Scope and Purpose
McDonald Organizational Health Inc. (herein referred to as the Firm) is committed to protecting the privacy and security of the Personal Information of our clients.
Employees of the Firm who collect, hold or use Personal Information must be familiar with and adhere to these standards.
Personal Information – Definition
Personal Information includes any factual or subjective information, recorded or not, about an identifiable individual. Personal Information does not include the name, title or business address or telephone number of an employee of an organization.
Purposes of Collecting Personal Information
The Firm only collects, uses and discloses Personal Information for the following purposes:
- Offering and providing insurance and financial products and services to their clients
- Establishing and maintaining communications with their clients
- Verifying their clients’ identity and the accuracy of their Personal Information with government agencies, industry associations, brokers or insurers
- Analyzing and assessing risks
- Determining and facilitating their clients’ payment of fees and premiums
- Investigating claims
- Detecting and preventing fraud or other illegal activities
- Complying with the law or the requests of law enforcement agencies or regulators
We do not sell client information to anyone or share information with organizations that would use it to contact you about their own products or services.
The Firm will inform the client in a meaningful way of the purposes for the collection, use or disclosure of Personal Information and obtain the client’s consent before or at the time of collection. The form of consent should take into consideration reasonable expectations of the client, circumstances surrounding the collection and the sensitivity of the information involved.
A client may withdraw consent at any time (subject to legal or contractual obligation and on providing the Firm with reasonable notice) by contacting our Privacy Officer.
Limit Collection of Personal Information
The Firm will not collect Personal Information indiscriminately. They will limit the amount and type of information gathered to what is necessary for the identified purposes and if appropriate consent has been obtained.
Limit Use, Disclosure and Retention of Personal Information
The Firm will use or disclose Personal Information only for the identified purposes for which it was collected, unless the individual consents, or the use or disclosure is authorized by the Act. They will retain Personal Information only as long as is necessary to satisfy the purposes or as required by law.
The Firm will minimize the possibility of using incorrect information when making a decision about the client or when disclosing information to third parties.
Protection of Personal Information
The Firm will protect and safeguard Personal Information against loss, theft, and unauthorized access, disclosure, copying, use or modification regardless of which format the information is held in. Safeguards will vary depending on the sensitivity, format, location and storage of the Personal Information.
Individual Access to Personal Information
Any individual has the right to request access to their Personal Information, and under federal law we must provide that access within 30 days. Requests for Personal Information should be made in writing to the Privacy Officer. The Privacy Officer may request an extension of an additional 30 days. The Firm will inform the individual in writing when refusing to give access, setting out the reasons and any recourse available.
Clients whose Personal Information has been collected, used, disclosed and/or disposed of by the Firm may make complaints about the company’s policies or practices relating to the handling of their Personal Information. A complaint may be made in writing to the Privacy Officer specifying the nature of the complaint. In the case of a complaint, the Privacy Officer will undertake an investigation and provide a written response to the complainant outlining the results of the investigation.
Clients may also make a complaint to the Federal Privacy Commissioner or applicable provincial counterpart.