Privacy Policy

The Small Business Centre is committed to respecting your privacy and protecting your personal information. This Privacy Statement explains the current information management practices on our website.
We are committed to protecting your privacy whether you are browsing for information or conducting business with the Small Business Centre through electronic channels. The handling of all personal information by the Small Business Centre is governed by rules of the Freedom of Information and Protection of Privacy Act(FIPPA) and the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA),  govern all aspects of personal information, including its collection, use, disclosure, retention, and secure destruction.

The Principles

Our Privacy Policy is designed to comply with applicable privacy legislation in Canada. It incorporates the following 10 principles:

  • Accountability
  • Identifying Purpose
  • Consent
  • Limiting Collection
  • Limiting Use, Disclosure and Retention
  • Accuracy of Personal Information
  • Safeguarding Personal Information
  • Access to Personal Information
  • Challenging Compliance

If we change our Privacy Policy in the future, those changes will be included in updates to our official Privacy Policy, wherever it is made available. Hence you will always know what information we collect, how we use it and how we protect it.

Exceptions

If you choose not to use the Internet to provide personal information to the Small Business Centre, you may contact us by telephone, fax, mail, or in person.

Accountability

The Small Business Centre is responsible for maintaining and protecting the personal information under its control.

Identifying Purpose

The Small Business Centre will identify to an individual the purposes for which personal information is collected at or before the time the information is collected. Generally, the Small Business Centre collects personal information for the following purposes:

  • to manage and develop the Small Business Centre’s business and operations, including personnel and employment matters and
  • to meet any legal and regulatory requirements

However, there may be other circumstances that require such information to be collected and used.
The Small Business Centre collects the following personal information from individuals during the course of normal business activities. This information may include name, business title, function and general contact information.

This information may be used to:

  • enable individuals to tailor the presentation of our services to better meet their needs (e.g., seminars and workshops, distribution of our e-newsletter)
  • inform individuals about the Small Business Centre’s services that we believe may be of interest to them
  • better understand an individual’s interests in our services and programs
  • develop, enhance or improve services and programs

The Small Business Centre routinely collects anonymous, non-personal information through our Web servers. This information is not associated with or traced back to an individual. Gathered electronically, this information includes the type of Web browser used, number of times a page is accessed, length of time on a page and the Internet Protocol address. This information may be used for research and analytical purposes, to examine how the Web site is being used and to determine how it can be improved.

Consent

An individual’s knowledge and consent are required before the Small Business Centre is allowed to collect or use his or her personal information. Where possible, the Small Business Centre will obtain consent directly from the individual concerned at the time of collection. After having provided consent, an individual has the right to withdraw consent at any time by providing reasonable notice to the Small Business Centre’s Manager.

Limiting Collection

The Small Business Centre collects only the information that is necessary for the purposes outlined in this Privacy Policy.

Limiting Use, Disclosure and Retention

The Small Business Centre does not use personal information for purposes other than those for which it was collected, except with an individual’s consent or as required by law. Once personal information is no longer required to fulfill the identified purposes or other legal requirements, it will be destroyed, deleted or made anonymous.

The Small Business Centre sometimes uses the services of external firms to assist us in communicating with individuals (e.g., surveys and email distribution) or as a means of providing more effective and efficient services to these individuals (e.g., technology support). Our external suppliers are contractually obligated to keep the information confidential, to use the information only for the purpose requested and to destroy the information when it is no longer required. Client information is shared with external service providers only to the extent required for the provision of such services. Furthermore, the Small Business Centre does not provide or sell personal information to a third-party organization. In certain circumstances, we allow basic contact information to be shared amongst clients. An example of this includes providing attendee lists for seminars or workshops to other attendees.
Personal information is retained only as long as necessary for the fulfillment of the purposes stated in this policy.

Safeguarding Personal Information

Personal information, whatever its form, will be protected by security safeguards appropriate to the sensitivity of the information. The safeguards will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. The measures of protection include:

  • physical measures, for example, locking filing cabinets and restricted access to offices during off hours
  • organizational measures, for example, security passes and limiting access to the personal information on a ‘need-to-know’ basis
  • technological measures, for example, the use of passwords and encryption
  • procedural measures, for example, the shredding of sensitive personal information