At Simana we endeavour to ensure that our products and practices comply with all global data protection and privacy laws that apply to us and our customers.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that applies to private sector businesses engaged in a commercial activity. The law governs the collection, use, and disclosure of personal information for private-sector organizations in Canada.
How does Simana comply with the PIPEDA?
Simana is committed to compliance with the requirements of the PIPEDA and its underlying principles, where it applies to our data processing activities. Our compliance efforts in this respect are guided by the 10 fair information principles published by the Office of the Privacy Commissioner, including:
- Accountability, transparency, openness and fairness in our data processing activities. Simana's PRIVACY POLICY thoroughly details how we process personal information and for which purposes (where such means and purposes are determined by us), and our DPA sets the terms pursuant to which we process personal information on behalf of our customers, as their data processor;
- Adopting safeguards by implementing security, technical and administrative measures aimed at protecting personal information from unauthorized accesses or any improper or unlawful processing;
- Having procedures for handling data subject requests, suspected breaches concerning personal information, limiting use, disclosure and retention of personal information, and regularly conducting privacy training for all relevant members of our staff.