Below we explain how we collect, use, and preserve or destroy information about our clients, the subjects of our investigations, and associates of subjects of our investigations.
Strategic Investigations has appointed an Information Security Officer who is responsible for the creation, maintenance, implementation, and enforcement of this Information Security Policy. Please submit your communications to our Information Security Officer through the Contact Us section of our website at www.strategicinvestigations.ca or at .
Strategic Investigations and its employees will only collect information about clients if we have a reason to do so - for example, to provide our clients with services, to communicate with clients, to send evidence, documents, or electronic documents to clients as instructed, to record client preferences, and for invoicing and collection purposes.
Strategic Investigations may also use the client information above to conduct due diligence checks to ensure an assignment is legal and ethical to accept, does not pose a physical threat to the subject(s) of the investigation, and to ensure there are no known conflicts of interest associated with accepting an individual assignment.
Strategic Investigations collects the following information from our clients and potential clients, which may be provided to us via our website contact form at strategicinvestigations.ca, by phone, or via email at :
All investigative services performed by Strategic Investigations will be performed in the strictest confidence. There will be no communication with anyone outside of the client (or as instructed, the client’s assistant or colleague) regarding our retention or the work performed by us, without express authorization by the client.
Strategic Investigations and its employees will only collect information about subjects and associates of subjects if we have a reason to do so - for example, to locate the subject of an investigation, to interview a subject, to gather evidence relevant to a legitimate investigation, to serve documents to a subject, or to follow other instructions that our clients provide to us during the course of a legitimate investigation.
Strategic Investigations collects the following information about subjects that our clients provide to us through our website (strategicinvestigations.ca), by phone, or via email at . We may also collect the following information through open (public) sources and/or other legally authorized sources during the course of an investigation:
Collection of personal information shall be limited to the purposes set forth in the assignment. Any intelligence we collect about a subject of an investigation may be used to create objective reports outlining the evidence, as determined by a licensed Investigator to be relevant to the assignment.
Collection of third party information shall be avoided unless the collection of the information is relevant to the overall purpose of collecting information about the subject. For example, information may be collected about a family member of a subject in order to gain a better understanding of the activities and lifestyle or the
location of the subject. Collection of third party information must fall within the bounds of PIPEDA, our Code of Ethics, and our Code of Conduct.
Unnecessary personal information collected about third parties during surveillance will be excluded from our report and/or deleted or depersonalized as soon as practicable.
Upon payment, all work, reports, digital video, and digital photos collected or produced by Strategic Investigations is considered by Strategic Investigations to be the property of the client.
Strategic Investigations retains copies of its reports and evidence in a secure digital repository. We retain the evidence in anticipation of providing witness testimony during future litigation or mediation associated with the investigation, and for the purposes of providing further investigative services with respect to the same ongoing matter. After 7 years with no instructions forthcoming by a client, our report and any related evidence may be deleted and/or destroyed.
Strategic Investigations may retain the report and evidence indefinitely if instructed to do so by a client for a reasonable purpose.
Strategic Investigations’ Information Security Officer will be responsible for determining if and when file information and any associated evidence shall be deleted or destroyed based on this Policy.
Authorized access to closed/archived file information will be granted to employees of Strategic Investigations on a need-to-know basis by the Information Security Officer.
Safeguarding of client information, subject information, assignment information, reports, and evidence is managed by the Information Security Officer. Our information is kept in digital format in a paid, secure, cloud-based program.
Encrypted backups of the information are maintained in a secure off-site location.
Strategic Investigations will provide training to its employees and sub-contractors on the requirement to protect individual privacy rights in alignment with PIPEDA and this Policy.
Strategic Investigations requires its employees and sub-contractors to abide by its Code of Conduct, Code of Ethics, and this Policy. Our standards meet and exceed the industry requirements set out by the Alberta Security & Investigators Act.
Strategic Investigations will provide adequate training to its investigators on the appropriate legal and ethical use of technical equipment used in the course of surveillance.
Strategic Investigations will delete digital information from our secure cloud based systems and hard drives in accordance with current privacy laws and this Policy.
Strategic Investigations will wipe data from any decommissioned storage device and contract a third party physical data destruction company to shred these devices, ensuring no opportunity to retrieve the data remains.
Strategic Investigations requires all users of its programs to set up multi-factor authentication to obtain access.
Strategic Investigations will provide its employees with a secure method of assigning and selecting passwords.
Strategic Investigations requires passwords to be kept in a location or format that does not compromise the security of the information they protect.
Strategic Investigations limits users from further access to our systems after a number of unsuccessful attempts to gain access.
Strategic Investigations ensures that computing devices with access to our systems are configured to lock after a period of inactivity of 10 minutes or less and requiring the user to re-enter their credentials in order to regain access.
Strategic Investigations implements a formal process for requesting, modifying, and removing access to systems or networks used by Strategic Investigations’ employees and sub-contractors. This process is managed by the Information Security Officer.
Strategic Investigations performs annual formal audits on all protections relating to the prevention, detection, investigation, or reporting of actual or potential fraud or breach to ensure we are up to date with industry standards, as well as to ensure compliance with its privacy protection obligations under PIPEDA and all other legislation.
Strategic Investigations captures logs to track all attempts to access its systems and investigates unauthorized access, or attempts thereof, to any of its networks.
Strategic Investigations has malicious software protections in place on all computing devices used by its employees and sub-contractors to respond to actual and potential malicious software issues.
In the event that a breach of privacy or security is discovered, Strategic Investigations consults with a third party technology company to confirm the source of the breach, block further access, add security patches, and implement further actions including, but not limited to, changing passwords.
Encrypted data backups are maintained to restore data loss.