2. Privacy Principles
Principle 1 – Accountability
Sun Rich is responsible for protecting the confidentiality and security of personal information under its control. Sun Rich has designated Leanne Johnson, Vice President of Human Resources, as Sun Rich’s Privacy Officer. The Privacy Officer is accountable for the organization’s compliance with these principles.
Sun Rich will:
- Be responsible, by contractual or other means, for all personal information under its control, including personal information that is not in its custody. This includes personal information transferred to another organization for processing.
- Develop and implement policies and practices for the handling of personal information and make this information available to the public on request.
- Develop and implement a complaint process to handle complaints about our personal information practices and make this information available to the public on request.
Principle 2 – Identifying Purposes
We collect personal information to manage and develop our business and operations, including personnel and employment matters; and to meet legal and regulatory requirements. These two general purposes include the following specific purposes for which we collect personal information about our employees:
- To manage, develop and retain a highly-skilled, professional, and productive workforce that supports our business success. For example, we collect personal information about employees to make staffing and employee development decisions, to measure and reward performance, and to assess our ability to meet our business objectives.
- To administer compensation and benefits programs. For example, we collect and record personal information to administer automatic payroll deposits, manage our benefits programs and report pay and compensation information as required by the government.
- To support the personal health and well-being of employees. For example, Sun Rich collects personal information when providing various health services to employees, such as medical assessment, and return to work assistance. All health-related information collected by Sun Rich in the course of providing these services is treated as highly confidential.
- To provide a safe and respectful workplace as required by law and Sun Rich policies. For example, we keep records of safety incidents, hazardous occurrences, accidents and injury reports in order to provide a safe work environment and comply with the law.
- To protect and manage corporate assets. For example, we monitor employee use of our networks (e-mail and Internet).
- To meet legal and regulatory requirements. For example, we report pay and compensation information as required by the government.
Sun Rich will:
- Ensure that the collection of personal information is necessary to fulfill the purpose(s) identified.
- Ensure that the purpose(s) is limited to what a reasonable person would consider appropriate in the circumstances.
- Inform the individual from whom the information is collected, either verbally or in writing, before or at the time of collection why the personal information is needed and how it will be used.
- On request by the individual, provide the name or title and contact information of a person within the organization who is able to answer questions about the collection of personal information.
- When using an individual's personal information that has already been collected for a new purpose not previously identified, inform the individual of the new purpose and obtain consent prior to its use.
Principle 3 – Consent
Sun Rich will explain the reason for and obtain your consent before using your Personal Information for any other purpose other than listed above. We will only collect, use and disclose your personal information with your consent, except where otherwise required or permitted by law.
The acceptance of employment and benefits by an employee is viewed as consent for Sun Rich to collect, use, and disclose personal information about the employee for the purposes identified above.
Employees have the right to withdraw consent, at any time, subject to legal or contractual restrictions and reasonable notice. This right protects employees from having their personal information collected unnecessarily or for an unreasonable purpose. You may choose to withhold some personal information by not participating in optional programs, such as the Employee Benefit Program.
Principle 4 – Limiting Collection
Sun Rich will limit the collection of your personal information to only those details that are necessary for the purposes identified. Sun Rich will collect personal information directly from the individual it is about unless the Act or the individual authorizes the collection of personal information from another source.
Principle 5 – Limiting Use, Disclosure and Retention
Sun Rich will only use your personal information for the purposed for which it was collected, unless you have consented otherwise, or when it is required or permitted by law. Your personal information will only be retained for the time necessary to fulfill the purposes for which it was collected, and to meet any legal or regulatory requirements.
Principle 6 – Accuracy
Sun Rich will keep your personal information as accurate, complete and up-to-date as possible to fulfill the purposed for which it was collected. You can assist us in ensuring your records are current by providing us with any changes to your personal information, such as an address change.
Principle 7 – Safeguards
Sun Rich will protect your personal information with appropriate security safeguards and will protect the confidentiality of your personal information when dealing with other companies or organizations.
Principle 8 – Openness
Sun Rich will make available to you information about our policies and practices regarding the management of personal information. If you would like more information or to access your personal information or to make a complaint about our personal information practices, please contact our Privacy Officer, Leanne Johnson.
Principle 9 – Access
Sun Rich will upon request,
1. Provide employees access to:
- their personal information,
- an explanation of how their personal information is and has been used, and
- a list of any individuals or organization to whom their personal information has been disclosed.
2. Correct personal information:
- Sun Rich will correct personal information that it verifies is inaccurate or incomplete,
- If a correction is made, will send a copy of the corrected personal information to each organization to which the incorrect or incomplete information was disclosed in the past year,
- If no correction is made in response to an individual’s request, make a note to indicated that a correction was requested but none was made.
Principle 10 – Recourse
Sun Rich employees may contact our Privacy Officer, Leanne Johnson, Vice President Human Resources, with any questions, concerns, or suggestions with respect to our privacy principles and practices. Leanne can be reached at 1-800-661-0087, 4703 or firstname.lastname@example.org
All complaints will be investigated and appropriate measures to correct information handling practices and policies will be taken.
You may also seek advice from the Offices of the Privacy Commissioners:
- BC employees can contact the Office of the Information and Privacy Commissioner for BC at: 1-250-356-1851
- Ontario employees can contact the Office of the Privacy Commissioner of Canada at: 1-800-282-1376