Zachary Soccio-Marandola Professional Corporation
(referred to as “ZSMPC”)
Personal Information Protection Principles
ZSMPC is accountable for the protection of all personal information within the firm’s possession or control, including any personal information that has been transferred to a third party for regulatory, legal or processing purposes. ZSMPC will require a comparable level of protection of this information from its third-party relations.
Personal information that ZSMPC collects from clients includes:
- the client’s name and address and other contact information, such as telephone numbers, email address;
- facts the client’s file;
- information about a client’s transactions with us, such as file numbers, account balances, payment history; and
- payment information for pre-authorized payments.
When a client retains ZSMPC, ZSMPC will make the client aware of the purposes for which ZSMPC is requesting the personal information. If ZSMPC identifies other purposes for which the personal information may be used, ZSMPC will seek the client’s consent prior to such use. ZSMPC will advise that it is the client’s right to refuse permission for ZSMPC to use personal information for any new purposes.
Additional purposes for collecting personal information may be identified to a client before or at the time of collection. However, at a minimum ZSMPC will collect personal information for the following purposes:
- To verify the customer’s identity;
- To provide the client with legal services; and
- To prevent fraud with respect to both the client and our firm
The knowledge and consent of a client is generally required for the collection, use or disclosure of personal information and ZSMPC will seek to obtain consent before or when it collects, uses or discloses personal information about a client. A client can provide consent to the collection, use and disclosure of personal information about them expressly or implicitly. However, ZSMPC will collect, use or disclose personal information without a client’s knowledge and consent only in limited circumstances and as permitted by law, such as in the case of an emergency where the life, health or security of a client is threatened. Subject to certain legal and contractual restrictions and reasonable notice, a client can refuse or withdraw their consent to the collection, use or disclosure of personal information about them at any time.
All existing clients will be informed of what types of personal information have been collected, the purpose for the collection and the procedures available for contacting ZSMPC with any inquiries. All new clients will be provided an explanation about the collection, use and disclosure of their personal information when requesting service.
ZSMPC limits the amount and type of personal information it collects to that which is necessary for the business of legal services and as permitted by law. Personal Information will be collected using procedures that are fair, transparent and lawful.
Limiting Use, Disclosure and Retention
ZSMPC will only use the personal information for the purpose for which it was collected as identified in principle #2, unless consent is given by the client to use or disclose it for another purpose or as is required by law. ZSMPC will develop explicit retention periods for closed files, after which the personal information will be destroyed or made anonymous. Under certain exceptional circumstances, ZSMPC may have a legal duty or right to disclose personal information without the client’s knowledge or consent.
ZSMPC shall take all reasonable steps to ensure that all personal information will be kept accurate, complete and up to date. Clients may challenge the accuracy and completeness of personal information about them and have it amended, as appropriate.
In executing its responsibilities with respect to the confidentiality of personal information, ZSMPC will employ a number of safeguards, appropriate to the sensitivity of the information, to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. Such safeguards will include physical measures, organizational measures and technological measures, for example locked filing cabinets, restricted access to offices, security clearances, limiting access on a “need to know” basis and the use of passwords and encryption. Procedures for implementing these measures will be communicated to all employees and third parties to ensure compliance with this principle.
ZSMPC will make its policies and practices relating to the protection of personal information available to its clients. ZSMPC will keep its clients informed of these policies and practices and clients shall be provided access to all related policies and procedures via ZSMPC's web page. The information will be available in a format that is easy to understand.
Any client of ZSMPC can have access to the personal information about them that ZSMPC has in its possession or control. Any client may request that their personal information be amended for purposes of accuracy and completeness.
Clients can make their requests by telephone (647-797-6881), via email (firstname.lastname@example.org) or in writing (1 Dundas St W, Suite 2500, Toronto, ON M5H 1Z3 Attention: Zachary Soccio-Marandola). Response to a client’s request will be made in a timely and efficient manner.