DERYtelecom's personal information protection
Part 1 – General rules
Introduction
DERYtelecom is one of the most important cable distributors in Quebec. We are also a first-tier actor in high speed Internet access, housing of Web sites and phone services. Our team is committed to offering rural communities the same variety and quality of cable distribution service as found in urban centers.
DERYtelecom makes it a priority to ensure the accuracy, confidentiality, security and protection of its clients' personal information. DERYtelecom's Personal Information Protection Code is an official statement of principles and guidelines pertaining to minimum requirements for the protection of the personal information of DERYtelecom's clients.
DERYtelecom's Code aims at establishing responsible and transparent practices for the management of personal information.
Summary of principles
Principle 1 – Responsibility
DERYtelecom is responsible for the personal information it manages and must nominate at least one officer who will ensure compliance with the principles outlined below.
Principle 2 – Determining the purposes of collecting personal information
DERYtelecom must determine the purposes for which personal information is collected prior to or during the collection.
Principle 3 – Consent to the collection, use or communication of personal information
The client must be informed and consent to any collection, use or communication of his personal information, unless it is inappropriate to do so.
Principle 4 – Limitation on the collection of personal information
DERYtelecom may only collect the personal information necessary to intended purposes and must proceed in an honest and licit manner.
Principle 5 – Limitation on the use, communication and retention of personal information
DERYtelecom must not use nor communicate personal information for purposes other than those for which it was collected unless the individual in question has given his consent or that it is required by law. DERYtelecom must retain personal information only for the period of time required to fulfill the intended purposes.
Principle 6 – Accuracy of personal information
Personal information must be as accurate, complete and up-to-date as required by the intended purposes.
Principle 7 – Safety measures
DERYtelecom must protect personal information using safety measures fit to its degree of sensitivity.
Principle 8 – Transparent policies and practices
DERYtelecom must put at the disposal of clients precise information on its policies and practices for the management of personal information.
Principle 9 – Access to personal information by clients
DERYtelecom must inform a client who makes a request on the existence of personal information that concerns him, of the use made of the information and the fact that it has been communicated to third parties and allow him to consult this information. A client may contest the accuracy and completeness of information and make appropriate corrections.
Principle 10 – Complaint for non-compliance with principles
A client must be able to file a complaint on the non-compliance with principles outlined above by communicating with the officer responsible for Code enforcement within DERYtelecom.
Scope and application
The ten principles comprising DERYtelecom's Code are interrelated and DERYtelecom must comply with them in their entirety. Each principle must be read with accompanying observations.
Scope and application of DERYtelecom's
DERYtelecom's Code applies to personal information that DERYtelecom collects, uses or communicates about its clients.
DERYtelecom's Code applies to the management of personal information in all its forms – verbal, electronic or written.
DERYtelecom's Code does not restrict the collection, use or communication by DERYtelecom of information available to the public such as the name, address, phone number and electronic address of a client when this information is listed in a phone book or available via directory assistance.
Definitions
Client – individual who
Communication – the act of divulging personal information to a third party.
Consent – a voluntary acquiescence to the collection, use and communication of personal information for intended purposes. The consent may be explicit or implicit and given directly by the individual in question or an authorized representative. The explicit consent may be given orally, electronically or in writing.
However, it must always be non ambiguous and not oblige DERYtelecom to destroy it. The implicit consent designates a consent that one can reasonably deduct from an individual's act or omission.
Personal information – information concerning an identifiable individual, with the exception of general information that cannot be linked to a specific individual. This includes credit information, invoicing files, service and equipment statements as well as any complaint documented in a file.
Third party – person other than the client or his representative or organization that is not a subsidiary of DERYtelecom.
Use – processing, handling and management of personal information by DERYtelecom.
Principle 1 – Responsibility
DERYtelecom is responsible for the personal information it manages and nominates one officer who will ensure compliance with the principles outlined in this code. At the time of publication, the person responsible was Mrs. Diane Serres, Human Resources Director, DERYtelecom, 1013 Bagot, La Baie, Quebec, G7B 2N6.
1.1 It is the responsibility of DERYtelecom's top management to see to the compliance of provisions in DERYtelecom's Code and to designate at least one officer to this purpose. Other DERYtelecom employees may also be appointed to act in the name of the designated individual or to perform daily activities of collection and processing of personal information.
1.2 DERYtelecom is responsible for the personal information in its possession or that it keeps, including information given to a third party for processing purposes. DERYtelecom will take appropriate means to ensure a comparable degree of protection of information while being processed by a third party (refer to principle 7).
1.3 DERYtelecom has implemented policies and practices intended to give pursuit to DERYtelecom's Code, including:
DERYtelecom must determine the purposes for which personal information is collected prior to or during the collection.
2.1 DERYtelecom collects personal information only for the following purposes:
2.2 DERYtelecom must specify orally, electronically or in writing intended purposes to the client prior to or during the collection of personal information. Upon request, individuals collecting personal information must explain these purposes or advise the client to communicate with the officer designated within DERYtelecom, who will explain intended purposes.
2.3 Except when required by law, DERYtelecom will not use or communicate personal information already collected for a new purpose without having first defined and register the new purpose and having obtained the client's consent.
Principle 3 – Consent to the collection, use or communication of personal information
The client must be informed and consent to any collection, use or communication of his personal information, unless it is inappropriate to do so.
3.1 Under certain circumstances, DERYtelecom may collect, use and communicate information without the knowledge or consent of the individual in question. For example, DERYtelecom may collect or use personal information without the knowledge or consent of the individual in question when it is clearly in the interest of the person in question and it is impossible to get the individual's consent within an appropriate time frame, for instance when the individual is minor, gravely ill or suffering from mental incompetency. DERYtelecom may also collect, use and communicate information without the knowledge or consent of the individual in question when asking for the individual's consent risks compromising the purpose intended by the collection of information, such as in the case of an inquiry regarding a breach of contract or a violation of a federal or provincial law.
DERYtelecom may also use or communicate personal information without the knowledge or consent of the individual in question when the life, health or safety of an individual is threatened. DERYtelecom may communicate personal information without the knowledge or consent of the individual in question to an attorney representing companies in order to collect a debt, obey an assignment mandate or other court order or when required to do so by law.
3.2 To obtain the consent of the individual in question, DERYtelecom will perform all reasonable steps to ensure that the client is informed of purposes for which personal information will be used or communicated. These purposes will be outlined in a manner that the client can reasonably understand them.
3.3 In general, DERYtelecom will obtain the consent of the individual in question at the time of collecting and communicating personal information. However, it may also obtain this consent after the collection of personal information, but prior to using or communicating it for a new purpose.
3.4 DERYtelecom will ask clients to consent to the collection, use or communication of personal information as a condition for the provision of a product or service, only in as much as the collection, use or communication of information is necessary to the execution of intended purposes.
3.5 To determine the appropriate method of consent, DERYtelecom will consider the sensitivity of personal information and reasonable expectations of its clients.
3.6 As a general rule, the use of products and services by a client constitutes an implicit consent to the collection, use and communication of personal information for purposes intended by DERYtelecom.
3.7 A client may withdraw his consent at any time, subject to restrictions prescribed by a law or contract and within a reasonable delay. Clients may communicate with DERYtelecom to obtain more information on the consequences of such a withdrawal.
Principle 4 – Limitation on the collection of personal information
DERYtelecom may only collect personal information necessary to intended purposes. DERYtelecom must proceed in an honest and licit manner.
4.1 DERYtelecom collects personal information mainly from its clients.
4.2 DERYtelecom may also collect personal information from other sources, including credit bureaus, employers or personal references or from third parties authorized to divulge this information.
Principle 5 – Limitation on the use, communication and retention of personal information
DERYtelecom must not use nor communicate personal information for purposes other than those for which it was collected unless the individual in question has given his consent or it is required by law. DERYtelecom must retain personal information only for the period of time required to fulfill the intended purposes.
5.1 Under certain circumstances, personal information may be collected, used or communicated without the knowledge or consent of the individual in question (see 3.1).
5.2 DERYtelecom may also communicate the personal information of a client to:
5.4 DERYtelecom retains personal information only for the period of time necessary or useful to intended purposes or in accordance with legal requirements. Depending on the circumstances, when personal information was used to make a decision about a client, DERYtelecom will keep the personal information itself or an explanation of the reasons for its decision for a reasonable period of time to allow the client to have access to them.
5.5 DERYtelecom implements reasonable and systematic control measures, schedules and practices for keeping and destroying personal information and files that are no longer necessary or relevant to their intended purposes or that are not longer required by law. This information must be destroyed, deleted or depersonalized.
Principle 6 – Accuracy of personal information
Personal information must be as accurate, complete and up-to-date as required by the intended purposes.
6.1 Personal information used by DERYtelecom must be as accurate, complete and up-to-date to minimize the possibility that inaccurate information is used to take a decision about a client.
6.2 DERYtelecom will update personal information concerning clients only when necessary to fulfill intended purposes or upon notice from the individual in question.
Principle 7 – Safety measures
DERYtelecom must protect personal information using safety measures fit to its degree of sensitivity.
7.1 DERYtelecom must protect personal information against certain risks such as loss or theft, unauthorized viewing, communication, copying, use, modification or destruction by taking the necessary safety measures. Personal information must be protected, whatever the form it is kept in.
7.2 DERYtelecom must protect personal information communicated to third parties with contract agreements stipulating its confidential nature and the purposes they are intended for.
7.3 As an employment condition, all DERYtelecom's employees who have access to personal information must be bound to respect the confidential nature of such personal information.
Principle 8 – Transparent policies and practices
DERYtelecom must put at the disposal of clients precise information on its policies and practices for the management of personal information.
8.1 DERYtelecom must facilitate the understanding of its policies and practices by informing clients of the function and address of each person in charge of ensuring that departments and branch offices comply with DERYtelecom's Code and to whom they must send their complaints or requests for information.
8.2 DERYtelecom will divulge information to help clients exercise their rights pertaining to the use of personal information concerning them as well as information on private life protection services.
Principle 9 – Access to personal information by clients
DERYtelecom must inform a client who makes a request on the existence of personal information that concerns him, of the use made of the information and the fact that it has been communicated to third parties and allow him to consult this information. A client may contest the accuracy and completeness of information and make appropriate corrections.
9.1 Upon request, DERYtelecom allows the individual in question to consult personal information recorded in his file. Personal information must be provided in an understandable way, within a reasonable delay and at little or no cost to the individual in question.
9.2 Under certain circumstances, it may be impossible for DERYtelecom to allow a client to consult all the personal information it has on him. For example, DERYtelecom may not offer access to information if this risks divulging personal information to a third party or risks endangering another person's life or safety. Furthermore, DERYtelecom may not offer access to information if the communication could reveal confidential business information, if the information is protected by attorney-client privilege, if the information was obtained in the course of an official dispute-resolution process or if the information was gathered during an inquiry into a breach of contract or violation of a federal or provincial law. Upon request, DERYtelecom will specify the reason for refusing access to personal information.
9.3 To ensure the protection of personal information, a client may be required to provide adequate information to enable DERYtelecom to determine the existence, use and communication of personal information and authorize access to his file. Information thus provided must only serve this purpose.
9.4 DERYtelecom will promptly correct or complete any personal information that is deemed to be inaccurate or incomplete. Any unresolved dispute with respect to the accuracy or completeness of personal information must be recorded in the file of the individual in question. If applicable, DERYtelecom must communicate all modified personal information to third parties who have access to this personal information or inform them that unresolved disputes exist.
9.5 A client may obtain information or request to consult his personal file by communicating with an authorized representative at one of DERYtelecom's customer service offices.
Principle 10 – Complaint for non-compliance with principles
A client must be able to file a complaint on the non-compliance with principles outlined above by communicating with the officer responsible for Code enforcement within DERYtelecom.
10.1 DERYtelecom must establish mechanisms to receive and follow up on all complaints and requests for information pertaining to their policies and practices in terms of management of personal information.
10.2 DERYtelecom must inform its clients of the existence of these mechanisms as well as the existence of complaint mechanisms.
10.3 Officers responsible for DERYtelecom's Code compliance may seek advice from an outside organization, if need be, before definitively answering to complaints filed by individuals.
10.4 DERYtelecom must investigate all complaints about compliance with DERYtelecom's Code. If a complaint is substantiated, the company will take appropriate measures, including amending its policies and practices, if needed. The client will be informed of the result of the investigation into his complaint.
To get more information on DERYtelecom's commitment in terms of personal information protection, you may communicate with the customer service supervisor at one of DERYtelecom's offices at the number listed on the monthly invoice or found on its website derytele.com.
DERYtelecom's personal information protection Code
Part 2 – Processing of personal information about clients*
* This part complements the general rules stipulated in Part 1 of the Code.
When you become a DERYtelecom client, the personal information you divulge allows us to provide you with products and services best suited to your needs. We only collect the personal information that is necessary to the provision of our products and services. You may choose not to provide your personal information to us. However, by making that choice, it is possible that we might not be able to provide you the product, service or information you requested.
Unless you have given your explicit consent or if disclosure is required by legal authorities or by law, none of the personal information that DERYtelecom (including its Agents) is keeping on you may be communicated to anyone other than: (i) yourself; (ii) a person who, in DERYtelecom's opinion, is seeking to obtain information while acting as your authorized representative; (iii) a company involved in supplying you with telephone or telephone directory services, provided the information is required for that purpose and disclosure is made on a confidential basis with the information to be used only for that purpose.
At DERYtelecom, we use your personal information for certain purposes, such as:
Certain services offered by DERYtelecom may require specific measures such as the confidentiality of the sites browsed by computer, the content of emails, the choice of televised programs, user-created usage profiles, items acquired via electronic transactions and where such items are acquired. Each product and service may be associated with policy measures for protecting personal information that are specific to them and complement this Code. If applicable, clients acquiring such products or services will have access to the relevant policy.
Part 1 – General rules
Introduction
DERYtelecom is one of the most important cable distributors in Quebec. We are also a first-tier actor in high speed Internet access, housing of Web sites and phone services. Our team is committed to offering rural communities the same variety and quality of cable distribution service as found in urban centers.
DERYtelecom makes it a priority to ensure the accuracy, confidentiality, security and protection of its clients' personal information. DERYtelecom's Personal Information Protection Code is an official statement of principles and guidelines pertaining to minimum requirements for the protection of the personal information of DERYtelecom's clients.
DERYtelecom's Code aims at establishing responsible and transparent practices for the management of personal information.
Summary of principles
Principle 1 – Responsibility
DERYtelecom is responsible for the personal information it manages and must nominate at least one officer who will ensure compliance with the principles outlined below.
Principle 2 – Determining the purposes of collecting personal information
DERYtelecom must determine the purposes for which personal information is collected prior to or during the collection.
Principle 3 – Consent to the collection, use or communication of personal information
The client must be informed and consent to any collection, use or communication of his personal information, unless it is inappropriate to do so.
Principle 4 – Limitation on the collection of personal information
DERYtelecom may only collect the personal information necessary to intended purposes and must proceed in an honest and licit manner.
Principle 5 – Limitation on the use, communication and retention of personal information
DERYtelecom must not use nor communicate personal information for purposes other than those for which it was collected unless the individual in question has given his consent or that it is required by law. DERYtelecom must retain personal information only for the period of time required to fulfill the intended purposes.
Principle 6 – Accuracy of personal information
Personal information must be as accurate, complete and up-to-date as required by the intended purposes.
Principle 7 – Safety measures
DERYtelecom must protect personal information using safety measures fit to its degree of sensitivity.
Principle 8 – Transparent policies and practices
DERYtelecom must put at the disposal of clients precise information on its policies and practices for the management of personal information.
Principle 9 – Access to personal information by clients
DERYtelecom must inform a client who makes a request on the existence of personal information that concerns him, of the use made of the information and the fact that it has been communicated to third parties and allow him to consult this information. A client may contest the accuracy and completeness of information and make appropriate corrections.
Principle 10 – Complaint for non-compliance with principles
A client must be able to file a complaint on the non-compliance with principles outlined above by communicating with the officer responsible for Code enforcement within DERYtelecom.
Scope and application
The ten principles comprising DERYtelecom's Code are interrelated and DERYtelecom must comply with them in their entirety. Each principle must be read with accompanying observations.
Scope and application of DERYtelecom's
DERYtelecom's Code applies to personal information that DERYtelecom collects, uses or communicates about its clients.
DERYtelecom's Code applies to the management of personal information in all its forms – verbal, electronic or written.
DERYtelecom's Code does not restrict the collection, use or communication by DERYtelecom of information available to the public such as the name, address, phone number and electronic address of a client when this information is listed in a phone book or available via directory assistance.
Definitions
Client – individual who
(a) uses or requests to use DERYtelecom's products or services;Collection – the act of collecting, acquiring, recording or obtaining personal information from any source whatsoever, including third parties, and by any means whatsoever.
(b) corresponds with DERYtelecom;
(c) participates in a contest sponsored by DERYtelecom.
Communication – the act of divulging personal information to a third party.
Consent – a voluntary acquiescence to the collection, use and communication of personal information for intended purposes. The consent may be explicit or implicit and given directly by the individual in question or an authorized representative. The explicit consent may be given orally, electronically or in writing.
However, it must always be non ambiguous and not oblige DERYtelecom to destroy it. The implicit consent designates a consent that one can reasonably deduct from an individual's act or omission.
Personal information – information concerning an identifiable individual, with the exception of general information that cannot be linked to a specific individual. This includes credit information, invoicing files, service and equipment statements as well as any complaint documented in a file.
Third party – person other than the client or his representative or organization that is not a subsidiary of DERYtelecom.
Use – processing, handling and management of personal information by DERYtelecom.
Principle 1 – Responsibility
DERYtelecom is responsible for the personal information it manages and nominates one officer who will ensure compliance with the principles outlined in this code. At the time of publication, the person responsible was Mrs. Diane Serres, Human Resources Director, DERYtelecom, 1013 Bagot, La Baie, Quebec, G7B 2N6.
1.1 It is the responsibility of DERYtelecom's top management to see to the compliance of provisions in DERYtelecom's Code and to designate at least one officer to this purpose. Other DERYtelecom employees may also be appointed to act in the name of the designated individual or to perform daily activities of collection and processing of personal information.
1.2 DERYtelecom is responsible for the personal information in its possession or that it keeps, including information given to a third party for processing purposes. DERYtelecom will take appropriate means to ensure a comparable degree of protection of information while being processed by a third party (refer to principle 7).
1.3 DERYtelecom has implemented policies and practices intended to give pursuit to DERYtelecom's Code, including:
a) the implementation of procedures intended to protect personal information and ensure that the company complies with DERYtelecom's Code;Principle 2 – Determining of purposes for the collection of personal information
b) the implementation of procedures related to the reception and processing of information requests or complaints;
c) the training and information of employees on company policies and practices;
d) the writing of documents explaining the company policies and practices.
DERYtelecom must determine the purposes for which personal information is collected prior to or during the collection.
2.1 DERYtelecom collects personal information only for the following purposes:
a) establish and maintain commercial relations worthy of trust with clients and ensure current services;Any mention of "intended purposes" refers to purposes stipulated in this statement of principle.
b) understand clients' needs;
c) design, improve, market or provide products and services;
d) manage and design operations and commercial activities;
e) meet legal and regulatory requirements.
2.2 DERYtelecom must specify orally, electronically or in writing intended purposes to the client prior to or during the collection of personal information. Upon request, individuals collecting personal information must explain these purposes or advise the client to communicate with the officer designated within DERYtelecom, who will explain intended purposes.
2.3 Except when required by law, DERYtelecom will not use or communicate personal information already collected for a new purpose without having first defined and register the new purpose and having obtained the client's consent.
Principle 3 – Consent to the collection, use or communication of personal information
The client must be informed and consent to any collection, use or communication of his personal information, unless it is inappropriate to do so.
3.1 Under certain circumstances, DERYtelecom may collect, use and communicate information without the knowledge or consent of the individual in question. For example, DERYtelecom may collect or use personal information without the knowledge or consent of the individual in question when it is clearly in the interest of the person in question and it is impossible to get the individual's consent within an appropriate time frame, for instance when the individual is minor, gravely ill or suffering from mental incompetency. DERYtelecom may also collect, use and communicate information without the knowledge or consent of the individual in question when asking for the individual's consent risks compromising the purpose intended by the collection of information, such as in the case of an inquiry regarding a breach of contract or a violation of a federal or provincial law.
DERYtelecom may also use or communicate personal information without the knowledge or consent of the individual in question when the life, health or safety of an individual is threatened. DERYtelecom may communicate personal information without the knowledge or consent of the individual in question to an attorney representing companies in order to collect a debt, obey an assignment mandate or other court order or when required to do so by law.
3.2 To obtain the consent of the individual in question, DERYtelecom will perform all reasonable steps to ensure that the client is informed of purposes for which personal information will be used or communicated. These purposes will be outlined in a manner that the client can reasonably understand them.
3.3 In general, DERYtelecom will obtain the consent of the individual in question at the time of collecting and communicating personal information. However, it may also obtain this consent after the collection of personal information, but prior to using or communicating it for a new purpose.
3.4 DERYtelecom will ask clients to consent to the collection, use or communication of personal information as a condition for the provision of a product or service, only in as much as the collection, use or communication of information is necessary to the execution of intended purposes.
3.5 To determine the appropriate method of consent, DERYtelecom will consider the sensitivity of personal information and reasonable expectations of its clients.
3.6 As a general rule, the use of products and services by a client constitutes an implicit consent to the collection, use and communication of personal information for purposes intended by DERYtelecom.
3.7 A client may withdraw his consent at any time, subject to restrictions prescribed by a law or contract and within a reasonable delay. Clients may communicate with DERYtelecom to obtain more information on the consequences of such a withdrawal.
Principle 4 – Limitation on the collection of personal information
DERYtelecom may only collect personal information necessary to intended purposes. DERYtelecom must proceed in an honest and licit manner.
4.1 DERYtelecom collects personal information mainly from its clients.
4.2 DERYtelecom may also collect personal information from other sources, including credit bureaus, employers or personal references or from third parties authorized to divulge this information.
Principle 5 – Limitation on the use, communication and retention of personal information
DERYtelecom must not use nor communicate personal information for purposes other than those for which it was collected unless the individual in question has given his consent or it is required by law. DERYtelecom must retain personal information only for the period of time required to fulfill the intended purposes.
5.1 Under certain circumstances, personal information may be collected, used or communicated without the knowledge or consent of the individual in question (see 3.1).
5.2 DERYtelecom may also communicate the personal information of a client to:
a) another telecommunications company to ensure the efficient and cost-effective provision of telecommunications services;5.3 Only DERYtelecom's employees whose commercial activities or daily tasks require access to clients personal information should have such access.
b) a company participating in the provision of telecommunications or directory services to the client;
c) another individual for the design, improvement, marketing or provision of a DERYtelecom's product or service;
d) an agent whose services have been retained by DERYtelecom to collect a client account;
e) credit card distributors or credit bureaus;
f) an individual who, in the opinion of DERYtelecom, requests information as an authorized representative;
g) one or several third parties when the client consents to the communication or when it is required by law.
5.4 DERYtelecom retains personal information only for the period of time necessary or useful to intended purposes or in accordance with legal requirements. Depending on the circumstances, when personal information was used to make a decision about a client, DERYtelecom will keep the personal information itself or an explanation of the reasons for its decision for a reasonable period of time to allow the client to have access to them.
5.5 DERYtelecom implements reasonable and systematic control measures, schedules and practices for keeping and destroying personal information and files that are no longer necessary or relevant to their intended purposes or that are not longer required by law. This information must be destroyed, deleted or depersonalized.
Principle 6 – Accuracy of personal information
Personal information must be as accurate, complete and up-to-date as required by the intended purposes.
6.1 Personal information used by DERYtelecom must be as accurate, complete and up-to-date to minimize the possibility that inaccurate information is used to take a decision about a client.
6.2 DERYtelecom will update personal information concerning clients only when necessary to fulfill intended purposes or upon notice from the individual in question.
Principle 7 – Safety measures
DERYtelecom must protect personal information using safety measures fit to its degree of sensitivity.
7.1 DERYtelecom must protect personal information against certain risks such as loss or theft, unauthorized viewing, communication, copying, use, modification or destruction by taking the necessary safety measures. Personal information must be protected, whatever the form it is kept in.
7.2 DERYtelecom must protect personal information communicated to third parties with contract agreements stipulating its confidential nature and the purposes they are intended for.
7.3 As an employment condition, all DERYtelecom's employees who have access to personal information must be bound to respect the confidential nature of such personal information.
Principle 8 – Transparent policies and practices
DERYtelecom must put at the disposal of clients precise information on its policies and practices for the management of personal information.
8.1 DERYtelecom must facilitate the understanding of its policies and practices by informing clients of the function and address of each person in charge of ensuring that departments and branch offices comply with DERYtelecom's Code and to whom they must send their complaints or requests for information.
8.2 DERYtelecom will divulge information to help clients exercise their rights pertaining to the use of personal information concerning them as well as information on private life protection services.
Principle 9 – Access to personal information by clients
DERYtelecom must inform a client who makes a request on the existence of personal information that concerns him, of the use made of the information and the fact that it has been communicated to third parties and allow him to consult this information. A client may contest the accuracy and completeness of information and make appropriate corrections.
9.1 Upon request, DERYtelecom allows the individual in question to consult personal information recorded in his file. Personal information must be provided in an understandable way, within a reasonable delay and at little or no cost to the individual in question.
9.2 Under certain circumstances, it may be impossible for DERYtelecom to allow a client to consult all the personal information it has on him. For example, DERYtelecom may not offer access to information if this risks divulging personal information to a third party or risks endangering another person's life or safety. Furthermore, DERYtelecom may not offer access to information if the communication could reveal confidential business information, if the information is protected by attorney-client privilege, if the information was obtained in the course of an official dispute-resolution process or if the information was gathered during an inquiry into a breach of contract or violation of a federal or provincial law. Upon request, DERYtelecom will specify the reason for refusing access to personal information.
9.3 To ensure the protection of personal information, a client may be required to provide adequate information to enable DERYtelecom to determine the existence, use and communication of personal information and authorize access to his file. Information thus provided must only serve this purpose.
9.4 DERYtelecom will promptly correct or complete any personal information that is deemed to be inaccurate or incomplete. Any unresolved dispute with respect to the accuracy or completeness of personal information must be recorded in the file of the individual in question. If applicable, DERYtelecom must communicate all modified personal information to third parties who have access to this personal information or inform them that unresolved disputes exist.
9.5 A client may obtain information or request to consult his personal file by communicating with an authorized representative at one of DERYtelecom's customer service offices.
Principle 10 – Complaint for non-compliance with principles
A client must be able to file a complaint on the non-compliance with principles outlined above by communicating with the officer responsible for Code enforcement within DERYtelecom.
10.1 DERYtelecom must establish mechanisms to receive and follow up on all complaints and requests for information pertaining to their policies and practices in terms of management of personal information.
10.2 DERYtelecom must inform its clients of the existence of these mechanisms as well as the existence of complaint mechanisms.
10.3 Officers responsible for DERYtelecom's Code compliance may seek advice from an outside organization, if need be, before definitively answering to complaints filed by individuals.
10.4 DERYtelecom must investigate all complaints about compliance with DERYtelecom's Code. If a complaint is substantiated, the company will take appropriate measures, including amending its policies and practices, if needed. The client will be informed of the result of the investigation into his complaint.
To get more information on DERYtelecom's commitment in terms of personal information protection, you may communicate with the customer service supervisor at one of DERYtelecom's offices at the number listed on the monthly invoice or found on its website derytele.com.
DERYtelecom's personal information protection Code
Part 2 – Processing of personal information about clients*
* This part complements the general rules stipulated in Part 1 of the Code.
When you become a DERYtelecom client, the personal information you divulge allows us to provide you with products and services best suited to your needs. We only collect the personal information that is necessary to the provision of our products and services. You may choose not to provide your personal information to us. However, by making that choice, it is possible that we might not be able to provide you the product, service or information you requested.
Unless you have given your explicit consent or if disclosure is required by legal authorities or by law, none of the personal information that DERYtelecom (including its Agents) is keeping on you may be communicated to anyone other than: (i) yourself; (ii) a person who, in DERYtelecom's opinion, is seeking to obtain information while acting as your authorized representative; (iii) a company involved in supplying you with telephone or telephone directory services, provided the information is required for that purpose and disclosure is made on a confidential basis with the information to be used only for that purpose.
At DERYtelecom, we use your personal information for certain purposes, such as:
- approving your application to subscribe to our services;
- maintaining communication with you;
- keeping you informed of our current product and service offers and promotions, unless you object to this;
- detecting and preventing possible fraud or the illegal, inadequate or inappropriate use of our products and services;
- evaluating your degree of satisfaction with our products and services;
- complying with legislation, etc.
Certain services offered by DERYtelecom may require specific measures such as the confidentiality of the sites browsed by computer, the content of emails, the choice of televised programs, user-created usage profiles, items acquired via electronic transactions and where such items are acquired. Each product and service may be associated with policy measures for protecting personal information that are specific to them and complement this Code. If applicable, clients acquiring such products or services will have access to the relevant policy.
