| Coniah Consulting Incorporated, 1733 Mustard Street, Regina, Saskatchewan. Canada |
PRIVACY POLICIES AND PROCEDURES
- Introduction
Coniah Consulting Inc. is committed to the highest standards of privacy and data protection. This Privacy Policy outlines our organizational policies and procedures for the collection, use, disclosure, protection, and disposal of personal information in compliance with:
- Federal laws (including the Personal Information Protection and Electronic Documents Act – PIPEDA)
- Provincial laws (including The Freedom of Information and Protection of Privacy Act – Saskatchewan)
- Other applicable provincial privacy laws across Canada
- International laws, where applicable, including the General Data Protection Regulation (GDPR)
This policy is reviewed annually and updated to reflect changes in legal requirements and best practices.
- Definitions
- Personal Information: Information that can identify an individual (e.g., name, address, phone number, email, financial data).
- Consent: The informed and voluntary agreement to collect, use, or disclose personal data.
- Data Subject: The individual to whom the personal information relates.
- Privacy Officer: The person accountable for privacy compliance within Coniah Consulting Inc.
- Accountability and Compliance
Coniah Consulting Inc. has appointed a Privacy Officer, The Director of Operations, who is responsible for ensuring compliance with all applicable privacy laws and standards.
Contact Information:
- Address: 1733 Mustard Street, Regina, Saskatchewan
- Telephone: 639-365-0099
- Email: info@Coniah.ca
We implement internal privacy audits, maintain comprehensive records of data-handling practices, and proactively monitor evolving privacy obligations.
- Employee Screening and Training
All employees are screened prior to hire, including:
- Identity verification
- Criminal background checks
- Employment history reviews
In addition, all employees receive mandatory annual privacy and cybersecurity training. This training covers legal obligations, data handling protocols, breach response procedures, and best practices for maintaining confidentiality.
- Collection of Personal Information
We collect personal information only when necessary and with consent, and only for legitimate business purposes. Information collected may include:
- Contact and demographic data
- Employment-related information
- Financial or billing data
- Client service and project information
6. Use and Disclosure of Personal Information
Personal information is used strictly for the purposes it was collected, including:
- Delivering contracted services
- Managing employment relationships
- Communicating with clients and stakeholders
- Meeting legal and regulatory requirements
We do not disclose personal information to third parties without consent, except:
- Where legally required (e.g., court orders, regulatory compliance)
- To protect health, safety, or legal rights
- During business transactions, with safeguards in place
7. International and Cross-Jurisdictional Compliance
Where our services or data interactions extend internationally, we ensure that our handling of personal information aligns with relevant laws, including GDPR. Any international data transfers are performed securely and with adequate safeguards.
8. Security Measures
We employ a layered approach to data security:
- Physical controls: Restricted office access, secure storage
- Technical controls: Encryption, firewalls, password protection, secured cloud infrastructure
- Administrative controls: Confidentiality agreements, role-based access, breach response plans
9. Access, Correction, and Consent Management
Individuals have the right to:
- Request access to their personal data
- Request corrections if data is inaccurate or incomplete
- Withdraw consent, subject to legal or contractual limitations
Requests can be made by contacting our Privacy Officer.
10. Retention and Disposal of Personal Information
Personal information is retained only as long as necessary to fulfill its purpose or meet legal obligations. Once no longer required, it is securely destroyed or anonymized.
11. Complaints and Inquiries
Individuals with concerns about how their data is handled can contact our Privacy Officer. If concerns are not resolved internally, individuals may escalate to:
- The Office of the Privacy Commissioner of Canada
- The Saskatchewan Information and Privacy Commissioner
12. Review and Continuous Improvement
This Privacy Policy is reviewed at least once annually or more frequently if required by changes in legislation. Updates are made to reflect legal, operational, or technological developments.
By adopting and enforcing these privacy policies and procedures, Coniah Consulting Inc. reaffirms its unwavering commitment to protecting personal information, ensuring legal compliance, and building trust with all stakeholders. We go beyond minimum standards by embedding ongoing employee training, multi-jurisdictional awareness, and proactive data governance into our operations.
Document History
| Rev. | Date | Description |
| 00 | 04/11/2024 | First Issue |
| 01 | 20/05/2025 | First Revision |
