CCTF Privacy Policy

Consent:

By submitting personal information to CCTF Corporation or its division, affiliates and subsidiaries (collectively "CCTF"), you agree that CCTF may collect, use and disclose such personal information in accordance with the Privacy Policy set out below and as permitted or required by law. Subject to legal and contractual requirements, you may refuse or withdraw your consent to certain of the identified purposes at any time by contacting the CCTF Chief Privacy Officer. If you refuse or withdraw your consent, CCTF may not be able to provide you or continue to provide you with products and services. If you provide CCTF with personal information of another individual, you represent that you have all necessary authority and/or have obtained all necessary consents from such person to enable CCTF to collect, use and disclose such personal information.

Purpose:

To regulate the collection, use and disclosure of personally identifiable information of employees, customers or other individuals, and to ensure compliance with privacy legislation.

Overview:

CCTF, as a leading master distributor of steel pipe and piping products, must collect personal information from employees, customers or other individuals in order to conduct its business, maintain records, and provide benefits and services to these parties.

Principles:

As an organization, the collection of such personal information shall be governed by the following principles:

Accountability:

The General Counsel shall be the Chief Privacy Officer and shall oversee the administration of this policy and the development of information gathering and handling practices.

Openness:

Individuals from whom information is collected shall be advised that CCTF has policies and practices in place to securely manage such information.

Identify the Purpose:

The specific purposes for which personal information is collected and used shall be clearly identified and explained, in writing where possible, to the individual at or before the time the information is collected.

Obtaining Consent:

The informed consent, in writing where possible, of the individual is required for the collection, use, or disclosure of personal information. There are limited circumstances where consent may not be possible and the Chief Privacy Officer shall be consulted prior to the collection, use or disclosure of the personal information of an individual without their consent. A new consent shall be obtained from the individual if the personal information is to be used for a purpose other than that for which it was originally collected. The individual is entitled to withdraw their consent at any time, and, with limited exceptions, this shall prohibit the corporation from making any further use of the information.

Limiting Collection:

The collection of personal information shall be limited to that which is necessary for the specific purposes identified. Information shall be collected by clear, fair and open means.

Limiting Use, Disclosure, and Retention:

Personal information shall not be used or disclosed for purposes other than those for which it was collected except with the consent of the individual or as required by law. Personal information must be retained only as long as necessary for the fulfillment of those purposes, or as required by law, and thereafter destroyed in a secure manner ensuring the confidentiality of the personal information.

Accuracy:

Personal information, and any disclosure of such information, shall be as accurate, complete, and up to date as is necessary for the purposes for which it is to be used.

Security:

Personal information, regardless of the format in which it is held, shall be protected by adequate security safeguards, including physical measures, technological tools and organizational controls, to protect against loss, theft or unauthorized access. Access to personal information shall be permitted strictly on a “need to know” basis.

Access:

Upon request, and no later than thirty days thereafter, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information, except in some limited circumstances. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate. The Chief Privacy Officer shall be advised of all such challenges.

Recourse:

An individual shall be able to address any complaint concerning compliance with the above principles to the Chief Privacy Officer. The Chief Privacy Officer shall initiate an investigation into the complaint, notify the individual of the outcome of the investigation, and correct any compliance problems identified.

Contact Information for the Chief Privacy Officer:

Mark Whitley
General Counsel
1108 Dundas Street
London, Ontario
N5W 3A7
Tel: 519-645-3929
Fax: 519-645-2465