What is PIPEDA?

The primary aim of the Personal Information Protection and Electronic Documents Act (PIPEDA)  is to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within Canada.  The regulation contains provisions and requirements related to the processing of personal data of individuals who are located in Canada. PIPEDA only applies to private sector organizations when they engage in commercial activity.  All businesses that operate in Canada and handle personal information that crosses provincial or national borders are subject to PIPEDA, regardless of the province or territory in which they are based (including provinces with substantially similar legislation).

Any organization that holds personal data are subject to PIPEDA if it is located within Canada or provides services or goods to individuals residing in Canada. PIPEDA applies even if the data processing takes place outside of Canada.

Which Data Elements Fall under PIPEDA?

Personal Data or Personally Identifiable Information (PII) is any information that can be used to directly or indirectly identify an individual.  This includes data information, such as names, ID numbers, postal addresses, phone numbers, date of birth, browser cookies, IP addresses, financial information, information on devices, geo-location information, consumer preferences, advertising identifiers, and social media information.

What Is Not Covered by PIPEDA?

There are some instances where PIPEDA does not apply. Some examples include:

Business contact information such as an employee’s name, title, business address, telephone number, or email address is collected, used, or disclosed solely to communicate with that person concerning their employment or profession.

Zumigo’s PIPEDA Policy

Zumigo is committed to continually examining and reviewing its practices and policy on how we protect individual personal information. PIPEDA will help drive a stronger framework of requirements for personally identifiable information of individuals in Canada.

Zumigo has an established Global Privacy Policy and a team of privacy professionals. Our Global Privacy Policy process includes:

  • Updates to our Privacy Statement and internal policies and process.
  • Providing continuous efforts to support privacy and data protection by re-assessing and improving our PIPEDA & privacy policy enforcement through process improvements and updates to support any regulation changes.
  • Design and implement a process to allow individuals in Canada to exercise their rights, which include accessing, modifying, and deleting their personal information.

Zumigo provides products or services that are offered to its enterprise customers.  The enterprise customers collect personal data from their own products and services offered to their consumers. Zumigo does not store Personally Identifiable Information (PII) data and only acts as an agent to process PII data on behalf of its enterprise customers.

Zumigo’s enterprise customers are legally required to protect personal data according to PIPEDA. The data protection requirements should be clearly determined by all parties with data protection terms in their agreements to ensure the customer’s personal data is properly processed as required by the PIPEDA.

Contact Us

You may contact us if you have general questions or concerns about this PIPEDA Policy Statement or how we process your Personal Data.

Our Privacy & Data Protection Team can be contacted at privacy@zumigo.com.  You can also contact us by writing to:

Zumigo, Inc.
ATTN: Privacy & Data Protection Unit
2001 Gateway Place, Suite 435E
San Jose, CA 95110
USA

Resources

Zumigo Global Privacy Policy Statement

Effective Sept 4, 2020