Privacy Policy 2018-12-16T19:09:51-05:00

Staffing+ Corp. Privacy Policy — Personal Information

  1. Definitions. The following capitalized terms have the following meanings and any capitalized terms that are not defined in this privacy policy have the meaning attributed to them in Staffing+ CORPORATION’S (otherwise known as “Staffing+”) Client Service Agreement (the “Agreement”):
    1. “Authorized Personnel” means employees, representatives and permitted subcontractors of Staffing+ who require access to Personal Information for Staffing+ to provide the products and services it is to provide under the Agreement;
    2. “FIPPA” means the Freedom of Information and Protection of Privacy Act (Ontario) and the regulations made there under as amended from time to time;
    3. “Personal Information” means information about an identifiable individual including without limitation, his or her gender, address, telephone number, and email address to which Staffing+ has access under the Agreement for the provision of the Services; and
    4. “Services” means collectively the products and services to be provided by Staffing+ under the Agreement.
  2. Relationship of the Parties. Staffing+ acknowledges and agrees that:
    1. Client is subject to FIPPA and FIPPA imposes legal obligations on the collection, use, disclosure and retention of Personal Information;
    2. Staffing+ is a third party service provider to Client;
    3. the Services facilitate Client’s ordinary operations; and
    4. it will be necessary for the purpose and in the course of providing the Services, for Staffing+ to access, use, hold and store Personal Information.
  3. Ownership of Personal Information. Nothing in this Agreement provides Staffing+ with any rights in or to, or control over Personal Information, other than the ability to access and use Personal Information as set out in this Agreement.
  4. Restrictions Relating to Personal Information. Staffing+ shall:
    1. only access and use Personal Information to the extent required to provide the Services and shall not access or use Personal Information or any information derived from Personal Information on its own behalf;
    2. not disclose Personal Information, and for greater certainty, the provision of Personal Information by Staffing+ to its Authorized Personnel constitutes a use rather than a disclosure of the Personal Information by Staffing+; and
    3. only permit access to Personal Information to Authorized Personnel who have received training in regard to Staffing+’s obligations under this Agreement and have agreed to perform their services in a manner that permits Staffing+ to comply with this Agreement.
  5. Notification of Client. Staffing+ shall immediately give Client written notice:
    1. if it is made aware of any complaint, allegation or report, including an internal report, to the effect that the provision of the Services violates FIPPA and/or any other legislation that has data protection and/or privacy as a purpose;
    2. upon becoming aware of the loss, theft, or unauthorized access, use (including downloading, copying or manipulating), disclosure or destruction of Personal Information;
    3. upon becoming aware of any breach or attempted breach of the security of its technology, equipment or facilities that impacted, could reasonably have impacted, or could impact the security and/or integrity of Personal Information;
    4. if it receives any privacy-related requests or complaints in relation to the Services;
    5. if it receives any subpoena or order relating to Personal Information; and
    6. if it fails to comply or anticipates that it will be unable to comply with this Agreement, provide a description of its non-compliance or anticipated non-compliance and the steps it proposes to take to address the non-compliance or prevent the anticipated non-compliance.
  6. Logging: Staffing+ shall to the extent reasonably practicable and in a manner that is practicable, maintain a record of Authorized User access to Personal Information which record shall include the name of the individual accessing the information and the date, time and duration of the access.
  7. Audit: Staffing+ shall permit and provide reasonable assistance with a visit, inspection and/or audit, by Client or a person appointed by Client for the purpose, at any time during regular business hours and on reasonable prior notice, of any location from which Staffing+ accesses, uses and/or stores Personal Information, including at Client’s discretion, an examination of equipment used and records maintained in connection therewith (and making copies of such records), interviewing Staffing+ personnel (including any subcontractors and suppliers), and otherwise auditing and verifying, both physically and electronically, Staffing+’s compliance with this Agreement. Notwithstanding the preceding, Client shall have no duty to make any such visit, inspection, or audit, shall not incur any liability or obligation by reason of doing or not doing so and shall treat information obtained through such visit, inspection or audit as confidential information of Staffing+ in accordance of the confidentiality provisions of this Agreement.
  8. Assistance with Inquiries, Complaints, Proceedings. At Client’s request, acting reasonably, Staffing+ shall:
    1. assist Client to investigate and/or respond to any inquiry, investigation or complaint with respect to Personal Information, including an inquiry or investigation by a privacy regulatory authority;
    2. cooperate with Client in regard to any regulatory or court proceedings arising out of a complaint relating to Personal Information, including obtaining the attendance of witnesses; and
    3. provide information and assistance to Client, acting reasonably, that Client requires for assessments relating to the Services, including without limitation, privacy impact assessments and threat risk assessments.
  9. Requests for Access and Correction. Staffing+ shall direct any requests it receives for access to or the correction of Personal Information to Client.Security. Staffing+ shall:
    1. except with the prior written approval of Client, hold Personal Information in a password protected and secure commercial server environment using SSL and 128-bit data encryption. Application level security involves various methods of data encryption and information de-identification when in transit. Any future hosting companies contracted by Staffing+ will be required to meet or exceed then-current industry standards relating to the protection of personal information.
    2. segregate Personal Information from other data held by Staffing+;
    3. maintain appropriate access controls to facilities, equipment, applications and other software and systems used in connection with Personal Information;
    4. periodically review and update where appropriate its security safeguards;
    5. ensure that any permitted subcontractor it retains to assist it in providing the Services agrees to comply with these privacy terms and conditions;
    6. take reasonable steps, including the application of appropriate sanctions, to ensure Authorized Personnel performs its service in compliance with Section 4(c) above;
    7. terminate Authorized Personnel access to Personal Information immediately upon termination of their employment or affiliation with Staffing+; and
    8. not, and hereby forever waives any and all right to, withhold any Personal Information from Client to enforce any dispute relating to the terms of the Agreement or any other matter between Staffing+ and Client, including a dispute over Staffing+’s fees.
  10. Return of Personal Information. In the event of any termination or on the expiry of the Agreement, Staffing+ shall forthwith securely return or at Client’s direction, securely destroy, Personal Information that it is storing, including all copies thereof and provide confirmation of same.
  11. Indemnification. Without prejudice to any indemnification provided by Staffing+ under the Agreement, Staffing+ shall indemnify and hold harmless Client, including its officers, directors, employees and representatives (the “Indemnified Parties”) from and against any and all claims, demands, suits, losses, damages, causes of action, fines or judgements (including related expenses and legal fees) that the Indemnified Parties may incur related to or arising from any non-compliance by Staffing+ with this privacy policy.
  12. Survival. Notwithstanding the termination of the Agreement, to the extent that Staffing+ continues to have access to or hold Personal Information for any reason, Staffing+ shall continue to govern itself in accordance with this privacy policy.
  13. Conflict. In the event of a conflict or inconsistency between the provisions of this privacy policy and any other provisions of the Agreement, the provisions of this privacy policy shall prevail to the extent of the conflict or inconsistency.