Why we collect personal information
If you are a ConnTech customer, ConnTech has some basic information about you. We understand that some of this information is private, which is why we collect personal information only for the following purposes:
- To establish and maintain a responsible commercial relationship with you and to provide ongoing service. For example, when you apply for service, we collect information that allows us to confirm your identity and credit history so that we can accurately bill and collect for the products and services that you receive from us. We may collect credit card or bank account information, if you prefer the convenience of pre-authorized payment for services.
- To understand your needs and preferences. We maintain a record of the products and services you receive from us, and we may ask for additional information so that we can serve you better. For example, we will ask for your e-mail address, if you wish to pay your bills electronically.
- To develop, enhance, market or provide products and services. For example, we look at how our customers use our products and services, so that we can understand how to improve them. From time to time, we may review and analyze your use of our products and services to help us provide better product recommendations and special offers that we think will interest you.
- To manage and develop our business and operations. For example, we analyze customer usage of our networks and facilities to help us manage them efficiently and plan for future growth.
- To meet legal and regulatory requirements. For example, we may collect information in response to a court order, or to satisfy a request by the Canadian Radio-television and Telecommunications Commission (the "CRTC") for information about a customer complaint and how it was resolved.
When do we disclose personal information?
There is a variety of circumstances where we may need to disclose some personal information about our customers. Here are some examples:
- We may disclose a customer's personal information to a person who, in the reasonable judgement of ConnTech, is seeking the information as an agent of the customer. For example, we may provide information about a customer's account to the customer's legal representative if we are satisfied that that individual is requesting the information on behalf of the customer.
- Customer information may be shared among ConnTech business units to help us serve our customers better and to provide them with services from different parts of our organization.
- We may disclose a customer's personal information to:
- another telecommunications company for the efficient and cost-effective provision of telecommunications services;
- a company involved in supplying the customer with communications or communications directory related services;
- a company or individual employed by ConnTech to perform functions on its behalf, such as research or data processing; or
- an agent used by ConnTech to evaluate the customer's credit worthiness or to collect the customer's account.
Any such disclosure of a customer's personal information outside of ConnTech is made on a confidential basis with the information to be used only for the purpose for which it was disclosed.
- We may disclose a customer's personal information to a credit reporting agency.
- We may disclose a customer's personal information to a public authority or agent of a public authority, if in the reasonable judgement of ConnTech, it appears that there is imminent danger to life or property which could be avoided or minimized by disclosure of the information.
- In conjunction with special offers or programs, we may disclose customers' personal information to our program partners, or to third-party agents responsible for administering such offers or programs. Any such disclosure is made on a confidential basis with the customer's express consent.
How do we protect your personal information?
In order to protect your personal information and your right to privacy, ConnTech:
- will not collect, use or disclose your personal information for any purpose other than those identified above, except with your consent;
- will protect your personal information with appropriate security safeguards;
- will protect the confidentiality of your personal information when dealing with other companies;
- will strive to keep your personal information as accurate and up-to-date as is necessary for the purposes identified above; and
- will honour any request you may make for access to your personal information.
What are your choices?
We would like to have your consent to continue to collect, use and disclose your personal information for the purposes identified above. However, you do have choices and can refuse or withdraw your consent as follows:
If you have any questions or concerns about our privacy practices, please feel free to contact us. Otherwise, we will assume that we have your consent to continue to collect, use and disclose your personal information for the purposes identified above.
- You may have your name removed from our telephone, mail or e-mail marketing lists. We use these lists to inform you of relevant products, services and special offers that may be of benefit to you.
- Telephone directory publisher such as, YellowPages™, makes available lists of published names, addresses and phone numbers to selected organizations for a fee. You may choose to be excluded from these lists (non-published names, addresses and phone numbers are automatically excluded).
- You may refuse to provide personal information to us. You may also withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. However, in either case, this may limit our ability to serve you.
This Policy describes ConnTech's collection, use and/or disclosure of personal information. It governs the behavior of employees and agents acting on ConnTech's behalf when dealing with personal information. It provides procedures for an individual's access to and correction of personal information.
Personal information includes information about an identifiable individual, presented in any form, such as: age, name, ID number(s), income, ethnic origin, opinions, evaluations, social status, disciplinary actions, credit records, loan records, medical records.
Personal information does not include the name, title, address and telephone number of an employee of an organization.
- Identifying Purposes
- Limiting Collection
- Limiting Use, Disclosure and Retention
- Individual Access
- Challenging Compliance
PRINCIPLE #1 -- ACCOUNTABILITY
ConnTech is responsible for personal information under its control and will designate an individual or individuals who are accountable for the organization's compliance with the following principles.
1.1 Accountability for ConnTech's compliance with the principles rests with the senior management of ConnTech and the person or persons designated by senior management as Privacy Officer, even though other individuals within the organization may be responsible for the day-to-day collection and processing of personal information. In addition, other individuals within the organization may be delegated to act on behalf of senior management or the Privacy Officer.
1.2 ConnTech's senior management has designated the following person to act as Privacy Officer to oversee the organization's compliance with the principles:
12761 16th Ave, Suite 104 - Surrey, BC, Canada, V4A 1N2
Facsimile: (604) 606-7886
1.3 ConnTech is responsible for personal information in its possession or custody, including information that has been transferred to a third party for processing. ConnTech will use contractual or other means to provide a comparable level of protection while the information is being processed by a third party.
1.4 ConnTech will implement policies and practices to give effect to the principles, including:
(a) implementing procedures to protect personal information;
(b) establishing procedures to receive and respond to complaints and inquiries;
(c) training staff and communicating to staff information about ConnTech's policies and practices; and
(d) developing information to explain ConnTech's policies and procedures.
PRINCIPLE #2 - IDENTIFYING PURPOSES
ConnTech will identify the purposes for which personal information is collected at or before the time the information is collected.
2.1 ConnTech collects personal information only for the following purposes ("identified purposes"):
(a) to provide service(s) and/or products to its customers;
(b) to maintain commercial relations and to communicate with its customers (which will include, but not be limited to: billing, collection, advertising, promotion, account verification);
(c) to identify customer needs and/or preferences;
(d) to meet legal and regulatory requirements;
(e) to administer and manage its business operations
2.2 ConnTech will provide notice of the identified purposes either orally, electronically or writing prior to or at the time of collection of the personal information.
2.3 Persons collecting personal information will be able to explain to individuals the purposes for which the information is being collected, or will refer the individual to a designated person at ConnTech who will explain the purposes.
2.4 When personal information that has been collected is to be used for a purpose not previously identified, the new purpose will be identified prior to use. Unless the new purpose is required by law, ConnTech will obtain the consent of the individual before information is used for that new purpose.
Occasionally, ConnTech will communicate to you special bonus and new product offers that we think may be of value to you. If you wish to opt-out of receiving targeted communications from ConnTech in electronic, printed or verbal format (other than information included with your monthly bills), simply inform us in writing at
13988 Maycrest Way - Suite 115, Richmond, BC V6V 3C3
PRINCIPLE #3 - CONSENT
The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except where inappropriate.
3.1 In certain circumstances, personal information can be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate when there is an emergency threatening the individual's life, health or security, or where the individual is a minor, seriously ill, or mentally incapacitated. In other instances, information may be publicly available. Moreover, ConnTech may provide personal information to its lawyer or agent to collect a debt, comply with a subpoena, warrant or other court order, government institution requesting the information upon lawful authority, or as may be otherwise required by law.
3.2 ConnTech will generally seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when ConnTech wants to use information for a purpose not previously identified).
3.3 ConnTech will make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used. To make the consent meaningful, the purposes will be stated in such a manner that the individual can reasonably understand how the information will be used or disclosed.
3.4 ConnTech will not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfil the explicitly specified and legitimate purposes.
3.5 The form of consent sought by ConnTech may vary, depending upon the circumstances and the type of information disclosed. In determining the form of consent to use, ConnTech will take into account the sensitivity of the information and the reasonable expectations of the individual. An authorized representative (such as a legal guardian or a person having power of attorney) can also give consent.
ConnTech will seek express consent when the information is likely to be considered sensitive.
Implied consent will generally be appropriate when the information is less sensitive. The use of services or products by a customer or the acceptance of employment by an employee will be considered implied consent to collect, use and disclose personal information for all identified purposes.
3.6 An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. ConnTech will inform the individual of the implications of such withdrawal. In order to withdraw consent, an individual must provide notice to ConnTech in writing.
PRINCIPLE #4 - LIMITING COLLECTION
The collection of personal information will be limited to that which is necessary for the purposes identified by ConnTech. Information will be collected by fair and lawful means.
4.1 ConnTech collects personal information from its customers and employees for the purposes described under Principle #2.
4.2 ConnTech may also collect personal information from such third parties as credit bureaus, employers or personal references or other third parties that represent that they have the right to disclose the information.
PRINCIPLE #5 - LIMITING USE, DISCLOSURE, AND RETENTION
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes.
5.1 ConnTech may collect, use or disclose personal information without the individual's knowledge or consent in certain circumstances as described in Principle #3.1.
5.2 ConnTech may disclose a customer's personal information to:
(a) another telecommunication company for the provision of telecommunications services to that customer;
(b) a company involved in providing communications directory services;
(c) a person involved in the development, promotion, marketing or enhancement of ConnTech services;
(d) a credit collections agency;
(e) emergency services in an emergency situation;
(f) a person, who, in the reasonable estimation of ConnTech, is an agent of the customer;
(g) any other third party, upon receiving the consent of the customer or as required by law.
5.3 ConnTech may disclose an employee's personal information in the following circumstances:
(a) in the administration of that employee's benefits;
(b) in providing references to prospective employers, upon receiving the consent of the employee;
(c) as may be required by law.
5.4 Certain ConnTech employees may be given access to customer and/or employee information in so far as their duties require access for business purposes. ConnTech employees are governed by a non-disclosure agreement prohibiting disclosure or use of any confidential or personal information for any purposes other than the stated business purposes.
5.5 ConnTech will retain personal information for only as long as required to fulfil the identified purposes or as required by law.
5.6 Personal information that is no longer required to fulfil the identified purposes will be destroyed, erased or made anonymous according to the guidelines and procedures established by ConnTech.
PRINCIPLE #6 - ACCURACY
Personal information will be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
6.1 The extent to which personal information will be accurate, complete, and up-to-date will depend upon the use of the information, taking into account the interests of the individual. Information will be sufficiently accurate, complete, and up-to-date to minimize the possibility that inappropriate information may be used to make a decision about the individual.
6.2 ConnTech will not routinely update personal information unless such a process is necessary to fulfil the purposes for which the information was collected.
6.3 Personal information that is used on an ongoing basis, including information that is disclosed to third parties, should generally be accurate and up-to-date, unless limits to the requirement for accuracy are clearly set out.
PRINCIPLE #7 - SAFEGUARDS
Personal information will be protected by security safeguards appropriate to the sensitivity of the information.
7.1 ConnTech will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution and format of the information, and the method of storage.
7.2 ConnTech protects all personal information regardless of the format in which it is held. The methods of protection include:
(a) physical measures, such as locked filing cabinets and restricted access to offices;
(b) organizational measures, such as security clearances and limiting access on a "need to know" basis;
(c) technological measures, such as the use of passwords and encryption.
7.3 ConnTech makes their employees aware of the importance of maintaining the confidentiality of personal information. ConnTech employees are governed by a non-disclosure agreement prohibiting disclosure or use of any confidential or personal information for any purposes other than the stated business purposes.
7.4 ConnTech will use care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.
PRINCIPLE #8 - OPENNESS
ConnTech will make readily available to individuals specific information about its policies and practices relating to the management of personal information.
8.1 ConnTech will make its policies and practices with respect to the management of personal information easily comprehensible and accessible, by providing upon request:
(a) the name, title, and address of the Privacy Officer accountable for ConnTech's policies and practices and to whom complaints or inquiries can be forwarded;
(b) the means of gaining access to personal information held by ConnTech; and
(c) a description of the type of information held by ConnTech and/or its subsidiaries, including a general account of its use.
PRINCIPLE #9 - INDIVIDUAL ACCESS
Upon request, an individual will be informed of the existence, use, and disclosure of his or her personal information and will be given access to that information. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
9.1 Upon request, ConnTech will inform an individual whether or not the organization holds personal information about the individual, and will provide that individual with a reasonable opportunity to review the personal information in his or her file.
9.2 ConnTech will allow the individual access to his or her personal information once the individual has provided ConnTech with a written request application. ConnTech will make the application available to customers through Customer Service Representatives and to employees through the Human Resources Department. The application will include sufficient information to permit ConnTech to provide an account of the existence, use, and disclosure to any third parties of this personal information. ConnTech will use the application only for this purpose.
9.3 ConnTech will respond to an application for individual access to personal information within a reasonable time and at minimal or no cost to the individual. The requested information will be provided or made available in a form that is generally understandable.
9.4 ConnTech will be as specific as possible in providing an account of third parties to which it has disclosed personal information about an individual. When it is not possible to provide a list of the organizations to which it has actually disclosed information about an individual, ConnTech will provide a list of organizations to which it may have disclosed information about the individual.
9.5 In certain instances, ConnTech will not be able to provide the individual access to his or her personal information. For example, ConnTech will not provide access to information where the information requested is prohibitively costly to provide; where the information contains references to other individuals; where the information cannot be disclosed for legal, security or commercial proprietary reasons; where the information is subject to solicitor-client or litigation privilege; or where the information can best be available from another source (for example, through a medical practitioner). In each case, ConnTech will provide reasons for denying any access to personal information.
9.6 When an individual successfully demonstrates the inaccuracy or incompleteness of personal information, ConnTech will amend the information as required. Depending upon the nature of the information challenged, amendment involves the correction, deletion or addition of information. Where appropriate, the amended information will be transmitted to third parties having access to the information in question.
9.7 When a challenge is not resolved to the satisfaction of the individual, ConnTech will record the substance of the unresolved challenge. When appropriate, the existence of the unresolved challenge will be transmitted to third parties having access to the information in question.
PRINCIPLE #10 - CHALLENGING COMPLIANCE
An individual will be able to address a challenge concerning compliance with the above principles to ConnTech's Privacy Officer.
10.1 ConnTech will maintain procedures to receive and respond to complaints or inquiries about its policies and practices relating to the handling of personal information. ConnTech will make every effort to ensure that its procedures are easily accessible and simple to use.
10.2 ConnTech will inform individuals who make inquiries or lodge complaints of the existence of relevant complaint procedures.
10.4 ConnTech will investigate all complaints. If a complaint is found to be justified, ConnTech will take appropriate measures, including, if necessary, amending its policies and practices.
The Personal Information Protection and Electronic Documents Act governs the collection, use and disclosure of personal information in the commercial sector.
Under the Act, ConnTech is required to adhere to ten privacy principles set out in the National Standard of Canada, Model Code for the Protection of Personal Information.