Signifi Privacy Statement
We at Signifi Solutions Inc. (“Signifi”) respect your right to privacy and value the trust you place in us.
We want you to be aware of when your personal information is being collected, the purpose for which it is being collected, and that you have a right of access to the information. If we retain your personal information, we take the necessary precautions to protect it from unauthorized access, linkage, disclosure or alteration.
Please note that Signifi only collects what you, your employer or another entity that you have a business relation with, voluntarily provide to us.
We do not sell, rent, exchange, or otherwise disclose any information that we collect about customers, except in the case of a malicious attack or as required by law.
Signifi may update this statement from time to time. The most current version will always be posted on Signifi’s website.
Collection of Personal Information:
It depends on the purpose for collection and the product or service involved. Below are some examples of when we may collect Personal Information:
Use of Personal Information
We use your Personal Information to provide our products or services to you or a business that you are associated with.
We may also use your Personal Information to:
Disclosure of Personal Information
We may disclose some of your Personal Information in a variety of circumstances, such as when we have your express or implied consent.
We may also disclose your Personal Information:
Consent
An individual’s express, consent will be obtained before or at the time of collecting personal information. The purposes for the collection, use or disclosure of the personal information will be provided to the individual at the time of seeking his or her consent. Once consent is obtained from the individual to use his or her information for those purposes, Signifi has the individual's implied consent to collect or receive any supplementary information that is necessary to fulfil the same purposes. Express consent will also be obtained if, or when, a new use is identified.
Consent is also implicit when a business that an individual is associated with, provides Signifi with the individual’s personal information so that Signifi can provide its products and services to the individual or that business.
Limiting Collection
Personal information will be used for only those purposes to which the individual or associated business has consented, with the following exceptions, as permitted under PIPEDA:
Signifi will use personal information without the individual's consent, where:
Accuracy
Signifi endeavors to ensure that any personal information provided by the individual in his or her active record(s) is accurate, current and complete as is necessary to fulfill the purposes for which the information has been collected, used, retained and disclosed. Individuals are requested to notify Signifi of any change in personal or business information.
Retention of Personal Information
Personal information will be retained:
Safeguards
Signifi will apply appropriate physical, administrative and technical safeguards to protect PI against loss or theft, or from unauthorized access, disclosure, copying, use, disposal or modification. Refer to Signifi Information Security Policy for more information.
Employees and associates of Signifi are required to sign a confidentiality agreement binding them to maintaining the confidentiality of all personal information to which they have access.
Physical Safeguards: Active files are stored in locked filing cabinets when not in use. Access to work areas where active files may be in use is restricted to Signifi employees only and authorized third parties.
All inactive files or personal information no longer required are shredded prior to disposal to prevent inadvertent disclosure to unauthorized persons.
Technological Safeguards: Personal information contained in Signifi computers and electronic databases are password protected and encrypted in accordance with Signifi’s Information Security Policy. Access to any of the Signifi’s computers also is password protected. Signifi’s Internet routers or servers have firewall protection sufficient to protect personal and confidential business information against virus attacks and "sniffer" software arising from Internet activity. Personal information is not transferred to third parties besides the business that the individual is associated with.
Openness
Signifi will endeavor to make its privacy policies and procedures known to the individual via this Signifi Privacy Statement. A version of this document will also be available on Signifi’s website.
Individual Access
An Individual who wishes to review or verify what personal information is held by Signifi, or to whom the information has been disclosed (as permitted by the Act), may make the request for access, in writing, to Signifi 's Chief Privacy Officer. Upon verification of the individual's identity, the Chief Privacy Officer will respond within 60 days.
If the individual finds that the information held by Signifi is inaccurate or incomplete, upon the individual providing documentary evidence to verify the correct information, Signifi will make the required changes to the individual's active file(s) or record(s) promptly.
Complaints/Recourse
If an individual has a concern about Signifi’s personal information handling practices, a complaint, in writing, may be directed to the Signifi’s Chief Privacy Officer.
Upon verification of the individual's identity, Signifi’s Chief Privacy Officer will act promptly to investigate the complaint and provide a written report of the investigation's findings to the individual.
Where Signifi’s Chief Privacy Officer makes a determination that the individual's complaint is well founded, the Chief Privacy Officer will take the necessary steps to correct the offending information handling practice and/or revise Signifi’s privacy policies and procedures.
Where Signifi’s Chief Privacy Officer determines that the individual's complaint is not well founded, the individual will be notified in writing. If the individual is dissatisfied with the finding and corresponding action taken by Signifi’s Chief Privacy Officer, the individual may bring a complaint to the Canadian Federal Privacy Commissioner at the address below:
Office of the Privacy Commissioner
of Canada
30, Victoria Street
Gatineau, Quebec
K1A 1H3
https://www.priv.gc.ca/en/contact-the-opc/
Toll-free: 1-800-282-1376
Phone: (819) 994-5444
TTY: (819) 994-6591
Data Controller Responsibilities
This section applies to clients that are hosted in the Signifi European data center.
The client company is the Data Controller (“the custodian”).
Signifi is the Data Processor.
Data Custodian Responsibilities
Data Processor Responsibilities
Questions/Access Request/Complaint
Any questions regarding this or any other privacy policy of Signifi may be directed to the Chief Privacy Officer. Requests for access to information, or to make a complaint, are to be made in writing and sent to the Chief Privacy Officer at the address below:
Chief Privacy Officer – Razvan Anghelidi
Email address: privacy@signifi.com (ranghelidi@signifi.com)
Contact Number: 905-602-7707 x8164
Signifi Solutions Inc
1705 Tech Ave Unit 3, Mississauga, ON, L4W 0A2
Definitions
"Personal information" means any information about an identifiable individual. It includes, without limitation, information relating to identity, nationality, age, gender, address, telephone number, e-mail address, Social Insurance Number, date of birth, marital status, education, employment health history, assets, liabilities, payment records, credit records, loan records, income and information relating to financial transactions as well as certain personal opinions or views of an Individual.
"Business information" means business name, business address, business telephone number, name(s) of owner(s), officer(s) and director(s), job titles, business registration numbers (GST, RST, source deductions), financial status. Although business information is not subject to PIPEDA, confidentiality of business information will be treated with the same security measures by Signifi staff, members and Board members, as is required for individual personal information under PIPEDA.
"Client" means the business that is applying for or has been approved for a contractual relationship with Signifi Inc, (including sole proprietorships and individuals carrying on business in a partnership);
"Individual" means the client’s owner(s) or shareholders, co-signors, and/or any guarantor associated with a client.
"Member" means a person who volunteers on a Signifi committee, but who is not a current or active board member, or chair of the committee.
"Database" means the list of names, addresses and telephone numbers of clients and individuals held by Signifi in the forms of, but not limited to, computer files, paper files, and files on computer hard drives.
"File" means the information collected in the course of processing an application, as well as information collected/updated to maintain /service the account.
"Express consent" means the individual signs the application, or other forms containing personal information, authorizing Signifi to collect, use, and disclose the individual's personal information for the purposes set out in the application and/or forms.
"Implied Consent" means the organization may assume that the individual consents to the information being used, retained and disclosed for the original purposes, unless notified by the individual.
"Third Party" means a person or company that provides services to Signifi in support of the programs, benefits, and other services offered by Signifi.