Doxy.me and PIPEDA Compliance
Canada’s comprehensive national private sector privacy legislation is known as PIPEDA (the Personal Information Protection and Electronics Documents Act of 2000). The goals of the Act are to create trust in electronic commerce transactions and to establish a level playing field, so the same rules apply to all businesses.
PIPEDA is similar to EU legislation, and that is why Canada is one of the few countries that is deemed to have an “adequate” level of protection by EU Authorities. This means that EU data may be stored and processed in Canada without additional legal instruments.
It should be noted that provinces may have their own privacy laws. If they are equal to or stronger than PIPEDA, then they take precedence.
PIPEDA has ten Fair Information Principles, listed below.
Accountability – We have a privacy officer and committee responsible for privacy issues. They make information about their privacy policies and procedures available at the Website.
Identifying purposes – We identify the reasons for collecting Your personal information before or at the time of collection.
Limiting collection – We limit the amount and type of the information gathered to what is necessary. For Providers, only a name and email address are required.
Limiting use, disclosure and retention – In general, we use or disclose Your personal information only for the purpose for which it was collected, unless You consent. We only keep Your personal information only as long as necessary.
Accuracy – We keep and allow You to keep your personal information as accurate, complete and up to date as necessary.
Safeguards – We protect Your personal information against loss or theft by using appropriate security safeguards.
Openness – Our privacy policies and practices are understandable and easily available on the Website.
Individual access – Generally speaking, citizens have a right to access the personal information that an organization holds about you. As a Provider, You always have access to your account and the information within the account.
Recourse (Challenging compliance) – Organizations must develop simple and easily accessible complaint procedures. When you contact an organization about a privacy concern, citizens should be informed about avenues of recourse.
Please contact firstname.lastname@example.org for any concerns or complaints.