Reaction Internet Privacy Statement
Reaction Internet ("RI") respects and protects your right to privacy in relation to your interactions with this
website (the "Site") and adheres to the privacy regulations as laid out in the Federal Privacy Act and the Personal
Information Protection and Electronic Documents Act ("PIPEDA") and any other Provincial Statutes enacted as of January 1, 2004.
Information Collected on Behalf of our Clients
AC is a leading service provider of e-business solutions and we are proud of our reputation in this area of our business as a reliable, secure service provider. As the manager of our own hosting solutions, we offer a complete assortment of services to our Clients including scalable managed or self-managed web accounts, full e-mail services, secure web mail, intranets, web-based order management, real-time credit card process and more.
As a data processor and under the direction and authority of our many and various Clients, RI and its associated
companies may collect personal information about you on behalf of our Clients' Web Registration Sites and other e-commerce
Sites that it hosts. Frequently, these Web Registration Sites link directly with our Clients' Web Sites and in fact will often
appear to be seamlessly integrated into our clients' Web Sites even though the Web Registration Site and data processing software is in fact set up and administered by RI.
The personal information that is collected on these Sites will be used and processed in accordance with the privacy policies of our Clients who have authorized and instructed us to set up and operate these various Sites on their behalf. Consequently, we strongly urge you to familiarize yourself with the privacy policies and practices of the Client whose Site you are accessing in order to properly understand how they might use your personal information before submitting it.
Our Clients are ultimately responsible for compliance with all privacy and data protection legislation. If a Client's Site
is e-commerce enabled, RI will share some personal and relevant financial information collected from the Site using SSL
encryption with our merchant service provider(s) and any other relevant financial service provider in order to process any credit or debit card transaction.
Our Clients' Relationship with You Is Important to Us
We pride ourselves on our ability to create and maintain leading communication systems and services that enable our Clients to have ongoing communication with you on value added services, and to establish long-lasting relationships with you that will grow and change to meet your needs.
Personal Information managed by RI
We manage personal information for our Site and on behalf of our Clients. The type of information we usually manage and maintain may include (but may not be limited to) your:
Your Personal Information may be used to:
- Mailing Address
- e-mail Address
- Telephone Number
- Credit Card information
- Identify you (such as when you come back to a Web site)
- Establish and maintain a relationship with you, and to provide you with ongoing service
- Protect you, the Client, and us, against error and fraud
- Comply with legal requirements
Your personal information may also be used to create statistics about our Client's business. The statistics that we provide our Clients typically do not contain any information that would identify you personally.
Our Commitment to Protecting your Privacy
The Principles established by The Canadian Standards Association's ("CSA") Model Code for the Protection of Information form a
major part of PIPEDA. The CSA Model Code Principles describe how organizations should collect, use and disclose personal
The following Ten Privacy Principles govern our collection, use and disclosure of Personal Information and have been developed to reflect both the CSA Model Code Principles and the expectations of our clients:
Principle 1 -Accountability
Principle 2 -Identifying Purposes
Principle 3 -Consent
Principle 4 -Limiting Collection
Principle 5 -Limiting Use, Disclosure and Retention
Principle 6 -Accuracy
Principle 7 -Safeguarding Information
Principle 8 -Openness
Principle 9 -Individual Access
Principle 10 -Challenging Compliance
Principle 1 - AccountabilityPaul Tomori, Privacy Officer
EMail: Privacy Officer, Reaction Internet firstname.lastname@example.org
AC is responsible for personal information under its control. In that regard, it has designated a Privacy Officer to ensure
RI complies with these Ten Privacy Principles. To inquire about RI's privacy practices, provide feedback or
comments or inquiry about access to your personal information, please contact:
Principle 2 - Identifying Purposes
RI shall identify the purposes for which personal information is collected at or before the time such information is
collected. When visiting our Site, as a practice, user sessions are logged but not linked to any personally identifiable
information. You remain anonymous unless RI deems it necessary to identify you for the purpose of protecting our
service, site, users, or others.
The personal information collected on this Site will be used to operate the Site and to provide the service(s) or carry out
the transaction(s) you have requested. The only information collected that is used to identify you is that which you give
voluntarily. When you submit a question or comment, you may be asked for your name and/or email address, or other information. This information is only used to process and respond to your question or comment. The personal information you submit through the Site is secure once it reaches the RI server.
As RI collects and hosts Customer data on behalf of our Clients, this data remains the exclusive property of our
Clients. Unless we have explicit instructions to do so by the Client, we do not rent, trade, or otherwise disclose client data in any format (electronic or other) to any of our other Clients, nor to any third party - individual, company or organization.
It is the exclusive responsibility of the Client to ensure that each of the Customer records contained within their data set was consented to, be collected for the purpose(s) intended as detailed in the section of the Federal Act and in PIPEDA covering the collection, use and disclosure of personal information.
Principle 3 - Consent
The knowledge and consent of RI Clients are required for the collection, use and disclosure of personal information,
except where required or permitted by law. By accessing the Site, you are consenting to the information collection and use practices described in this privacy statement.
Collecting information on behalf of our Clients
It is the exclusive responsibility of the Client to ensure that each of the customer records contained within their data set was consented to, be collected for the purpose(s) intended as detailed in the section of the Federal Act and in PIPEDA covering the collection, use and disclosure of personal information. We only collect, use, and disclose your personal information on direct instructions from our Client, except where otherwise permitted by law.
It is always your choice whether or not you consent to the Client instructing us to manage your personal information. However, a decision to withhold certain, or all, personal information may restrict or prevent us from providing the services to you as instructed by our Client. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. To withdraw your consent, simply contact the Client and advise them of what personal information you no longer wish stored.
Principle 4 - Limiting Collection
RI is privileged to have been delivering exceptional e-business services for more than a decade. To make this possible,
there are a number of ways we gather personal information; for which the purpose, circumstances, retention and safekeeping are
determined in advance. Personal information shall be retained as long as necessary to provide the services requested and
fulfill all administrative requirements resulting from your request. The collection of personal information shall be limited to that which is necessary for the purposes identified by RI. Personal Information shall be collected by fair and lawful means.
Principle 5 - Limiting Use, Disclosure and Retention
Your name, email address or any other information you may have shared, or choose to share with us in the future, will never be sold, traded, rented, given away or used for any other purpose than to provide you with the information or services you have requested or is required by law.
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of our Client or as required by law. Personal information shall only be retained as long as necessary for the fulfillment of those purposes.
RI may disclose personal information if required to do so by law or in the good faith belief that such action is
necessary to (a) conform to the edicts of the law or comply with legal process served on RI or its Site; (b) protect
defend the rights or property of RI and our family of Sites; or (c) act in urgent circumstances to protect the personal
safety of RI employees or agents, users of RI products or services, or members of the public.
The length of time we retain personal information varies depending on the purpose for which it was collected and used. When your personal information is no longer needed we have procedures to either destroy, delete, erase or convert it to an anonymous form.
Principle 6 - Accuracy
Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is used.
RI permits real time access to the customer database to make changes or deletions to personal information.
Collecting information on behalf of our Clients
It is the exclusive responsibility of the Client to ensure that each of the customer records contained within their data set is as accurate, complete and up-to-date. To make changes to your personal information records, contact the Client.
Principle 7 - Safeguarding Information
RI has invested significantly in a hardware infrastructure that embraces the highest standards available to protect the
security of its Clients' databases (which includes the personal information of individuals collected and processed through the Web Registration Sites). For security and reliability, all sites are hosted on LINUX systems with no external terminal users. For maximum uptime and to guard against catastrophic circumstances (i.e. fire, server connectivity failure, etc), we provide quadruple redundant servers located in geographically different locations.
Our server systems are located in a highly secured facility with 24/7 manned security personnel, constantly monitored by a team of technicians trained in systems management, intrusion detection and network oversight, protected by fire suppression and other disaster preventions, provisioned with an extraordinary uninterrupted power supply system along with two room-filling diesel-powered backups. Our various proprietary computer software systems and Web Registration Sites have also been carefully developed. We audit our procedures and security measures regularly to ensure that they are being properly administered and that they remain effective and appropriate. Only authorized individuals have access to the information provided by our Clients and their Customers. Any particularly sensitive information, such as a Customer's credit card number, is encrypted prior to transmission.
Secure Socket Layer (SSL)
Each Web Registration Site that RI hosts for a Client that 'processes' financial or credit card information of
individuals is developed using the industry standard SSL encryption technology.
Principle 8 - Openness
RI shall make readily available to its Clients specific information about its policies and practices relating to the
management of Personal Information.
Principle 9 - Individual Access
Upon making a request in accordance with this Policy, an RI Client shall be informed of the existence, use and
disclosure of his or her personal information and shall be given access to that information. A Client shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Principle 10 - Challenging CompliancePaul Tomori, Privacy Officer
Mail: Privacy Officer, Reaction Internet, email@example.com
Any RI Client shall be able to address a challenge concerning compliance with these Ten Privacy Principles to
RI's Privacy Officer:
Cookies are simple text files that web browsers place on computer hard drives when sites are visited. Cookies cannot damage
average time spent, page views, selections made for reservations or shopping carts and other statistics relating to the use of our Site. Our Cookies pose no security risk to you, as they contain no personal information, only a special string that tells the service that you are a past user of the Site. No personal information is stored within the Cookies and is set to expire when you close your browser.
Other Web Sites
RI and its associate companies/services may include links to other third party sites that are not governed by this
privacy statement. RI shall not be responsible for the privacy practices of other third party web sites. We therefore
suggest that you examine the privacy policies or statements of those sites to better acquaint yourself with their information collection, use and disclosure practices.
Contact Us Please write to:
Paul Tomori, Privacy Officer
EMail: Privacy Officer, Reaction Internet, firstname.lastname@example.org
If you have questions, concerns, or complaints about the privacy of your personal information collected and managed for us or by us on behalf of our Clients, you may contact us at the address listed below. If a complaint is found to be justified, appropriate measures will be taken including, if necessary, amending our practices and procedures.
RI reserves the right to update or modify this Privacy Statement at any time. AC, and all of their affiliated
operations, assumes no liability for interpretation, alteration or misuse of information transmitted over the Internet.