HORSESHOE RESORT'S TEN PRIVACY PRINCIPLES:
Principle 1 -Accountability
Principle 2 - Identifying Purposes for Collection of Personal Information
Principle 3 - Consent
Principle 4 - Limiting Collection of Personal Information
Principle 5 - Limiting Use, Disclosure of Retention of Personal Information
Principle 6 - Accuracy
Principle 7 - Security Safeguards
Principle 8 - Openness
Principle 9 - Individual Access
Principle 10 - Handling Inquiries and Challenges
Policy is as follows:
- The Policy applies to personal information about Horseshoe Resort's customers and other individuals that is collected, used or disclosed by Horseshoe Resort.
- The Policy does not apply to information about Horseshoe Resort's corporate customers; however, such information is protected by other Horseshoe Resort policies and practices and through contractual arrangements.
- The Policy does not apply to information about Horseshoe Resort's employees; however, such information is protected by other Horseshoe Resort policies and practices.
- This Policy is subject to change, and may be supplemented or modified by additional terms applicable between Horseshoe Resort and an individual.
Collection - the act of gathering, acquiring, recording, or obtaining personal information.
Consent - voluntary agreement with the collection, use and disclosure of personal information for defined purposes. Consent can be either express, implied or deemed, and can be provided directly by the individual or by an authorized representative. Express consent can be given orally, electronically or in writing. Implied consent is consent that can reasonably be inferred from an individual's action or inaction. Deemed consent is consent that is deemed to be given pursuant to applicable legislation or other regulations.
Disclosure - making personal information available to a third party.
Horseshoe Resort – Skyline Horseshoe Valley Inc. and their subsidiaries and certain designated affiliates, as they may exist from time to time.
Personal information - information about an identifiable individual, but does not include aggregated information that cannot be associated with a specific individual. Personal information also excludes certain information as is excluded pursuant to applicable legislation or other regulations, such as publicly available information or business contact information, as and when applicable.
Third party - an individual or organization outside Horseshoe Resort.
Use - the treatment, handling and management of personal information by and within an organization.
Principle 1 - Accountability
Horseshoe Resort is responsible for personal information under its control and shall designate one or more persons who are accountable for Horseshoe Resort's compliance with the following principles.
1.2 Horseshoe Resort shall make known, upon request, the title of the person or persons designated to oversee Horseshoe Resort's compliance with the Policy.
1.3 Horseshoe Resort is responsible for personal information in its possession or under its control. Horseshoe Resort shall use appropriate means to protect personal information while information is being processed by a third party on behalf of Horseshoe Resort (see Principle 7).
1.4 Horseshoe Resort shall implement policies and procedures to give effect to the Policy, including:
b) establishing procedures to receive and respond to inquiries or complaints;
c) training and communicating to staff about Horseshoe Resort's policies and practices;
d) developing public information to explain Horseshoe Resort's policies and practices.
Principle 2 - Identifying Purposes For Collection Of Personal Information
Horseshoe Resort shall identify and document the purposes for which personal information is collected at or before the time the personal information is collected or, when appropriate, at or before the time the personal information is used for a new purpose.
2.1 Horseshoe Resort collects personal information for the following purposes:
a) to establish and maintain a responsible commercial relationship with customers;
b) for purposes identified to individuals or purposes obvious to individuals, in respect of particular collections of personal information;
c) to meet legal and regulatory requirements;
d) to understand needs and preferences of individuals;
e) to develop, enhance, market and/or provide products and services; and,
f) to manage and develop Horseshoe Resort's business and operations, including transfer of data among affiliated entities.
Further references to "identified purposes" mean the purposes identified in this Principle.
2.2 Horseshoe Resort shall, as appropriate, specify orally, electronically or in writing the identified purposes to the individual at or before the time personal information is collected. Upon request, persons collecting personal information shall explain these identified purposes or refer the individual to a designated person within Horseshoe Resort who shall explain the purposes.
Principle 3 - Consent
The knowledge and consent of an individual are generally required for the collection, use or disclosure of personal information. In certain circumstances personal information can be collected, used or disclosed without the knowledge and consent of the individual, such as in the case of an emergency where the life, health or security of an individual is threatened.
Horseshoe Resort may disclose personal information without knowledge or consent to a lawyer or other advisor representing Horseshoe Resort, to collect a debt, to comply with a subpoena, warrant or other court order, or as may be otherwise required or authorized bylaw.
3.1 In obtaining consent, Horseshoe Resort shall use reasonable efforts to ensure that an individual is advised of the identified purposes for which personal information will be used or disclosed. Purposes shall be stated in a manner that can be reasonably understood by the individual.
3.2 Generally, Horseshoe Resort shall seek consent to use and disclose personal information at the same time it collects the information. However, Horseshoe Resort may seek consent to use and disclose personal information after it has been collected, but before it is used or disclosed for a new purpose.
3.3 Horseshoe Resort will require individuals to consent to the collection, use or disclosure of personal information as a condition of the supply of a product or service only if such collection, use or disclosure is reasonably required to fulfill the identified purposes.
3.4 In determining the appropriate form of consent, Horseshoe Resort shall take into account the sensitivity of the personal information and the reasonable expectations of an individual.
3.5 Where consent is required for a particular use or disclosure, an individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Individuals may contact Horseshoe Resort for more information regarding the implications of withdrawing consent.
Principle 4 - Limiting Collection Of Personal Information
Horseshoe Resort shall limit the collection of personal information to that which is necessary for the purposes identified by Horseshoe Resort and as permitted by law.
4.1 Horseshoe Resort collects personal information primarily from the individual to whom the information relates.
4.2 Horseshoe Resort may also collect personal information from other sources including credit bureaus or other third parties who represent that they have the right to disclose the information, or as otherwise permitted by law.
Principle 5 - Limiting Use, Disclosure And Retention Of Personal Information
Horseshoe Resort shall not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Horseshoe Resort shall retain personal information only as long as necessary for the fulfillment of those purposes or as required or permitted by law.
5.1 Horseshoe Resort may disclose an individual's personal information to:
a) a person who in the reasonable judgment of Horseshoe Resort is seeking the information as an agent of the individual;
b) a company or individual employed by Horseshoe Resort to perform functions on its behalf, such as but not limited to research or data processing;
c) another company or individual for the development, enhancement, marketing or provision of any of Horseshoe Resort's products and services;
d) an agent used by Horseshoe Resort to evaluate the individual's credit worthiness or to collect the individual's account;
e) a credit reporting agency;
f) a public authority or agent of a public authority, if in the reasonable judgment of Horseshoe Resort, it appears that there is imminent danger to life or property which could be avoided or minimized by disclosure of the information;
g) another entity as part of a merger, a sale of assets of all or part of a business, or any other corporate change or re-organization; and,
h) a third party or parties, where the individual consents to such disclosure or disclosure is required or permitted by law.
5.2 Only Horseshoe Resort employees with a business need to know, or whose duties reasonably so require, are granted access to personal information about individuals.
5.3 Depending on the circumstances, where personal information has been used to make a decision about an individual, Horseshoe Resort shall retain, for a reasonable period of time, either the actual information or the rationale for making the decision.
5.4 Horseshoe Resort shall maintain reasonable and systematic controls, schedules and practices for information and records retention and destruction which apply to personal information that is no longer necessary or relevant for the identified purposes or required or permitted by law to be retained. Such information shall be destroyed, erased or made anonymous.
5.5 Where appropriate, Horseshoe Resort may communicate updates of personal information to third parties.
5.6 Horseshoe Resort may engage affiliates or third party service providers for the purpose of providing services or processing information on behalf of Horseshoe Resort, and we may transfer or disclose personal information to such parties in connection with such purposes. Some divisions, affiliates or third party service providers may be located in other jurisdictions, and information in their custody (i) may or may not be subject to privacy legislation similar to that applicable to Horseshoe Resort, and (ii) may be subject to laws applicable in such jurisdictions that permit access to such information by foreign governments or law enforcement agencies or by others.
Principle 6 - Accuracy
Horseshoe Resort shall take steps to ensure that personal information is as accurate, complete and up-to-date as is appropriate for its purposes.
6.1 Personal information used by Horseshoe Resort shall be sufficiently accurate, complete and up-to-date to minimize the possibility that in appropriate information maybe used to make a decision about an individual.
6.2 Horseshoe Resort shall take all reasonable steps to update personal information about individuals as and when reasonably necessary to fulfill the identified purposes or as reasonably requested by the individual.
Principle 7 - Security Safeguards
Horseshoe Resort shall protect personal information by security safeguards appropriate to the sensitivity of the information.
7.1 Horseshoe Resort shall take appropriate and reasonable steps to protect personal information against such risks as loss or theft, unauthorized access, disclosure, copying, use, modification or destruction.
7.2 Horseshoe Resort shall take appropriate and reasonable steps to protect personal information disclosed to third parties, for example by contractual agreements stipulating the confidentiality of the information and the purposes for which it is to be used.
Principle 8 - Openness
Horseshoe Resort shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
8.1 Copies of the Policy will be made available upon request.
8.2 Horseshoe Resort shall make information about its policies and procedures easy to understand, including:
a) the title and addresses of the person or persons accountable for Horseshoe Resort's compliance with the Policy and to whom inquiries or complaints can be forwarded;
b) the means of gaining access to personal information held by Horseshoe Resort;
c) a description of the type of personal information held by Horseshoe Resort, including a general account of its use.
Principle 9 - Individual Access
Upon request, Horseshoe Resort shall inform an individual of the existence, use and disclosure of his or her personal information, at a minimal or no cost to the individual. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
9.1 In certain situations, Horseshoe Resort may not be able to provide access to all the personal information that it holds about an individual. For example, Horseshoe Resort may not provide access to information if doing so would likely reveal personal information about a third party or could reasonably be expected to threaten the life or security of an individual. Also, Horseshoe Resort may not provide access to information if disclosure would reveal confidential commercial information, if the information is protected by solicitor-client privilege, if the information was generated in the course of a formal dispute resolution process, or if the information was collected in relation to the investigation of a breach of an agreement or a contravention of a law. If access to personal information cannot be provided, Horseshoe Resort shall, upon request, provide the reasons for denying access.
9.2 In order to safeguard personal information, an individual may be required to provide sufficient identification information to permit Horseshoe Resort to authorize access to the individual's file.
9.3 Individuals can seek access to their personal information by contacting the Privacy Officer at Horseshoe Resort.
9.4 Horseshoe Resort will endeavor to respond to all requests within 30 days or, in any event, as required or permitted by applicable law.
Principle 10 - Handling Inquiries And Challenges
An individual shall be able to address a challenge concerning compliance with the above principles to the designated person or persons accountable for Horseshoe Resort's compliance with the Policy.
10.1 Horseshoe Resort shall maintain procedures for addressing and responding to all inquiries or complaints from individuals about Horseshoe Resort's handling of personal information.
10.2 Horseshoe Resort shall inform its customers about the existence of these procedures as well as the availability of complaint procedures.
10.3 The person or persons accountable for compliance with this Policy may seek external advice where appropriate before providing a final response to individual complaints.
Chief Privacy Officer: Sean Billing Email: firstname.lastname@example.org
Attn: Chief Privacy Officer
1101 Horseshoe Valley Road,