Privacy Policy

---

Zachary Soccio-Marandola Professional Corporation
(referred to as “ZSMPC”)

Preface

ZSMPC is committed to keeping the personal information of its clients accurate, confidential, secure and private. Our Privacy Policy has been designed to inform employees, clients, and third parties of ZSMPC of our commitment and recognition to our obligation to meet the spirit and terms of the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

Contents

Our Privacy Policy describes the principles by which ZSMPC protects the privacy of personal information in its possession. It addresses the reasons why such information is collected, how it is used, how its confidentiality is protected and outlines the clients’ rights in respect of this information. Our Privacy Policy incorporates and expands on the 10 principles for the protection of personal information, as devised by the Canadian Standards Association (CSA).

The Privacy Policy applies to personal information about the clients of ZSMPC and other clients that is collected, used or disclosed by ZSMPC. This Privacy Policy does not apply to information about corporate clients and does not apply to information about the employees of ZSMPC. ZSMPC does, however, protect the confidentiality of such information in accordance with the law and our own policies.

Personal Information Protection Principles

Accountability

ZSMPC is accountable for the protection of all personal information within the firm’s possession or control, including any personal information that has been transferred to a third party for regulatory, legal or processing purposes. ZSMPC will require a comparable level of protection of this information from its third-party relations.

Identifying Purposes

Personal information that ZSMPC collects from clients includes:

• the client’s name and address and other contact information, such as telephone numbers, email address;
• facts the client’s file;
• information about a client’s transactions with us, such as file numbers, account balances, payment history; and
• payment information for pre-authorized payments.

When a client retains ZSMPC, ZSMPC will make the client aware of the purposes for which ZSMPC is requesting the personal information. If ZSMPC identifies other purposes for which the personal information may be used, ZSMPC will seek the client’s consent prior to such use. ZSMPC will advise that it is the client’s right to refuse permission for ZSMPC to use personal information for any new purposes.

Additional purposes for collecting personal information may be identified to a client before or at the time of collection. However, at a minimum ZSMPC will collect personal information for the following purposes:

• To verify the customer’s identity;
• To provide the client with legal services; and
• To prevent fraud with respect to both the client and our firm

Consent

The knowledge and consent of a client is generally required for the collection, use or disclosure of personal information and ZSMPC will seek to obtain consent before or when it collects, uses or discloses personal information about a client. A client can provide consent to the collection, use and disclosure of personal information about them expressly or implicitly. However, ZSMPC will collect, use or disclose personal information without a client’s knowledge and consent only in limited circumstances and as permitted by law, such as in the case of an emergency where the life, health or security of a client is threatened. Subject to certain legal and contractual restrictions and reasonable notice, a client can refuse or withdraw their consent to the collection, use or disclosure of personal information about them at any time.

All existing clients will be informed of what types of personal information have been collected, the purpose for the collection and the procedures available for contacting ZSMPC with any inquiries. All new clients will be provided an explanation about the collection, use and disclosure of their personal information when requesting service.

Limiting Collection

ZSMPC limits the amount and type of personal information it collects to that which is necessary for the business of legal services and as permitted by law. Personal Information will be collected using procedures that are fair, transparent and lawful.

Limiting Use, Disclosure and Retention

ZSMPC will only use the personal information for the purpose for which it was collected as identified in principle #2, unless consent is given by the client to use or disclose it for another purpose or as is required by law. ZSMPC will develop explicit retention periods for closed files, after which the personal information will be destroyed or made anonymous. Under certain exceptional circumstances, ZSMPC may have a legal duty or right to disclose personal information without the client’s knowledge or consent.

Accuracy

ZSMPC shall take all reasonable steps to ensure that all personal information will be kept accurate, complete and up to date. Clients may challenge the accuracy and completeness of personal information about them and have it amended, as appropriate.

Safeguards

In executing its responsibilities with respect to the confidentiality of personal information, ZSMPC will employ a number of safeguards, appropriate to the sensitivity of the information, to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. Such safeguards will include physical measures, organizational measures and technological measures, for example locked filing cabinets, restricted access to offices, security clearances, limiting access on a “need to know” basis and the use of passwords and encryption. Procedures for implementing these measures will be communicated to all employees and third parties to ensure compliance with this principle.

Openness

ZSMPC will make its policies and practices relating to the protection of personal information available to its clients. ZSMPC will keep its clients informed of these policies and practices and clients shall be provided access to all related policies and procedures via ZSMPC's web page. The information will be available in a format that is easy to understand.

Client Access

Any client of ZSMPC can have access to the personal information about them that ZSMPC has in its possession or control. Any client may request that their personal information be amended for purposes of accuracy and completeness.

Clients can make their requests by telephone (647-797-6881), via email (zachary@socciomarandola.com) or in writing (1 Dundas St W, Suite 2500, Toronto, ON M5H 1Z3 Attention: Zachary Soccio-Marandola). Response to a client’s request will be made in a timely and efficient manner.

Challenging Compliance

Any client of ZSMPC may challenge ZSMPC's compliance with this Privacy Policy by contacting ZSMPC directly. ZSMPC has policies and procedures to receive, investigate and respond to clients’ complaints and questions.