Principle #1- Troy Co is accountable for your personal information in its possession or control.
Troy Co is accountable for all personal information in its possession or control. This includes any personal information that Troy Co has received directly from members, students, candidates, customers, provincial bodies, federal and provincial CA, CMA, and CGA bodies participating in unification, or other organizations (e.g., corporations, government entities, not-for-profit organizations).
Troy Co has:
- established and put into effect policies and procedures aimed at properly protecting personal information;
- Appointed a Chief Privacy Officer to oversee privacy issues at Troy Co
Principle #2 – Troy Co identifies the purposes for which it collects personal information from you before it is collected.
We identify the purposes for which we use your Personal Information at the time we collect such information from you and obtain your consent, in any case, prior to such use.
Some of the primary purposes for which we collect and use your Personal Information include
- to provide services to you in your capacity as a member, student or candidate of our organization
- to complete a transaction with you when you purchase a product or service from us
- to advise you of Troy Co products or services that may be of interest to you
- to send you electronic newsletters that may be of interest to you or to which you have subscribed, and to better understand which articles are of interest to you,
- to respond to inquiries you submit
We may also use your Personal Information as otherwise permitted or required by law.
Principle #3 – Troy Co obtains your consent before collecting personal information from you.
We explain your options and obtain your implicit or explicit consent at the time of or prior to collecting, using or disclosing your Personal Information. We will always collect your Personal Information by fair and lawful means (for example, when you complete an application form or purchase a product or service from us). We may collect Personal Information about you from third parties, such as federal or provincial CPA, CA, CMA or CGA bodies participating in unification and other institutions and organizations. We also collect your Personal Information where we have obtained your consent to do so or as otherwise permitted or required by law.
Where is it reasonable to do so or permitted by law, we may rely on implied consent. For example, when sending e-mail messages of a commercial nature, reliance on implied consent is permitted to our members or those who have recently purchased a product or services from us.
Except as required to process a transaction or to maintain member records, providing us with your personal information is voluntary. You may withdraw or modify your consent at any time, subject to legal and contractual restrictions, provided that reasonable notice is given to us. If you withdraw your consent, you may not be made aware of certain products, publications, services or events being offered by us.
Personal Information is any information that is identifiable to you. This information may include, but is not limited to, your name, mailing address, phone numbers, email address, identification numbers, credit card numbers, banking information, and creditor information. Personal Information, however, generally does not include your name, business title, business address or business telephone number in your capacity as an employee of an organization.
Principle #4 – Troy Co discloses your personal information only for purposes for which it has consent, or as permitted or required by law. Troy Co retains personal information only as long as necessary to fulfill those purposes.
We identify to whom, and for what purposes, we disclose your Personal Information, at the time of or prior to collecting such information from you and obtain your consent to such disclosure. For example, we may disclose your Personal Information:
- in the case of members, students and candidates, to federal or provincial CPA, CA, CMA or CGA bodies participating in unification for the purposes of providing services to members, students and candidates;
- to our volunteers, for the purposes of the volunteers performing volunteer functions
- to third party service providers, for the purpose of providing member benefits or facilitating commercial transactions with us;
- to such persons and for such purposes for which you provide your consent; and
- as otherwise permitted or required by law.
We may keep a record of your Personal Information, correspondence or comments in a file specific to you. We will utilize, disclose or retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected and as permitted or required by law.
Principle #5 – Troy Co endeavors to keep accurate, complete, and up-to-date, personal information in its possession or control, to the extent required to meet the purposes for which it was collected.
We will ensure that your Personal Information is kept as accurate, complete and up-to-date as possible based on information provided to us by you or any federal or provincial CPA, CA, CMA or CGA bodies participating in unification to which you may belong. We expect you, from time to time, to supply us with written updates to your Personal Information, if applicable.
Principle #6 – Troy Co protects the privacy of personal information in its possession or control by using security safeguards appropriate to the sensitivity of the information.
We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. The only employees who are granted access to your Personal Information are those with a business ‘need-to-know’ or whose duties reasonably require such information.
You can visit our Web Site without telling us who you are or revealing any information about yourself, including your email address. However, our web server may collect the IP address and domain you used to access our Web Site, the type and version of web browser and operating system you are using, the number, duration and frequency of visits to our Web Site and the web site you came from and visited next. This anonymous information cannot be traced to a specific individual User, it is used by us simply to measure the number of visits, average time spent, page views, most popular preferences and other statistics about visitors to the Web Site and to determine the characteristics in which users use our Web Site and services. We may use this data to monitor Web Site performance for systems administration purposes, to make our Web Site easier and more convenient to use, to improve our services and to track information in aggregate form (e.g. how many visitors use the Web Site).
Our web site contains security mechanisms that protect against the loss, the misuse and the modification of information under our control.
Principle #7 –Troy Co is open about the procedures it uses to manage personal information.
Up-to-date information on Troy Co’s privacy policies can be obtained from Troy Co’s Chief Privacy Officer (see contact information under Principle 8).
Principle #8 – Troy Co responds on a timely basis to requests from members or customers about their personal information which the Troy Co possesses or controls.
We will generally make available to you any Personal Information that we have collected about you, utilized or disclosed, upon your written request, to the extent permitted or required by law. We will make such information available to you in a form that is generally understandable, including explaining any abbreviations or codes.
You can at any time, challenge the accuracy or completeness of the Personal Information we have which is related to you. Once we have validated your identity, we will amend the Personal Information as required. Where appropriate, we will transmit the amended information to third parties having access to your Personal Information.
We will attempt to respond to each of your written requests not later than thirty (30) days after receipt of such requests. We will advise you in writing if we cannot meet your requests within this time limit. You have the right to make a complaint to the federal Privacy Commissioner in respect of this time limit.
We will not assess any costs to you for access to your Personal Information or to our Privacy Policies or Practices without first providing you with an estimate of the approximate costs, if any. We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such information shall be used only for this purpose.
We will inform you of the relevant procedures when you make an inquiry or lodge a challenge or complaint.