Norbord is an international forest products company which manufactures and markets a range of building material and paper products in North America and Europe.
In the course of its business activities, Norbord may collect certain personal information about its individual customers, suppliers and other stakeholders, in accordance with applicable laws.
“Personal information” means information about an identifiable, individual person. This may include, without limitation, the individual’s address, age, gender, income, employment status, credit history, debts and liabilities, personal preferences and other information. Personal information does not include the name, title, business address or telephone number of an employee of an organization.
2) THE TEN PRINCIPLES OF PRIVACY
Principle 1 – Accountability
Norbord is accountable for all personal information in its possession, including personal information disclosed to third parties for purposes of providing products and services requested by customers, employees, suppliers and other stakeholders.
Principle 2 – Identifying Purposes for Collection of Personal Information
Norbord will identify the purpose for which it is collecting personal information, before or at the time the information is collected. Some of the purposes for which Norbord collects, uses or discloses personal information are described in section 3 below.
Principle 3 – Consent for Collection, Use or Disclosure of Personal Information
An individual’s knowledge and consent is required for the collection, use or disclosure of his or her personal information, unless otherwise permitted by law. Consent can be express or implied and may be given through an authorized representative. Consent can be withdrawn at any time upon written request to the Norbord Privacy Officer, subject to legal or contractual restrictions and reasonable notice. Norbord may collect, use or disclose personal information without knowledge or consent in exceptional circumstances, such as where permitted or required by law.
Principle 4 – Limiting Collection of Personal Information
The information collected from an individual will be limited to those details necessary for the purposes identified by Norbord. Information will be collected by fair and lawful means.
Principle 5 – Limiting Use, Disclosure and Retention of Personal Information
Personal information will only be used or disclosed for the purposes for which it was collected, unless the individual has otherwise consented, or when it is required or permitted by law. Personal information will be retained by Norbord only as long as necessary to fulfill the purposes for which it was collected.
Principle 6 – Accuracy of Personal Information
Norbord will keep personal information as accurate, complete and current as necessary for the purposes for which it is to be used. An individual may have his or her information amended as appropriate where it is found to be inaccurate or incomplete.
Principle 7 – Safeguarding Personal Information
Personal information is safeguarded using measures appropriate to the sensitivity of the information.
Principle 8 – Openness Concerning Policies and Practices
Norbord will make information available to individuals about its policies and practices related to the management of personal information. This information is available on the Norbord web site, www.norbord.com, or through alternate means upon request to the Norbord Privacy Officer.
Principle 9 – Access to Personal Information
As required by applicable laws, Norbord will inform an individual of the existence, use and disclosure of his or her personal information upon request, and subject to certain exceptions, will give the individual access to that information. If Norbord declines to provide such access for lawful reasons, Norbord will explain the reasons, except where prohibited by law.
Principle 10 – Addressing Complaints and Suggestions
3) APPLICATION OF THE TEN PRIVACY PRINCIPLES
What kind of information does Norbord collect?
Norbord gathers and uses personal information in order to provide customers, suppliers and other stakeholders with the products and services requested or to offer additional products or services these stakeholders may be interested in. Providing Norbord with personal information is the choice of each individual. However, Norbord may not be able to provide certain products or services if certain information is not provided.
The nature of each request will determine the kind of personal information Norbord might request.
Norbord may keep a file with contact history to be used for inquiry purposes so that it may ensure that individuals are satisfied with Norbord’s products and services.
How does Norbord use personal information?
Norbord and its agents, affiliates and service providers may collect, use and/or disclose personal information for the following purposes;
- To communicate with stakeholders and maintain commercial relations in order to provide products and services., to administer accounts, make and receive payments, and fulfill contractual obligations;
- To monitor its products and service and report back to individuals to ensure their satisfaction with the provision of such products and services.;
- To consider whether Norbord or any of its affiliates should establish or continue a commercial relationship, including without limitation, to extend credit and to evaluate credit standing and to match credit bureau or credit reporting agency information, to check references and to confer with banking institutions;
- To distribute our promotional information and other material to individuals on our mail and e-mail lists;
- To develop, enhance, market, sell, provide and inform individuals of Norbordâ€™s products and services;
- To manage and develop Norbord’s and its affiliates’ businesses and operations;
As permitted by, and to comply with, any legal or regulatory requirements or provisions; and
- For any other purpose to which an individual consents.
When May Norbord Disclose Personal Information?
(i) When authorized by the individual
Certain of the products and services offered by Norbord may require it to obtain personal information in order to perform the services it has been engaged to provide. Norbord will use this information to tailor programs to meet the needs and objectives of the person requesting the services.
(ii) When required by law
The type of information Norbord is legally required to disclose usually relates to government taxation and employment reporting requirements. In some cases, such as under a court order, Norbord may be required to disclose certain information to persons specified in the court order.
(iii) When permitted by law
Privacy legislation provides for certain situations where Norbord is legally permitted to disclose personal information without consent. Examples include without limitation situations involving the collection of debt in arrears, medical emergencies, or suspicion of illegal activities.
With Whom May Norbord Share Information?
Norbord cannot share information without consent unless otherwise permitted by law. However, from time to time Norbord may need to provide information to the following persons for the purposes set out above.
(i) Norbord Employees
(ii) Norbord Affiliates
(iii) Norbord Third Party Suppliers
(iv) Financial Institutions
(v) Agents of the Individual
(vi) Other Third Parties
Norbord may disclose personal information to third parties with the consent of the subject individual or where disclosure is required or permitted by law.
How Does Norbord Safeguard Information?
Norbord has controls in place to maintain the security of its information and information systems. Appropriate controls are placed on Norbord’s computer systems and data processing procedures. Physical access to areas where personal information is gathered, processed or stored is limited to authorized employees.
Is Norbord’s Web Site Secure?
Norbord offers customers access to certain information through its web site. www.norbord.com provides general information about Norbord and the products and services it offers. This site also links to the web sites of Norbord subsidiaries.
Norbord will ensure that any information accessed or provided through these sites remains secure.
Norbord’s subsidiaries may collect information that identifies users who require secure access to Norbord sites or who send Norbord correspondence via the internet. Norbord’s various systems log information about which users access the system and what options are used. In the case of correspondence to Norbord, Norbord only uses information contained within such communications to respond to the user or to identify how to best resolve the situation outlined in the message. Norbord may collect such correspondence, but no further information (other than what is needed to resolve the matter) will be collected.
How do I access and amend my information?
To access personal information in accordance with Principle 9, individuals should make a written request to the Norbord Privacy Officer.
How do I opt out or withdraw my consent?
4) QUESTIONS, CONCERNS AND COMPLAINTS
One Toronto Street, Suite 600
Phone: (416) 365-0705 or 1-888-667-2673
Fax: (416) 365-7989