As a Canadian based company, JR Direct adheres to the Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA establishes laws that regulate the collection, use, and disclosure of personal information by private sector organizations.
All businesses in Canada must follow 10 principles for client data and document protection:
- Accountability
- Identifying purposes
- Consent
- Limiting collection
- Limiting use, disclosure, and retention
- Accuracy
- Safeguards
- Openness
- Individual access
- Challenging compliance
PIPEDA compliance laws state that personal information must be protected by security safeguards appropriate to the sensitivity of the information. These safeguards will include technological measures, such as the use of passwords and encryption. PIPEDA fines for non-compliance can be assessed for up to $100,000.
JR Direct addresses PIPEDA data protection by ensuring that:
- All client data is protected, encrypted and restricted while in transit, in use or in storage.
- All client data is protected from both internal and external threats.
- All client data is stored and secured on site.
- All client data retention polices are adhered to.
- All PIPEDA data retention polices are adhered to.
- JR Direct administers who can access the data and what they can do with the data.
If you have any questions regarding JR Direct’s Data Security policy or our compliance with PIPEDA please contact us at [email protected]