Confidentiality and data security

-

Confidentiality and data security


We are committed to maintaining the confidentiality and security of all personal information that we may collect, use and disclose in accordance with applicable laws and regulations. Confidentiality and data security are of the utmost importance to the Company and we have adopted strict policies to ensure the protection of personal information entrusted to us.

Commitment

We have formalized our commitment to protect the information we collect and generate in the policies governing the way we do business. In these policies, we have established specific guidelines regarding the collection, use and disclosure of personal information. We also have policies and procedures relating to the protection of confidential information from theft, loss, disclosure, unauthorized access or destruction, or any other misuse. 
Our Code of Conduct and Professional Conduct and our Code of Conduct for Third Parties describe our general expectations regarding the processing of personal information by our staff and the third parties with whom we collaborate. These expectations are set out in our official policies regarding personal information collected from the public, employee personal information, cybersecurity and the retention of documents and records. 
Our Privacy Policy  sets out guidelines for the collection, use and disclosure of public personal information, including information from users of our websites and third party social networking sites, or information subscribers to our email alert service. 
We have also adopted an Employee Privacy Policy. This separate policy establishes guidelines for the Corporation's collection, use and disclosure of our employees' personal information in order to establish, maintain or terminate the employment relationship. 
Our Technology and Intellectual Property Security Policy (the "Cybersecurity Policy") sets out the Corporation's expectations of all employees, consultants and subcontractors with respect to the proper use of technology and intellectual property of the Company as well as the protection of cybersecurity.
In addition, our Document and Record Keeping Policy allows us to keep, process and destroy our documents and records, including personal information, in an appropriate manner and in accordance with applicable laws.

Implementation


In accordance with applicable privacy laws, we collect the personal information that is necessary for our business, when we have obtained consent to do so, or as permitted or required by law. All officers and employees receive a copy of our various policies and procedures. 

As part of our annual corporate policy training sessions, we educate our employees about the application of our policies and procedures, including those relating to data privacy and security. The training process is facilitated by a web platform through which the mandatory training module aimed at the Company's Code of Conduct and Professional Conduct and the main company policies must be completed. At the end of the module, in accordance with our annual certification requirements, our employees are required to confirm their compliance with our Code of Conduct and our most important corporate policies.
From time to time, our staff also receive training from industry experts on more specific aspects, such as cybersecurity, as new risks are identified or new systems are implemented.
We have implemented a comprehensive intelligence and cybersecurity program, compared our capabilities with industry best practices, and have implemented threat and vulnerability assessments as well as response capabilities. We continue to invest in security technologies to protect ourselves from, detect and counter cybersecurity threats. For example, we have adopted an Information Technology Security (IT) Incident Response Protocol, which is managed and implemented by both the Vice-President and Controller. and the IT director. We also provide our employees and third-party service providers with guidelines for responding to security breaches that could threaten our data and technology. Power Corporation has not suffered any cybersecurity breaches to date.
It should be noted that as a holding company, we have no clients. Our group companies are responsible for implementing their own policies and procedures to protect the confidentiality of their customers' information. Our main subsidiaries, Great-West Lifeco and IGM Financial, as well as their operating companies, have established confidentiality policies which set out their requirements for the collection, use and disclosure of personal information, including:
  • identify precisely why certain information is being collected; 
  • provide a means for individuals to choose whether or not to consent to the collection of data;
  • provide individuals with a means to verify, correct and delete their data, if applicable;
  • identify where third parties have access to the information, why it is used, and the controls in place to protect the information.
As part of our active participation approach, we are committed to promoting compliance by our subsidiaries with the applicable legislation on confidentiality and data security.

Responsibility

The proper use and protection of information is the responsibility of our entire organization and is based on the diligence of each member of our staff. The Vice President and General Counsel is responsible for overseeing data protection programs, as well as training and compliance with our policies and procedures. The Vice President and Controller is responsible for the administration of our Cybersecurity Policy. If necessary, both report their activities to the audit committee of the board of directors.

Mechanisms for reporting concerns


To report any concerns, submit any inquiries or submit any complaints regarding our privacy policies, our staff and the public should contact the office of the General Counsel. 

Surveillance and monitoring

We are constantly monitoring and improving our IT defense systems and procedures to prevent, detect, resolve and manage threats to cybersecurity. We recognize that these threats continue to evolve. We also participate in industry-established forums and work with our peers to provide intelligence on threats and serious security threats to the financial services industry worldwide.


We carry out periodic audits of our information security systems in order to allow an adequate implementation of our policies and to ensure our compliance with constantly changing regulations, including the General Data Protection Regulation of the European Parliament and the Council of the European Union. We are making the necessary improvements to adapt to regulations. 
Author-bio: Waqas Ahmad works with an expert team of web and mobile app developers at Cybexo Inc, a leading web development services company. He spends his time researching technologies and mobile apps. His work has been published on various distinguished blogs across the web.

Comments

Post a Comment

Popular posts from this blog

Web Copywriting: What is Copywriting?

-
Image
Web Copywriting: What is Copywriting? Copywriting is simply the art of writing to encourage a prospect to take action and then be converted into a client of your business. It's an essential skill for any good marketer who wants to develop his business by increasing his number of customers or improving the relationship he currently has with his own customers. Who are we targeting with copywriting? Absolutely everyone, whether an individual or a professional, each of us is faced with copywriting at least once a day. This sales method is there first and foremost to show how your business has the power to solve a particular problem that the prospect encounters.   What is the difference with SEO writing? The main difference between a copywriter and an SEO writer is primarily based on the purpose of the writing in question. Indeed, where an SEO copywriter will seek to please Google and other search engines so that the referencing of the site on which the articles wil
Read more

A short guide to content marketing:

-
Image
A short guide to content marketing: If you are looking to grow your website traffic and brand popularity, then reading these lines you are on the right track! Definition of content marketing: Content marketing is a rich and vast process to set up, but today this marketing strategy plays a primordial role in digital marketing. It is a priority to increase its visibility and the turnover of its company with the internet. This guide to content marketing will help you understand the concept of content marketing and start organizing your thoughts for integration into your company's marketing strategy. Content marketing, content marketing or even editorial strategy is a marketing strategy that consists in creating and distributing to your customers and prospects, informative, entertaining and high value-added media content. If we were to simply summarize what content marketing is, a short definition would be: Create interesting content to grab the attention of qualif
Read more

Everything you need to know about a company's branding

-
Image
Everything you need to know about a company's branding: The brand image of a company is a source of profit. On the other hand, if this image is bad, it may be the cause of a drop in turnover. Today, consumers want to be close to businesses, to know the people who work on the products and services offered, and even their environment. In addition, competition is fierce on the different and it is imperative to stand out in one way or another. Here's everything you need to know about branding a business. What is the brand image of a company? Before expanding on the brand image of a company, we must give its definition. The brand image is the representation of a company, an institution, or an organization, seen by the consumer. The same company can have several brand images: That which is wanted by the company which sets its objectives and the direction of the messages, That which is perceived by the public and which corresponds to the representations of the company on the audience.
Read more