Our privacy policy is as follows:
What is personal information?
Personal information is information that refers to an individual specifically and is recorded in any form. Personal information includes
such things as age, income, date of birth, ethnic origin, medical records and credit records. Information about individuals contained in the
following documents is not considered personal information:
- public telephone directories, where the subscriber can refuse to be listed,
- professional and business directories available to the public,
- certain public registries and court records,
- certain other publicly available printed and electronic publications.
Our commitment to your privacy is governed by the following privacy principles in accordance with Canada's Personal Information Protection
and Electronic Documents Act (PIPEDA) and British Columbia's Personal Information Protection Act(PIPA):
Principle 1 - Accountability for Personal Information
Busix Computer Services, Ltd ('Busix') is responsible for all personal information under its control, including any personal information
that is transferred to third parties for processing, storage or other purposes. Employees of Busix are accountable for compliance with
these privacy and security principles. We also adhere to a strict non-disclosure policy when handling or viewing information stored at a
clients' site.
Principle 2 - Identifying Purposes for the Collection of Personal Information
Busix identifies the purpose for which your personal information is collected. We do this before or at the time the information is actually
being collected. Your information will never be used for any additional purpose unless express consent is granted.
Principle 3 - Consent for the Collection, Use, and Disclosure of Personal Information
Busix obtains your consent to collect, use or disclose personal information. The method of obtaining consent is appropriate to the type of
personal information being collected, used or disclosed:
Busix will obtain your express consent (verbal, written or electronic agreement) to collect, use or disclose sensitive personal information
such as medical data or personal financial information.
Busix will use implied consent to collect, use or disclose your personal information where one or more of the following apply:
- a customer relationship already exists,
- express consent has previously been given,
- where the purpose of using the personal information is reasonably apparent to you.
You can change your consent preferences at any time by contacting Busix. To change your preferences, refer to the Contact us section below.
Principle 4 - Limiting Collection of Personal Information
Busix collects only the information required to provide products and services to you. If the personal information we require is collected
for a reason other than to provide products and services, your consent will be obtained before or at the time the information is collected.
Busix will collect personal information only by clear, fair, and lawful means.
Examples of why we collect personal information include:
- Communicating with you generally
- Processing your applications
- Processing and keeping track of transactions and reporting back to you
- Protecting against fraud or error
- Providing product and services requested by you
- Recommending products and services that Busix believes will be of interest and provide value to you
- To comply with legal and governmental requirements
Principle 5 - Limiting Use, Disclosure and Retention of Personal Information
Busix uses and discloses your personal information only for the purposes it was collected. Busix does not sell, share or rent personal
information to any organization or person for any reason.
We do not share your personal information with third party organizations except to offer you a product or service. If your personal
information is shared with third parties, these third parties are bound by appropriate agreements with Busix to secure and protect the
confidentiality of your personal information.
Busix retains your personal information only as long as it is required for our business relationship or as required by
federal and provincial laws.
Principle 6 - Ensuring Accuracy of Personal Information
Busix keeps your personal information up to date, accurate and relevant for its intended use.
You may request access to the personal information we have on record in order to review and amend the information, as appropriate.
In circumstances where your personal information has been provided by a third party, we will refer you to that party (e.g. credit bureaus).
To access your personal information, refer to the How to Contact us section below.
Principle 7 - Ensuring Safeguards for Personal Information
We take steps to safeguard your personal information, regardless of the format in which it is held, including:
- physical security measures such as restricted access facilities and locked filing cabinets,
- electronic security measures for computerized personal information such as password protection, database encryption and personal identification numbers,
- organizational processes such as limiting access to your personal information to a selected group of individuals,
- contractual obligations with third parties who need access to your personal information requiring them to protect and secure your personal information.
All requests for such information will be on a 'need to know' basis only.
Principle 8 - Openness about Personal Information Policies and Practices
We are committed to providing you with understandable and easily available information about our policy and practices related to
management of your personal information. This policy and any related information is available at all times on our web site,
www.busix.com under Privacy and Security or on request. To contact us, refer to the How to Contact us section below.
Principle 9 - Individual Access to their own Personal Information
You can request access to your personal information stored by Busix. To contact us, refer to the How to Contact us section below.
Upon receiving such a request, Busix will:
- Inform you about what type of personal information we have on record or in our control, how it is used and to whom it may have been disclosed
- Provide you with access to your information so you can review and verify the accuracy and completeness and request changes to the information
- Make any necessary updates to your personal information.
Principle 10 - Challenging Compliance with Privacy Policies and Practices
Busix responds in a timely manner to your questions, concerns and complaints about the privacy of your personal information and our privacy
policies and procedures.
Non-Disclosure Policy
Busix Computer Services Ltd has both a legal and an ethical responsibility to protect the confidentiality of its clients' data,
information, and privacy. In addition to regulations outlined by Canada's PIPED Act and British Columbia's PIP Act, employees
are bound by this non-disclosure agreement when performing work at a client's site.
Since data may be viewed by an employee of Busix during the nature and course of executing duties as requested by the client,
or in compliance with prearranged maintenance, we feel that we have an obligation to our clients to provide piece
of mind that their business data will not be compromised.
- An employee of Busix is expressly prohibited from disclosing, publishing, reproducing, or transmitting client data or information,
in whole or in part, in any form or by any means, verbal or written, electronic or mechanical, for any purpose, without the prior
express written permission of the client. It is understood that to perform duties requested by a client that they may have access
to any and all data stored on a network, computer, storage media, sever, or other device.
- The client will be advised should any data or information be copied, transmitted or removed from the base site, if not previously
arranged for (ie. off-site backup routine). The client's express permission will be obtained to carry out these actions.
Failure of an employee to abide by this policy may result in disciplinary action of which may include termination and/or legal action.
|