Privacy Policy

To Our Clients,
Updated August 31st, 2012

BACKGROUND

In April 2000 the federal government passed the Personal Information Protection and Electronic Documents Act (PIPEDA). The Act has two purposes; the first being the protection of personal information in the private sector and the second dealing with electronic documents under federal law. PIPEDA first applied to all companies which dealt with the federal government. EffectiveJanuary 1, 2004, it applies to every “organization” which collects, uses or discloses “personalinformation” in the course of “commercial activity”.

PIPEDA defines these three words or phrases as:

“Commercial Activity” means any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, including the selling, bartering or leasing of donor, membership or ther fundraising lists.

“Organization” includes an association, a partnership, a person [which includes corporations] and a trade union.

“Personal Information” means information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization. The code for the protection of personal information is determined by ten principles forming Schedule 1 of PIPEDA established by the Canadian Standards Association and set out under that heading below.

EXISTING SITUATION FOR THE LEGAL PROFESSION

Lawyers are already bound by the Rules of Professional Conduct imposed by their governing Law Societies as well as by the general law to keep the affairs of their clients and information regarding them and their affairs in the utmost confidentiality.

Rule 2.03(1) of the Law Society of Upper Canada provides that “a lawyer at all times shall hold in strict confidence all information concerning the business and affairs of the client acquired in the course of a professional relationship and shall not divulge any such information unless expressly or impliedly authorized by the client or required by law to do so.”

The law also provides for solicitor/client privilege. Basically this means that “all direct communications between the solicitor and client or their agents made for the purpose of obtaining professional legal advice” is privileged and cannot be disclosed. The privilege belongs to the client and not to the lawyer and cannot be waived except by the consent of the client, either directly or through the client’s conduct.

It is important to remember that the solicitor/client privilege exists only when a lawyer is acting as a lawyer. If a lawyer is acting in his or her personal capacity with a client, or in a business or other venture in which his or her function is other than that of a lawyer, there is no privilege between the lawyer and the client.

THE TEN PRINCIPLES

Principle 1 – Accountability
An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.

Principle 2 – Identifying Purposes
The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.

Principle 3 – Consent
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.

Principle 4 – Limiting Collection
The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.

Principle 5 – Limiting Use, Disclosure, and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfilment of those purposes.

Principle 6 – Accuracy
Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is used.

Principle 7 – Safeguards
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.

Principle 8 – Openness
An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.

Principle 9 – Individual Access
Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

Principle 10 – Challenging Compliance
An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization’s compliance.

Each of these principles has substantial accompanying notes considering suggested and mandatory requirements to implement the principles.

HOW WE PROPOSE TO DEAL WITH THE TEN PRINCIPLES

Principle 1 – Accountability
We have designated an individual who is responsible for all our compliance with our privacy policy and we will supply the name of such person to you upon your request. We are responsible for the personal information we collect and hold and, to ensure such accountability, we have developed this policy and trained support staff about our policies and practices.

Principle 2 – Identifying Purposes
In all cases when we are acting as your lawyer, we will require personal information. This can be as simple as your name, address, telephone number and the facts of your particular situation as one way of opening the file. Information can be extremely detailed and personal if we should be acting for you. Some information we collect may be required by law or by the nature of the particular transaction, such as information about your personal family life and financial position. Such information is limited to that necessary to act as your lawyer or mediator for the purposes of the file in particular, or as described below and might be collected orally or in writing.

We also collect and maintain such information for the purposes of our practice such as maintaining our books and records for reporting to the Law Society, the Canadian Customs and Revenue Agency and similar matters.

We might also use your name and address to forward you marketing material or legal information in which you might be interested.

Principle 3 – Consent
In most cases, we will ask you to specifically consent at the time we open the file if we collect, use or disclose your personal information. Normally we will ask for it in writing but, in some circumstances, we may accept your oral consent and, sometimes, it may be implied through your conduct with us. The personal information which we ask you to supply is related to services we are performing, or will be performing as your lawyer or mediator and we will not collect, use or disclose any information beyond that required in a particular case.

If the purpose for which we originally collected your personal information should change, we will advise you before we use it and ask for your consent prior to such use.
You can withdraw your consent at any time subject to legal or contractual restrictions and reasonable notice. The “legal or contractual restrictions” could be the progress of the transaction or legal action at the time you withdraw consent and one of the implications could be that no one could continue acting for you in such transaction or legal action beyond that point of time.

Principle 4 – Limiting Collection
The personal information we may collect about you will be collected by fair and lawful means and will be limited to what is necessary to act as your lawyer or mediator in a specific transaction.

In addition to obtaining personal information directly from you, we may also obtain information about you from other sources such as your accountant etc. The reasons for collecting such information, however, is to enable us to act as your lawyer in the transaction for which you have retained us. Your specific consent will be sought.

Principle 5 – Limiting Use, Disclosure, and Retention
We will not disclose your personal information to any third party to enable them to market their products and services nor will we provide our client mailing lists to other persons.

Under certain circumstances, we may be required to disclose your personal information:

  • Lawyers Professional Indemnity Company (LawPro);
  • When we are required or authorized by law to do so, for example, if we are served with a court subpoena in a legal matter in which you are involved;
  • When you have consented to disclosure;
  • When the legal services we are providing to you requires us to give your information to third parties as, for example, an arbitrator of the court;
  • When it is necessary to establish or collect fees;
  • If we engage a third party to provide administrative services to us (such as computer backup services or file storage) and the third party is bound by our privacy policy;
  • If we engage expert witnesses on your behalf;
  • If we retain other law firms in other jurisdictions on your behalf; and
  • If the information is already publicly known.

We retain your personal information for the purposes for which it was collected and continue to protect disclosure of the same for so long as such information is retained. However, some or all of such information may have been required to be disclosed publicly or to other persons in the matters for which you have retained us such as in pleadings in a legal action, the Canada Customs and Revenue Agency (“CCRA”) in tax cases or special dividend resolutions for your corporation, information and documentation in real estate transactions, corporate filings and similar matters and these may become matters of public record by law.

CCRA also requires us to maintain our files for a minimum of six years under the Income Tax Act and the Law Society requires us to maintain files for so long as the information contained therein may be of benefit to the client.

Principle 6 – Accuracy
Since most of the personal information we receive in acting for you will have been obtained directly from you we will assume it is correct and that you have authorized its collection. Any personal information regarding you that we collect from other sources will be checked with you to ensure that it is as accurate, complete and as up-to-date as is possible.

Principle 7 – Safeguards
We will take all reasonable precautions to ensure that your personal information is kept safe from loss, unauthorized access, modification or disclosure. Among the steps we take to protect your information are:

  • premises security;
  • restricted file access to personal information;
  • computer technological safeguards such as security software and firewalls to prevent hacking or unauthorized computer access; and internal password and security policies.

Our employees are aware that all information pertaining to a client, personal or otherwise, is confidential and is not to be disclosed to anyone without the client’s consent except for the specific purposes for which such information has been collected.

Principle 8 – Openness
We will make readily available to you specific information about our policies and practices relating to the management of personal information including the name and address of the person who is accountable for our policies and practices and to whom complaints or inquiries can be forwarded.

Principle 9 – Individual Access
You may ask for access to any personal information we hold about you. Some of the information is available on request. More detailed requests which require archive or other retrievable costs may be subject to our normal professional fees and disbursement costs.

Your right to access to your personal information is not absolute. For example, section nine of PIPEDA provides that we must deny you access if doing so would likely reveal personal information about a third party. However, if such information is severable from the information regarding such, we are required to sever the information and then give you access.

We may also be required under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act to give certain information regarding you to the Financial Transaction Reports Analysis Centre (Fintrac) and are prohibited from telling you that we have done so.

In addition, we may also deny access when:

  • denial of access is required or authorized by law (as in the Fintrac example cited above);
  • to protect our firm’s rights and property;
  • where information cannot be disclosed for security or commercial proprietary reasons;
  • and

  • information that is subject to solicitor/client or litigation privilege.

In response to your requests for persons to whom your personal information may have been disclosed, we shall attempt to be as specific as possible except where prohibited by law from such disclosure, such as in the case of Fintrac.

Principle 10 – Challenging Compliance
As you will appreciate, and in accordance with our obligations to keep your personal information fully confidential, we can only release your personal information to you, or to your authorized representative and only upon receiving written instructions. You are entitled to challenge our compliance with these principles. We have appointed a member of our firm who is responsible for our compliance with these principles and who will receive and respond to all information requests regarding our policies or about your personal information under our care and control.

We will investigate all complaints and, if the complaint is found to be justified, we will take appropriate measures including, if necessary, amending our policies and practices.

If you are not satisfied with our reaction to your challenge, the Privacy Commissioner of Canada can be reached at 112 Kent Street, Ottawa, Ontario, K1A 1H3, 1-800-282-1376 or by e-mail at info@privcom.gc.ca.

Miscellaneous
It is our intention to monitor this policy and to ensure that it remains up-to-date and in compliance with all requirements. Therefore, it may change from the policy given to you when you first retained us. We will endeavour to keep you supplied with the latest policy.

With respect to contacting us, you should be aware that e-mail can be a non-secure communications medium and any personal or confidential information you send to us should be sealed in an envelope and marked to the attention of your lawyer “Private and Confidential”.

Nathalie Boutet