Personal information is defined under PIPEDA as any information that is identifiable or directly attributable to an individual. It does not cover information about an individual that is available from a public source, such as a telephone directory, court record, or land registry office. It also does not cover aggregated data, used for statistical and reporting purposes, from which data the client’s identity cannot be determined.
Purposes for Collecting Personal Information
Siskinds collects personal information for the following limited purposes:
- to represent the client as set out in the retainer agreement;
- to establish and maintain client lists for collection of legal fees, record keeping and statistical purposes; and
- to establish and maintain mailing lists for newsletters, notification of workshops and seminars, or legal updates that Siskinds believes might be informative or of benefit to the client
Consent to the Collection, Use, and Disclosure of Personal Information
Siskinds will not use client personal information for any purposes other than that consented to by the client, either by express or implied consent. Siskinds does not sell, barter, or lease personal information it obtains from its client to third parties (i.e. Siskinds would not provide our client mailing list to another law firm or business).
If the client requests additional services of Siskinds beyond that of the original retainer, the client is giving implied consent to Siskinds using the personal information already held for the original purpose, as well as any new personal information collected for the new purpose and no signature will be required on a new or amending retainer agreement.
Under PIPEDA and other Federal and Provincial Legislation, Siskinds may disclose personal information without client consent to:
- government or legal enforcement agencies if Siskinds determines that the client has provided incorrect information for fraudulent or illegal purposes;
- government or legal enforcement agencies if the information is collected in the midst of a criminal investigation;
- legal enforcement agency if Siskinds determines that there is imminent risk of death or serious bodily harm, including psychological harm, to an identifiable person or group of persons;
- disclosure to a third party individual or organization if so ordered by a Court or Tribunal of competent jurisdiction; and
- defend against allegations of criminal or civil liability, or professional malpractice or misconduct, by the client or former client.
Accuracy of a Client’s Personal Information
Siskinds endeavours to ensure that all personal information provided by the client and in its possession, is accurate, current and as complete as is necessary for the purposes for which the personal information was collected, used and maintained in an active file. Upon notification by a client that the personal information requires correction or updating, Siskinds will make the necessary amendments to the client’s active file where applicable.
Personal information contained in files that have been closed, or pertaining to matters of the client that have been resolved, will not be actively updated or maintained.
Retention of the Client’s Personal Information
Siskinds will retain personal information until the matter is closed or the retainer is terminated by either the client or Siskinds. All personal information will be returned to the client and only information pertaining to the services or litigation for which Siskinds was retained will be maintained in the file once it is closed.
- Closed files are retained for the period prescribed by relevant Federal and Provincial legislation.
Siskinds has implemented a number of physical, organizational and technological safeguards appropriate to the sensitivity of the client’s personal information, including but not limited to:
All client meetings are held in the Siskinds Conference Centre and access to the Conference Centre and upper floors of Siskinds is restricted by electronic key access.
Client files are maintained in filing cabinets, located in areas where access is restricted to authorized personnel. Clients only have walk-through access to these areas if they are escorted by their lawyer or a Siskinds authorized employee.
Highly sensitive information such as financial account information, estate information, and physical evidence, are stored in a locked vault or cabinet with no available access to anyone but those individuals in Siskinds with the highest security clearance.
Only Siskinds lawyers and employees working on the client’s file will have access to the personal information contained in the file.
Any third party individual or organization is required to sign a non-disclosure agreement prior to the client’s personal information being transferred to a third party as required to fulfill the purposes for which Siskinds was retained.
Siskinds utilizes the most current firewall, virus protection and other technological safeguards to protect personal information that is retained on the computer network. Siskinds has developed and implemented safe Internet and email use protocols for its lawyers and employees to reduce the risk of inadvertent disclosure as a result of Internet-sourced viruses or cookies.
Regarding electronic transmission of personal information (i.e. email), there is no method of transmitting or storing data that is completely secure. Siskinds uses all available technological security in the transmission of the client’s personal information, either in the course of communicating with the client, or in the course of communication with opposing or allied legal counsel and third party service providers. Notwithstanding these technological safeguards, all Internet transmissions are susceptible to possible loss, misrouting, interception and misuse. For this reason, as part of the retainer that the client signs with Siskinds, consent will be obtained from the client to transmit information via the Internet.
Siskinds makes available its privacy policies and procedures regarding the handling of personal information that it collects for the duration of the retainer on the Internet website at www.siskinds.com. As well, any inquiries regarding personal information management practises may be directed to the Chief Privacy Officer.
Under PIPEDA, an individual is entitled to access to the personal information held about them with the following exceptions as permitted under the Federal Privacy Legislation:
- No access will be granted if the information is protected by solicitor-client privilege or litigation privilege;
- Siskinds will deny access if the individual seeking access fails to produce sufficient identification to verify that they are the individual about whose personal information access is being sought;
- No access will be granted to personal information that is not about the individual seeking access;
- No access will be granted to information that is part of a criminal investigation;
- No access will be granted where such access would harm or interfere with law enforcement activities and other investigative functions of a body authorized by statute to perform such functions;
- No access will be granted to information where such access might threaten the life, safety and security, including psychological safety, of the individual seeking access;
- No access will be granted to the individual who is a minor or mentally incompetent;
- Siskinds reserves the right to refuse access that it believes is repetitious, frivolous, or vexatious.
Upon receiving a request for access in writing, Siskinds will endeavour to have the information available to the individual seeking access within 60 days of verification of the individual’s identity.
Where possible, Siskinds will provide the requested information at nominal cost to the individual. Where the information requested is stored off-site, Siskinds reserves the right to charge the individual seeking access, the cost to have such information retrieved from the off-site storage facility.
The individual entitled to access may challenge the completeness of their personal information under Siskinds’ care and control. Upon successful demonstration that there is an error in the personal information held by Siskinds, Siskinds will amend the information where appropriate.
The Chief Privacy Officer will investigate all concerns or complaints respecting the handling of personal information under the control of Siskinds that are received in writing. As promptly as possible, the Chief Privacy Officer will report to the individual the results of the investigation and, where the complaint is found to be justified, steps will be taken to resolve the matter.
If the individual is dissatisfied with the report provided by the Chief Privacy Officer, or feels that the corrective action taken by Siskinds is insufficient, the individual may direct a complaint to the Federal Privacy Commissioner in writing. The address of the Federal Privacy Commissioner is provided below under “Helpful Privacy Links”.
If a question arises regarding access to your personal information held by Siskinds, or there is a concern about the manner in which Siskinds collects, uses, retains and discloses your personal information as a client of Siskinds, please contact:
Peter Dillon, Chief Privacy Officer
Click here for the PDF version of this page.