1. General Statement
Although Accord Financial (“the Company”)’s business scope caters to other businesses (B2B), the Company does collect personal information. More specifically:
1.1 Personal Information Inventory
1.11 Employee and Director Personal Information
The personal information of employees and directors is collected and retained in the normal course of business operations. This information is considered confidential and is secured. Security of the information is based on the sensitivity thereof and may include password protection, encryption of the data and/or restricted access to directories and files. Only employees that require access to this information for business operations are allowed access.
1.12 Personal Security Against Loans and Credit Guarantees
Personal information may be obtained from clients or about clients via a third party. The collection of the information is only undertaken with consent and for those that use the Company’s financial services. This information provides the necessary details to secure financing or credit. At no time is personal information shared with third parties.
1.13 Personal Credit Cards
At times, companies may use personal credit cards to pay for products or services provided to their business. The credit card information used in these transactions is processed through our banking facilities. Details of each transaction and the authorization thereof are retained for a period of 10 years for auditing purposes. All credit card information is secured physically and restricted to only Company employees who require access.
1.14 Internet/Business or non-business relationships
Website analysis statistics are made available to information technology staff and management for the purposes of monitoring the Company’s web traffic. We collect and use your personal information with your consent or as permitted or required by the law and in alignment with Canada’s Anti-Spam Law (CASL). Your consent may be express or implied, depending on the circumstances and the sensitivity of the personal information in question. At any point, you may opt out of receiving Commercial Electronic Messages (CEMs) from us. Simply click on the Unsubscribe button on the bottom of our CEMs. We take full accountability and responsibility for CASL compliance.
2.1 All the Company’s offices have building security and an after business hours locked door policy.
2.2 Computer room facilities are secured by pass lock against access except by some management and Information Technology staff and consultants.
2.3 The Company’s networks are secured by firewalls and protected from Antivirus and malware software. All software is kept up-to-date to ensure that even the most recent threats are immobilized. In some cases, there are redundant firewalls in place and duplicate scanning of threats to prevent security breaches.
3. Disposal of Personal Information
Any personal information that is no longer required is either shredded or destroyed. Any hard drives of electronic equipment such as personal computers, faxes, scanners are scrubbed before they are disposed of or leave the premises.
Please use the following contact information if you have any concerns or questions regarding this policy or the data we may have. If you do not consent to the terms and conditions of this policy, please do not provide your personal information.
Vice President, Chief Information Officer
Accord Financial Corp.
40 Eglinton Avenue East, Suite 602
Toronto ON Canada M4P 3A2