At Hyperspectral Intelligence Inc., we respect the privacy of our clients, prospective clients and suppliers and are committed to safeguarding their personal information. This Policy, in compliance with the Personal Information Protection Act (“PIPA”) and Canadian Anti-Spam Legislation (“CASL”), outlines the principles and practices we will follow in protecting personal information. Our privacy commitment includes ensuring the accuracy, confidentiality, and security of personal information and allowing individuals or businesses to request access to it, and correction of, their personal information.
If you are a European resident, then you have similar privacy rights and rights to access your personal information, but please note that your personal information will be transferred outside of the European Economic Area (“EEA”) as necessary to provide our services to you, and in result, the laws of those jurisdictions, including Canada, will also apply. Where there is any conflict of these privacy laws, by using our services, you agree that the laws of Canada will prevail.
We will inform our clients, prospective clients, and suppliers of why and how we collect, use, and disclose their personal information, obtain their consent where required, and only handle their personal information in a manner that is reasonable and appropriate.
“Personal Information” – Information about an identifiable individual. Personal information includes information that relates to their personal characteristics (e.g. gender, age, income, home address, home phone number, ethnic background, family status, etc.), their health (e.g. health history, health conditions, health services received, etc.), or their activities and view (e.g. religion, politics, opinions expressed by the individual, etc.). Personal information, however, does not include contact information, as defined below.
“Contact Information” – means information that would enable an individual to be contacted at a place of business and includes the name, position name or title, business telephone number, business address, business email or business fax number. Contact information is not covered by this Policy or PIPA.
Privacy Officer – The individual designated with the responsibility for ensuring that Hyperspectral Intelligence Inc. complies with this Policy, PIPA and CASL, who is currently the Chief Financial Officer of Hyperspectral Intelligence Inc., and who may be contacted at the e-mail address shown below at the end of this Policy.
Collecting Personal Information
Unless the purposes for collecting personal information are obvious and the person voluntarily provides his or her personal information for those purposes, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection.
We collect personal information that is necessary to fulfill the following purposes:
- Name, address, phone number, cell phone number, fax number and e-mail address for the purpose of communicating and reporting about the Hyperspectral Intelligence Inc. ‘s services, events, and activities.
- Banking information to execute on a business transaction or contract.
Hyperspectral Intelligence Inc. will obtain consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent).
Consent can be provided orally, in writing, electronically, through an authorized representative or it can be implied where the purpose for collecting, using or disclosing the personal information would be considered obvious and the client voluntarily provides personal information for that purpose.
Consent may also be implied where a person is given notice and a reasonable opportunity to opt-out of his or her personal information being used for mail-outs, marketing, or fundraising, and they do not opt-out.
Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), a person can withhold or withdraw their consent for Hyperspectral Intelligence Inc. to use their personal information in certain ways. A decision to withhold or withdraw their consent to certain uses of personal information may restrict our ability to provide a particular service or product. If so, we will explain the situation to assist them in making the decision.
We may collect, use or disclose personal information without a person’s knowledge or consent in the following limited circumstances:
- When the collection, use or disclosure of personal information is permitted or required by law;
- In an emergency that threatens an individual’s life, health, or personal security;
- When the personal information is available from a public source (e.g., a telephone directory);
- When we require legal advice from a lawyer;
- For the purposes of collecting a debt;
- To protect ourselves from fraud;
- To investigate an anticipated breach of an agreement or a contravention of law.
Using and Disclosing Personal Information
We will only use or disclose personal information where necessary to fulfill the purposes identified at the time of collection or for a purpose reasonably related to those purposes such as:
- To conduct surveys in order to enhance the provision of our services; or
- To contact clients or prospective clients directly about services that may be of interest.
We will not use or disclose personal information for any additional purpose unless we obtain consent to do so.
We will not sell personal information to other parties.
If you are a European resident, your personal information will be transferred to, processed, and stored in countries outside the EEA. It may also be handled by staff working outside of the EEA for us or one of our suppliers. We only transfer personal information to these countries when it is necessary for the services we provide you and is subject to safeguards that assure the protection of your personal information, such as European Commission approved standard contractual clauses.
All information that you provide to us is stored on our secure servers or on secure servers operated by a third party.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask that you do not share your password with anyone.
If you chose to send us information via email, we cannot guarantee the security of this information. Once we have received your information, we will use strict procedures and security features to ensure it is dealt with in accordance with this Policy.
Retaining Personal Information
If we use personal information to make a decision that directly affects the person, we will retain that personal information for at least one year so that the person has a reasonable opportunity to request access to it.
Hyperspectral Intelligence Inc. will retain personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose.
Ensuring Accuracy of Personal Information
Hyperspectral Intelligence Inc. will make reasonable efforts to ensure that personal information is accurate and complete where it may be used to make a decision about them or disclosed to another organization.
Clients may request correction to their personal information in order to ensure its accuracy and completeness. A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought.
A request to correct personal information should be forwarded to the Privacy Officer at the e-mail address provided below.
If the personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required and send the corrected information to any organization to which we disclosed the personal information in the previous year. If the correction is not made, we will note the members’ correction request in the file.
Securing Personal Information
We are committed to ensuring the security of personal information to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks.
The following security measures will be followed to ensure that member personal information is appropriately protected:
Methods of protection and safeguards include, but are not limited to:
- Locked filing cabinets.
- Restricted access to offices.
- Electronic records, where possible.
- Need-to-know access and technological measures including the use of passwords, multi-factor authentication, encryption, and firewalls.
- Paper information is either under supervision or secured in a locked or restricted area.
- Electronic hardware is either under supervision or secured in a locked or restricted area at all times. In addition, passwords are used on computers.
- Paper information is transmitted through sealed, addressed envelopes or in boxes by reputable courier/delivery companies.
- Electronic information is transmitted either through a direct line or is encrypted.
- Access to cloud-based software is restricted and multi-factor authentication is used.
- Staff is trained to collect, use, and disclose personal information only as necessary to fulfill their duties and in accordance with this policy.
- External consultants and agencies with access to personal information will provide Hyperspectral Intelligence Inc. with appropriate privacy assurances.
Hyperspectral Intelligence Inc. will use appropriate security measures when destroying personal information such as shredding documents, deleting electronically stored information.
Hyperspectral Intelligence Inc. will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security.
Providing Access to Personal Information
Individuals have a right to access their personal information, subject to limited exceptions.
A full listing of the exceptions to access can be found in section 23(3) of PIPA. Some examples include: solicitor-client privilege, disclosure would reveal personal information about another individual, health and safety concerns.
A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought. A request to access personal information should be forwarded to the Privacy Officer.
Upon request, we will also tell the individual how we use the personal information and to whom it has been disclosed if applicable.
We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request.
A minimal fee may be charged for providing access to personal information. Where a fee may apply, we will inform the individual of the cost and request further direction from the member on whether we should proceed with the request.
If a request is refused in full or in part, we will notify the client or prospective client in writing, providing the reasons for refusal and the recourse available to the individual.
Questions and Complaints
The Privacy Officer is responsible for ensuring Hyperspectral Intelligence Inc.’s compliance with this Policy, CASL, and PIPA.
Individuals should direct any complaints, concerns or questions regarding Hyperspectral Intelligence Inc.’s compliance in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, the member may also write to the Information and Privacy Commissioner of British Columbia.