Smythe’s privacy code is based on the provincial (B.C.) Personal Information Protections Act. This legislature applies as SR collects, uses and/or discloses personal information in the course of carrying on business. There are ten principle policies within the privacy code and are effective January 1, 2004.
1.1 – The partners of Smythe are ultimately accountable for the protection of personal information and responsible for ensuring compliance of the Privacy Code. The day-to-day monitoring for compliance may be delegated to other staff. 1.2 – Titles of the persons designated to oversee compliance with Smythe’s privacy code will be made available upon request. 1.3 – Smythe is responsible for personal information in its possession or control. Smythe will use the appropriate means to provide a comparable level of protection of personal information when information is being transferred or processed by a third party. 1.4 – Smythe has developed policies and procedures to: protect personal information; receive and respond to complaints and inquiries; train staff regarding the policies and procedures; communicate the policies and procedures to our clients.
2.1 – Smythe collects personal information for the following purposes only: a) to provide professional services b) to establish and maintain relations with clients to provide ongoing services c) to understand the needs and preferences of our clients d) to ensure high standards of service to our clients e) to meet legal and regulatory requirements.
3.1 – Smythe will obtain consent to collect, use or disclose any personal information, except where detailed in this code (3.2). SSmythe will make reasonable efforts to ensure that clients understand how their personal information will be used and disclosed. 3.2 – A client’s consent can be express, implied or given through an authorized representative such as a lawyer. A client can withdraw consent at anytime, with certain exceptions detailed in 3.5. Smythe may collect, use or disclose personal information without client’s knowledge or consent in exceptional circumstances, which may include the following circumstances: a) when such collection, use or disclosure is permitted or required by law b) when use of information is for acting in an emergency that threatens an individual’s life or health c) when certain information is publicly available d) when we require legal advice from a lawyer. 3.3 – Consent may be implied or given orally, in writing, or electronically. In determining the appropriate form of consent, Smythe will consider the sensitivity of the personal information. For example, depending on the sensitivity of the information, consent can be expressed over the telephone when information is being collected; electronically when submitting an agreement or other information. 3.4 – In general, the use of services by a client constitutes implied consent for Smythe to collect, use and disclose personal information. 3.5 – A client may withdraw consent at any time subject to legal or contractual restrictions and reasonable notice. However, refusal or withdrawal of consent may prevent Smythe from providing a service to the client.
4.1 – Smythe will collect personal information for the purposes of the engagement. Smythe shall collect personal information by fair and lawful means.
5.1 – Smythe will only use or disclose client information for the purpose it was collected. Smythe will not use personal information for any additional purpose unless Smythe has obtained consent. 5.2 – Smythe will not sell client personal information to third parties. 5.3 – Smythe will retain personal information only as long as necessary (for example, as required by CA Institute by-laws) or expected to be necessary for the identified purposes, or as required by other legislation. 5.4 – When personal information is no longer required, this information will be destroyed with appropriate security measures.
6.1 – Smythe will make reasonable efforts to ensure that personal information is accurate, complete and current as required for the purposes for which it was collected.
7.1 – Smythe will protect personal information and is committed to the safekeeping of personal information in order to prevent its loss, theft, unauthorized access, disclosure, copying, use or modification. 7.2 – Smythe will protect personal information disclosed to third parties by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used.
8.1 – Information about Smythe’s privacy policies and procedures may be made available to clients upon request.
9.1 – Clients may request to access their personal information held by Smythe. Upon request, Smythe will inform the client what personal information it has, what it is being used for and to whom it has been disclosed if applicable. This information will be in understandable form and given to the client at a minimal or no cost to the individual depending on the type and amount of information requested. 9.2 – Smythe will make the information available within 30 days of request, or provide written notice of extension where additional time is required to fulfill the request. 9.3 – If the information presented is inaccurate or incomplete, Smythe will amend the information as required.
10.1 – Smythe will maintain procedures for addressing and responding to all inquiries or complaints by clients. 10.2 – Smythe will inform its clients about the existence of these procedures as well as the availability of complaint procedures. 10.3 – Clients are to direct any complaints, questions or concerns in writing to the Privacy Officers. 10.4 – Contact Information: Smythe LLP Attention: Privacy Officer 700 – 355 Burrard Street Vancouver, BC V6C 2G8 T: 604-687-1231