Personal Information Protection and Electronic Documents Act
The Personal Information Protection and Electronic Documents Act (PIPEDA) is Canada's federal privacy law for private-sector organizations. It sets out ground rules for how businesses must handle personal information in the course of their commercial activities. VitaScribe is committed to full compliance with PIPEDA's requirements.
PIPEDA is built around ten fair information principles that form the foundation of our privacy practices:
VitaScribe is responsible for personal information under its control and has designated a Privacy Officer who is accountable for our compliance.
Privacy Officer oversight and direct contact
We clearly identify the purposes for which personal information is collected at or before the time of collection.
Detailed privacy notices for all data
We obtain informed consent from individuals for the collection, use, or disclosure of their personal information.
Clear consent mechanisms and withdrawal options
We limit our collection of personal information to what is strictly necessary for the purposes identified.
Minimum information collection approach
We do not use or disclose information for secondary purposes, and retain information only as long as necessary.
Established data retention and destruction policies
We keep personal information as accurate and up-to-date as necessary for the identified purposes.
User-driven information update capabilities
We protect personal information with security safeguards appropriate to the sensitivity of the information.
E2E encryption and regular assessments
We make information about our personal information policies and practices readily available to the public.
Clear, accessible privacy documentation
Upon request, we provide individuals access to their information and the ability to challenge its accuracy.
Timely response to access requests
Individuals can address a challenge concerning our compliance with the above principles to our Privacy Officer.
Established clear complaints procedure
We incorporate privacy protections into our product development process from the outset, not as an afterthought.
We conduct regular assessments to identify and mitigate privacy risks before they occur.
All employees receive comprehensive privacy training to ensure they understand their responsibilities.
We maintain robust procedures for responding to and reporting privacy breaches in accordance with requirements.
For more information about PIPEDA, please refer to these official resources:
