APTR 's personal information protection
Part 1 – General rules
____________________________________________ Our team is committed to offering to La Minerve and part of lac Labelle residents the same variety and quality of cable distribution service as found in urban centers.
APTR makes it a priority to ensure the accuracy, confidentiality, security and protection of its clients' personal information. APTR's Personal Information Protection Code is an official statement of principles and guidelines pertaining to minimum requirements for the protection of the personal information of APTR's clients.
APTR's Code aims at establishing responsible and transparent practices for the management of personal information.
Summary of principles
____________________________________________ Principle 1 – Responsibility APTR is responsible for the personal information it manages and must nominate at least one officer who will ensure compliance with the principles outlined below.
Principle 2 – Determining the purposes of collecting personal information
APTR must determine the purposes for which personal information is collected prior to or during the collection.
Principle 3 – Consent to the collection, use or communication of personal information
The client must be informed and consent to any collection, use or communication of his personal information, unless it is inappropriate to do so.
Principle 4 – Limitation on the collection of personal information
APTR may only collect the personal information necessary to intended purposes and must proceed in an honest and licit manner.
Principle 5 – Limitation on the use, communication and retention of personal information APTR must not use nor communicate personal information for purposes other than those for which it was collected unless the individual in question has given his consent or that it is required by law. APTR must retain personal information only for the period of time required to fulfill the intended purposes.
Principle 6 – Accuracy of personal information Personal information must be as accurate, complete and up-to-date as required by the intended purposes.
Principle 7 – Safety measures APTR must protect personal information using safety measures fit to its degree of sensitivity.
Principle 8 – Transparent policies and practices APTR must put at the disposal of clients precise information on its policies and practices for the management of personal information.
Principle 9 – Access to personal information by clients APTR must inform a client who makes a request on the existence of personal information that concerns him, of the use made of the information and the fact that it has been communicated to third parties and allow him to consult this information. A client may contest the accuracy and completeness of information and make appropriate corrections.
Principle 10 – Complaint for non-compliance with principles A client must be able to file a complaint on the non-compliance with principles outlined above by communicating with the officer responsible for Code enforcement within APTR.
Scope and application
____________________________________________ The ten principles comprising APTR’s Code are interrelated and APTR must comply with them in their entirety. Each principle must be read with accompanying observations.
Scope and application of APTR’s
____________________________________________ APTR’s Code applies to personal information that APTR collects, uses or communicates about its clients.
APTR’s Code applies to the management of personal information in all its forms – verbal, electronic or written. APTR’s Code does not restrict the collection, use or communication by APTR of information available to the public such as the name, address, phone number and electronic address of a client when this information is listed in a phone book or available via directory assistance.
____________________________________________ Client – individual who (a) uses or requests to use APTR’s products or services;
(b) corresponds with APTR;
(c) participates in a contest sponsored by APTR. Collection – the act of collecting, acquiring, recording or obtaining personal information from any source whatsoever, including third parties, and by any means whatsoever. Communication – the act of divulging personal information to a third party. Consent – a voluntary acquiescence to the collection, use and communication of personal information for intended purposes. The consent may be explicit or implicit and given directly by the individual in question or an authorized representative. The explicit consent may be given orally, electronically or in writing. However, it must always be non ambiguous and not oblige APTR to destroy it. The implicit consent designates a consent that one can reasonably deduct from an individual's act or omission. Personal information – information concerning an identifiable individual, with the exception of general information that cannot be linked to a specific individual. This includes credit information, invoicing files, service and equipment statements as well as any complaint documented in a file. Third party – person other than the client or his representative or organization that is not a subsidiary of APTR. Use – processing, handling and management of personal information by APTR.
Principle 1 – Responsibility
____________________________________________ APTR is responsible for the personal information it manages and nominates one officer who will ensure compliance with the principles outlined in this code. 1.1 It is the responsibility of APTR’s top management to see to the compliance of provisions in APTR’s Code and to designate at least one officer to this purpose. Other APTR employees may also be appointed to act in the name of the designated individual or to perform daily activities of collection and processing of personal information. 1.2 APTR is responsible for the personal information in its possession or that it keeps, including information given to a third party for processing purposes. APTR will take appropriate means to ensure a comparable degree of protection of information while being processed by a third party (refer to principle 7). 1.3 APTR has implemented policies and practices intended to give pursuit to APTR’s Code, including: a) the implementation of procedures intended to protect personal information and ensure that the company complies with APTR’s Code;
b) the implementation of procedures related to the reception and processing of information requests or complaints;
c) the training and information of employees on company policies and practices;
d) the writing of documents explaining the company policies and practices.
Principle 2 – Determining of purposes for the collection of personal information
____________________________________________ APTR must determine the purposes for which personal information is collected prior to or during the collection. 2.1 APTR collects personal information only for the following purposes: a) establish and maintain commercial relations worthy of trust with clients and ensure current services;
b) understand clients' needs;
c) design, improve, market or provide products and services;
d) manage and design operations and commercial activities;
e) meet legal and regulatory requirements. Any mention of "intended purposes" refers to purposes stipulated in this statement of principle. 2.2 APTR must specify orally, electronically or in writing intended purposes to the client prior to or during the collection of personal information. Upon request, individuals collecting personal information must explain these purposes or advise the client to communicate with the officer designated within APTR, who will explain intended purposes. 2.3 Except when required by law, APTR will not use or communicate personal information already collected for a new purpose without having first defined and register the new purpose and having obtained the client's consent.
Principle 3 – Consent to the collection, use or communication of personal information
____________________________________________ The client must be informed and consent to any collection, use or communication of his personal information, unless it is inappropriate to do so. 3.1 Under certain circumstances, APTR may collect, use and communicate information without the knowledge or consent of the individual in question. For example, APTR may collect or use personal information without the knowledge or consent of the individual in question when it is clearly in the interest of the person in question and it is impossible to get the individual's consent within an appropriate time frame, for instance when the individual is minor, gravely ill or suffering from mental incompetency. APTR may also collect, use and communicate information without the knowledge or consent of the individual in question when asking for the individual's consent risks compromising the purpose intended by the collection of information, such as in the case of an inquiry regarding a breach of contract or a violation of a federal or provincial law. APTR may also use or communicate personal information without the knowledge or consent of the individual in question when the life, health or safety of an individual is threatened. APTR may communicate personal information without the knowledge or consent of the individual in question to an attorney representing companies in order to collect a debt, obey an assignment mandate or other court order or when required to do so by law. 3.2 To obtain the consent of the individual in question, APTR will perform all reasonable steps to ensure that the client is informed of purposes for which personal information will be used or communicated. These purposes will be outlined in a manner that the client can reasonably understand them. 3.3 In general, APTR will obtain the consent of the individual in question at the time of collecting and communicating personal information. However, it may also obtain this consent after the collection of personal information, but prior to using or communicating it for a new purpose. 3.4 APTR will ask clients to consent to the collection, use or communication of personal information as a condition for the provision of a product or service, only in as much as the collection, use or communication of information is necessary to the execution of intended purposes. 3.5 To determine the appropriate method of consent, APTR will consider the sensitivity of personal information and reasonable expectations of its clients. 3.6 As a general rule, the use of products and services by a client constitutes an implicit consent to the collection, use and communication of personal information for purposes intended by APTR. 3.7 A client may withdraw his consent at any time, subject to restrictions prescribed by a law or contract and within a reasonable delay. Clients may communicate with APTR to obtain more information on the consequences of such a withdrawal.
Principle 4 – Limitation on the collection of personal information
____________________________________________ APTR may only collect personal information necessary to intended purposes. APTR must proceed in an honest and licit manner. 4.1 APTR collects personal information mainly from its clients. 4.2 APTR may also collect personal information from other sources, including credit bureaus, employers or personal references or from third parties authorized to divulge this information.
Principle 5 – Limitation on the use, communication and retention of personal information
____________________________________________ APTR must not use nor communicate personal information for purposes other than those for which it was collected unless the individual in question has given his consent or it is required by law. APTR must retain personal information only for the period of time required to fulfill the intended purposes. 5.1 Under certain circumstances, personal information may be collected, used or communicated without the knowledge or consent of the individual in question (see 3.1). 5.2 APTR may also communicate the personal information of a client to: a) another telecommunications company to ensure the efficient and cost-effective provision of telecommunications services;
b) a company participating in the provision of telecommunications or directory services to the client;
c) another individual for the design, improvement, marketing or provision of an APTR’s product or service;
d) an agent whose services have been retained by APTR to collect a client account;
e) credit card distributors or credit bureaus;
f) an individual who, in the opinion of APTR, requests information as an authorized representative;
g) one or several third parties when the client consents to the communication or when it is required by law. 5.3 Only APTR’s employees whose commercial activities or daily tasks require access to client’s personal information should have such access. 5.4 APTR retains personal information only for the period of time necessary or useful to intended purposes or in accordance with legal requirements. Depending on the circumstances, when personal information was used to make a decision about a client, APTR will keep the personal information itself or an explanation of the reasons for its decision for a reasonable period of time to allow the client to have access to them. 5.5 APTR implements reasonable and systematic control measures, schedules and practices for keeping and destroying personal information and files that are no longer necessary or relevant to their intended purposes or that are not longer required by law. This information must be destroyed, deleted or depersonalized.
Principle 6 – Accuracy of personal information
____________________________________________ Personal information must be as accurate, complete and up-to-date as required by the intended purposes. 6.1 Personal information used by APTR must be as accurate, complete and up-to-date to minimize the possibility that inaccurate information is used to take a decision about a client. 6.2 APTR will update personal information concerning clients only when necessary to fulfill intended purposes or upon notice from the individual in question.
Principle 7 – Safety measures
____________________________________________ APTR must protect personal information using safety measures fit to its degree of sensitivity. 7.1 APTR must protect personal information against certain risks such as loss or theft, unauthorized viewing, communication, copying, use, modification or destruction by taking the necessary safety measures. Personal information must be protected, whatever the form it is kept in. 7.2 APTR must protect personal information communicated to third parties with contract agreements stipulating its confidential nature and the purposes they are intended for.
7.3 As an employment condition, all APTR’s employees who have access to personal information must be bound to respect the confidential nature of such personal information.
Principle 8 – Transparent policies and practices
____________________________________________ APTR must put at the disposal of clients precise information on its policies and practices for the management of personal information. 8.1 APTR must facilitate the understanding of its policies and practices by informing clients of the function and email address of each person in charge of ensuring that departments and branch offices comply with APTR’s Code and to whom they must send their complaints or requests for information. 8.2 APTR will divulge information to help clients exercise their rights pertaining to the use of personal information concerning them as well as information on private life protection services.
Principle 9 – Access to personal information by clients
____________________________________________ APTR must inform a client who makes a request on the existence of personal information that concerns him, of the use made of the information and the fact that it has been communicated to third parties and allow him to consult this information. A client may contest the accuracy and completeness of information and make appropriate corrections. 9.1 Upon request, APTR allows the individual in question to consult personal information recorded in his file. Personal information must be provided in an understandable way, within a reasonable delay and at little or no cost to the individual in question. 9.2 Under certain circumstances, it may be impossible for APTR to allow a client to consult all the personal information it has on him. For example, APTR may not offer access to information if these risks divulging personal information to a third party or risks endangering another person's life or safety. Furthermore, APTR may not offer access to information if the communication could reveal confidential business information, if the information is protected by attorney-client privilege, if the information was obtained in the course of an official dispute-resolution process or if the information was gathered during an inquiry into a breach of contract or violation of a federal or provincial law. Upon request, APTR will specify the reason for refusing access to personal information. 9.3 To ensure the protection of personal information, a client may be required to provide adequate information to enable APTR to determine the existence, use and communication of personal information and authorize access to his file. Information thus provided must only serve this purpose. 9.4 APTR will promptly correct or complete any personal information that is deemed to be inaccurate or incomplete. Any unresolved dispute with respect to the accuracy or completeness of personal information must be recorded in the file of the individual in question. If applicable, APTR must communicate all modified personal information to third parties who have access to this personal information or inform them that unresolved disputes exist. 9.5 A client may obtain information or request to consult his personal file by communicating with an authorized representative from APTR’s Customer Service department.
Principle 10 – Complaint for non-compliance with principles
____________________________________________ A client must be able to file a complaint on the non-compliance with principles outlined above by communicating with the officer responsible for Code enforcement within APTR. 10.1 APTR must establish mechanisms to receive and follow up on all complaints and requests for information pertaining to their policies and practices in terms of management of personal information. 10.2 APTR must inform its clients of the existence of these mechanisms as well as the existence of complaint mechanisms. 10.3 Officers responsible for APTR’s Code compliance may seek advice from an outside organization, if need be, before definitively answering to complaints filed by individuals. 10.4 APTR must investigate all complaints about compliance with APTR’s Code. If a complaint is substantiated, the company will take appropriate measures, including amending its policies and practices, if needed. The client will be informed of the result of the investigation into his complaint. To get more information on APTR’s commitment in terms of personal information protection, you may communicate with the customer service supervisor at one of APTR’s offices at the number listed on the monthly invoice or found on its website TFLM.com. APTR’s personal information protection Code Part 2 – Processing of personal information about clients* * This part complements the general rules stipulated in Part 1 of the Code. When you become an APTR client, the personal information you divulge allows us to provide you with products and services best suited to your needs. We only collect the personal information that is necessary to the provision of our products and services. You may choose not to provide your personal information to us. However, by making that choice, it is possible that we might not be able to provide you the product, service or information you requested. Unless you have given your explicit consent or if disclosure is required by legal authorities or by law, none of the personal information that APTR (including its Agents) is keeping on you may be communicated to anyone other than: (i) yourself; (ii) a person who, in APTR’s opinion, is seeking to obtain information while acting as your authorized representative; (iii) a company involved in supplying you with telephone or telephone directory services, provided the information is required for that purpose and disclosure is made on a confidential basis with the information to be used only for that purpose. At APTR, we use your personal information for certain purposes, such as: · approving your application to subscribe to our services;
· maintaining communication with you;
· keeping you informed of our current product and service offers and promotions, unless you object to this;
· detecting and preventing possible fraud or the illegal, inadequate or inappropriate use of our products and services;
· evaluating your degree of satisfaction with our products and services;
· complying with legislation, etc.
In any case, we do not sell personal information on our clients neither do we transmit information on our clients to other organizations. Certain services offered by APTR may require specific measures such as the confidentiality of the sites browsed by computer, the content of emails, the choice of televised programs, user-created usage profiles, items acquired via electronic transactions and where such items are acquired. Each product and service may be associated with policy measures for protecting personal information that are specific to them and complement this Code. If applicable, clients acquiring such products or services will have access to the relevant policy.