Touchstone Institute Privacy Policy

Please note: Touchstone Institute exam policies do not necessarily apply to assessments conducted on behalf of other organizations.

Last updated: May 8, 2023


Our Privacy Policy

We value the trust that you have placed in Touchstone Institute (“Touchstone”, “we”, “our”, or “us”) and protecting your personal information is our priority. This Privacy Policy (“Policy”) discloses the practices of Touchstone, including our affiliated entities, regarding the collection, use, safeguard, disclosure, transfer, access, disposal and other processing (collectively, “Processing”) of personal information of individuals who engage with Touchstone for our support, services or otherwise, access or use our application(s) (“Application”), or visit our website(s) (“Website”) or contributes to Touchstone’s social media platforms. For the purposes of this Policy, personal information (“Personal Information”) shall mean information that can identify an individual directly or indirectly.

This Policy is Touchstone’s way of making sure you are fully informed and affirms our commitment to maintaining the accuracy, confidentiality, and security of Personal Information. Touchstone respects your privacy and is committed to protecting your Personal Information in line with all applicable laws and regulations governing the Processing of Personal Information.

A person writing on a form

Effective Date and Right to Withdraw Consent

This Policy is effective as of the date “Last Updated”, above, and will remain in effect except with respect to any of its provisions that are changed in the future. We reserve the right to change this Policy at any time, and we will notify you of such changes. Changes, modifications, additions, or deletions will be posted to the Website and Application. Subject to the notice that you will receive, your continued use of the Website or Application after we post any such modifications will constitute your acknowledgement of the modified Policy and your agreement to abide and be bound by the modified Policy. We will also revise the “Last Updated” date found at the beginning of this Policy when we post changes to it. Changes to this Policy will otherwise be made in accordance with the terms of this Policy.

Subject to certain legal and contractual limitations, you have the right to withdraw your consent from us Processing your Personal Information. This may limit our ability to provide you with our services, act on your behalf or engage with you as you would like. To withdraw your consent to certain Processing by Touchstone, you may declare to the Privacy Officer (contact information provided below) in writing, at any time, of your desire to withdraw consent. Touchstone will inform you of the implications of such withdrawal and will implement your request within thirty (30) days of your written request. Any withdrawal of consent will apply thereafter and not to information handling practices that have been previously undertaken based on prior consent.

Touchstone will not knowingly obtain consent from those individuals who are minors, seriously ill, or mentally incapacitated and we shall therefore obtain consent from a parent, legal guardian or person having power of attorney of such an individual.

If you are an individual who is a minor, you must access or use the Website or the Application only with the permission and involvement of your parent or guardian.

As previously mentioned, we may make unilateral changes to this Policy. When doing so, we will: (a) send you a notice that specifies the elements of the contract that will be amended unilaterally; and (b) send you, at least 30 days before the amendment comes into force, a written notice setting out exclusively the new clause, or the amended clause and the clause as it read formerly, the date of the coming into force of the amendment and your rights to refuse the amendment and rescind or cancel the contract without cost, penalty or cancellation indemnity by sending us a notice to that effect no later than 30 days after the amendment comes into force, if the amendment entails an increase in your obligations or a reduction in ours. Such amendment will not apply to essential elements of the Policy.

Icon of consent form being signed

Managing Your Personal Information

Limiting the Collection and Processing of Personal Information

Touchstone takes care to ensure that Personal Information you provide to us is accessed internally only by individuals that require access to perform their tasks and duties, and externally only by service providers with a legitimate purpose for accessing it. We will not use or disclose any collected Personal Information outside of the purposes described in this Policy unless you have otherwise consented or it is required or permitted by law.

We do not sell, trade, rent or otherwise share for marketing purposes the Personal Information that we collect with third parties, unless you consent or authorize us to do so. We limit the Personal Information provided to the aforementioned affiliate and third-party service providers to the extent necessary for them to provide the services. We do not allow these third-party service providers to use your Personal Information for their own purposes and only permit them to access and process your Personal Information for specified purposes and in accordance with our instructions. Such service providers are required by contract to safeguard any Personal Information disclosed or transferred by us.

Accuracy of Personal Information

Touchstone takes all reasonable steps to keep your Personal Information as accurate, complete and up-to-date as necessary to fulfill the purpose for which your Personal Information has been collected. If desired, you may verify the accuracy and completeness of your Personal Information in our records with our Privacy Officer.

Despite our efforts, errors sometimes do occur. Should you identify any incorrect or out-of-date Personal Information in your file, we will remedy any such errors on a timely basis. You may request correction of the Personal Information we hold about you, though we may need to verify the accuracy of the new information you provide to us. If inaccurate Personal Information is mistakenly sent to a third party, we will communicate relevant changes to the third party where appropriate.

Retention of Personal Information

Touchstone will store your Personal Information only for as long as is reasonably necessary to fulfill the purpose for which the Personal Information was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Once your Personal Information is no longer needed, we will securely and effectively dispose of it.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Request for Access to Personal Information and Processing

You may request access to your Personal Information, which enables you to receive a copy of the Personal Information we have collected from you and information about how we are Processing it. We may need to request specific information from you to help us confirm your identity and right to access your Personal Information. This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. Touchstone may not always be able to comply with your request for access to Personal Information for specific reasons which you will be notified of, if applicable, at the time of your request.

Request for Deletion or Removal of Personal Information

Subject to legal and contractual requirements and reasonable notice, you may withdraw your consent at any time or request that we delete your Personal information. We may not always be able to comply with your request for deletion of Personal Information for specific legal reasons which you will be notified of, in writing, within thirty (30) days of the time of your request. Please note that, without such consent, we may not be able to provide you with services or products if your Personal Information was necessary for us to be able to provide them.

Request for Transfer of Personal Information

You may request the transfer of your Personal Information to a third party. Touchstone will provide your Personal Information to the third party you have chosen in a structured, commonly used, machine-readable format. This request may only apply to automated information which you initially provided consent for us to use or where we used the Personal Information to perform a contract with you.

Protecting Your Personal Information

Integrity and Security

Touchstone uses industry standard measures, including administrative, organizational, technical, and physical safeguards, to help protect Personal Information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. We implement measures and processes to help us to keep your Personal Information secure and to maintain its quality, such as keeping electronic files in a secured environment with restricted access and use. We regularly review our security and related policies to adapt the technology as new threats evolve and monitor our systems to help ensure the highest level of availability. If you have any questions about the security of our Website, you can reach out to our Privacy Officer.

Access to private, sensitive and confidential information, including Personal Information, is restricted to authorized employees or contractors with legitimate business reasons. Touchstone’s employees and contactors understand the importance of keeping your Personal Information private. All employees and contractors are expected to maintain the confidentiality of Personal Information.

Confidentiality Incidents

Despite the foregoing security measures and significant steps Touchstone has taken to protect your Personal Information, no company can fully eliminate all security risks associated with the Processing of Personal Information. With that in mind, we cannot guarantee the security of any Personal Information provided to or received by us. We encourage you to provide only the Personal Information you are comfortable with providing to a third party, keep watch for communications that are suspicious, and report any suspicious activity to us as soon as possible.

In the event there has been a breach of our security safeguards which involve your Personal Information, including the unauthorized access, use or disclosure of your Personal Information, loss of your Personal Information, or other breach, and where there is a risk that significant harm will come to you as a result of that breach, Touchstone will notify you within thirty (30) days of the breach and report the breach to the Privacy Commissioner.

Personal Information
Outside of Canada

Personal Information provided to our service providers may be stored outside of Canada. You acknowledge and agree that, as a result, your Personal Information may be processed, used, stored or accessed in other jurisdictions and may be subject to the laws of those jurisdictions. For example, information may be disclosed in response to valid demands or requests from government authorities, courts, or law enforcement in other countries.

Addressing Your Inquiries and Concerns

Your privacy is very important to us. We are happy to provide you with a copy of this Policy and to discuss any of its contents with you.

Touchstone’s Chief Executive Officer is responsible for the implementation of this Policy and
monitoring our adherence to its terms and all applicable laws. The Chief Executive Officer also
handles questions and concerns about our Policy, as well as Personal Information access requests,
the exercise of individual rights and complaints. The Chief Executive Officer may be contacted at:

Chief Executive Officer, Touchstone Institute
145 Wellington Street West, Suite 600
Toronto, ON M5J 1H8
(416) 924-8622

Scroll To Top