At Barometer Capital Management Inc. (“Barometer”), we are committed to maintaining the accuracy, privacy, and confidentiality of your personal information (defined as recorded information about an identifiable individual), including personal, financial and other details provided to us, or obtained from others within or outside of the firm. We will continually strive to treat you fairly and with respect. For any products or services obtained from Barometer, you will be advised of the purpose of the information collected, how it is used, and shared. And we will only do so with consent, or as required or permitted by law.
Please note that we may amend the Policy from time to time, and post the revisions on our website at www.barometercapital.ca.
Barometer abides by the Federal Personal Information Protection and Electronic Documents Act’s (“PIPEDA”) fair information principles (“Principles”), which are as follows:
1. Accountability: We are responsible for personal information under our control, and we have designated an individual(s) responsible for compliance with the Principles.
2. Identifying Purposes: The purposes for which personal information is collected, will be identified by us at or before the time the information is collected, which may include to provide investment advice, servicing your account, executing securities transactions on your behalf, and fulfilling our responsibilities as required by law.
3. Consent: Your consent is required for the collection, use and disclosure of personal information, subject to certain exceptions. Such exceptions are set out in the law and include where legal, medical or security reasons make it impossible, or impractical, to seek consent. Your consent may be expressed in writing, verbally, electronically, or through authorized representatives. In certain circumstances, it may also be implied or inferred from certain actions such as submitting personal information to Barometer and/or visiting our website. To extent that you provide personal information concerning another individual (i.e. spouse, relative, trustee, etc.) you represent that you have obtained informed consent from that individual for use to collect, use and disclose in accordance with this policy.
You can withdraw all or part of your consent for the collection, use and disclosure of personal information at any time or choose not to have it shared, so long as you give your relationship manager reasonable notice. If you do so, you will be asked to be specific about the information you choose not to be used or disclosed. We will explain to you if there any implications associated with the withdrawal and the significance of each.
4. Limiting Collection: The collection of personal information shall be limited to that which is necessary for the purposes identified. The primary means for collecting this information is the completion and updating of our New Client Application Form and transactional information in your account. It will be collected by fair and lawful means.
5. Limiting Use, Disclosure, and Retention: Personal information may only be used or disclosed for the purposes for which it was collected, except with your consent or as required by law. It may only be kept for as long as is necessary to satisfy the purposes for which it was collected, or as required or permitted by law.
6. Accuracy: Any personal information that is collected, used or disclosed should be as accurate, complete and as up-to-date as is necessary for the purpose for which it is to be used. To do so we rely to a large extent on you to provide us with accurate information, and inform us of any changes.
7. Safeguards: Personal information shall be protected by security safeguards that are appropriate to the sensitivity of the information, to protect your personal information from unwarranted intrusion, release, or misuse. Client information is kept in a secure area, access to which is controlled. Information stored in computer systems only available to persons requiring access, and controlled by user identifications, passwords, encryption, firewalls, anti-virus, and anonymizing software. We require our service providers to adhere to privacy policies.
8. Openness: Information about our privacy policies and practices for managing your personal information shall be made available to you upon request.
9. Individual Access: Upon written request, you will be informed of the existence, use and disclosure of your personal information and you will be given access to it, subject to certain exceptions, as permitted by law. You may also verify the accuracy and completeness of your information, and request that it be amended, if appropriate.
We will only use fair and lawful means to collect personal information which is pertinent and consistent with the purposes of the collection. We may collect the required information directly from you, or your authorized representative(s), in completed applications and forms, through other means of correspondence, such as by telephone, mail, or through business dealings with us. We may collect your personal information through public sources such as the internet or through other their service providers. In some cases, and with your consent, we may need to ask an independent source to verify or provide supplementary information.
Generally, we collect, use and disclosure your information to:
If you provide us with your email address, we may occasionally send you email offers, informing you about products and services. We require your consent to send you our marketing offers or special promotions by electronic means. Under Canada’s Anti-Spam Legislation (CASL), as our clients we have your implied consent to send you electronic messages unless you notify us otherwise. You may do this by using the unsubscribe feature found in any electronic message we send you or at any time by contacting us.
During the course of providing you with products and services, we may provide personal information to others in situations where:
To the extent that any personal information is out of Canada, it is subject to the laws of the country in which it is held, and may be subject to disclosure to governments, courts, and law enforcement or regulatory agencies of such other country, pursuant to the laws of such country.
In cases where we use service providers to perform specialized services on our behalf, they are only provided with information necessary to perform the services. In addition, they will be required to adhere to confidentiality obligations and/or other restrictions or practices that provide for maintaining such information confidential and not accessible to others.
In the event our service provider is located in a foreign jurisdiction, they are bound by the laws of the jurisdiction in which they are located and may disclosure personal information in accordance with those laws.
Barometer stores and processes your personal information in our offices located in Toronto, Ontario or Vancouver, British Columbia, and with our IT service provider located in Canada. General entry to our offices is secured and cannot be accessed by unauthorized personnel without permission.
We will investigate and respond to your concerns about any aspect of our handling of your information. Should a privacy breach occur, Barometer implements a four-step plan which is outlined below:
Step 1: Respond and Contain – In the event of a possible security breach, the first step is responding to the potential breach. If determined that an actual breach occurred, containment of the situation will follow. To accomplish Step 1 efficiently, five (5) critical actions must be undertaken as soon as possible following the discovery of a possible incident:
Step 2: Notify – Following a full response and containment of the situation as outlined in Step 1, if a breach has occurred involving the personal information of an individual(s), except in situation when notice is not appropriate or possible (e.g. identities of an individual(s) affected by the breach is unknown, contact information is unavailable, or would interfere with a law enforcement investigation), they will be notified.
The purpose of providing notice of a privacy breach to the affected individual(s) is to provide them with sufficient information about:
Step 3: Investigate – After responding and containing the breach, an internal investigation is undertaken to:
Step 4: Implement Change – The most vital outcome of any breach is understanding why it occurred and how to prevent and avoid in the future.
A meeting will be held with all parties involved in the breach process once the breach has been fully contained, documented, and investigated. This will help to evaluate the existing privacy/security measures, incident-handling process, and identify areas and/or conduct requiring change and improvement.If you have any questions, concerns or comments regarding your privacy, would like to request access and/or correct your personal information, or opt out of marketing offers, please contact the Privacy Officer with your full name, address and telephone number at:
Barometer Capital Management Inc.
Ron Kelterborn – Privacy Officer
Suite 3220, 181 Bay Street
Toronto, Ontario, M5J 2T3