The Power to Deliver

Privacy and Protection of Personal Information Policy - Web Version

Citadel is committed to protecting the privacy of the personal information which is collected, used and disclosed in the conduct of its business. Citadel shall comply with all applicable regulatory requirements concerning the collection, use or disclosure and protection of personal information.

Personal information means any factual or subjective information about an identifiable individual, except business title and business contact information, and includes information about prospective, present or former employees and external parties. Citadel will obtain express or implied consent of individuals, except where otherwise permitted by law, to collect, use and disclose personal information for reasonable business purposes. Express consent can be given orally, electronically or in writing. Implied consent is consent that can reasonably be inferred from your action or inaction. The purpose for the collection, use or disclosure of the personal information, except where otherwise permitted by law, will be identified before or when the information is collected.

Through this web site, Citadel does automatically collect information about internet service networks used to access our web site. This data does not contain any personal information about individual visitors to the site but does include your Internet Protocol Address and domain name used, the type of browser and operating system, the date and time of the visit and the web pages or services accessed. The information collected is used for purposes that include assessing system performance, improving web services and website management as well as tracking the number of visitors to the site.

The Citadel web site links to other web sites. We provide these links solely for your information and convenience. This policy and information handling practices no longer apply once you have linked to a web site that is external to Citadel. Each web site should be checked for the privacy policy applicable to it. Citadel does not control these linked web sites and is not responsible for the privacy practices in place on linked web sites that Citadel does not control.

In general, personal information collected, used and disclosed about prospective, present or former employees is for administering, planning and managing an individual's employment relationship with Citadel and includes but is not limited to:

  • Ensuring the safety and security of staff and corporate assets, including company-held information;
  • Determining eligibility for initial employment, including the verification of references and qualifications;
  • Administering pay and benefits;
  • Facilitating professional development and performance;
  • Complying with applicable employment or legal requirements;
  • Communicating with staff; and
  • Other reasonable purposes as required to manage the employment relationship.

In general, the personal information collected, used and disclosed about external parties is for the purposes of:

  • Providing information about Citadel and its operations to external parties;
  • Managing and administering contracts with external parties;
  • Establishing, maintaining and managing Citadel’s business relationship with and providing for the safety of external parties;
  • Meeting any legal or regulatory requirement or obligation;
  • Facilitating participation in Company sponsored events;
  • To protect the rights and property of Citadel;
  • During emergency situations or where necessary to protect the safety of an individual or group of individuals; and
  • Other reasonable purposes consistent with Citadel’s business objectives.

Access to Personal Information:

An employee’s personnel / employment file and its contents are the sole property of the Company.  Employees may request access to their personnel file at any time by contacting Human Resources who will make the appropriate contents available to the employee for review in the presence of the Human Resources Manager.

Citadel shall protect the personal information that is in its possession by making reasonable security arrangements against such risks as unauthorized access, collection, use, disclosure, copying, modification, disposal or destruction. In the event that the security of personal information has been compromised, Citadel will notify affected individuals as soon as possible and initiate all possible steps to mitigate the effects of the breach.

Citadel may from time to time make changes to this Policy to reflect changes in the legal or regulatory obligations or in the manner in which we deal with your personal information. Citadel will post any revised version of this Policy on our web site and we encourage you to refer back to it on a regular basis. Any changes to this Privacy Policy will be effective from the time they are posted, provided that any change that relates to why we collect, use or disclose your personal information will not apply to you unless you consent to such change.