Privacy Policy

Privacy Policy

Due to new provincial regulations a new privacy policy has been enabled within Beck Drilling and Environmental Services. Enclosed is an updated copy of our privacy policy.

BECK Drilling and Environmental Services Ltd.

Privacy Policy

January 2004

BECK Drilling and Environmental Services Ltd.

Privacy Policy - January 2004

Privacy Commitment:

Beck Drilling respects personal information of individuals and is committed to its protection and we expect suppliers and sub-contractors to be aligned with our commitment.

Definitions:

What is personal information?

“Personal Information" is defined in Canada's Personal Information Protection and Electronic Documents Act ('PIPEDA') as information about an identifiable individual, though it does not include the name, business title, business address or telephone number of employees of organizations.

What is personal information handling?

In Canada, the Personal Information Protection and Electronic Document Act (PIPEDA) is federal legislation that establishes certain expectations for an organization’s personal information handling practices. This includes the methods used for collecting, using, disclosing, protecting, and providing access to, an individual’s personal information.

Beck’s commitment is guided by the principles of personal information handling contained in PIPEDA and also takes substantially similar provincial laws into consideration.

What legislation is Beck’s Privacy Policy governed by?

Currently Quebec, Alberta, and British Columbia have passed their own legislation relating to handling of personal information. All remaining Canadian provinces are governed by federal legislation. Beck’s Privacy Policy meets the requirements of all levels of government.

Key Principles:

Beck observes the following ten principles of personal information handling:

Accountability - an organization must be responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organizations compliance with the following principles.

Identifying Purpose - The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.

Consent – The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.

Limiting Collection – The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.

Limiting Use, Disclosure, and Retention – Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information must be retained only as long as necessary for the fulfillment of those purposes.

Accuracy – Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.

Safeguards – Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.

Openness – An organization shall make readily available to individuals specific information about it’s policies and practices relating to the management of personal information.

Individual Access – Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

Challenging Compliance – An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization’s compliance.

Accountability:

The following individual or individuals are responsible to ensure compliance of Beck’s Privacy Policy and its guiding principles:

Team leader: Deb Rhodes – 533 – 71^st Avenue SE Calgary, AB, T2H 2Y2

Regional Support:

British Columbia: Terri Olson

Alberta, Saskatchewan: Deb Rhodes

Overall responsibility for Beck’s Privacy Policy rests with the Team Leader. The team leader has been tasked with the development, implementation and ongoing management of a privacy policy, including but not limited to, training / informing staff, changes to policies, requests for access, and complaints. The team leader reports directly to senior management (CEO, President, VP, VP-Finance).

3^rd Party Confirmation of Privacy Legislation Compliance:

(Bill C-6, Part 6, Schedule1, 4.1.3)

Whenever personal information is disclosed or otherwise transferred to a 3^rd party, a 3^rd Party Confirmation of Privacy Legislation Compliance letter must be obtained prior to conveying the information. Alternately, where the recipient has made a public disclosure of compliance by way of letter, brochure, web site information etc. this will be sufficient confirmation.

BECK Drilling and Environmental Services Ltd. has disclosed, transferred or otherwise made available to your organization “Personal Information” (as defined in Bill C-6, Chapter 5, Part 1, Section (2) definitions – Federal; Bill 44, definitions – Alberta; Bill 38, Part 1, Section (1) definitions – British Columbia) of a Beck employee, consultant, and or customer and requires confirmation, by way of signature below, that your organization is in compliance with Federal Legislation contained in Bill C-6, Part 6, Schedule 1 or other similar Provincial legislation.

Purpose of collection and consent:

All personal information collected must have a stated purpose for collection, use and disclosure. Where it is appropriate and reasonable, informing the individual of the purpose of collection is required.

Every new employee, effective January 1, 2004, must complete a Personal Information Consent Form which will remain in the employee personnel file.

Personal Information Retention / Destruction:

Personal information shall be retained by Beck for the greater of:

1. the fulfillment of the stated purposes of collection or

2. requirements by any government body for record retention

Destruction of Personal Information shall be done by way of shredding.

Safeguards:

Beck employs physical, electronic, and procedural safeguards to protect our systems and all personal information under our control against unauthorized access and use. All safety measures are appropriate to the sensitivity level of the information collected.

Beck’s minimum requirement, for all non electronic documents, is all personal information must be maintained in a key locked structure located in a Beck office. Additionally, where applicable, if the locked structure is located in private Beck office then the office door must also be lockable. The door and structure must be locked at all times when the individual is not in the office facility. When the individual is at work and must leave the location where personal information is located either the structure must be locked or the door closed.

The disclosure of personal information is on a “need to know” basis and must not be disclosed other than for the stated purposes.

Any individual, other than those persons who are tasked with and maintain personal information, must receive prior verbal or written authorization by the Vice President - Operations of Beck to view such personal information, with the following exception:

· A direct manager of any individual may view such selected personal information which is needed to be known and may only view personal information for those individuals who report directly to him or her.

Electronic files containing personal information must be saved only in a directory on a computer managed or owned by Beck, any such directories must have restricted assess to only those persons who are tasked with and maintain personal information. Any computer used by a person who is tasked with and maintains personal information must contain a password to operate. Additionally, all computer and computer like devices must maintain adequate (industry standards) firewall protection.

All accounting software containing personal information must be accessible only with a valid password and will have such internal security features to restrict access to such information to those persons who are tasked with and maintain personal information.

Those persons who are tasked with and maintain personal information in an electronic format are required to, when operating a piece of software which can access personal information and leave the applicable work station, either shut down / exit the software, log off the computer, or activate a password protected screen saver application.

Any data base, accounting or otherwise, which contains personal information and can be queried externally from its source application, must have access protection by way of passwords.

Network servers must be located in locked rooms with restricted access to only those persons tasked with maintaining said equipment. All backup tapes must be locked in fireproof cabinets with same access attributes, with the exception of off site back-up tape storage.

When Personal Information is disclosed, transferred, or otherwise made available

to a third party for processing purposes, a “3^rd Party Confirmation of Privacy Legislation Compliance” letter (see Accountability Section of Privacy Policy) must be received at or before the time the personal information is conveyed.

All forms and or electronic files used to collect and document personal information shall be in original form and must not be copied or otherwise reproduced in any manner, with the exception of standard industry electronic backup procedures and practices.

Openness, Individual Access, and Challenging Compliance:

Beck’s Privacy Policy manual shall be located in each major branch location. The designated regional support individual shall maintain the manual and make same available to any employee requesting its availability.

Should a customer, supplier or someone other than an employee of Beck request a copy of or request information contained in Beck’s Privacy Policy, these requests must be directed to the Privacy Policy Team Leader for response.

All requests for access to personal information and or inquiries and complaints must be made in writing and addressed to the Privacy Policy Team Leader (“PPTL”). Upon receipt of any such written requests the PPTL will respond within 5 business days to arrange a mutually convenient time to either provide access to or discuss any concerns as they relate to personal information.

An individual who is not satisfied with the response received can contact the applicable federal or provincial Privacy Commissioner for further action.

Beck collects, uses, and discloses personal information in the normal course of business as it relates specifically to an employer / employee relationship. The types of personal information collected and its typical uses and disclosures would include, but not be limited to, the following:

Type	Use	Disclosure
Social Insurance Number	T4, TD1, TD1AB, RSP, Health / Insurance Benefits, WCB Claim	CCRA, Merit, Royal Bank, WCB, HRDC
Date of Birth	TD1, TD1AB, WCB Claim, health / insurance benefits	Merit , WCB, Royal Bank, provincial governments
Contact information – address, phone, cell	T4, RSP, Health / Insurance Benefits, WCB Claim, Emergency, Beck phone list	CCRA, Merit, Royal Bank, WCB, provincial government, internal phone list
Banking information	Payroll Processing	TD Canada Trust
Gender	Health / Insurance Benefits, WCB Claim	Merit, WCB
Resume / References	Bid information, hiring	Customers, Beck managers
Medical Information	Hiring, WCB	Health & Safety Coordinator , WCB
Driver Abstracts	Insurance, Risk assessment	Health & Safety Coordinator, insurance provider
Rate of pay	Invoicing cost plus contracts, banking confirmations	Billing staff, customers, banks requesting employment confirmation
Employee files	Evaluations, disciplinary records	Direct managers, senior management
Spousal / Dependant	Insurance benefits, RSP beneficiary	Merit, Royal Bank

Beck may collect and use personal information in the normal course of business as it relates specifically to customer relationships. The types of personal information which maybe collected and its typical uses and disclosures would include, but not be limited to, the following:

Type	Use	Disclosure
Customer contact preferences and information	Relationship building, emergency contact	Internal sales and marketing team

Should any Personal Information be used for any other purpose other than what it was collected for and consented to, consent to use and or disclose must be obtained before conveying such information.

Any individual may withdraw consent previously given by way of written notice to the PPTL.

Personal information under the care and custody of Beck may not be shared with or otherwise made available to any subsidiary companies and vice versa without prior consent from the applicable person.

Compliance monitoring:

On an annual basis those responsible for compliance, including team leader and regional support staff, shall meet or discuss by telephone the following:

· Review of Beck’s guiding Privacy Principles

· Review of any changes to legislation – both provincial and federal

· Review of communication strategy

· Development and reporting of compliance initiatives

Questions or concerns regarding this policy should be directed to

Deb Rhodes of Beck Drilling and Environmental Services

Contact Phone: (403) 216-1670, or email deb@beckdrill.com

Terri Olson of Beck Drilling and Environmental Services

Contact Phone: (604) 214-7007, or email terri@beckdrill.com

Thank You