1. The Privacy Code of the Canadian Real Estate
Association
We are members of the Canadian Real Estate Association (CREA) and adhere
to and abide by the principles set out in the CREA Privacy Code. All
employees and sales representatives associated with this office must
sign and acknowledge that they will comply with the requirements of
the Code.
2. The Policy Statement
This office only collects personal information necessary to effectively
market and sell the property of sellers, to locate, assess and qualify
properties for buyers and to otherwise provide professional and competent
real estate service to clients and customers. Personal information is
any information that can identify an individual.
3. The Person in Charge
Stan Dunn is the Privacy Compliance Officer responsible for privacy
compliance in this office. His name shall be made available to consumers.
The responsibilities of the Privacy Compliance Officer shall include:
A) Establish and update information protection policies;
B) Ensure policies are implemented by other organizations to which data-processing
functions are out-sourced;
C) Establish criteria for classification of information;
D) Evaluate the accessibility of sensitive information and take corrective
action where necessary;
E) Provide education to employees and the importance of information
protection;
F) Attempt to resolve consumer privacy complaints to the satisfaction
of the consumer.
4. The Collection, Use and Disclosure of Personal
Information
A) Only the information necessary to facilitate the real estate transaction
or otherwise provide professional and competent service to clients and
customers will be collected;
B) No personal information shall be collected from an individual without
first obtaining the consent of the individual to the collection, use
or dissemination of the information;
C) Express consent (whether oral or written) must always be obtained
except in the following situation: Consent may be implied where the
information is not sensitive and where it can be reasonably assumed
that the individual would expect the information to be disclosed in
this fashion;
D) Once information is collected, it will be used and disclosed only
for the purposes disclosed to the individual;
E) All representation agreements must include the approved privacy clauses.
5. Disclosure for New Purpose
A) Anyone using personal information for some new purpose that extends
beyond the consent already provided must obtain the express consent
of the person for that use;
B) Requests for information by law enforcement officials, lawyers, private
investigators or other agents or subpoenas for documents issued by the
court must be referred to the privacy officer.
6. Protecting Information
Information must be protected in a manner commensurate with its sensitivity,
value and criticality. This policy applies regardless of the media on
which information is stored, the locations where the information is
stored, the systems used to process the information, or the processes
by which information is handled.
A) Collection and Disclosure
- Meetings with customers and clients on these premises must take place
in a place and manner to ensure confidentiality;
- Mail and faxes must be routed directly to the intended recipient;
- Information should be available to other persons in the office only
on a need-to-know basis.
B) Storage
- Filing cabinets designated by the office manager to contain personal,
including sensitive, information are to be kept secured at all times;
- All personnel have computer passwords. These passwords are confidential
are not to be shared with unauthorized persons.
C) Destruction
- This office only keeps documents as required by law and destroys all
documents by shredding all that are not required as soon as allowed.
Any personal information should be destroyed by shredding when it is
no longer needed or required. It is each individuals responsibility
to destroy all personal information that they do not require. All documents
containing personal information must be shredded.
7. Accuracy of Personal Information
To ensure the quality of the information collected.
A) Insofar as possible, personal information should be collected directly
from the consumer;
B) Public property information (taxes, assessment data, etc.) should
be verified;
C) Disclaimers of accuracy in the form approved by the office should
always be attached to any disclosure information.
8. Access to Personal Information
A) Copies of any privacy brochure approved by this office should always
be available to the public in the reception area of the office;
B) The individual set out in Section 3 as being responsible for privacy
compliance is the person responsible for responding to access requests
and all such request will be referred to him. All staff and salespersons
will co-operate fully with the Privacy Compliance Officer in responding
to requests;
C) On written request and appropriate identification satisfactory to
the organization, an individual will be advised of personal information
about him/her retained in the firm’s records;
D) Where information cannot be disclosed (for example the information
contains reference to other individuals or is subject to solicitor-client
privilege) the individual will be given reasons for non-disclosure;
E) An individual may have appended to a record, any alternative information
where the office is of the view that the appended information is, in
fact, correct;
F) A minimal administrative fee may be charged to supply the information.
9. Compliance
A) Any complaints from an individual concerning the collection, use
or disclosure of their personal information or concerning the individual’s
ability to access their personal information must be referred to the
Privacy Compliance Officer, who will attempt to resolve the complaint
to the individual’s satisfaction.
B) In the event the complaint cannot be resolved internally to the individual’s
satisfaction, he or she will be advised of where to direct the complaint.
