Under The Personal Information Protection and Electronic Documents Act which governs the collection, use and disclosure of personal information in the commercial sector, ISQsolutions is required to adhere to 'Ten Privacy Principles' set out in the National Standard of Canada, Model Code for the Protection of Personal Information effective January 1, 2001. It governs the behavior of employees and agents acting on ISQsolutions behalf when dealing with personal information. The purpose in which information is collected and used. It provides procedures for an individuals access to and correction of personal information.
Ten Privacy Principles:
2. Identifying Purposes
4. Limiting Collection
5. Limiting Use, Disclosure and Retention
9. Individual Access
10. Challenging Compliance
1. - ACCOUNTABILITY
ISQsolutions is responsible for personal information under its control and will designate an individual or individuals who are accountable for the organizations compliance with the following principles.
1.1 Accountability for ISQsolutions compliance with the principles rests with the senior management of ISQsolutions and the person or persons designated by senior management as Privacy Officer, even though other individuals within the organization may be responsible for the day-to-day collection and processing of personal information. In addition, other individuals within the organization may be delegated to act on behalf of senior management or the Privacy Officer.
1.2 ISQsolutions senior management has designated the following person to act as Privacy Officer to oversee the organizations compliance with the principles:
ISQsolutions Legal Department c/o Privacy Officer
ISQ Webhosting Inc.
130 Spadina Avenue, Suite 602
Toronto, Ontario, Canada M5V 2L4
Facsimile: (416) 703-4802
2. IDENTIFYING PURPOSES
ISQsolutions will identify the purposes for which personal information is collected at or before the time the information is collected.
2.1 ISQsolutions collects personal information only for the following purposes (identified purposes):
(a) to provide service(s) and/or products to its customers;
(b) to maintain commercial relations and to communicate with its customers (which will include, but not be limited to: billing, collection, advertising, promotion, account verification);
(c) to identify customer needs and/or preferences;
(d) to meet legal and regulatory requirements;
(e) to administer and manage its business operations
2.2 ISQsolutions will provide notice of the identified purposes either orally, electronically or writing prior to or at the time of collection of the personal information.
2.3 In order to open a hosting account or to register a domain name at ISQsolutions an individual is required to provide corporate or personal information by way of an electronic online form. To register a domain name corporate or personal information is required by the relevant registry of the TLD (top level domain) for which the individual apply to register a domain name through ISQsolutions. This information may include but not be limited to company name, full name, mailing address, email address, contact information, registrant, billing, administrative, technical contacts and credit card details.
2.4 Use of personal information by third parties or as required by the relevant TLD registries, the Internet Corporation for Assigned Names and Numbers (ICANN) the international governing body for TLDs (Top Level Domains) requires that registrars must make available the corporate or personal information collected from the individual when the individual apply to register a domain name to the public through the publicly accessible database known as the Whois Database. This is a public policy adopted by the domain name industry as a whole.
2.5 On occasion, ISQsolutions may engage third party companies or individuals to perform services on our behalf. Our relationships with such third party companies are governed by our contracts with them. Those companies are required to hold your personal information strictly confidential.
2.6 ISQsolutions will use personal information to advise its customers of any information relating to the services provided to them through ISQsolutions. This includes but is not limited to notices for renewal of services, of system upgrades or any information relevant to the product and service. Occasionally, ISQsolutions will communicate to the customer special bonus and new product offers that we think may be of value to the customer. If the customer wishes to opt-out of receiving targeted communications from ISQsolutions in electronic, printed or verbal format (other than information included with their renewal notice or monthly billing), simply inform ISQsolutions in writing at Privacy Office, ISQ Solutions Inc., 130 Spadina Avenue, Suite 602, Toronto, Ontario, Canada M5V 2L4 or by fax to 416-703-4802.
2.7 When personal information that has been collected is to be used for a purpose not previously identified, the new purpose will be identified prior to use. Unless the new purpose is required by law, ISQsolutions will obtain the consent of the individual before information is used for that new purpose.
The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except where inappropriate.
3.1 In certain circumstances, personal information can be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate when there is an emergency threatening the individuals life, health or security, or where the individual is a minor, seriously ill, or mentally incapacitated. In other instances, information may be publicly available. Moreover, ISQsolutions may provide personal information to its lawyer or agent to collect a debt, comply with a subpoena, warrant or other court order, government institution requesting the information upon lawful authority, or as may be otherwise required by law.
3.2 ISQsolutions will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when ISQsolutions wants to use information for a purpose not previously identified).
3.3 ISQsolutions will make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used. To make the consent meaningful, the purposes will be stated in such a manner that the individual can reasonably understand how the information will be used or disclosed.
3.4 ISQsolutions will not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfill the explicitly specified and legitimate purposes.
3.5 The form of consent sought by ISQsolutions may vary, depending upon the circumstances and the type of information disclosed. In determining the form of consent to use, ISQsolutions will take into account the sensitivity of the information and the reasonable expectations of the individual. An authorized representative (such as a legal guardian or a person having power of attorney) can also give consent.
ISQsolutions will seek express consent when the information is likely to be considered sensitive.
Implied consent will generally be appropriate when the information is less sensitive. The use of services or products by a customer or the acceptance of employment by an employee will be considered implied consent to collect, use and disclose personal information for all identified purposes.
3.6 An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. ISQsolutions will inform the individual of the implications of such withdrawal. In order to withdraw consent, an individual must provide notice to ISQsolutions in writing.
4. LIMITING COLLECTION
The collection of personal information will be limited to that which is necessary for the purposes identified by ISQsolutions. Information will be collected by fair and lawful means.
4.1 ISQsolutions collects personal information from its customers and employees for the purposes described under Principle #2.
4.2 ISQsolutions may also collect personal information from such third parties as credit bureaus, employers or personal references or other third parties that represent that they have the right to disclose the information.
5. LIMITING USE, DISCLOSURE, AND RETENTION
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes.
5.1 ISQsolutions may collect, use or disclose personal information without the individuals knowledge or consent in certain circumstances as described in Principle #3.1.
5.2 ISQsolutions may disclose a customers personal information to:
(a) another web hosting provider or internet service provider for the provision of services to that customer;
(b) a person involved in the development, promotion, marketing or enhancement of ISQsolutions services;
(c) a credit collections agency;
(d) emergency services in an emergency situation;
(e) a person, who, in the reasonable estimation of ISQsolutions, is an agent of the customer;
(f) any other third party, upon receiving the consent of the customer or as required by law.
5.3 ISQsolutions may disclose an employees personal information in the following circumstances:
(a) in the administration of that employees benefits;
(b) in providing references to prospective employers, upon receiving the consent of the employee;
(c) as may be required by law.
5.4 Certain ISQsolutions employees may be given access to customer and/or employee information in so far as their duties require access for business purposes. ISQsolutions employees are governed by a non-disclosure agreement prohibiting disclosure or use of any confidential or personal information for any purposes other than the stated business purposes.
5.5 ISQsolutions will retain personal information for only as long as required to fulfill the identified purposes or as required by law.
5.6 Personal information that is no longer required to fulfill the identified purposes will be destroyed, erased or made anonymous according to the guidelines and procedures established by ISQsolutions.
Personal information will be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
6.1 The extent to which personal information will be accurate, complete, and up-to-date will depend upon the use of the information, taking into account the interests of the individual. Information will be sufficiently accurate, complete, and up-to-date to minimize the possibility that inappropriate information may be used to make a decision about the individual.
6.2 ISQsolutions will not routinely update personal information unless such a process is necessary to fulfill the purposes for which the information was collected.
6.3 You have the ability to correct or change your personal information in our records, such as your address and contact information. The process for changing your information begins in the account area of your control panel. You may change this information at any time and as often as necessary. If you need assistance or have questions about changing, updating or correcting information, you can contact us via e-mail at email@example.com.
6.3 Personal information that is used on an ongoing basis, including information that is disclosed to third parties, should generally be accurate and up-to-date, unless limits to the requirement for accuracy are clearly set out.
Personal information will be protected by security safeguards appropriate to the sensitivity of the information.
7.1 ISQsolutions will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution and format of the information, and the method of storage.
7.2 ISQsolutions protects all personal information regardless of the format in which it is held. The methods of protection include:
(a) physical measures, such as locked filing cabinets and restricted access to offices;
(b) organizational measures, such as security clearances and limiting access on a need to know basis;
(c) technological measures, such as the use of passwords and encryption.
7.3 ISQsolutions makes their employees aware of the importance of maintaining the confidentiality of personal information. ISQsolutions employees are governed by a non-disclosure agreement prohibiting disclosure or use of any confidential or personal information for any purposes other than the stated business purposes.
7.4 ISQsolutions will use care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.
ISQsolutions will make readily available to individuals specific information about its policies and practices relating to the management of personal information.
8.1 ISQsolutions will make its policies and practices with respect to the management of personal information easily comprehensible and accessible, by providing upon request:
(a) the name, title, and address of the Privacy Officer accountable for ISQsolutions policies and practices and to whom complaints or inquiries can be forwarded;
(b) the means of gaining access to personal information held by ISQsolutions; and a description of the type of information held by ISQsolutions and/or its subsidiaries, including a general account of its use.
9. INDIVIDUAL ACCESS
Upon request, an individual will be informed of the existence, use, and disclosure of his or her personal information and will be given access to that information. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
9.1 Upon request, ISQsolutions will inform an individual whether or not the organization holds personal information about the individual, and will provide that individual with a reasonable opportunity to review the personal.
9.2 ISQsolutions will allow the individual access to his or her personal information and to correct or change personal information in our records, such as their address and contact information. The process for changing information begins in the password protected account area of the individuals control panel. The individual may change this information at any time and as often as necessary. If assistance is needed, or for answers to questions about changing, updating or correcting information, the individual can contact ISQsolutions via e-mail or telephone.
9.3 ISQsolutions will be as specific as possible in providing an account of third parties to which it has disclosed personal information about an individual. When it is not possible to provide a list of the organizations to which it has actually disclosed information about an individual, ISQsolutions will provide a list of organizations to which it may have disclosed information about the individual.
9.4 In certain instances, ISQsolutions will not be able to provide the individual access to his or her personal information. For example, ISQsolutions where the information contains references to other individuals; where the information cannot be disclosed for legal, security or commercial proprietary reasons; where the information is subject to solicitor-client or litigation privilege; or where the information can best be available from another source. In each case, ISQsolutions will provide reasons for denying any access to personal information.
9.6 When an individual successfully demonstrates the inaccuracy or incompleteness of personal information, ISQsolutions will amend the information as required. Depending upon the nature of the information challenged, amendment involves the correction, deletion or addition of information. Where appropriate, the amended information will be transmitted to third parties having access to the information in question.
9.7 When a challenge is not resolved to the satisfaction of the individual, ISQsolutions will record the substance of the unresolved challenge. When appropriate, the existence of the unresolved challenge will be transmitted to third parties having access to the information in question.
10. CHALLENGING COMPLIANCE
An individual will be able to address a challenge concerning compliance with the above principles to ISQsolutions Privacy Officer.
10.1 ISQsolutions will maintain procedures to receive and respond to complaints or inquiries about its policies and practices relating to the handling of personal information. ISQsolutions will make every effort to ensure that its procedures are easily accessible and simple to use.
10.2 ISQsolutions will inform individuals who make inquiries or lodge complaints of the existence of relevant complaint procedures.
10.4 ISQsolutions will investigate all complaints. If a complaint is found to be justified, ISQsolutions will take appropriate measures, including, if necessary, amending its policies and practices.
ISQ Solutions Inc
25 Milvan Drive
Phone: 1-800-859-8837 (USA & Canada)
General inquiries: firstname.lastname@example.org