| Scope:
The present document presents
Five Star Innovations’ Privacy and Data Protection policy
which applies to all personal and operational information
and data held on Five Star Innovations employees,
sub-contractors and clients. All Five Star Innovations
employees must read, understand and apply it.
Purpose:
While exercising its right
to collect, use and disclose personal information or data
for legitimate business purposes, Five Star Innovations is
committed to protect, in all countries where it does
business, the personal and operational information and data
concerning.
- Our employees
- Our sub-contractors
- Our clients and their
operations
in order to maintain strict
rules of conduct to lower the likelihood of:
- Confidentiality
breaches;
- Loss of privacy;
- Loss of trust; and/or
- Legal liability.
Position and Etiquette:
Five Star Innovations is
committed to protect the personal information of its
employees as required for staffing, employee management,
compensation and benefits administration purposes.
Five Star Innovations may
also collect personal and operational information and data
on client and client personnel, for example, in Outsourcing
contracts. All client personal and operational information
and data collected by Five Star Innovations will comply with
the policies and procedures established by the client and/or
Five Star Innovations. As well, Five Star Innovations will
always respect and act in compliance with all applicable
legislation.
Five Star Innovations
respects the privacy of any visitors to
www.fivestarinnovations.biz and does not share any personal
information with third parties.
Five Star Innovations’
principles for information handling practices are the
following:
Accountability:
The Vice Presidents
responsible for a Business Unit oversee the application of
this policy and take corrective action on violations and on
non-compliance. Five Star Innovations employees who have
concerns regarding the privacy of their own, sub-contractor
or client personal information should report their concerns
as well as any weakness in the measures protecting such
information to their manager (for client and sub-contractor
personal information) or to their local Human Resources
representative (for employee personal information). All
employees must respect this Global Privacy and Data
Protection Policy as well as the privacy of other Five Star
Innovations employees and the client's privacy policies when
working at a client site.
Business Units who hold and
manage client personal or operational information and data,
as a result of providing services to these clients, must
protect such information and data. Any violation of client
personal or operational information or data, in the context
of providing services to these clients, should be reported
directly to the Vice-President responsible for the Business
Unit safeguarding such information or data.
Identifying Purpose of
Collection:
Advise employees,
sub-contractors and clients when collecting personal
information of the reason for collection, how the
information will be used and any new purpose for the
collection.
Consent for Collection:
Obtain the employee's
sub-contractor's or client's written or electronic consent
to the collection of information and whenever a new use of
the information is identified.
Limit Collection, Use,
Disclosure, and Retention Collect:
only the information
necessary for the identified purpose. Use and disclose
information only for the purpose for which it was collected
or when required by legislation and in the manner prescribed
by the legislation in the jurisdiction where Five Star
Innovations does business. Retain information only as long
as necessary and dispose of all sensitive information in a
secure manner.
Accuracy:
Ensure the accuracy of the
information collected by verifying with the individual and
updating it periodically. Five Star Innovations employees
must notify their local Human Resources of any changes or
updates that will affect their personal records.
Safeguards:
Protect personal and
operational information or data according to its sensitivity
and as required by any applicable legislation. Sensitive
personal or operational information or data is to be
protected from unauthorized use, disclosure, access and
modification. These safeguards apply to sensitive personal
and operational information or data irrespective of the
storage medium.
Such safeguards may take the
form of locked filing cabinets, restricted access to
information (physical and on a need-to-know basis, alarm
systems or other electronic control devices, technological
tools such as passwords, encryption, firewalls, anonymizing
software, etc. The selection of safeguards will be done
considering the sensitivity, amount and format of the
information or data needing protection.
Security measures around
data protection are reviewed regularly to follow the company
evolution or changes in the organization.
Openness:
In distributing this
document, advise the employees, sub-contractors and clients
about Five Star Innovations’ practices and the application
of this policy.
Individual Access:
Provide employees,
sub-contractors and clients access to their information held
by Five Star Innovations so that they may know what
information is retained. Provide the employees,
sub-contractors and clients an opportunity to verify the
accuracy of their information and to correct any
inaccuracies. Inform in writing, if access is refused, of
the reasons why and of the appeal process.
No Expectation of Privacy:
Subject to the applicable
legislation, Five Star Innovations has the right to monitor
any and all aspects of its information systems and
infrastructures including, but not limited to:
- Visited Internet sites;
- Instant messaging
systems;
- Chat groups;
- News groups;
- and E-mail sent and/or
received.
Such monitoring may occur at
any time, without notice, and without obtaining the user's
permission.
Sanctions Violations of this
policy may result in a disciplinary action which will be
proportional to the seriousness of the behaviour concerned.
Vice Presidents responsible for business units or corporate
functions are responsible to decide on the proper course of
action in case of a breach to this policy. The Executive
Vice-President and Chief Corporate Officer is the designated
Five Star Innovations Privacy and Data Protection Officer.
|