ACTION Corporation Privacy Statement
ACTION Corporation ("AC") and its controlled subsidiaries and affiliates - All Niagara Internet ("ANI"), GuestServe ("GuestServe"), Niagara Guest Services ("NGS"), NiagaraBB ("NiagaraBB") - respect and protect your right to privacy in relation to your interactions with this website (the "Site") and adheres to the privacy regulations as laid out in the Federal Privacy Act and the Personal Information Protection and Electronic Documents Act ("PIPEDA") and any other Provincial Statutes enacted as of January 1, 2004.
Other AC trademarked service lines/products with links from this Site, including GuestServe, ANI and NGS, may have their own privacy statements, which may be viewed by clicking on their links.
Information Collected on Behalf of our Clients
AC is a leading service provider of e-business solutions and we are proud of our reputation in this area of our business as a reliable, secure service provider. As the manager of our own hosting solutions, we offer a complete assortment of services to our Clients including scalable managed or self-managed web accounts, full e-mail services, secure web mail, intranets, web-based order management, real-time credit card process and more.
As a data processor and under the direction and authority of our many and various Clients, AC and its associated companies may collect personal information about you on behalf of our Clients' Web Registration Sites and other e-commerce Sites that it hosts. Frequently, these Web Registration Sites link directly with our Clients' Web Sites and in fact will often appear to be seamlessly integrated into our clients' Web Sites even though the Web Registration Site and data processing software is in fact set up and administered by AC.
The personal information that is collected on these Sites will be used and processed in accordance with the privacy policies of our Clients who have authorized and instructed us to set up and operate these various Sites on their behalf. Consequently, we strongly urge you to familiarize yourself with the privacy policies and practices of the Client whose Site you are accessing in order to properly understand how they might use your personal information before submitting it.
Our Clients are ultimately responsible for compliance with all privacy and data protection legislation. If a Client's Site is e-commerce enabled, AC will share some personal and relevant financial information collected from the Site using SSL encryption with our merchant service provider(s) and any other relevant financial service provider in order to process any credit or debit card transaction.
Our Clients' Relationship with You Is Important to Us
We pride ourselves on our ability to create and maintain leading communication systems and services that enable our Clients to have ongoing communication with you on value added services, and to establish long-lasting relationships with you that will grow and change to meet your needs.
Personal Information managed by AC
We manage personal information for our Site and on behalf of our Clients. The type of information we usually manage and maintain may include (but may not be limited to) your:
Your Personal Information may be used to:
- Mailing Address
- e-mail Address
- Telephone Number
- Credit Card information
- Identify you (such as when you come back to a Web site)
- Establish and maintain a relationship with you, and to provide you with ongoing service
- Protect you, the Client, and us, against error and fraud
- Comply with legal requirements
Your personal information may also be used to create statistics about our Client's business. The statistics that we provide our Clients typically do not contain any information that would identify you personally.
Our Commitment to Protecting your Privacy
The following Ten Privacy Principles govern our collection, use and disclosure of Personal Information and have been developed to reflect both the CSA Model Code Principles and the expectations of our clients:
Principle 1 -Accountability
Principle 2 -Identifying Purposes
Principle 3 -Consent
Principle 4 -Limiting Collection
Principle 5 -Limiting Use, Disclosure and Retention
Principle 6 -Accuracy
Principle 7 -Safeguarding Information
Principle 8 -Openness
Principle 9 -Individual Access
Principle 10 -Challenging Compliance
Principle 1 - AccountabilityPaul Tomori, Privacy Officer
EMail: Privacy Officer, ACTION Corporation
AC is responsible for personal information under its control. In that regard, it has designated a Privacy Officer to ensure AC complies with these Ten Privacy Principles. To inquire about AC's privacy practices, provide feedback or comments or inquiry about access to your personal information, please contact:
Principle 2 - Identifying Purposes
AC shall identify the purposes for which personal information is collected at or before the time such information is collected. When visiting our Site, as a practice, user sessions are logged but not linked to any personally identifiable information. You remain anonymous unless AC deems it necessary to identify you for the purpose of protecting our service, site, users, or others.
The personal information collected on this Site will be used to operate the Site and to provide the service(s) or carry out the transaction(s) you have requested. The only information collected that is used to identify you is that which you give voluntarily. When you submit a question or comment, you may be asked for your name and/or email address, or other information. This information is only used to process and respond to your question or comment. The personal information you submit through the Site is secure once it reaches the AC server.
As AC collects and hosts Customer data on behalf of our Clients, this data remains the exclusive property of our Clients. Unless we have explicit instructions to do so by the Client, we do not rent, trade, or otherwise disclose client data in any format (electronic or other) to any of our other Clients, nor to any third party - individual, company or organization.
It is the exclusive responsibility of the Client to ensure that each of the Customer records contained within their data set was consented to, be collected for the purpose(s) intended as detailed in the section of the Federal Act and in PIPEDA covering the collection, use and disclosure of personal information.
Principle 3 - Consent
The knowledge and consent of AC Clients are required for the collection, use and disclosure of personal information, except where required or permitted by law. By accessing the Site, you are consenting to the information collection and use practices described in this privacy statement.
Collecting information on behalf of our Clients
It is the exclusive responsibility of the Client to ensure that each of the customer records contained within their data set was consented to, be collected for the purpose(s) intended as detailed in the section of the Federal Act and in PIPEDA covering the collection, use and disclosure of personal information. We only collect, use, and disclose your personal information on direct instructions from our Client, except where otherwise permitted by law.
It is always your choice whether or not you consent to the Client instructing us to manage your personal information. However, a decision to withhold certain, or all, personal information may restrict or prevent us from providing the services to you as instructed by our Client. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. To withdraw your consent, simply contact the Client and advise them of what personal information you no longer wish stored.
Principle 4 - Limiting Collection
AC is privileged to have been delivering exceptional e-business services for more than a decade. To make this possible, there are a number of ways we gather personal information; for which the purpose, circumstances, retention and safekeeping are determined in advance. Personal information shall be retained as long as necessary to provide the services requested and fulfill all administrative requirements resulting from your request. The collection of personal information shall be limited to that which is necessary for the purposes identified by AC. Personal Information shall be collected by fair and lawful means.
Principle 5 - Limiting Use, Disclosure and Retention
Your name, email address or any other information you may have shared, or choose to share with us in the future, will never be sold, traded, rented, given away or used for any other purpose than to provide you with the information or services you have requested or is required by law.
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of our Client or as required by law. Personal information shall only be retained as long as necessary for the fulfillment of those purposes.
AC may disclose personal information if required to do so by law or in the good faith belief that such action is necessary to (a) conform to the edicts of the law or comply with legal process served on AC or its Site; (b) protect and defend the rights or property of AC and our family of Sites; or (c) act in urgent circumstances to protect the personal safety of AC employees or agents, users of AC products or services, or members of the public.
The length of time we retain personal information varies depending on the purpose for which it was collected and used. When your personal information is no longer needed we have procedures to either destroy, delete, erase or convert it to an anonymous form.
Principle 6 - Accuracy
Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is used. AC permits real time access to the customer database to make changes or deletions to personal information.
Collecting information on behalf of our Clients
It is the exclusive responsibility of the Client to ensure that each of the customer records contained within their data set is as accurate, complete and up-to-date. To make changes to your personal information records, contact the Client.
Principle 7 - Safeguarding Information
AC has invested significantly in a hardware infrastructure that embraces the highest standards available to protect the security of its Clients' databases (which includes the personal information of individuals collected and processed through the Web Registration Sites). For security and reliability, all sites are hosted on LINUX systems with no external terminal users. For maximum uptime and to guard against catastrophic circumstances (i.e. fire, server connectivity failure, etc), we provide quadruple redundant servers located in geographically different locations.
Our server systems are located in a highly secured facility with 24/7 manned security personnel, constantly monitored by a team of technicians trained in systems management, intrusion detection and network oversight, protected by fire suppression and other disaster preventions, provisioned with an extraordinary uninterrupted power supply system along with two room-filling diesel-powered backups. Our various proprietary computer software systems and Web Registration Sites have also been carefully developed. We audit our procedures and security measures regularly to ensure that they are being properly administered and that they remain effective and appropriate. Only authorized individuals have access to the information provided by our Clients and their Customers. Any particularly sensitive information, such as a Customer's credit card number, is encrypted prior to transmission.
Secure Socket Layer (SSL)
Each Web Registration Site that AC hosts for a Client that 'processes' financial or credit card information of individuals is developed using the industry standard SSL encryption technology.
Principle 8 - Openness
AC shall make readily available to its Clients specific information about its policies and practices relating to the management of Personal Information.
Principle 9 - Individual Access
Upon making a request in accordance with this Policy, an AC Client shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. A Client shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Principle 10 - Challenging CompliancePaul Tomori, Privacy Officer
EMail: Privacy Officer, Action Corporation,
Any AC Client shall be able to address a challenge concerning compliance with these Ten Privacy Principles to AC's Privacy Officer:
Other Web Sites
AC and its associate companies/services may include links to other third party sites that are not governed by this privacy statement. AC shall not be responsible for the privacy practices of other third party web sites. We therefore suggest that you examine the privacy policies or statements of those sites to better acquaint yourself with their information collection, use and disclosure practices.
Contact Us Please write to:
Paul Tomori, Privacy Officer
EMail: Privacy Officer, Action Corporation,
If you have questions, concerns, or complaints about the privacy of your personal information collected and managed for us or by us on behalf of our Clients, you may contact us at the address listed below. If a complaint is found to be justified, appropriate measures will be taken including, if necessary, amending our practices and procedures.
AC reserves the right to update or modify this Privacy Statement at any time. AC, and all of their affiliated operations, assumes no liability for interpretation, alteration or misuse of information transmitted over the Internet.