Millennium Process Group Inc., COMMITMENT TO PRIVACY
The right to privacy and the protection of personal information collected by Millennium Process Group (BPO Division of NTT) about our clients and others with whom we do business, as well as our obligations to protect personal information entrusted to us by our clients for processing are important to the BPO Division of NTT. We understand the obligations for our clients to comply with the provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA), other applicable privacy legislation and any U.S. privacy laws that may be applicable to their business. The BPO Division of NTT will meet its responsibilities to protect our client’s personal information in accordance with legal requirements and current best practices. When our clients contract with us to process personal information on their behalf, we recognize our obligations to protect that information and to collect, use and disclose it exclusively on their behalf in accordance with the provisions of their service contracts.
As a trusted partner to our clients and others with whom we do business, we take our responsibilities as a custodian of information very seriously and, as such, we adhere to the following key principles:
We are accountable for all information under our control or provided to us by our clients, including any information transferred to service providers for the purpose of providing the Services for which we have been contracted to provide. When using service providers, we use contractual or other safeguards to provide a comparable level of protection.
COLLECTING AND USING PERSONAL INFORMATION
Identification of purpose for collecting and using personal information
The nature of the information we collect or receive from our clients or on behalf of our clients varies depending on the Service being provided. The BPO Division of NTT will only collect personal information on its behalf or on behalf of our clients for identified purposes. We request that only the information necessary to fulfill the Services requested be supplied to us. The BPO Division of NTT ensures that each client contract identifies the purposes for which personal information may be collected, used or disclosed by the BPO Division of NTT on behalf of our clients.
The BPO Division of NTT shall obtain the consent of individuals to the collection, use or disclosure of their personal information by the BPO Division of NTT for the BPO Division of NTT’s own purposes which may include disclosure of personal information to clients that require personal information as part of such individual’s provisioning of services with the BPO Division of NTT and such client. Consent may be obtained in written or oral form. An individual can withdraw consent at any time; however, the withdrawal of consent may affect our ability to provide the requested services to a BPO Division of NTT client.
The BPO Division of NTT may collect, use or disclose personal information held by us for our own purposes without consent in circumstances of emergency or as permitted or required by law. The BPO Division of NTT may, as part of its Services to its clients, obtain on their behalf consents for personal information that it processes for such client’s customers.
Limiting the collection, use and disclosure of personal information
The BPO Division of NTT shall limit the collection, use and disclosure of personal information for our own purposes to that which is necessary for the purposes identified. The BPO Division of NTT shall ensure that the collection, use and disclosure of personal information on behalf of our clients is limited to the purposes specified in our client contracts. The BPO Division of NTT shall not collect, use or disclose for our own purposes any personal information that is provided to us by or on behalf of our clients.
Limiting retention of personal information
The BPO Division of NTT will only retain personal information collected for its own purposes for so long as is required or appropriate for such purposes. MPG will establish minimum and maximum retention periods for personal information held by us for our own purposes. MPG will retain and destroy personal information provided to us on behalf of our clients as stipulated in our client contracts or as it is otherwise instructed by our clients. The destruction of information is performed by specially designed software, degaussing, and shredding of documents.
ACCURACY OF PERSONAL INFORMATION AND ACCESS
The BPO Division of NTT shall keep the personal information that it collects for its own purposes as accurate, complete and up to date as reasonably required for the purposes for which it is to be used.
The BPO Division of NTT’s clients are responsible for the accuracy and completeness of the personal information that has been provided to us to perform the Services requested. The BPO Division of NTT may, as part of its Services to its clients, update on their behalf personal information that it processes for such clients.
The BPO Division of NTT will provide individuals with access to their personal information which the BPO Division of NTT holds for its own purposes. The BPO Division of NTT will refer to our clients any requests that it receives for access to information held by us on behalf of our clients. The BPO Division of NTT will assist our clients in responding to requests for access received by us.
The BPO Division of NTT will protect personal information held by us for our own purposes as well as personal information provided to us on behalf of our clients by implementing reasonable physical, technological and administrative safeguards. The BPO Division of NTT will protect information held by us on behalf of our clients against accidental disclosure, unauthorized publication, damage, or other breach of privacy. We have comprehensive physical and logical security policies and procedures, based on industry best practices, to address practices for the secure access, storage, transmission, and disposal/ destruction of information.
The BPO Division of NTT will maintain appropriate security upon the disposal and destruction of records containing personal information.
We restrict access to personal information held by us for our own purposes as well as personal information provided to us on behalf of our clients to those employees who need to know that information to provide the Services. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of personal information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
The BPO Division of NTT shall make available information about its general policies and practices relating to the processing of personal information for our own purposes and on behalf of our clients. The BPO Division of NTT will not make available information respecting its processing or management of personal information for a specific customer except to that customer or as directed by that customer.
QUESTIONS OR CONCERNS
The BPO Division of NTT has procedures in place to receive and respond to complaints and inquiries about our policies and practices relating to the handling of personal information. The BPO Division of NTT will investigate all complaints respecting personal information held by us for our own purposes or on behalf of our clients. If a complaint is found justified, the BPO Division of NTT will take appropriate measures, including, as necessary, amending our policies, providing notice to affected individuals and filing reporting with relevant regulatory bodies. The BPO Division of NTT will assist our clients in responding to questions and complaints respecting personal information maintained by us on behalf of our clients.
For further information on our privacy policies, contact our Privacy Office at:
251 Attwell Drive
Toronto, Ontario M9W 7H4