1. SCOPEThis Statement applies to all personal information received by the Provider from Canada, in any format, including electronic, paper or verbal.
2. DEFINITIONSFor purposes of this Statement only, the following definitions shall apply:“Agent” means any party that collects or uses personal information under the instructions of, and solely for, the Provider, or as to which the Provider discloses personal information for use on the Provider’s behalf.“the Provider” means the Provider as previously defined.“Personal information” means any personally identifiable information. Personal information does not include information that is anonymized. 3. PRIVACY PRINCIPLESCONSENT, COLLECTION AND USEThe Provider identifies the purposes for collecting personal information at or before the time it is collected and informs individuals of the choice and means, if any, the Provider offers individuals for limiting the collection, use or disclosure of their personal information. The Provider will provide individuals with reasonable mechanisms to exercise these choices.The Provider will not collect, use or disclose your personal information without your informed consent, unless required or permitted to do so by law, or unless otherwise noted in this Statement. The Provider will only use and/or disclose personal information in accordance with the purpose for which it was collected, unless subsequently consented to, or when required or permitted by law.If the Provider receives personal information from its subsidiaries, affiliates or other entities in Canada, it will use and disclose such information in accordance with the consent received by such entities at the time of collection and the choices made by the individuals to whom such personal information relates.ONWARD TRANSFERSThe Provider will obtain assurances from its Agents and any third party to whom the Provider discloses personal information that such Agent and/or third party will safeguard personal information consistently with this Statement. The Provider will enter into a contract with such Agent and/or third party prior to affecting a transfer of personal information, which contract will provide at least the same level of protection as is required by this Statement and by applicable privacy legislation. Where the Provider has knowledge that an Agent and/or third party is using or disclosing personal information in a manner contrary to this Statement, the Provider will take reasonable steps to prevent or stop the use or disclosure of the personal information and/or to obtain the Agent’s and/or third party’s deletion, destruction, anonymization or return of the personal information.SECURITYThe Provider will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, use, disclosure, alteration and destruction.DATA INTEGRITYThe Provider will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. The Provider will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current. Except as otherwise permitted or required by law, personal information is retained for so long as is reasonably necessary to fulfil the purposes for which it was collected, at which point it is deleted, destroyed, returned or otherwise anonymized.ACCESSUpon request, the Provider will grant individuals reasonable access to personal information that it holds about them. In addition, the Provider will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. These requests can be made by contacting the Provider as provided below.ENFORCEMENTthe Provider will conduct compliance audits of its relevant privacy practices to verify adherence to this Statement. The Provider will use contractual or other means to ensure that its Agents provide a comparable level of protection over your personal information while the information is being processed by such parties.Only employees whose duties require access to personal information are granted such access, and only to the extent necessary. Employees are accountable for ensuring this Statement is followed at all times. Any employee that the Provider determines intentionally violates this Statement will be subject to disciplinary action up to and including termination of employment.
4. RELATIONSHIP TO OTHER CONTRACTSThe terms of this Privacy Statement do not affect or amend the terms of any specific contract(s) you have entered or may enter into with the Provider or its Affiliates, and your and the Provider’s (or its Affiliates’) respective obligations thereunder, except as otherwise expressly set forth in such contract(s).
5. GOVERNING LAW AND DISPUTE RESOLUTIONThis Statement, and the handling of personal information under this Statement, is governed solely by the laws of the Province of Ontario, Canada and the federal laws of Canada applicable therein, to the exclusion of any rules of private international law or conflict of laws which would lead to the application of any other laws.the Provider is based in the state of Texas in the United States. As a result, personal information may be processed, used, stored or accessed in the United States and may be subject to laws of that jurisdiction. For example, information may be disclosed in response to valid demands or requests from government authorities, courts, or law enforcement in these countries. In particular, information that is processed, used, stored or accessed in the United States may be subject to the Patriot Act and applicable anti-terrorism legislation, together with other legislation applicable within the United States.Any questions or concerns regarding the use or disclosure of personal information should be directed to the Provider at the address given below. The Provider will investigate and attempt to resolve complaints and disputes regarding collection, use and disclosure of personal information in accordance with the principles contained in this Statement. Any claim or cause of action you may have arising from, connected with, or relating to this Statement or to the Provider’s handling of your personal information, or any related matters must be commenced within six (6) months after the claim or cause of action arises, after which time the claim or cause of action is forever barred, regardless of any statute or law to the contrary.
6. CONTACT INFORMATIONQuestions, comments or requests related to your use of the Services, regarding this Statement, and the Provider’s information handling policies and procedures should be submitted to the Provider’s Corporate Communications department by mail or e-mail as follows:By mail: Supply Chain Mgmt Inc., 3524 SILVERSIDE RD STE 35B, WILMINGTON, DE, 19810-4929 By e-mail: moc.hctapsidkpg%40ofni 7. CHANGES TO THIS STATEMENTAny changes to this Statement and to the Provider’s information handling practices will be acknowledged in this Statement in a timely manner. The Provider may add, modify or remove portions of this Statement when it feels that it is appropriate to do so. For substantive changes, the Provider will make reasonable efforts to give notice of any changes to this Statement. The Provider may provide notifications of substantive changes prominently on its website and/or send an email or other form of communication notifying individuals of substantive changes to the Statement. Substantive changes to the Statement will be binding thirty (30) days after such changes have been introduced and for which notification of such substantive changes has been made. The date when this Statement was most recently amended is noted at the top of this Statement. MEXICO - PRIVACY NOTICE(This Policy Statement was last updated August 14, 2019)