Privacy Policy

Privacy Policy Statement for Customers - May 2004

The following statement outlines Raven’s commitment to ensuring your protection. We are committed
to meeting and exceeding the standards established by federal and provincial privacy legislation.
How does the Personal Information Protection and Electronic Documents Act affect our business?
• Federal and provincial legislation states that your personal information cannot be released to
third parties without your consent. This includes information that could potentially be released
to credit agencies, law offices, other businesses, etc.
What is considered personal information?
• Personal information is any information that pertains to you as an individual. It includes your
age, gender, race, religion, ethnicity, social insurance number, education, medical records, credit
history, etc.
What is NOT considered personal information?
• Personal information does not include information necessary to contact you at your place of
business that has been made publicly available. This includes your name, position or title,
business address, business phone or fax and business e-mail address.
How does Raven use your personal information?
• To establish a line of credit for individuals operating under their own name or individuals
running unincorporated businesses.
• To process payments where a personal cheque or credit card number has been provided.
• To identify the credit rating of individuals and/or officers of a corporation who may be providing
a personal guarantee.
• To track business owners who have defaulted in their payment duties.
To whom does Raven release your personal information?
• For the purposes above, we may have to release your personal information to third parties,
which may include credit agencies, accounts receivable personnel, financial or banking
institutions conducting reference checks, legal offices or to the courts when required by law.
When can Raven release your personal information?
• We can only release your personal information if we have your consent to do so or:
o As explicitly stated in a contract and the information is required.
o When we are required to do so by law.
o When transfers of business are involved.
What measures have been put in place to protect your personal information?
• Appropriate safeguards have been put in place to protect all personal and confidential
information. Security measures to protect both physical and electronic data include locked
filing cabinets, restricted access to filing rooms, use of passwords, encryption and firewalls.
Raven’s privacy commitment to you:
• We will not use or release your personal information for any other purposes than those outlined
in our Privacy Policy, as stated by federal and provincial legislation.
• We will keep your personal information only as long as required for business purposes or as
required by law.
• We will do our best to keep your personal information up to date and accurate.
• We will protect your personal information, electronically and physically, to the best of our
• We will respond to any request that you make to access or amend your personal information.
• We will obtain the appropriate consent from you for the collection, use and release of your
personal information.
Your rights as a customer:
• You have the right to access your own personal information during regular business hours by
contacting our Privacy Officer.
• You have the right to amend errors in your personal information by contacting our Privacy
• You have a right to obtain information about Raven’s procedures and safeguards regarding your
personal information.
• You have the right to the names of individuals, businesses or organizations to whom your personal
information has been released.
• You have the right to refuse to allow us to obtain, use or share certain personal information.
• You can withdraw your consent to collect, use or release your personal information at any time.
Who to contact?
• For any further concerns or questions regarding our Privacy Policy, please feel free to contact
our Privacy Officer during regular business hours.
• Raven will do its best to respond to your concerns in a timely manner.
• For Raven’s detailed Privacy Policy, please refer to our website at or by contacting our Privacy Officer at (780) 436-9949.

Detailed Privacy Policy

Privacy Officer
The Company’s Vice President, Corporate Development, is hereby designated as the Company’s Privacy Officer to
maintain compliance with the 10 Principles included under the Personal Information Protection and Electronic Documents
Act. The Privacy Officer will review and monitor all complaints, enforce the Privacy Policy and ensure its implementation.
Collection and Use of Personal Information
(a) The Company has determined that personal information is collected in the ordinary course of business from various
sources, namely: employees, customers and shareholders.
The Company has documented the purposes for the use of this personal information and will collect only that information
necessary for the purposes identified in its Privacy Policy Statement for Customers (May 2004).
(b) If the personal information collected by the Company will be used for a new purpose, it will also be documented and
consent of the individual will be obtained before the information can be used for that purpose. Collection of the information
will normally be done in writing; however, it may be done verbally.
(c) The Company will not collect personal information indiscriminately. Both the amount and the type of information
collected will be limited to that which is necessary to fulfill the purposes identified.
Obtaining Consent
(a) The Company will make a reasonable effort to ensure that the individual is advised of the purposes for which the
information will be used.
(b) The Company will not, as a condition of the supply of a product or service, require an individual to consent to the
collection, use or disclosure of information beyond that required to fulfill the explicitly specified, and legitimate purposes.
(c) Consent will not be obtained through deception.
(d) Consent may also be given by an authorized representative (such as a legal guardian or a person having power of
(e) An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. The
Company will inform the individual of the implications of such withdrawal.
Accuracy of Personal Information
(a) Information will be sufficiently accurate, complete, and up-to-date to minimize the possibility that inappropriate
information may be used to make a decision about the individual.
(b) The Company will not routinely update personal information, unless such a process is necessary to fulfill the purposes
for which the information was collected.
(c) Personal information that is used on an ongoing basis, including information that is disclosed to third parties, will
generally be accurate and up-to-date, unless limits to the requirement for accuracy are clearly set out.
Protection of Personal Information
The Company will protect personal information against loss or theft, as well as
unauthorized access, disclosure, copying, use, or modification by implementing the
following safeguards and security measures:
(a) Access to personal information is restricted to those employees who require the information to perform their duties.
(b) Personal information that is stored in databases and computer systems is protected by the use of passwords,
encryption files and firewalls.
(c) Personal information in paper form retained in cabinets and desk drawers is locked-up.
(d) Where personal information is transferred to external sources for processing, the Company has entered into
contractual relationships where third parties are involved, in order that such personal information is protected and
Retention of Personal Information
Raven Truck Accessories has developed guidelines and procedures to be adhered to with respect to the retention of
personal information. These guidelines include, amongst other things, minimum and maximum retention periods and
where personal information has been used to make a decision about an individual, such information is retained long
enough to allow the individual access to the information after the decision has been made.
Destruction of Personal Information
Raven Truck Accessories has developed guidelines and procedures to be adhered to with respect to the destruction of
personal information, which includes, amongst other things:
(a) established dates as to when the personal information is no longer required;
(b) how the personal information is to be destroyed, erased, or made anonymous; and
(c) standards of care to be used in the disposal or destruction of personal information, to prevent unauthorized parties
from gaining access to the information.
Communication Materials, Brochures, etc.
The Company will be open about its policies and practices with respect to the management of personal information and it
will include the following information in all of its communication materials, brochures, etc. when communicating to
individuals concerning the Privacy Policy:
(a) the name or title, the address, fax and phone numbers and e-mail address of the person who is accountable for the
Company’s policies and practices and to whom complaints or inquiries can be forwarded;
(b) how to access personal information held by the Company;
(c) a description of the type of personal information held by the Company, including a general account of its use;
(d) a copy of any brochures or other information that explains the Company’s policies, standards, or codes; and
(e) what personal information is made available to related organizations (e.g., subsidiaries).
Access to Personal Information
(a) Upon request, the Company will inform an individual whether or not the Company holds personal information about the
individual. The Company may indicate the source of this information. The Company will allow the individual access to this
information. In addition, the Company will provide details on the use that has been made or is being made of this
information and details of the third parties to which it has been disclosed.
(b) An individual may be required to provide sufficient information to permit the Company to provide details on the
existence, use, and disclosure of personal information. The information provided will only be used for this purpose.
(c) In providing details of third parties to which it has disclosed personal information about an individual, the Company will
attempt to be as specific as possible. When it is not possible to provide a list of the organizations to which it has actually
disclosed information about an individual, the Company will provide a list of organizations to which it may have disclosed
information about the individual.
(d) The Company will respond to an individual’s request within a reasonable time and at minimal or no cost to the
individual. The requested information shall be provided or made available in a form that is generally understandable. For
example, if the Company uses abbreviations or codes to record information, an explanation will be provided.
(e) When an individual successfully demonstrates the inaccuracy or incompleteness of personal information, the
Company will amend the information as required. Depending upon the nature of the information challenged, amendment
involves the correction, deletion, or addition of information. Where appropriate, the amended information will be
transmitted to third parties having access to the information in question.
(f) If a challenge is not resolved to the satisfaction of the individual, the substance of the unresolved challenge will be
recorded by the Company. When appropriate, the existence of the unresolved challenge will be transmitted to third parties
having access to the information in question.
Challenging Compliance, Complaints and Inquiries
(a) Complaints and inquiries relating to the Privacy Policy and access to personal
information shall be directed to:
The Privacy Officer, Raven Truck Accessories,
12912 Yellowhead Trail, Edmonton, AB T5L 3C1
or by e-mail to
or by telephone to: 780-436-9949
or by fax to: 780-437-9135
(b) All correspondence communicated internally and externally regarding the collection and use of personal information,
will include details on how to contact the Privacy
(c) Complaints received by the Privacy Officer will be documented and investigated, indicating the nature of the complaint
and if necessary, communicated to the Privacy Team for review and discussion. If a complaint is found to be justified, the
Company will take appropriate measures, including, if necessary, amending its policies and practices.
Employee Training
(a) The Company will provide all employees, including new hires with a copy of the Privacy Policy Guidelines, Practices
and Procedures relating to employees.
(b) The Company has made its employees aware of the importance of maintaining the confidentiality of personal