The Blackthorn Group Privacy Policy

An organization entrusted with personal information about its clients and employees has a responsibility to protect the privacy of that information. Blackthorn Group takes this responsibility very seriously. Clients and employees of the firm should expect nothing less. To that end, Blackthorn Group has established a Privacy Policy to protect the privacy rights of its clients, employees, and others. This policy relates to the collection, use and disclosure of personal information by the firm, its partners and employees (“Blackthorn Group”). Personal information includes any information about an identifiable individual but does not include the name, title or business address or business telephone number of an individual. Blackthorn Group privacy policy is to adhere to ten principles of privacy based on the Canadian Standards Association’s Privacy Principles. Each of the principles is interrelated, and more detailed guidelines have been produced to assist in the application of these principles.

Principle #1: Accountability

Blackthorn Group is accountable for all personal information in its possession or custody, including any personal information disclosed to third parties for processing or other administrative functions, and for professional standards purposes.

Principle #2: Identifying Purposes

Blackthorn Group shall identify the purposes for which personal information is collected either before or at the time the information is collected.

Principle #3: Consent

The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate, or where required or permitted by law.

Principle #4: Limiting Collection

Collection of personal information shall be limited to that which is necessary for the purposes identified by Blackthorn Group. Any information shall be collected by fair and lawful means.

Principle #5: Limiting Use, Disclosure, and Retention

Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required or permitted by applicable law, rules or regulations. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.

Principle #6: Accuracy

Personal information shall be as accurate, complete, and up-to-date as is necessary to fulfill the purposes for which it is to be used.

Principle #7: Safeguards

Personal information shall be protected by security safeguards appropriate to the sensitivity level of the information.

Principle #8: Openness

Blackthorn Group shall make information available to its clients and employees about the policies and practices that apply to the management of their information.

Principle #9: Individual Access

Upon request, an individual shall be informed of the existence, use, and disclosure of their information, and shall be given access to it. An individual may verify the accuracy and completeness of their information and may request that it be amended, if appropriate.

Principle #10: Challenging Compliance

Questions or complaints with respect to privacy and the Blackthorn Group privacy policy or practices may be directed to the office manager within Blackthorn Group.

** This Privacy Policy has been adopted by and is applicable to the employees and clients of Blackthorn Group and all its companies.