Canadian privacy laws—such as the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA) — aim to protect the privacy of individuals, and give them the right to access information gathered about them. The laws require organizations to take reasonable steps to safeguard information in their custody or control, and cover personal information that is held and processed by governments and private organizations in data files, registers, and elsewhere.
Ultimately, the responsibility and ownership of personal data lies with our business customers, per the OpenMoves Terms and Conditions. However, OpenMoves commits that third-party services have implemented security safeguards to help them protect the privacy of individuals, based on established industry standards. We have assessed our practices in risk, security, and incident management; access control; data integrity protection; and other areas relative to the recommendations from the Office of the Privacy Commissioner of Canada, and have determined that the in-scope services are capable of meeting those recommendations.