Privacy Policy
Sonata Design Personal Information Protection Policy
At Sonata Design, we are committed to providing our customers with exceptional service. This service involves the collection, use, and disclosure of personal information, and protecting this information is a top priority. We have strengthened our commitment to safeguarding personal information in accordance with Alberta's Personal Information Protection Act (PIPA).
PIPA outlines how Alberta businesses must collect, use, and disclose personal information. We will inform our customers about why and how we handle their information, obtain consent when needed, and only handle personal information appropriately. This policy outlines the principles and practices we will follow to protect customer information. Our privacy commitment includes ensuring the accuracy, confidentiality, and security of personal information, and allowing customers to request access and correction.
Definitions
Personal Information: Information about an identifiable individual. For billing, warranty service, and product delivery, we keep a record of customer name, address, and order details. We do not collect other personal information (e.g., age, religion). Personal information does not include contact information (defined below).
Contact Information: Information enabling contact at home or business, including name, title, phone numbers, addresses, email, or fax number. Contact information is not covered by this policy or PIPA.
Privacy Officer: The individual responsible for ensuring Sonata Design complies with this policy and PIPA. Contact information is provided at the end of this document.
Policy 1 – Collecting Personal Information
1.1 We will communicate the purposes for collecting personal information before or at the time of collection, unless the purposes are obvious and the customer voluntarily provides information.
1.2 We will only collect information necessary for these purposes:
* To verify identity and creditworthiness
* To open and manage accounts
* To deliver products and services
* To ensure high standards of service
* To meet regulatory requirements
* To collect and process payments
Policy 2 – Consent
2.1 We will obtain customer consent to collect, use, or disclose personal information (except where authorized without consent).
2.2 Consent can be oral, written, electronic, or implied (e.g., providing name and address for delivery).
2.3 Consent may be implied if given notice and a chance to opt-out of marketing, and the customer does not opt-out.
2.4 Customers can withhold or withdraw consent, which may limit our ability to provide certain services. We will explain the situation to help customers decide.
2.5 We may collect, use, or disclose personal information without consent in limited cases:
* When permitted or required by law
* In emergencies threatening life, health, or security
* When information is public (e.g., phone book)
* When seeking legal advice
* For debt collection
* To protect against fraud
* To investigate potential breaches of agreements or law
Policy 3 – Using/Disclosing Personal Information
3.1 We will only use or disclose personal information for the purposes identified at collection, or for reasonably related purposes, such as:
* Conducting customer satisfaction surveys
* Contacting customers about relevant products and services
3.2 We will not use or disclose personal information for additional purposes without consent.
3.3 We will never give or sell customer lists or personal information to others (unless requested by the customer).
Policy 4 – Retaining Personal Information
4.1 We will retain personal information used for decisions directly affecting the customer for at least one year, allowing the customer to request access.
4.2 Otherwise, we will retain personal information only as long as necessary for identified or legal/business purposes.
Policy 5 – Personal Information Accuracy
5.1 We will make reasonable efforts to ensure accuracy and completeness of personal information used for decisions or disclosed to others.
5.2 Customers can request corrections in writing with sufficient detail.
5.3 If information is inaccurate or incomplete, we will correct it and send corrections to any organization it was disclosed to in the previous year. If not corrected, we will note the request.
Policy 6 – Securing Personal Information
6.1 We are committed to securing personal information against unauthorized access, use, disclosure, etc.
6.2 Security measures include:
* Locked cabinets
* Secure offices
* User passwords
* Restricted employee access
* Contractual requirements for service providers
6.3 We use secure methods for destroying personal information.
6.4 We regularly review and update security measures as technology changes.
Policy 7 – Providing Access to Personal Information
7.1 Customers have a right to access their personal information, with limited exceptions (e.g., solicitor-client privilege, privacy of others, health/safety concerns).
7.2 Requests must be in writing with sufficient detail.
7.3 We will inform customers how their information is used and disclosed.
7.4 We will make information available within 30 business days or provide notice of extension.
7.5 A minimal fee may apply.
7.6 If a request is refused, we will provide written notice with reasons and recourse options.
Policy 8 – Questions & Complaints: The Role of the Privacy Officer
8.1 The Privacy Officer ensures compliance with this policy and PIPA.
8.2 Customers should direct complaints, concerns, or questions to the Privacy Officer in writing. If unresolved, they may contact the Office of the Information and Privacy Commissioner of Alberta.
Contact information for Sonata Design's Privacy Officer:
Christopher Dupuis
Marketing Maestro
Marketing@sonatadesign.ca