Privacy Policy

Issued: 2004-January-01

In accordance with the Personal Information Protection and Electronic Documents Act the following ten items are provided:

Accountability

While all employees of Mondenet Technical Services Inc. are responsible for complying with the Personal Information Protection and Electronic Documents Act, the President, Anthony John Doyle, is specifically appointed to be responsible for compliance. Should you need to contact Mondenet Technical Services Inc. with respect to accountability and compliance issues you are asked to email Anthony John Doyle at strad@pobox.mondenet.com with the subject of the email clearly marked Personal Information Protection and Electronic Documents Act.

Purposes

Your personal information is collected by Mondenet Technical Services Inc. for a number of reasons including the following:

For opening an account we collect your name, your address, your telephone number(s), your postal code, and any other contact information you may otherwise volunteer to assist us in being able to contact you.
When you visit our web site we collect various information for logging purposes including the Internet IP address from which your request was made, the date of your request, the time of your request, any authentication information related to your request, a general log record of the information you viewed or downloaded from our web site, the type of request made, the volumes and amount of information provided in response to your request and such other information which may reasonably be logged or loggable as a result of a visit to our web site.
Web Cookies. As a general rule Mondenet Technical Services Inc. does not encourage or require the use of cookies to use our web site. While this may change in the future due to various technical and / or other requirements such pages would clearly indicate the use of cookies and what information is collected and why on such applicable web pages.
Your username and password. Generally you supply the username you wish to use with our service. Should that username be available and within the technical restrictions imposed you are granted that username to use the Internet Service Provided. As a rule we provide to you your initial password. You are encouraged to change your password on our web site as soon as possible once you have made your connection to our services. You are also encouraged to change your password on a regular basis such as once a month or as often as may be reasonable to help ensure good security practice. To provide the various services to you which are available on our web site you will be asked for your username and password. The combination of your username and password will be compared to that information currently on record. Should the information you supply be correct then the information or service you request will be provided. Should you not provide the correct information then the service will be denied to you. Some of the services provided to you with your username and password include your invoicing history and your online usage reports.
Email. Any email sent or received through Mondenet Technical Services Inc. mail servers and gateways is subject to logging for technical support. Transit information collected is consistent with Mail Transfer Agents ( MTA ) and may include the date and time of the email being sent or received, the numbers and volumes of email sent and received, the Internet IP addresses of source and destinations, mail exchanger records and other DNS and related records, mail sizes and numbers as well as the source addresses and destination addresses including cc and bcc addressees. All mail inbound and outbound through Mondenet Technical Services Inc. must pass through one of the ingress or egress gateways for logging and auditing and technical support purposes.
Web. Any web pages may be logged or audited which are viewed passing inbound or outbound through the Mondenet Technical Services Inc. ingress and egress gateways.
All other traffic. In general all traffic passing on, through, into, or leaving the Mondenet Technical Services Inc. network may be logged for logging purposes as well as for specific law enforcement or national security requirements.
Invoicing and payment information. In general the invoicing information is based upon your orders and the services provided to you. The payment information we generate is based on the payments you make to us or processed for your account. As a rule that information is kept in a manner consistent with audit and tracking payments should the need arise. Such information may include the chequing information, credit card information, debit card information ( not including PIN codes or passwords etc ), cash payments, money order payments, or such other payment methods and options as may arise and be made available from time to time. All such information is retained for tracking and auditing purposes and to comply with the requirements of our bank, your bank, and the various involved financial insitutions for whom and through whom payments are processed and cleared.

Consent

In general the information you provide to us is of your own free will and used strictly for the purposes of creating your accounts or for providing the services requested. By giving the information to us, either verbally or expressly, you grant consent to us to use that information for the purpose for which it is requested and required. Should you not provide the information then the services you wish to receive may be denied.

Limiting collection

Believe us. We do not want to collect any more information than we need to. Really. With the limited information collected and information logged already we are up to our ears in information. As such, it is our policy that if we do not need to collect your information we will not do so.

Limiting use, disclosure, and retention

According to the Privacy Commission of Canada Organizations may collect personal information without the individual's knowledge or consent only:

if it is clearly in the individual's interests and consent is not available in a timely way
if knowledge and consent would compromise the availability or accuracy of the information and collection is required to investigate a breach of an agreement or contravention of a federal or provincial law
for journalistic, artistic or literary purposes
if it is publicly available as specified in the regulations.

Further, organizations may use personal information without the individual's knowledge or consent only:

if the organization has reasonable grounds to believe the information could be useful when investigating a contravention of a federal,provincial or foreign law and the information is used for that investigation
for an emergency that threatens an individual's life, health or security
for statistical or scholarly study or research ( the organization must notify the Privacy Commissioner before using the information )
if it is publicly available as specified in regulations
if the use is clearly in the individual's interest and consent is not available in a timely way if knowledge and consent would compromise the availability or accuracy of the information and collection was required to investigate a breach of an agreement or contravention of a federal or provincial law.

As well, organizations may disclose personal information without the individual's knowledge or consent only:

to a lawyer representing the organization
to collect a debt the individual owes to the organization
to comply with a subpoena, a warrant or an order made by a court or other body with appropriate jurisdiction
to a government institution that has requested the information, identified its lawful authority, and indicates that disclosure is for the purpose of enforcing, carrying out an investigation, or gathering intelligence relating to any federal, provincial or foreign law; or suspects that the information relates to national security or the conduct of international affairs; or is for the purpose of administering any federal or provincial law
to an investigative body named in the Regulations of the Act or government institution on the organization's initiative when the organization believes the information concerns a breach of an agreement, or a contravention of a federal, provincial, or foreign law, or suspects the information relates to national security or the conduct of international affairs
if made by an investigative body for the purposes related to the investigation of a breach of an agreement or a contravention of a federal or provincial law
in an emergency threatening an individual's life, health, or security ( the organization must inform the individual of the disclosure )
for statistical, scholarly study or research (the organization must notify the Privacy Commissioner before disclosing the information)
to an archival institution
20 years after the individual's death or 100 years after the record was created
if it is publicly available as specified in the regulations
if required by law.

Organizations must refuse an individual access to personal information:

if it would reveal personal information about another individual* unless there is consent or a life-threatening situation
if the organization has disclosed information to a government institution for law enforcement or national security reasons. Upon request, the government institution may instruct the organization to refuse access or not to reveal that the information has been released. The organization must refuse the request and notify the Privacy Commissioner. The organization cannot inform the individual of the disclosure to the government institution, or that the institution was notified of the request, or that the Privacy Commissioner was notified of the refusal.

Organizations may refuse access to personal information if the information falls under one of the following:

solicitor-client privilege
confidential commercial information
disclosure could harm an individual's life or security
it was collected without the individual's knowledge or consent to ensure its availability and accuracy, and the collection was required to investigate a breach of an agreement or contravention of a federal or provincial law (the Privacy Commissioner must be notified)
it was generated in the course of a formal dispute resolution process.

Accuracy

As a general rule, we would be pleased to have the necessary information as accurate as possible. Should your information change we would be pleased to make the appropriate updates to your personal information retained with Mondenet Technical Services Inc. To make changes to your personal information it would be best to send that email to our sales manager, Bob Burhunduli, at bob@pobox.mondenet.com with the subject of the email clearly listing Update to Personal Information.

The date and time of your email request shall serve as sufficient evidence as to the specific date and time your request to update your personal information was made. Your information is stored at the Head Office of Mondenet Technical Services Inc. The current address of our Head Office is D5-2285 St. Laurent Boulevard, Ottawa, Ontario, Canada K1G 4Z7. Should it be necessary for you to review your personal information on site you should make arrangements with the Sales Manager before hand at 1-613-526-0155. You may be asked to provide suitable identification before such information is reviewed with you and such request may be noted in accordance with the Law.

Safeguards

In compliance with the ACT we undertake and are required to protect personal information against loss or theft, safeguard the information from unauthorized access, disclosure, copying, use or modification, and to protect personal information regardless of the format in which it is held.

Openness

We take this opportunity to inform our customers, clients, and employees that we have policies and practices for the management of personal information. We will make these policies and practices understandable and easily available. Information about these policies and practices may be made available in person, in writing, by telephone, in publications or on our web site.

Individual access

When requested, we will inform you if we have any personal information about you. We will explain how it is or has been used and provide a list of any organizations to which it has been disclosed. We will give you access to your personal information. We will correct or amend any personal information if its accuracy and completeness is challenged and found to be deficient. We will provide a copy of the information requested, or reasons for not providing access, subject to exceptions set out in Section 9 of the Act.

Challenging compliance

If you believe there is a case of non-compliance with the Act we would like to know about it immediately. Should you find we are unable to rectify such non-compliance you make a complaint to us by email at the address listed above with the subject of COMPLAINT: Personal Information Protection and Electronic Documents Act. It is our intent to provide simple and swift resolution to such challenges to compliance. Should you not be satisfied with our response to your complaint then you may appeal to the Privacy Commissioner of Canada. But in general we will investigate all complaints received, take appropraite measures to correct information handling practices and policies should that be the case. Should you make a complaint we will record the date the complaint is received, the nature of the complaint, acknowledge the complaint ( by email ) then followup with the complainant to clarify the complaint as may be required. We will then assign an individual with the skills necessary to conduct an investigation fairly and impartially. We will give the investigator access to all the relevant records, employees, and others who handled the personal information or access request. We will then notify individuals of the outcome of our investigation informing of any relevant steps taken to correct any inaccurate personal information or modifications to policies and procedures based on the outcome of the complaint.