Skip to main content
logo - RPIA
logo - RPIA
Toronto Skyline

Privacy

Policy

RPIA is committed to fair information practices for individuals with whom it deals and for its employees.

This Privacy Policy outlines the principles by which RPIA operates to protect the Personal Information of individuals and employees that we collect, use or disclose in the conduct of our investment activities, governance, internal administration and contacts with the public. This Privacy Policy incorporates the ten principles of the CSA Model Code which was published in March 1996 as a National Standard of Canada. It also incorporates the provisions of Part 1 of the Personal Information Protection and Electronic Documents Act.

Principles

Accountability

RPIA is responsible for all Personal Information under its control, including Personal Information disclosed to third parties for processing. 

Identifying Purposes

RPIA will identify the purposes for which personal Information is collected at or before the time the personal information is collected. The purposes for which RPIA collects personal information shall be those that a reasonable person would consider appropriate in the circumstances. 

RPIA collects personal information for the purpose of recruitment, administering the employment relationship between RPIA and its employees, undertaking diligence in respect of RPIA investment activities, managing investments, processing subscriptions, responding to requests for personal information or inquiries from the public and as required or permitted by law. Personal information may be collected from the individual or through the conduct of background or reference checks. 

Consent

RPIA will inform the individual in a meaningful way of the purposes for the collection, use or disclosure of personal data. RPIA will obtain the individual’s consent before or at the time of collection, as well as when a new use is identified.

RPIA may collect, use or disclose personal information about an individual or employee without consent if it is clearly in the interests of an individual or employee and consent cannot be obtained in a timely way, such as when an individual or employee is seriously ill or incapacitated, in cases of emergencies threatening life, health or security, when seeking consent may defeat the purposes of collecting the personal information for an investigation of a breach of an agreement or contravention of a federal or provincial law, when Personal Information is disclosed to a lawyer representing RPIA, to comply with a subpoena, warrant or other court order, pursuant to lawful and authorized requirements or requests for disclosure from government institutions, or as may otherwise be required or authorized by law.

Consent may be implied or express. In determining the appropriate form of consent, RPIA will take into account the sensitivity of the personal information and the reasonable expectations of individuals and its employees.

RPIA may collect, use or disclose personal information without the knowledge or consent of individuals or employees. All of the circumstances in which RPIA may collect, use or disclose personal information without the knowledge or consent of an individual or employee are as specified and permitted by legislation.

Limiting Collection

RPIA will not collect personal information indiscriminately. RPIA will not deceive or mislead individuals about the reasons for collecting personal information. 

Limiting use, disclosure and retention

Personal information will not be used or disclosed by RPIA for purposes other than those for which it was collected, except with the consent of the individual or an employee, or as required by law. Personal Information will be retained only as long as necessary for the fulfillment of those purposes. 

Accuracy

RPIA will keep Personal Information as accurate, complete and up to date as necessary, taking into account its use and the interests of the individual. 

Safeguards

RPIA will protect personal information with security safeguards appropriate to the sensitivity of the personal information. 

Openness

RPIA will inform customers, clients and employees of policies and practices for the management of personal information. RPIA will make these policies and practices understandable and easily available. 

Individual Access

On written request, and unless prohibited by law, RPIA will inform individuals and employees of the existence, use and disclosure of their personal information and provide access to that personal information. An individual or employee will be able to challenge the accuracy and completeness of the personal information and have it amended as appropriate. 

Challenging Compliance

An individual or employee will be able to address a challenge concerning compliance by RPIA with this Policy to the designated individual accountable for RPIA’s compliance. 

Responsibility

The COO is responsible for reviewing, maintaining and enforcing these policies and procedures to ensure meeting RPIA's client privacy goals and objectives while at a minimum ensuring compliance with applicable federal and provincial legislation and regulation. The COO is responsible for compliance with this Policy, even though other individuals within RPIA may be responsible for the day-to-day collection and processing of personal information.

Procedures

  1. RPIA will make known internally (and externally on request) the identity of the individuals designated to oversee compliance with this Policy.
  2. RPIA will use contractual means or other means to protect personal information that has been disclosed to third parties.
  3. RPIA will implement procedures to protect personal information, including secure premises, shredding and passwords.
  4. The COO will establish procedures to receive and respond to complaints and inquiries. (See “Complaints” Policy).
  5. RPIA will train staff to understand and adhere to our policies and procedures.
  6. RPIA will inform employees, external partners and others of our policies and procedures.
  7. At the time that the personal information is collected, the individual or employee will be advised of the purposes for which the personal information is collected. Except as authorized by law, the consent of individuals and employees will be obtained prior to collection of personal information. An individual or employee may, at any time, request or be given an explanation of how their personal information is being used.

a. In obtaining consent, RPIA will use reasonable efforts to ensure that an individual or employee is advised of the identified purposes for which personal information will be used or disclosed.

b. RPIA will seek consent to use and disclose personal information at the same time it collects the personal information. However, RPIA may seek consent to use and disclose personal information after it has been collected, but before it is used or disclosed for a new purpose.

  1. If RPIA proposes to use personal information for a purpose not previously identified, the new purpose will be identified and documented prior to the new use. Except as authorized by law, the consent of the individual or employee is required before the personal information can be used for that purpose. 

  2. RPIA will not require individuals to consent to the collection, use or disclosure of personal information as a condition of the supply of information or services to the individual beyond that necessary to provide the information or services. RPIA will explain the implications of refusing consent to individuals and employees.

  3. In general, the acceptance of employment or benefits by an employee constitutes implied consent for RPIA to collect, use and disclose personal information for all identified purposes.

  4. An individual or employee may withdraw or consent at any time, subject to legal or contractual restrictions, the terms and conditions of employment and reasonable notice. RPIA shall inform the individual or employee of the implication of such withdrawal.

  5. RPIA will limit the amount and type of information gathered to what is necessary for the identified purposes.

  6. RPIA has a records retention policy that specifies the length of time that records are maintained. All personal information is accessible only by RPIA’s personnel, or service providers, who need access to that personal information for the performance of the services. Employee Personal Information is retained for seven (7) years after the termination of employment.

  7. RPIA destroys, erases or makes anonymous all personal information that is no longer required to fulfill the identified purposes. 

  8. RPIA will keep frequently used information accurate and up to date unless there are clearly set out limits to this requirement.

  9. RPIA will update personal information only when necessary to fulfill the specified purposes.

  10. Security safeguards will protect personal information against loss or theft as well as unauthorized access, disclosure, copying, use or modification, regardless of the format in which the personal information is held.

  11. Information about individuals or employees is kept in paper and electronic forms that are accessible only to those who require it to perform their duties. 

  12. RPIA will dispose of personal information in a manner that prevents unauthorized parties from gaining access to the personal information.

  13. RPIA will make available the name, title and address of the person who is accountable for policies and procedures and to whom complaints or inquiries can be forwarded.

  14. RPIA will make available the means by which to gain access to personal information held by RPIA.

  15. RPIA will make available a description of the type of personal information held by the firm including a general account of its use.

  16. RPIA will make available a copy of any documents that describe the firm’s privacy policies, standards and codes.

  17. On written request, RPIA will inform an individual or employee whether or not RPIA holds personal information about them, and will indicate the source of this personal information, if available. If RPIA possesses such personal information, it will allow the individual or employee access to this personal information. In addition, RPIA will provide an account of the use that has been made or is being made of this personal information and an account of the third parties, if any, to which it has been disclosed.

  18. RPIA may require an individual or employee to provide sufficient personal information to permit RPIA to provide an account of the existence, use and disclosure of personal information. The personal information provided will only be used for this purpose.

  19. If access to personal information cannot be provided, RPIA will provide the reasons for denying access on request unless prohibited by law from doing so.

  20. RPIA will respond to an individual’s or employee’s request within a reasonable time and at minimal or no cost. The requested personal information will be provided or made available in a form that is generally understandable.

  21. When an individual or employee successfully challenges the accuracy or completeness of personal information, RPIA will correct, delete or add personal information as required. When appropriate, the amended personal information will be transmitted to any third parties having access to the personal information in question.

  22. When a challenge to the accuracy or completeness of personal information is not resolved to the satisfaction of the individual or employee, the unresolved difference will be noted in the individual’s or employee’s file. When appropriate, the existence of the unresolved difference will be transmitted to any third parties having access to the personal information in question.

  23. RPIA has a Complaints Policy and corresponding procedures to receive and respond to complaints or inquiries about its policies and procedures relating to personal information. The complaint process will be easily accessible and simple to use.

  24. RPIA will investigate all complaints. If a complaint is found to be justified, RPIA will take appropriate measures, including amending its policies and procedures if necessary.

  25. RPIA will inform individuals and employees who lodge complaints, or inquire about complaint procedures, about the existence of these procedures.

  26. Employees and individuals also have recourse to the Office of the Privacy Commissioner of Canada, at the address noted below, if they consider that RPIA has not responded satisfactorily to their complaint or inquiry. 

Privacy Commissioner of Canada

112 Kent Street
Ottawa, Ontario
K1A 1H3
Phone: (613) 995-8210
Toll-free: 1-800-282-1376
Fax: (613) 947-6850

 

Evidence and Record Keeping

  • Confidentiality clauses in administrator agreements and employment letters
  • Disclosure of intended use in subscription documents and employment contracts
  • Disclosure of Policy in Offering Memorandum
  • Password Policy
  • Network security provisions