Introduction Enterprise Brant is a federally supported not-for-profit community organization with a volunteer Board of Directors and professional staff whose purpose is to support community economic development and small business growth through business loans or loan guarantees. This page summarizes Enterprise Brant’s privacy policies and procedures that have been developed to comply with Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). PIPEDA sets out rules for the collection, use and disclosure of a client’s or customer’s personal information, as well as safeguarding that information in the course of commercial activity as defined in the legislation. What Is “Personal Information” Under PIPEDA, “Personal Information” means any information that is identifiable to an individual, including name, address, telephone number, Social Insurance Number, and date of birth. It also includes, but is not limited to, other information relating to identity, such as, nationality, gender, marital status, financial information and credit history. Purposes for Personal Information Enterprise Brant collects only that personal information required to assess a prospective applicant’s eligibility for financial assistance, as well as to report to the Federal Development Agency for Southern Ontario, the federal department that administers the Ontario Community Futures Program. Consent At the time of completing a loan application, the express, written consent of the individual applicant will be sought for the collection, use, retention and disclosure of their personal information for the purposes set out in Enterprise Brant’s privacy policy. An applicant may choose not to provide some or all of the personal information requested, but if Enterprise Brant is unable to collect sufficient information to validate a financing request, the application for financing may be turned down. Accuracy Enterprise Brant endeavours to ensure that all personal information in active files is accurate, current and complete. When a client notifies Enterprise Brant that his or her personal information requires correction or updating, the necessary changes will be made. Information contained in closed files is not updated. Limiting Use, Retention & Disclosure Enterprise Brant uses and retains personal information for only those purposes for which the individual has consented. Personal information will be disclosed to only those Enterprise Brant employees, volunteer members of committees and/or Board of Directors that need to know the information for the purposes set out in the Enterprise Brant Privacy Policy. Safeguards Enterprise Brant utilizes a number of physical, organizational and technological measures to safeguard personal information from unauthorized access or inadvertent disclosure in accordance with its Information Security, Retention and Destruction Policy, including but not limited to: Physical Active files are stored in locked filing cabinets located in work areas restricted to Enterprise Brant employees and authorized volunteers. Closed files are stored in locked cabinets for a period of two years, after which, the information is shredded prior to disposal. Organizational Enterprise Brant employees, volunteers, and third party service providers sign confidentiality agreements binding them to safeguarding the confidentiality of personal information to which they have access. Technological Personal information contained on Enterprise Brant computers and the electronic databases are password protected. As well, the Internet server or router has firewall protection to protect against virus attacks and hacking into the database.