First Impressions. To answer if this is a good privacy policy depends on through …show more content…
This right here is an issue because ‘fair’ is a subjective term that TD can use any way it wants. Since the bank has the power to decide what is fair, then it is automatically lawful as well. Thus, this section is nothing more than a paper tiger. This issue is also seen in s. 4.4.1 of PIPEDA as it states the information collected must only fulfill the purposes identified. While TD does state what the information gathered is being used for, the also add subjective and vague reasons such as ‘to help the company grow’ or ‘to serve you better’; while this is not a direct violation of PIPEDA, we can see how TD works around it by not stating what is the purpose of the information gathered. While this section is also in violation of clause 4.8 – the openness principle, it will be discussed later in this …show more content…
4.5.2; the bank does not have a minimum or maximum retention period with respects to personal information. TD’s policy claims it can hold consumer data for as long as it wishes even after the original purpose has expired. However, PIPEDA also asks organizations to keep consumers data that has been used to make a decision about him ‘long enough’ for an individual to access in the future. This passage of PIPEDA is highly controversial because ‘long enough’ could mean from one day to five years. This vague language of PIPEDA thus allows banks to hold onto consumer data for as long as they