Privacy Policy

Integrity, Confidentiality, Professionalism and Experience are the cornerstones on which the Council of Professional Investigators – Ontario (CPIO) has built its reputation.

We are committed to the highest ethical standards as to the protection of personal information and acknowledge the importance of national standards. “Personal information” means information in any format, which is about an identifiable individual (other than the name, title, business address or phone number of any employee of an organization).

CPIO protects personal information in accordance with the requirements of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), which sets out standards pertaining to the collection, use and disclosure of personal information. CPIO will only collect personal information on individuals where there is a potential contravention of the law, a breach of agreement or other circumstances that permit us to legally collect this information under the laws of Canada. We have implemented the CPIO Code of Conduct, which complies with the principles outlined in the CSA Model Code for the Protection of Personal Information.

1. Accountability

CPIO acknowledges that it is responsible for personal information collected and maintained by it or which is under its control. We protect information with appropriate physical, technological, organizational safeguards and security measures.

• Our organization has taken appropriate measures to develop procedures to:
• Protect personal information
• Receive and respond to complaints and inquiries
• Train our employees about policies and practices relating to the protection of personal information
• Distribute information explaining our policies and practices relating to the protection of personal information.

We have designated an individual within our organization as our Chief Privacy Officer, who may be responsible for coordinating our organization’s compliance with the following principles and can be contacted at info@cpiontario.ca. 

2. Identifying Purposes

CPIO will only collect personal information on individuals where there is a potential contravention of the law, a breach of agreement or other circumstances that permit us to legally collect this information under the laws of Canada. All assignments received from our corporate, government, and other clients will be vetted to ensure their requests for information are compliant with PIPEDA. We collect personal information for the sole purpose of providing investigative services to clients. Personal information that we collect is your name, email, contact information, license number, business or agency information. Members have the option to hide this information from the public if they choose to. Additional purposes for which personal information is collected or used by our organization may be identified at the time of collection.

3. Consent

CPIO will obtain the appropriate consent from individuals for the collection, use or disclosure of personal information except where the law provides an exception (outlined in Section 7 of the Personal Information Protection and Electronics Act, S.C. 2000, c.5 (PIPEDA). We may obtain express consent for the collection, user disclosure of personal information, or when we determine that consent has been applied by the circumstances. acknowledges that it is responsible for personal information collected and maintained by it or which is under its control. We protect information with appropriate physical, technological, organizational safeguards and security measures.

Express consent is specific authorization given by the individual to CPIO, either orally or in writing. Implied consent is when the CPIO has not received a specific consent but the circumstances allow us to collect, use, or disclose personal information.

In most incidences, obtaining the knowledge and consent of individuals would defeat the purpose of an investigation, in particular with respect to a breach of an agreement or contravention of a law. Personal information will only be collected, used and disclosed by CPIO employees without consent in accordance with Section 7 of the Personal Information Protection and Electronics Documents Act, S.C. 2000, c.5 (PIPEDA) or under other lawful means.

• Is an “investigative body” further to the regulation made pursuant to section 26(1)(a.01) of the said Act
• Is licensed and regulated by the ministry of the Solicitor General in Ontario

An individual may withdraw his consent at any time upon reasonable notice, subject to legal or contractual restrictions, by contacting the privacy officer designated in principle 1.

4. Limiting Collection

CPIO limits the collection of personal information to that which is necessary for the purposes identified by our organization. Personal information will only be collected by fair means in accordance with applicable laws. Personal information maintained by our organization shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.

5. Limiting Use, Disclosure and Retention

Personal information will not be used or disclosed by CPIO for purposes other than those for which it was originally collected, except with the consent of the individual or as required by law. The length of time we retain personal information varies depending on the purpose for which it was collected and used. This period may extend beyond the end of the particular relationship but only for so long as it is necessary for us to have sufficient information to respond to any issue that may arise at a later date. When personal information is no longer needed we have procedures to either destroy, delete, erase or convert it to an anonymous form.

6. Accuracy

Personal information maintained by our organization shall be as accurate, complete, and up-to-date as is necessary for is intended purposes. Our goal is to minimize the possibility that inappropriate information may be used to make a decision. The process for ensuring accuracy and compliance will involve:

• Initial collection from client
• Client will be asked to verify accuracy and completeness
• Regular reviews; and
• Verifying accuracy by contacting third parties

If a significant error or omission is identified, we will correct or amend the information as appropriate. Where necessary, we will send such corrected or amended information to third parties who have had access to the information in question.

7. Safeguards

CPIO will safeguard all personal information under our control in a manner that is appropriate to the sensitivity of the information. We will take all the physical security measures necessary including alarming and properly locking our facilities and/or locking all personal information in secure filling cabinets.

• Personal information collected or maintained by CPIO will be protected by appropriate safeguards. These safeguards include:
• Physical security measures, such as security alarms, video surveillance and locked offices and cabinet storage
• Secure Socket Layer in place where you would enter bank or credit card information
• No storage of credit card or bank information in our database or on our websites server
• Computer safeguards such passwords and network and Internet controls

Internal security measures, including restricted computer access and limited access to personal information collected by our organization. We take precautions in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to information. These measures include:

• Ensuring that no one may retrieve personal information after disposal
• Shredding documents before recycling them
• Deleting electronically stored information

8. Openness

We will make readily available to individuals requesting specific information about our policies and procedures relating to the management of personal information that is under our control.

Forward any inquiries to the Chief Policy Officer identified in principle 1. Access to personal information may be denied for a number of reasons as outlined in principal 9. When lawful exceptions apply, our organization shall provide a detailed reason for the denial.

9. Individual Access

Upon request, an individual will be informed of the existence, use and disclosure of his or her personal information, which is under our control, and may be given access to and be permitted to challenge the accuracy and the completeness of that information.

• There are lawful exceptions that will prevent us from providing access, which include, but are not limited to the following:
• Personal information about another person might be revealed.
• Commercially confidential information might be revealed.
• Someone’s life or security might be compromised.
• The information was collected without consent for the purposes related to an investigation of a breach or an agreement or contravention of a law or other lawful exemption.
• The information was generated during the course of a formal dispute resolution process.
• The information is protected by the Solicitor/Client privilege.
• When restricted from providing this disclosure under Section 25 (1) of the Private Investigations and Security Guards Act; Revised Statutes of Ontario 1990 Chapter P.25.

10. Compliance

An individual may address a challenge concerning CPIO’s compliance with the principles governing the collection, use or disclosure of personal information by referring any inquiries to the Chief Privacy Officer.

The Council of Private Investigators – Ontario reserves the right to amend this Privacy Statement at any time at its discretion by posting a new Privacy Statement at this location. Any changes to this Privacy Statement will be in compliance with applicable privacy laws.