The Sigma Loyalty Group (“Sigma”) believes in protecting the privacy of Customers. When we collect personal information from a Customer – whether online, over the phone, or in person – we follow the privacy principles of applicable Canadian law including the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Canadian Marketing Association (CMA). These are our ten Privacy Promises to customers:
1. Notice. When we collect your personal information, we will give you timely and appropriate notice describing what personal information we are collecting, how we will use it, and the types of third parties with whom we may share it.
2. Choice. We will give you choices about the ways we use and share your personal information, and we will respect the choices you make.
3. Relevance. We will collect only as much personal information as we need for specific, identified purposes, and we won’t use it for other purposes without obtaining your consent.
4. Retention. We will keep your personal information only as long as we need it for the purposes for which we collected it, or as required by law.
5. Accuracy. We will take appropriate steps to make sure the personal information in our records is accurate.
6. Access. We will provide ways for you to access your personal information, as required by law, so you can correct inaccuracies.
7. Security. We will take appropriate physical, technical, and organizational measures to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
8. Sharing. Except as described in this policy, we won’t share your personal information with third parties without your consent.
9. International Transfer. If we transfer your personal information to another country, we will take appropriate measures to protect your privacy and the personal information we transfer.
10. Enforcement. We will regularly review how we are meeting these privacy promises, and we will provide an independent way to resolve complaints about our privacy practices.
To access your information, ask questions about our privacy practices, or issue a complaint, contact us by:
When we ask for your personal information, we will let you know how you can find out about our privacy practices. If we are asking you for information online – on this Site, for example -- we will provide a link to this Policy. If we are asking you to complete a paper form, the form will include the online address to access this Policy. If you are contacting us by phone, our Customer Service Representatives will provide you with the answers you need. If you have any questions or concerns about our privacy practices, you may email or write to our Privacy Officer at:
Personal information – as defined in the Personal Information Protection and Electronic Documents Act (PIPEDA) – is “Information about an identifiable individual but does not include the name, title or business address or telephone number of an employee of an organization.” Personal information collected, stored or disclosed on this Site can include age, marital status, credit history, home and e-mail address and telephone number.
The information we request from you is dependent on the program you enroll in and the services and products you obtain or use on this Site. Common types of information we collect include contact information such as name, address, and phone number; verification information such as date of birth; and financial information such as credit-card number or bank-card number.
Information Sent To Us By Your Browser. Like most commercial websites, we collect information that is sent to us automatically by your web browser when you access this Site. This information typically includes the IP address of your Internet service provider, the type of your operating system, and the type of your browser. The information we receive depends on the settings on your web browser. Please check your browser if you want to learn what information your browser sends or how to change your settings. We use this information to create statistics that help us improve our Site and make it more compatible with the technology used by our visitors. The information provided by your browser does not identify you personally. However, we may review our server logs for security purposes, such as detecting intrusions into our network. If we suspect criminal activity, we might share our server logs -- which contain visitors’ IP addresses -- with the appropriate investigative authorities who could use that information to trace and identify individuals. In addition, if you access this site through an e-mail we have sent you, or if you’ve created a “user identity” during one of your visits, we may link the information provided by your browser to information in our records that identifies you personally.
Information Collected Using “Cookies.” Like many commercial websites, we use “cookies.” A cookie is a small text file that is placed on your hard disk by a Web server. Cookies cannot be used to install computer programs or deliver viruses to your computer. We use “session cookies” to assign a randomly-generated unique identification number to your computer. A session cookie expires after you close your browser. We use session cookies to collect information about the ways visitors use our Site – which pages they visit, which links they use, and how long they stay on each page. We analyze this information, known as “clickstream data,” to better understand our visitors’ and members’ interests and needs, and to improve the content and functionality of this Site and our Program. We may also use “persistent cookies.” These cookies do not expire when you close your browser, but stay on your computer until they expire or you delete them. Each time you visit our Sites, our Web server will recognize your cookie. By assigning your computer a persistent, unique identifier, we are able to create a database of your previous choices and preferences. In situations where these choices or preferences need to be collected again, they can be provided by us automatically, saving you time and effort. Assigning your computer a persistent, unique identifier also helps us keep a more accurate account of how many people visit our Sites, how often they return, how their use of our Sites may vary over time, and the effectiveness of our promotional efforts. If you access this Site through an e-mail we have sent you or you’ve created a “user identity” during one of your visits, we may link the information provided by our cookies to information in our records that identifies you personally.
Information from Mobile Apps. If you use one of our mobile apps for the service, we may also collect mobile device-related information such as your device type/model, operating system and version in order to enable access to the services you have requested.
When you send us an e-mail or ask us to contact you by e-mail, we obtain your e-mail address and any information you have included in the e-mail. We use your e-mail address to acknowledge your comments and/or reply to your questions. Your e-mail and our response will be stored by us as confirmation of our communication. We will not sell or otherwise share your e-mail address to anyone outside of Sigma. We may use your e-mail address to send you information about offers on products and services that we believe may be of interest to you. If you don't want us to contact you by e-mail with offers on products and services, you may tell us so at any time. If you have asked us to put you on an e-mail mailing list to provide you with certain information on a regular basis, or if we send you information about our offers on products and services by e-mail, you may ask us to remove you from the list at any time by using the unsubscribe instructions provided with each e-mail. E-mails are generally not encrypted over the internet and therefore are unprotected. For your protection, do not include personal or confidential information (such as account numbers) when sending email messages to us. If your request is urgent, or requires disclosure of confidential or personal information for resolution, please contact us by phone.
Preventing Email Fraud: We will NEVER send email messages to you requesting confidential information such as passwords or account numbers. From time to time, you may receive fraudulent e-mails claiming to have been issued by a Canadian bank or other reputable business, requesting you to verify your personal and/or account information. These e-mails often contain a link that directs you to a pop-up window or modified login page to enter your login ID and password. Do not act on any such emails. Following links to a counterfeit Internet site can compromise your account. If you have concerns, contact the business affected by phone. For your protection, do not send confidential or personal information (e.g. account numbers, etc.) via e-mail. It is NOT a secure method of communication.
Information by Telephone. If you contact us by telephone, we may monitor and/or record your discussions with our customer service representatives for our mutual protection to confirm our discussions with you. We may also use your call for coaching and training purposes.
If you have provided information to this Site, you may update or correct key information relating to your account at any time by visiting your profile on this Site. We use appropriate security measures to protect your personal information from unauthorized alteration. If you become aware that any of the personal information in our records is inaccurate or has been altered, please contact us immediately at 1-800-263-1020.
The easiest way for you to access and review your key account information is to visit your profile on this Site. However if this site does not have a profile page, or if you have additiona l questions regarding your personal information, please contact us at 1-800-263-1020. When you contact us, we will take reasonable steps to verify your identity before granting access or making corrections. We will respond to your request for access, update, and/or correction in a reasonable time. Certain changes to your personal information may be subject to legal restrictions and, if applicable, these will be communicated to you.
The personal information we collect is used to provide the products and services you have requested. It is also used to:
We do not share customer information with third parties for their marketing purposes. We may transfer or disclose personal information with our trusted service providers who assist in the fulfillment of our services to you. For example, if you are utilizing one of our enhancement services, such as Legal Sense, we would need to share your information with the appropriate supplier in order for you to receive the benefit of that service. Our service providers are given only the information they need to perform their designated functions, and they are not authorized by us to use or disclose your personal information for any other purpose. We require our service providers to protect personal information which has been provided to them in a manner that is consistent with our privacy and security practices.
Legal Disclosures. There are other, limited circumstances, in which we or the companies with which we share your personal information, may share or transfer your personal information. These would be in response to:
We, or our service partners, may also disclose personal information where necessary to:
In the event we are required by law to disclose personal information, we will take reasonable steps to verify the lawful authority for the collection, and disclose only the information that is legally required.
Our Site does not use spyware. The term “spyware” refers to a software program that, when installed on your computer, changes settings, displays advertising, or tracks your Internet behavior and reports information back to a central database. Spyware is usually installed on your computer without your knowledge and can be very difficult to remove.
We keep your personal information for as long as we need it for the purposes for which it was collected, or to which you have consented, or as permitted by applicable law. Generally, this means that we will keep your information as long as you have an active account. If, however, you choose to close your account with us we will remove your personal information from our records, unless an applicable law requires us to retain your personal information for a longer period of time.
We maintain industry standard physical, technological, and administrative safeguards to protect your personal information against loss, misuse, unauthorized access or disclosure, alteration, and destruction. For example, our data networks are protected by firewalls and intrusion-detection sensors. Only employees who have a “need-to-know” are authorized to access member accounts, and only after they have been trained on our security procedures. We review our security procedures regularly to ensure that they are properly administered and remain effective and appropriate. To ensure the integrity and protection of your information with any of Sigma’s third party service providers, these companies are contractually required to safeguard information in a manner consistent with our privacy and security policies. Although we use reasonable measures to help protect your personal information and comply with applicable data security laws, it is important that you understand that no website or database is completely secure, or “hacker proof.” You can protect yourself and help us prevent computer crime by carefully guarding your password. It is your responsibility to restrict access to your user name and password so that only you may gain entry to your personal information online. If you have concerns that the security of your account has been compromised, contact Customer Service immediately at 1-800-263-1020.
We communicate our privacy promises to our employees and train employees handling member information on their roles and responsibilities in protecting your privacy. We regularly assess the privacy and security practices of our websites (including this Site), databases, and other member-information systems to identify ways we can improve our data practices.
We reserve the right, at our discretion, to change, modify, add, or remove portions of this Policy at any time. Changes to this Policy may affect our use of personal information collected prior to the effective date of the changes. The level of notice we will provide when we change this Policy will depend on the nature of the change. Your continued participation or use of this Site following a change to this Policy will indicate your acceptance of the revised Policy.
Minor changes. If we make changes that do not impact how we collect, use, or disclose personal information, we will replace this Policy with the revised Policy and change the “Effective” date at the beginning of this document. Minor changes may include, for example, changes to our contact information.
Material Changes. If we make changes that affect how we collect, use, or disclose personal information, we will provide a notice at the top of the revised Policy for at least 30 days after the new effective date and highlight the changes in the Policy so that you can locate them easily.
Our Sites and our data are hosted on servers located in Canada. Our call centres are also primarily located in Canada, although we may at times use supplemental facilities located in other countries. When we transfer your personal information to another country, we will take appropriate measures to protect your privacy and personal information. In addition, regardless of where we transfer your personal information, it will remain subject to the terms of this Policy and your privacy preferences. By using our Sites and participating in the related programs, you are consenting to the transfer of your personal information to any country in the world, but only in accordance with the terms of this Policy.
We take our commitment to privacy seriously. We will investigate and respond in a reasonable time to your questions or concerns about the privacy of your personal information and our privacy procedures. You may contact us by: