sophicu holds any personal information about such individual under its control and, if sophicu does, in fact, hold any personal information on such individual, (a). sophicu shall provide an account of the use and any disclosure to third parties that has and is being made of such personal information, and (b) such individual shall be given access to that information and shall have the right to challenge its accuracy and completeness and have it amended by. sophicu to the extent that the personal information on file is incorrect or deficient.
In complying with this principle of access, sophicu shall (a) keep personal information about individuals in one place to make retrieval easier or keep clear records of where all such personal information on each individual can be found; (b) never disclose personal information about an individual except to that individual or such other person who is expressly allowed under PIPEDa to access an individual’s records, (c) never disclose personal information about an individual unless sophicu. is sure of the identity of the requestor and that person’s right of access.
Individuals may communicate with sophicu in connection with matters arising out of this Policy by writing sophicu. Chief Privacy Officer at the following address:
Chief Privacy Officer
3075 Fourteenth Avenue