The present document presents VIA WEB TECH’s Global Privacy and Data Protection policy which applies to all personal and operational information and data held on VIA WEB TECH members, sub-contractors and clients. All VIA WEB TECH members must read, understand and apply it.
While exercising its right to collect, use and disclose personal information or data for legitimate business purposes, VIA WEB TECH is committed to protect, in all countries where it does business, the personal and operational information and data concerning
- Our members
- Our sub-contractors
- Our clients and their operations
in order to maintain strict rules of conduct to lower the likelihood of:
- Confidentiality breaches;
- Loss of privacy;
- Loss of trust; and/or
- Legal liability.
- Position and Etiquette
VIA WEB TECH is committed to protect the personal information of its members as required for staffing, member management, compensation and benefits administration purposes.
VIA WEB TECH may also collect personal and operational information and data on client and client personnel, for example, in Outsourcing contracts. All client personal and operational information and data collected by VIA WEB TECH will comply with the policies and procedures established by the client and/or VIA WEB TECH. As well, VIA WEB TECH will always respect and act in compliance with all applicable legislation.
VIA WEB TECH respects the privacy of any visitors to www.ViaWebTech.ca and does not share any personal information with third parties.
VIA WEB TECH’s principles for information handling practices are the following:
The Vice Presidents responsible for a Business Unit oversee the application of this policy and take corrective action on violations and on non-compliance. VIA WEB TECH members who have concerns regarding the privacy of their own, sub-contractor or client personal information should report their concerns as well as any weakness in the measures protecting such information to their manager (for client and sub-contractor personal information) or to their local Human Resources representative (for member personal information). All members must respect this Global Privacy and Data Protection Policy as well as the privacy of other VIA WEB TECH members and the client’s privacy policies when working at a client site.
Business Units who hold and manage client personal or operational information and data, as a result of providing services to these clients, must protect such information and data. Any violation of client personal or operational information or data, in the context of providing services to these clients, should be reported directly to the Vice-President responsible for the Business Unit safeguarding such information or data.
Identifying Purpose of Collection
Advise members, sub-contractors and clients when collecting personal information of the reason for collection, how the information will be used and any new purpose for the collection.
Consent for Collection
Obtain the member’s sub-contractor’s or client’s written or electronic consent to the collection of information and whenever a new use of the information is identified.
Limit Collection, Use, Disclosure, and Retention
Collect only the information necessary for the identified purpose. Use and disclose information only for the purpose for which it was collected or when required by legislation and in the manner prescribed by the legislation in the jurisdiction where VIA WEB TECH does business. Retain information only as long as necessary and dispose of all sensitive information in a secure manner.
Ensure the accuracy of the information collected by verifying with the individual and updating it periodically. VIA WEB TECH members must notify their local Human Resources of any changes or updates that will affect their personal records.
Protect personal and operational information or data according to its sensitivity and as required by any applicable legislation. Sensitive personal or operational information or data is to be protected from unauthorized use, disclosure, access and modification. These safeguards apply to sensitive personal and operational information or data irrespective of the storage medium.
Such safeguards may take the form of locked filing cabinets, restricted access to information (physical and on a need-to-know basis, alarm systems or other electronic control devices, technological tools such as passwords, encryption, firewalls, anonymizing software, etc. The selection of safeguards will be done considering the sensitivity, amount and format of the information or data needing protection.
Security measures around data protection are reviewed regularly to follow the company evolution or changes in the organization.
In distributing this document, advise the members, sub-contractors and clients about VIA WEB TECH’s practices and the application of this policy.
Provide members, sub-contractors and clients access to their information held by VIA WEB TECH so that they may know what information is retained. Provide the members, sub-contractors and clients an opportunity to verify the accuracy of their information and to correct any inaccuracies. Inform in writing, if access is refused, of the reasons why and of the appeal process.
No Expectation of Privacy
Subject to the applicable legislation, VIA WEB TECH has the right to monitor any and all aspects of its information systems and infrastructures including, but not limited to:
- Visited Internet sites;
- Instant messaging systems;
- Chat groups;
- News groups; and
- E-mail sent and/or received.
Such monitoring may occur at any time, without notice, and without obtaining the user’s permission.
Violations of this policy may result in a disciplinary action which will be proportional to the seriousness of the behaviour concerned. Vice Presidents responsible for business units or corporate functions are responsible to decide on the proper course of action in case of a breach to this policy. The Executive Vice-President and Chief Corporate Officer is the designated VIA WEB TECH Privacy and Data Protection Officer.