Carlson Marketing – Relationship Results.

Carlson Marketing Ltd. believes in protecting the privacy of Customers. When we collect personal information from a Customer – whether online, over the phone, or in person – we follow the privacy principles of applicable Canadian law including the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Canadian Marketing Association (CMA). These are our ten promises to customers:

1. Notice. When we collect your personal information, we'll give you timely and appropriate notice describing what personal information we're collecting, how we'll use it, and the types of third parties with whom we may share it.
2. Choice. We'll give you choices about the ways we use and share your personal information, and we'll respect the choices you make.
3. Relevance. We'll collect only as much personal information as we need for specific, identified purposes, and we won't use it for other purposes without obtaining your consent.
4. Retention. We'll keep your personal information only as long as we need it for the purposes for which we collected it, or as permitted by law.
5. Accuracy. We'll take appropriate steps to make sure the personal information in our records is accurate.
6. Access. We'll provide ways for you to access your personal information, as required by law, so you can correct inaccuracies.
7. Security. We'll take appropriate physical, technical, and organizational measures to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
8. Sharing. Except as described in this policy, we won't share your personal information with third parties without your consent.
9. International Transfer. If we transfer your personal information to another country, we'll take appropriate measures to protect your privacy and the personal information we transfer.
10. Enforcement. We'll regularly review how we're meeting these privacy promises, and we'll provide an independent way to resolve complaints about our privacy practices.

To access your information, ask questions about our privacy practices, change your marketing preferences, or issue a complaint, contact us at:

Carlson Marketing Ltd.
Privacy Officer
2845 Matheson Blvd. E
Mississauga, ON
L4W 5K2
1-888-965-6055
privacy@carlsoncanada.com

Scope of this Policy

This Policy covers the privacy practices relating to this Site. To learn more about Carlson Marketing Ltd. privacy practices, see our Frequently Asked Questions – Data Privacy, which, with our ten privacy promises, comprise our Privacy Policy. This Policy may be supplemented or amended from time to time by Privacy Notices provided at the time we collect your personal information. For example, certain pages of our Websites may contain Privacy Notices providing details about the personal information we collect on those pages, why we need that information, and choices you may have about the ways we use that information. In other cases, specific Privacy Notices may be required to comply with the privacy laws of some countries. Our Privacy Notices are part of this Policy.

This Policy is effective as of December 7, 2006.

Frequently Asked Questions – Data Privacy

• Who are we?
  Carlson Marketing Ltd. has been an industry leader in relationship marketing for over 50 years. Carlson Marketing Ltd. is a subsidiary of Carlson Companies, a global leader in the marketing, travel, and hospitality industries.
• How can someone learn about our privacy practices?
  When we ask for your personal information, we'll let you know how you can find out about our privacy practices. If we're asking you for information online - on this Site, for example - we'll provide a link to this Policy. If we're asking you to complete a paper form, we'll include a privacy notice and additional points of contact for your questions. If you're contacting us by phone, our operators will be able to answer your privacy questions or point you in the proper direction. If you have any questions or concerns about our privacy practices, you may contact us.
• What is "personal information"?
  Personal information - as defined in the Personal Information Protection and Electronic Documents Act (PIPEDA) – is “Information about an identifiable individual but does not include the name, title or business address or telephone number of an employee of an organization.” Personal information collected, stored or disclosed on this Site can include age, marital status, credit history, home and e-mail address and telephone number.
• What personal information do we collect about you?
  The information we request from you is dependent on the program you enroll in and the services and products you obtain or use on this Site. Common types of information we collect include contact information such as name, address, and phone number; verification information such as date of birth; and financial information such as credit-card number or bank-card number.
  
  Information Sent To Us By Your Browser. Like most commercial websites, we collect information that is sent to us automatically by your web browser when you access this Site. This information typically includes the IP address of your Internet service provider, the type of your operating system, and the type of your browser. The information we receive depends on the settings on your web browser. Please check your browser if you want to learn what information your browser sends or how to change your settings. We use this information to create statistics that help us improve our Site and make it more compatible with the technology used by our visitors.
  
  The information provided by your browser does not identify you personally. However, we may review our server logs for security purposes, such as detecting intrusions into our network. If we suspect criminal activity, we might share our server logs -- which contain visitors' IP addresses -- with the appropriate investigative authorities who could use that information to trace and identify individuals. In addition, if you access this site through an e-mail we have sent you, or if you've created a "user identity" during one of your visits, we may link the information provided by your browser to information in our records that identifies you personally.
  
  Information Collected Using "Cookies." Like many commercial websites, we use "cookies." A cookie is a small text file that is placed on your hard disk by a Web server. Cookies cannot be used to install computer programs or deliver viruses to your computer. We may use two types of cookies – “session cookies” and “persistent cookies.”
  
  We use "session cookies" to assign a randomly-generated unique identification number to your computer. A session cookie expires after you close your browser. We use session cookies to collect information about the ways visitors use our Sites – which pages they visit, which links they use, and how long they stay on each page. We analyze this information, known as "clickstream data," to better understand our visitors' and members' interests and needs, and to improve the content and functionality of our Sites and programs.
  
  We may also use "persistent cookies." These cookies do not expire when you close your browser, but stay on your computer until they expire or you delete them. Each time you visit our Sites, our Web server will recognize your cookie. By assigning your computer a persistent, unique identifier, we're able to create a database of your previous choices and preferences. In situations where these choices or preferences need to be collected again, they can be provided by us automatically, saving you time and effort. Assigning your computer a persistent, unique identifier also helps us keep a more accurate account of how many people visit our Sites, how often they return, how their use of our Sites may vary over time, and the effectiveness of our promotional efforts.
  
  If you access this Site through an e-mail we have sent you or you've created a "user identity" during one of your visits, we may link the information provided by our cookies to information in our records that identifies you personally.


• Email comments, questions or responses
  When you send us an e-mail or when you ask us to respond to you by e-mail, we learn your exact e-mail address and any information you have included in the e-mail.
  
  We use your e-mail address to acknowledge your comments and/or reply to your questions, and we will store your communication and our reply in case we correspond further. We will not sell your e-mail address to anyone outside Carlson Marketing Ltd. We may use your e-mail address to send you information about offers on products and services that we believe may be of interest to you. If you don't want us to contact you by e-mail with offers on products and services, you may tell us so at any time.
  
  If you have asked us to put you on an e-mail mailing list to provide you with certain information on a regular basis, or if we send you information about our offers on products and services by e-mail, you may ask us to remove you from the list at any time (using the unsubscribe instructions provided with each e-mail).
  
  Remember that e-mail sent over the Internet is generally unencrypted. We recommend that you use caution when forwarding free-format email messages to us and that you do not include confidential information (such as account numbers) in those messages, as they are not encrypted.
  Important Information About Preventing Email Fraud: From time to time, fraudulent -emails may be circulated to you claiming to have been issued by entities or Canadian banks, requesting customers to verify their personal and/or account information. Customers are often asked to click on a link in the e-mail that directs them to a pop-up window or modified online login page to enter their respective bank's login ID and password.
  
  We will never send e-mail messages to customers requesting confidential information such as passwords or account numbers. Please do not act on any such e-mails as you may compromise your account or other information with us by following links to a counterfeit Internet site(s).
  
  E-mail disclaimer: For your protection, do not send confidential or personal information (e.g. account numbers, etc.) via e-mail, as it is NOT a secure method of communication. If your request is urgent or requires disclosure of confidential or personal information for resolution, please contact us.
  


• What steps do we take to make sure your personal information is accurate?
  If you have provided information to this Site, you may update or correct key information relating to your account at any time by visiting your profile on this Site. We take appropriate security measures to protect your personal information from unauthorized alteration. If you become aware that any of the personal information in our records is inaccurate or has been altered, please contact us.
• How can you access your personal information?
  The easiest way to access and review your key account information is to visit your profile on this Site. However if this site does not have a profile page, or if you have additional questions regarding your personal information, please contact us. We will respond promptly within the time limits established by applicable law. For your protection, we may ask you for additional information to verify your identity. In most cases, we will provide the access you request and correct or delete any inaccurate information you report. In some cases, however, we may limit or deny your request if the law permits or requires us to do so.
• How do we use your personal information?
  We use your personal information to administer the Program; to invoice you if applicable; to maintain your account; and to communicate with you regarding your account and other aspects of the administration of the Program such as sending marketing/promotional communications if permission has been given.
• Do we share your information with other companies?
  Data is not shared with third parties for their marketing purposes unless you have consented to such sharing.
  
  We may share your personal information with companies and organizations that perform services on our behalf. For example, if you are enrolled in one of our loyalty based programs where you can redeem points for merchandise we may need to send your information to the manufacturer of the product you have ordered if it is housed at their location. This use of your information would be to fulfill your order only and not for any other purposes. If you are utilizing one of our enhancement services, e.g., Legal Sense, we would need to share your information with the appropriate supplier in order for you to receive the benefit of the enhancement services.
  
  In order to fulfill requested services for some membership programs, Carlson Marketing will share your information with the appropriate third parties. The third party will then use your information to put you in touch with those as needed to fulfill the service you requested.
  
  There are other, limited circumstances in which we or the companies with which we share your personal information may share or transfer your personal information to unrelated third parties. For example, we may provide personal information to a third party when we believe it is necessary to prevent or investigate a possible crime, such as fraud or identity theft; to comply with a court order or subpoena; to comply with a legal requirement; to protect your vital interests; or in connection with a sale, purchase, merger, reorganization, financing, liquidation, dissolution, or similar event. When we disclose information under these or similar circumstances, we’ll take appropriate steps to limit use and protect the confidentiality of your personal information.
• Does our Site use spyware?
  Our Site does not use spyware. The term "spyware" refers to a software program that, when installed on your computer, changes settings, displays advertising, or tracks your Internet behavior and reports information back to a central database. Spyware is usually installed on your computer without your knowledge and can be very difficult to remove.
• How long do we keep your personal information?
  We keep your personal information for as long as we need it for the purposes for which it was collected, or to which you have consented, or as permitted by applicable law. Generally, this means that we’ll keep your information as long as you have an active account. If, however, you choose to close your account with us we will eliminate your personal information from our records, unless an applicable law requires us to retain your personal information for some period of time.
• Responding to games, contest or surveys
  When you submit your response to a survey question or enter one of our contests, we learn your answer or any opinions or information that you volunteer.
  We will use your personal information for the purpose of awarding a prize in a contest. We may use your submission to come up with the survey results, and we may publish those results in aggregate on our Site. We may also use your response to improve our products or services or those of our suppliers. Based on your response, we may forward information about our offers on products and services, with your permission, that we believe may be of interest to you.
  
• Visiting our information sites
  When you go directly to the information portion of our websites including any on this Site and move from page to page, read pages or download content onto your computer, we learn which pages are visited, what content is downloaded, and the address of websites that you visited immediately before coming to our websites. However, none of this is associated with you as an individual. It is measured only in aggregate.
  
  We use this information to find out how many people visit our websites and which sections of the sites are visited most frequently. This helps us to know what type of information is most useful to you so that we can improve our websites and make it easier for you to access information. We record the statistical information on the numbers of visitors to our websites, but no information about you in particular will be kept or used.
  
• Do we transfer your personal information outside your country of residence?
  Our Sites and our data are hosted on servers located in Canada. Our call centres are also primarily located in Canada, although we may at times use supplemental facilities located in other countries.
  
  When we transfer your personal information to another country, we’ll take appropriate measures to protect your privacy and personal information. In addition, no matter where we transfer your personal information, it will remain subject to the terms of this Policy and your privacy preferences.
  
  You should know that different countries have different data-protection laws, some of which provide more protection than others. By using our Sites and participating in the related programs, you are consenting to the transfer of your personal information to any country in the world, but only in accordance with the terms of this Policy.
• How do we protect your personal information?
  We maintain appropriate physical, technological, and organizational safeguards to protect your personal information against loss, misuse, unauthorized access or disclosure, alteration, and destruction. For example, our data networks are protected by firewalls and intrusion-detection sensors. Only employees who have a “need-to-know” are authorized to access member accounts, and only after they’ve been trained on our security procedures.
  
  Although we use reasonable measures to help protect your personal information and comply with applicable data security laws, it's important that you understand that no website or database is completely secure, or "hacker proof." You can protect yourself and help us prevent computer crime by carefully guarding your password. If you believe the security of your account has been breached, contact us as soon as possible.
  
  To ensure the integrity and protection of your information with any of Carlson Marketing Ltd.’s third party service providers, we ensure that all of these companies sign non-disclosure agreements and are held to the same standard that we comply with.
• What about links to other websites?
  This Site and our other sites may contain links to other websites. If you do find a link and follow it, please take a few minutes to review terms of use and privacy policies on the other website as they are not governed by this Policy.
• How do we enforce our privacy promises?
  We communicate our privacy promises to our employees and train employees handling member information on their roles and responsibilities in protecting your privacy. We regularly assess the privacy and security practices of our Sites, databases, and other member-information systems to identify ways we can improve our data practices.
• How do we make notification of changes to this Policy?
  We reserve the right, at our discretion, to change, modify, add, or remove portions of this Policy at any time. The level of notice we'll provide when we change this Policy will depend on the nature of the change. In any event, changes to this Policy may affect our use of personal information that you provided us prior to the effective date of the changes.
  
  Minor Changes. If we make only minor changes to this Policy, we'll replace this Policy with the new Policy and change the "Effective" date at the top of this Policy. We will also provide a notice at the top of this Policy for at least 30 days after the new effective date and highlight the changes in the Policy so that you can locate them easily. Your continued participation or use of this Site following a minor change to this Policy will indicate your acceptance of the revised Policy. Minor changes include, for example, changes to our contact information.
  
  Material Changes. We'll notify you of any material changes to this Policy by sending you a notice by e-mail at the last e-mail address you provided us. Our notice may include a link or direct you to visit this Site to review the revised Policy. We'll also provide a notice at the top of the revised Policy for at least 30 days after the new effective date and highlight the changes in the Policy so that you can locate them easily.
  
  Material changes to this Policy will be effective as of the effective date included in the notice to you or, if no effective date is included, 30 calendar days after we send the notice to you at the last e-mail address you provided us. Please note that you are responsible for updating your profile via this Site so that your contact information is always current. If the last e-mail address you provided us is not valid or current, or if for any other reason is not capable of delivering to you the notice described above, our mailing of the notice to your last e-mail address will nonetheless constitute effective notice of the changes described in the notice.
  
  You expressly agree that communication of material changes as described above will be sufficient notice of material changes to this Policy and you agree to assume responsibility for reviewing the modified Policy. Your continued participation in the Program following such notice will indicate your acceptance of the revised Policy. If you don't agree to the changes in our Policy, you must notify us prior to the effective date of the changes that you wish to deactivate your account with us.
• What if your concern is not addressed to your satisfaction?
  If your privacy concern isn’t addressed to your satisfaction, you may contact us and if this your concern still hasn’t been addressed to your satisfaction, you may contact:

  The Office of the Privacy Commissioner
  112 Kent Street
  Place de Ville
  Tower B, 3rd Floor
  Ottawa, Ontario
  K1A 1H3