Print This Page

view pdf version

View PDF Version

Privacy Policy

Thompson Law Professional Corporation (the “Firm”) recognizes the importance of privacy and the sensitivity of personal information held by this Firm. This Policy sets out the legislative background of the Privacy Policy of this Firm and details how we manage your personal information and safeguard your privacy.

BACKGROUND

In recent years, society has benefitted from the increased availability of information which electronic devices have provided. These same technologies have, however, created a loss of privacy arising out of the collection, use and potential misuse of personal information.

In 1990, the Canadian Standards Association (CSA) embarked on the development of a Model Code for the Protection of Personal Information. The Code was meant to provide useful guidance to organizations, increase consumer confidence, and establish a process whereby individuals and organizations could resolve privacy concerns.

In order to protect a person’s privacy the federal government of Canada introduced several laws. The Privacy Act covers the Personal Information handling practices of the Federal Government of Canada . The Personal Information Protection and Electronic Documents Act (PIPEDA), established on the basis of the CSA Model Code for the Protection of Personal Information is Canada’s privacy law which is applicable to the private sector and, as such, applies to the the Firm.

WHAT IS “PERSONAL INFORMATION”?

Personal information is any factual or subjective information about an identifiable individual. Personal Information includes, but is not limited to:

  1. Personal characteristics including:
    • age;
    • name;
    • weight;
    • income;
    • identification numbers, such as a Social Insurance Number or Social Security Number;
    • social status;
    • information which would normally be found in an employee file;
    • credit records;
    • loan records; and
    • ethnic origin.
  2. Medical records including:
    • health conditions;
    • health history; and
    • blood type.
  3. Activities and views including:
    • religion;
    • opinions held;
    • third party evaluations of any kind; and
    • third party observations and comments.

Personal information does not include the following:

THE TEN PRINCIPLES OF PRIVACY PROTECTION

The Personal Information Protection and Electronic Documents Act (PIPEDA) contains the following ten principles, which are not absolute but are subject to certain limitations:

  1. Accountability
    An organization is accountable for the personal information that is under its control.
  2. Identifying Purposes
    The purposes for which personal information is collected must be identified.
  3. Consent
    An individual’s consent is required for the collection of personal information.
  4. Limiting Collection
    The collection of personal information is limited to what is necessary.
  5. Limiting Use, Disclosure or Retention
    Personal information must not be used or disclosed for purposes other than those for which it is collected.
  6. Accuracy
    Personal information shall be accurate, complete and up-to-date as is reasonably necessary.
  7. Safeguards
    Personal information shall be protected by security safeguards.
  8. Openness
    The policies and practices of an organization regarding the handling of personal information are available for inspection upon request.
  9. Individual access
    An individual is entitled to access to their personal information to stay informed about the existence, use and disclosure of their personal information. An individual is able to challenge the accuracy and completeness of the information.
  10. Challenging Compliance
    An individual is able to challenge the compliance of an organization with the above principles.
STATEMENT OF INTENT

We recognize the importance of protecting the personal information that we hold respecting our clients, employees and others. This policy outlines the framework of the Firm’s policies and procedures regarding its collection, use, retention and disclosure of personal information in respect of our clients and others and supplements, where applicable, our professional obligations of confidentiality and solicitor/client privilege.

Solicitor-client privilege is a foundation of our relationship with our clients and ensures that personal information gathered for the purposes of giving legal advice will not be disclosed by us, except as permitted by our clients or as required by law.

ACCESS TO PERSONAL INFORMATION

The personal information in the hands of the Firm can be accessed by the Firm’s lawyers and some of the support staff. In the course of providing legal services to our clients, we may also use consultants or outside agencies that may, in the course of their duties, have limited access to personal information. We restrict access to any personal information we hold as much as is reasonably necessary. Where we have permitted access to personal information to an outside consultant or agency, we have their assurance that they in turn follow appropriate privacy principles to protect the privacy.

PURPOSES FOR THE COLLECTION OF PERSONAL INFORMATION

The Firm collects personal information in order that we may provide legal services and products to our clients.

We collect information from clients for purposes including:

We collect information from others primarily for the purpose of representing our clients in legal matters but also for the purpose of managing and developing our business and complying generally with the law or as required by law.

HOW WE COLLECT PERSONAL INFORMATION

We collect personal information in accordance with the requirements of law. Whenever possible, we seek consent for the collection of personal information with respect to clients and others directly from those parties in writing or orally before or at the time of collection. In the alternative, we accept implied consent. Our duty to our clients may require us to collect information with respect to other persons, including adverse parties or witnesses, without their consent.

Sometimes we will obtain personal information from other sources including:

THE USE OF PERSONAL INFORMATION

We will use the personal information collected:

THE DISCLOSURE OF PERSONAL INFORMATION

We will only disclose personal information for the purpose for which it was collected or if authorized or required by law. We may also disclose personal information in the following circumstances:

Where the delivery of legal services to our clients require us to give personal information to third parties, consent to disclosure will be implied, unless we receive instructions to the contrary.

CONSENT FOR COLLECTION, USE AND DISCLOSURE

We may obtain consent to use personal information through the following methods:

Consent may be withdrawn at any time as long as reasonable notice of withdrawal is delivered to the Privacy Officer of the Firm.

Personal information will be required in order to provide you with legal services. We will not require you to give your consent to the collection, use or disclosure of personal information which is not necessary for providing our service.

Whenever it is legal and practicable, we will deal with general inquiries without providing your name.

SECURITY MEASURES FOR PERSONAL INFORMATION

We use appropriate security measures to protect personal information from loss, unauthorized access, modification or disclosure. Such measures vary depending upon the sensitivity of the personal information and include:

In communicating with us, you should be aware that email is not a secure medium. Unless you have obtained and maintain a security certificate and have provided it to us for use in encrypting our communications with you, your email communications are not secure.

PERSONAL INFORMATION RETENTION

We keep personal information as long as reasonably necessary, to complete a matter or as is required by law, whichever is longer. When a matter is complete and the file closed, as a general rule, client documents are returned and the file placed in storage. Twelve years following the date of closing of the file, it is destroyed. It may be destroyed at an earlier date if circumstances warrant. For example, purchase files are routinely destroyed when the property to which the file relates is sold and the sale file is completed and closed. We destroy paper files containing personal information by shredding. We destroy electronic information by deleting it. When computers are discarded, we ensure that the hard drive is physically erased.

ACCESS TO PERSONAL INFORMATION

You may inquire about personal information we hold concerning you. We will respond to any request for access to your personal information. We may refuse to give you access, for example, where:

UPDATING YOUR INFORMATION AND CORRECTING ERRORS

Since the primarily use of personal information is to provide legal services to our clients, it is important that the information is accurate and up-to-date. Retention of information continues after the services have been provided in accordance with the information retention policy in effect from time to time. If any client information changes, please inform us so that we may make the necessary corrections to our records.

If we hold information about you and you can establish that it is not accurate, complete or up-todate, we will take reasonable steps to correct it.

SECURITY MEASURES CONCERNING THE FIRM WEBSITE AND EMAIL

Cookies are small bits of information that are stored by your browser on your computer’s harddrive. Depending on the type of cookies (e.g. session cookies or persistent cookies) they can monitor certain information for a shorter or longer period of time. Cookies, by themselves, cannot be used to discover the identity of the user.

Our homepage does not use any kind of cookies. However, the website is hosted by a third party, which may use cookies solely for the purpose of providing us with statistical information, such as the visiting time or other information. The main reason for the collection of that data is to improve our website.

Email is not a secure medium of communication. We cannot assure that privacy can be maintained when using email to communicate with clients or third parties. Absent express instructions to the contrary, it is our policy to use email for routine correspondence, and to use a more secure medium of delivery for communications of higher sensitivity. Unless you have obtained and continue to maintain a security certificate and have provided it to us for use in encrypting our communications with you, email communications with you will be sent in plain text.

EMPLOYMENT INQUIRIES

If you apply to us for employment, you will normally be delivering personal information about yourself to us as part of the application process. We retain information from candidates after a decision has been made, usually for six months, unless you ask us not to retain the information. If we offer you employment, and you accept the offer, the information will be retained in accordance with our privacy procedures for employee records.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to change this Privacy Policy from time to time without notice to anyone. A copy of our Policy, from time to time, will be maintained on the Firm’s website.

QUESTIONS, CONCERNS, REQUESTS FOR ACCESS

If you have any questions, suggestions or concerns, wish to access or amend your personal information or would like to change your preferences regarding our use of your information, please write with original signature to:

Privacy Officer
Thompson Law Professional Corporation
511 Welham Road
Unit 1, P.O. Box 696
Barrie, Ontario, L4M 4Y5