Privacy Policy


TCR’s activities for protecting the privacy of personal information are integral to all aspects of our organization. The training, the processes we perform, risk assessment and treatment, accountability and continuous improvement contribute to our overall privacy strategy.

Information is utilized only for the purposes for which it is collected. Information is stored only for the periods of time established by legislation and client directives. Information is protected from any unauthorized release. Information is kept current and accurate.

PRIVACY GUIDING PRINCIPLES

Accountability

All employees have read, and acknowledged through HR Actions their awareness of the Privacy Policy. All employees have been informed of their individual responsibilities as well as our corporate responsibilities under PIPEDA. While TCR has designated a Privacy Officer, all employees are individually required to uphold the rights and obligations as set forth in the legislation and client contracts and directives.

Identifying Purpose

TCR shall make every effort to inform individuals of the purposes for the requesting and collection of personal information relating to the various tasks undertaken for our clients, as required by law.

Principle Consent

TCR must have signed consent, or our client’s transfer of consent, that permits our activities to collect, use or disclose personal information as defined by the Act. Failure to receive the consent of an individual may prohibit the aforementioned collection, use or disclosure.

Limiting Collection

Any personal information as described by the Act, shall be collected and used solely for the purpose as set forth during direct solicitation and only by fair and lawful means.

Limiting Use, Disclosure, and Retention

TCR adheres to the lawful collection of personal information, and only for the intended use that the information was provided. Once the purpose for which the information was collected has been satisfied and its intended use has been exhausted, TCR shall destroy, delete or otherwise rid itself of the information in a manner consistent with maintaining privacy and protection of the personal information.

Accuracy Principle

All information collected by TCR is kept up-to-date and relevant based upon the information’s intended use. TCR’s effectiveness in collections and outsourcing activities is dependent on the accuracy of our data for our client’s accounts. It is therefore imperative that we verify and maintain the most current and factual information that is lawful to collect and disclose under PIPEDA legislation.

Safeguards

TCR assumes the responsibility for safeguarding information it has collected, received or maintains. Our offices and databanks are electronically safeguarded against intruders and our information technology protected with current bio-metric security systems, video and auditory monitoring, and intrusion protection software as well as the normal password protections and system controls.

Openness

TCR has taken a leading position in the compliance of PIPEDA legislation. The policies of the organization relating to protection of personal information is available to all clients who wish to review and discuss the practical application and measures taken to protect all sensitive information.

Individual Access

TCR will inform any individual of the existence, use and disclosure of their personal information once requested. While we take tremendous steps to ensure the completeness and accuracy of information lawfully collected, TCR welcomes individuals to verify the accuracy of information it has collected, used or distributed, as permitted by law.

Challenging Compliance

The Privacy Officer is required by TCR and the Act, to respond quickly and professionally to requests for information. Complaints are received and responded to in a timely manner. A recent amendment to PIPEDA (The Digital Privacy Act, brought into force June 22, 2015) requires organizations to tell individuals that their personal information has been lost or stolen, and the requirement for reporting of substantial privacy breaches to the Privacy Commissioner for Canada.