Lindy is PIPEDA compliant.
In this article, you'll learn about the essentials of Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and how Lindy achieves compliance with its stipulations. We will:
Briefly discuss PIPEDA and how it applies to companies that do business in Canada
Review the ten Fair Information Principles in PIPEDA and how Lindy complies with their stipulations
PIPEDA and Data Privacy Laws in Canada
Under the Personal Information Protection and Electronic Documents Act (PIPEDA), companies that do business in Canada are required to handle personal information in a manner that respects the privacy of individuals. PIPEDA sets standards for the collection, use, and disclosure of personal information in the course of commercial activities. This federal law mandates that companies obtain consent for collecting, using, or disclosing personal information. It also requires that personal data be handled with a reasonable level of security and only retained for as long as necessary to fulfill the purposes for which it was collected. Data privacy and security is critical for Lindy, and we have designed and built our systems from the ground up to ensure PIPEDA compliance.
What is Personal Information?
Under PIPEDA, "Personal Information" is broadly defined and includes any factual or subjective information, recorded or not, about an identifiable individual. This includes:
Name, age, ID numbers, income, ethnic origin, or blood type.
Opinions, evaluations, comments, social status, or disciplinary actions.
Employee files, credit records, loan records, medical records, existence of a dispute between a consumer and a merchant, intentions (for example, to acquire goods or services, or change jobs).
Home address, email address, phone number.
Physical or mental health, DNA, fingerprints or blood type.
Educational, financial, criminal, or employment history.
PIPEDA's 10 Fair Information Principles
PIPEDA is grounded in ten "Fair Information Principles" that form the foundation of Canada's approach to data privacy. These principles dictate how private sector organizations should collect, use, and disclose personal information in the course of their business activities. These principles ensure a balanced approach that protects individual privacy rights while allowing organizations like Lindy to use data for legitimate business purposes. We'll review each principle below.
1. Accountability
Organizations are responsible for personal information under their control and must designate an individual or individuals accountable for compliance.
At Lindy, we ensure compliance with the Accountability Principle by, among other things, appointing a designated Security Officer, as well as by publishing and adhering to our Privacy and Acceptable Use Policy.
2. Identifying Purposes
The purposes for which personal information is collected must be identified by the organization before or at the time of collection.
Lindy's Privacy Policy, which users are required to read and consent to before signing up, identify the purpose for any personal information collected by Lindy.
3. Consent
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information.
Lindy users are required to read and consent to our Privacy Policy, which governs the collection, use, or disclosure of personal information.
4. Limiting Collection
The collection of personal information must be limited to what is necessary for the purposes identified by the organization.
At Lindy, we collect only the minimal user information necessary to provide our services.
5. Limiting Use, Disclosure, and Retention
Personal information must not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law, and should be retained only as long as necessary.
As specified Lindy's Privacy Policy, We only share user information with our partners, service providers, contractors, agents, and third-party vendors as they need it to fulfill Services or orders, or for other requests users make of us, or as required by law. Additionally, we conduct an annual review of our processes to ensure that personal information use remains limited and relevant to our products.
6. Accuracy
Personal information must be as accurate, complete, and up-to-date as necessary for the purposes for which it is to be used.
Lindy systems automatically validate data input, and we provide users with the capability to verify and correct any factual inaccuracy in their data.
7. Safeguards
Personal information must be protected by security safeguards appropriate to the sensitivity of the information.
At Lindy, we consider privacy and security in every aspect of developing our applications. This includes, for example, state-of-the-art encryption for any information sent from your browser to Lindy's servers, as well as any information that is at rest in Lindy's servers. In addition, all employees at Lindy have individual accounts with limited technical access, and all data and service access is automatically monitored.
8. Openness
An organization must make readily available to individuals specific information about its policies and practices relating to the management of personal information.
Lindy's Privacy Policy is always available for users to review at any time. You can find it in this link.
9. Individual Access
Upon request, an individual must be informed of the existence, use, and disclosure of their personal information and be given access to it.
Lindy provides users with direct access to modify and correct their data on the platform. Additionally, we also comply with data removal requests.
10. Challenging Compliance
An individual shall be able to challenge an organization's compliance with the above principles through the designated individual or individuals accountable in the organization.
Lindy has a designated Security Officer accountable for ensuring security and compliance with PIPEDA stipulations. Please direct any concerns or requests to support@lindy.ai.
You can learn more about Lindy's commitment to PIPEDA compliance, as well as other privacy and security legislation and standards, in our interactive Trust Center.