THE LEGAL REQUIREMENTS FOR YOUR PRIVACY POLICY
As the world’s transition into the digital age continues to accelerate, most companies, big or small, have established at least some form of online presence. Legislations relevant to the digital aspect of the world are continuously evolving to govern the relationship between companies and consumers.
YOU ARE COLLECTING PERSONAL INFORMATION IN ONE FORM OR ANOTHER
From E-Commerce, software, to pure offline products and services (e.g. restaurants), most customer acquisition strategies involve some degree of online presence to reach the targeted demographic. You do not have to use sophisticated online traffic analytics tools to put your business under the jurisdiction of privacy law.
Something as simple as a website could put your company under the jurisdiction of Personal Information Protection and Electronic Documents Act (PIPEDA), or relevant provincial legislations if you operate in Alberta, British Columbia and Québec. Modern web platforms can collect personal information including IP addresses, geographic location, how many times you visit the site and which pages you visit, names and passwords, etc.
THE LEGAL REQUIREMENTS ON PRIVACY POLICIES FOR CANADIAN BUSINESSES
Businesses across Canada must follow the 10 fair information principles to collect, use, and protect personal information, which are set out in Schedule 1 of PIPEDA, which are
Accountability
Identifying Purpose for collecting personal information
Consent
Limiting collection to a minimal basis
Limiting use, disclosure, and retention
Accuracy
Safeguards
Openness
Individuals must be able to access their own personal information
Individuals must be able to challenge your compliance to PIPEDA
If you have questions about privacy policies, please contact us at info@innovatellp.com