Privacy Policy

At Sum Strategies Inc. (SSI), we respect the privacy of all debtors’ we deal with on behalf of our clients. All debtors’ personal information is collected, used and disclosed by SSI in accordance with this Privacy Policy. This policy is based on the Canadian Standards Association Model Code for adherence to Canada’s Personal Information Protection and Electronic Documents Act (PIPED). SSI commits to all of the principles contained in the Model Code.

This policy governs the behavior of our employees and agents acting on our behalf. All SSI employees (including new hires) who may have access to debtors’ personal information have been thoroughly trained on the handling of such information. All SSI employees receive extensive training on privacy as a fundamental part of their initial orientation. All employees are required to sign this privacy policy and commit to following it when handling a debtors’ personal information.

SSI has a number of measures in place to ensure that your information is kept secure, whether it is stored electronically or in paper format. We are constantly taking measures to enhance these safeguards. Organizational security measures include, but are not limited to, the following:

  • Visitors to SSI’s premises are required to sign in and out. All visitors are informed of the sensitive and confidential nature of our records and undertake not to attempt to view or obtain any such records.
  • SSI has a Clean Desk Policy, all debtors’ and client information is required to be filed in locked file cabinets in each department. When an agent’s desk is left unattended, employees are instructed to lock all files and close electronic devices containing debtor and client sensitive information.
  • Documents containing personal information are shredded weekly on the building premises.
    Physical security measures include, but are not limited to, the following:
  • SSI’s premises are alarm-monitored.
  • All offices, the server room, employee desks and filing cabinets are locked after hours. Stringent controls are in place for the distribution of office keys and file cabinet key as well as pass codes.
  • Daily back-up tapes are stored in a secure location.
    Technological security measures include the following:
  • SSI has made a substantial investment in reliable servers, database, backup and security technologies, as well as industry standard firewalls to protect your information.
  • SSI’s secure server is password-protected and employees are provided with Guidelines for the Selection of Secure Passwords.
  • In order to avoid unauthorized access, employees are asked to log out of the system when it is not in use. If an employee has not logged out, a ten-minute system time-out results in the employee being automatically logged out.
  • Only managers can obtain port-to-port secure remote access to the system. Records containing personal information cannot be remotely downloaded or printed.

If the personal information we have about the debtor is going to help us recover a debt, we need to keep this information as accurate as possible. However, we are relying on the information we receive from our clients, third parties and debtors’ to maintain accurate records. We attempt to verify the personal information we possess prior to using it or disclosing it for debt collection purposes.

Personal information that is in electronic format is maintained in our data base for a period of seven years from the date an account is assigned or the date of last financial activity or acknowledgement of the debt. Should the file have been litigated and judgment obtained, electronic information is retained for twenty years. Data is made anonymous on November 1st of year following the expiration of the limitation statutes/requirements. Personal information that is no longer necessary or relevant for debt collection purposes or required to be retained by law shall be erased or made anonymous. Where personal information has been used to take legal action against a debtor, SSI will retain the information for as long as required by limitation statutes for appeal purposes. Paper records containing personal information (for example, correspondence from the debtor) are kept in locked filing cabinets for a maximum of 6 years before they are shredded. Note that when we delete personal information from the system, residual information may remain in back-up files temporarily.

We share this Privacy Policy with all of our clients and third party information suppliers. When we reveal your personal information in order to identify you to third party suppliers, we expect that information to be protected. We urge third parties to review and pay heed to this policy, not to further disclose the personal information they have received from us, to keep that information secure and to destroy it once they have provided SSI with the information we require. We impose these obligations through contracts with third party information suppliers whenever possible.

You have the right to access any personal information that we have about you, as well as to find out about the uses and disclosures of this information. You can also challenge the accuracy and completeness of the information and have it amended as appropriate. In order to safeguard personal information, a debtor may be required to provide sufficient identification to permit SSI to account for the existence, use and disclosure of personal information and to authorize access to the debtor’s file. Note that in certain situations, SSI may not be able to provide access to all of the personal information it holds about a debtor. Exceptions may include information that contains references to other individuals that cannot be adequately severed so as to protect someone else’s privacy; information that cannot be disclosed for legal, security or commercial proprietary reasons; or information that is subject to solicitor-client or litigation privilege. SSI shall provide the reasons for denying access upon request.

SSI takes full responsibility for the management and protection of the personal information it collects. We have a dedicated Privacy Officer who is accountable for compliance with this policy. If you feel that SSI is not abiding by this Privacy Policy or have any concerns about SSI’s information-handling practices, please contact:

Privacy Officer
Sum Strategies Inc.
1200 Colonial Road, P.O. Box 14
Navan, Ontario
K4B 1N1
info@sumstrategies.ca

SSI shall investigate all complaints concerning compliance with the policy. If a complaint is found to be justified, SSI shall take appropriate measures to resolve the complaint including, if necessary, reprimanding employees or amending its policies and procedures.

By providing you with this Privacy Policy, SSI is pledging our continued commitment to protecting debtors’ personal information handled by the company. We make all of our policies and practices relating to the management of personal information readily available. We have a Privacy Team in place that regularly reviews and assists in implementing improvements to our information-handling practices. The Privacy Team reports to the Privacy Officer who may make changes to this policy from time to time to reflect current practices.