Privacy Policy - Independent Electricity System Operator

The Independent Electricity System Operator (IESO)  respects your privacy and is committed to the accuracy, confidentiality, privacy and protection of your personal information.
 
This Privacy Policy:

  • Describes the types of personal information we may collect, how we use that information, and with whom we may share it.
  • Describes the measures we take to protect the security of the information.
  • Lets you know how you can reach us to review and update your personal information, or discuss any questions or concerns that you may have about our privacy practices.

This Privacy Policy applies to all personally identifiable information about you that is collected, used or disclosed by the IESO. Personal information means any information that permits an individual to be identified, but does not include information associated with an individual in a professional or business manner that does not relate to anything of a personal nature. We also collect aggregate information about you which does not identify you and which is not considered to be personal information. 
  
By using this website, you are consenting to the contents of this Privacy Policy and the Terms and Conditions of Use. If you do not agree, please do not use this website.
   
Under what authority is the IESO permitted to collect information about me and what privacy rules does it comply with?
The IESO is a not-for-profit corporation without share capital established under the Electricity Act, 1998. This Act and the Ontario Energy Board Act, 1998, give the IESO the authority to collect personal information about you and your energy-related activities. The IESO complies with the privacy protection rules contained in Ontario’s Freedom of Information and Protection of Personal Information Act (FIPPA).
    
What types of information does the IESO collect and use about me and how does the IESO use the information?
We collect, use and may disclose information about you to fulfill our statutory mandate, which includes the operation of the IESO-administered markets, engaging in activities that promote electricity conservation and the efficient use of electricity, and engaging in activities in support of the goal of ensuring adequate, reliable and secure electricity supply and resources in Ontario. We may also use information about you to administer our programs and to communicate with you about our programs and services.
   
The following programs and activities describe the main types of information we collect and our primary uses of that information. We may from time to time collect other personal information or use the information that we hold for other purposes. If we do so, we will notify you and, as appropriate, obtain your consent:
  

Conservation Programs.  When you participate in an IESO conservation program, you may be required to give us certain information such as your contact information, the name of your local distribution company (“LDC”) and associated account information, product information and historical energy usage so that we may process your application or rebate and administer the program. 
  
Contests.  When you enter an IESO contest, you provide us with contact information, such as your name, address, phone number, email address and electricity service account number. We also may ask you to provide us with information such as the name of your LDC, your historical energy usage and other information required to administer the contest.  We will use such information to learn about your energy-using activities and needs and, if you choose to receive further communications from the IESO, to provide you with information about our programs.
  
microFIT Program.
If you are an applicant to become a supplier under the microFIT Program, the IESO and your LDC will collect information required to complete your application and, if approved, to prepare your microFIT contract.  This information includes contact information, information respecting your LDC and particulars of the generating project including capacity and contract price. As settlement agent for you and the IESO, your LDC collects and maintains generation and payment information respecting the electricity supplied under the microFIT Program. This generation and payment information is maintained by the LDC and is not provided to the IESO. However, the IESO may audit the LDC’s records containing such information or otherwise request the LDC to provide it with specific generation and payment information respecting your supply of electricity. Except pursuant to such audits or requests, the IESO does not collect generation or payment information relating to individual suppliers.  If you are not an applicant but are an LDC customer and have entered into an arrangement with an applicant to supply power from a generation facility located on your property, the IESO will obtain from the applicant or from the LDC your name and LDC account number and the address of your property.  The IESO does receive from each LDC aggregate generation and payment information for all suppliers, which does not contain personal information.  The IESO and the LDC collect your information for purposes of administering the microFIT Program, including making connection arrangements for the generation facility, purchasing electricity and providing reports to regulatory agencies and other government entities and for other regulatory purposes, or as required by law.  Information disclosed to such agencies and entities for such purposes may be provided to the public pursuant to regulatory requirements and in accordance with the provisions of FIPPA.
 
Evaluation, Measurement, Verification and Research.
IESO uses personal information obtained from you or from third parties (such as local distribution companies) to enable it to evaluate its programs and measure the results of those programs. It may also collect personal information through its market research initiatives, including information about consumer attributes and preferences. IESO uses this information to assess its own programs and to produce reports. Personally identifiable information collected in connection with these activities is not shared with any third parties except as noted in this Privacy Policy.
  
Customer Service.
  If you contact one of our customer service representatives or call centers, we will ask you for information, which may include your name, address and electricity distributor account number so that we can respond to your questions. We will retain this information in order to better assist you the next time you contact us.
  
Local Distribution Companies. 
In connection with your use of electricity, your LDC collects and maintains certain personal information about you, including your contact information, electricity consumption and historical usage. If you are a supplier under the microFIT Program, your LDC also collects certain personal information for the purposes of its role in the microFIT Program including contact information, particulars of the generation facility and electricity generation and payment information.  The IESO may request your LDC to provide this information to it for the purposes of administering its programs and for audit and regulatory purposes.
  
Website.
On our website, we collect personal information that may be provided by you in connection with your participation in a program such as your completion of an application form, when you subscribe to online publications or otherwise voluntarily provide such information. Personal information collected from you may be combined with information from other IESO services to provide a better user experience, including customizing content for you. In addition, we collect information on our website using cookies and other technologies to enhance your online experience and to learn about how you use IESO services in order to improve the quality of our services. We use transient cookies, sometimes called session cookies. A transient cookie is a small file that contains information about a user, and disappears when the user's browser is closed. Unlike a persistent cookie, a transient cookie is not stored on the user’s hard drive; it is stored only in temporary memory that is erased when the web browser is closed.  We use transient cookies to determine, for example, how you use our website so we can improve the design of our site. Transient cookies are not linked to any personally identifiable information about you. Cookies can be disabled in your web browser. IESO’s servers automatically record information when you visit the website, including the URL, IP address, browser type and language, and the date and time of your visit.
 
Communicating with you.
We may use your personal information to contact you about our current and future programs, including evaluation, measurement, notification and market research. We may also use your information to assess your future needs and to contact you respecting services, programs and products that may be of interest to you.
   
Other uses of information.
In addition, we may use your information for program audit and archival purposes, for security purposes, for research and analysis to operate and improve IESO technologies and services, and otherwise as may be permitted or required by law.
  

How does the IESO tell me why it needs my information?
When we collect your personal information from you, we will tell you why we are asking for it.  You may decline to provide personal information to the IESO and/or refuse cookies in your browser, although some of the features or services may not function properly. If there is personal information that we need to collect from a third party, such as your LDC, in order to run or administer a program, we will make this clear to you when you sign up for that program.  If we intend to use or disclose any of your personal information for a purpose other than the purpose for which it was originally obtained, we will notify you and obtain your consent to this new use. Sometimes you will be asked to give your consent expressly (such as by checking a box or clicking on a web page). Other times we may obtain your consent implicitly by asking you to provide information with stated purposes but without any express statement of consent, such as when you apply for a rebate, enter a contest, respond to a survey or apply to participate in a program. In those cases your consent will be implied if you provide us with the requested information.
 
You may however notify us at any time that you do not wish us to use your information for any purposes that were not identified when we collected the information or are not required to complete a transaction (such as a rebate), by contacting us in any of the ways described at the end of this Privacy Policy.
   
How long does the IESO retain my information?
We retain your information as long as it is required for the purposes identified when you provided the information or for any new purposes identified by us and consented to by you, and for any appropriate time thereafter including a sufficient time to permit you to ask any questions regarding its use.  Certain information may be retained for longer periods for internal audit, regulatory or quality control purposes.

Does the IESO share the information it obtains about me with third parties?
The IESO may provide certain of your personal information to your LDC, in connection with the administration of its programs.  In addition, we may disclose information about you and your participation in the IESO’s programs for regulatory purposes or otherwise as permitted by law, including to other provincial government agencies and other entities such as the Ontario Energy Board and the Ministry of Energy.
 
In order to administer our rebates, contests and other energy conservation programs, the IESO may authorize its service providers to collect your information on its behalf and may provide other personal information about you to such organizations. The IESO also may provide certain of your personal information to other third parties, such as a technician or contractor in order to administer a program. These service providers and third parties are not authorized by us to use or disclose your information except as necessary to perform services on our behalf or to comply with legal requirements. In some cases, our service providers may be located outside of Canada (for example, in the United States) and so your personal information may be transferred outside of Canada for processing and storage, and would be subject to the laws of the jurisdiction to which it is transferred. The laws of other jurisdictions may differ from the laws of Ontario/Canada with respect to the disclosure of personal information to government agencies.

How does the IESO protect personal information?
We maintain administrative, technical and physical safeguards to protect against unauthorized disclosure, use, alteration and destruction of the personal information in our possession. These safeguards vary depending on the sensitivity and nature of the information and involve physical, organizational and technological security measures as are appropriate. The IESO requires all of its service providers who collect or process personal information on its behalf to provide security safeguards equivalent to those maintained by the IESO. We caution that Internet communications are vulnerable to interception, use, and/or alteration by person(s) other than the intended recipient. While the IESO has implemented certain safeguards to reduce this risk, internet transmissions to and from the IESO are still vulnerable. If you choose to communicate by the Internet, you do so at your sole risk.
 
How does the IESO update its Privacy Policy?
The IESO’s programs will change over time.  This Privacy Policy will be updated periodically to reflect those changes and corresponding changes in our information practices.  Whenever we revise this Privacy Policy, we will change the date on the Policy to indicate when the revisions were made.  We reserve the right to change our information practices and the terms of this Privacy Policy, and to apply the changed practices to all personal information that we hold. By using the IESO web site or participating in any of IESO’s programs, you agree to the terms of this Privacy Policy as stated at that time. Any future access to the IESO web site or participation in an IESO program subsequent to the posting of a revised Privacy Policy will be deemed to be your acceptance of this Policy as then revised.  The IESO reserves the right to revise and update this Privacy Policy at any time without further notice. We encourage you to review this Privacy Policy periodically.
 
Does the IESO website contain links to other websites?
The IESO website may contain links to other websites that operate independently of the IESO and are not under our control.  We provide links to other websites solely for your convenience and information. Other websites may have their own privacy policies, which we suggest you review if you visit any linked websites. The IESO is not responsible for information that is provided by, or collected through, those websites or for any other use of those websites.
 
How can I review and update or correct my personal information?
The IESO will, upon written request, provide you access to your personal information and an opportunity to request that the IESO update or correct your personal information that is demonstrated to be inaccurate. Upon written request, you may review any of the information that we have on file about you and you may also learn how we have used it and to whom we have disclosed it. This right is subject to certain exemptions under FIPPA such as when disclosure would reveal someone else’s personal information or when the information is subject to legal privilege. If you wish to review, update or correct your information, you may do so by contacting us using one of the options provided below.
 
How can I contact the IESO?
If you would like us to update or correct your information, or if you have any questions or concerns about the IESO’s privacy practices, your personal information or the administration of the Freedom of Information and Protection of Personal Information Act (FIPPA), please contact us at:

Independent Electricity System Operator
Attention: Privacy Office
120 Adelaide Street West, Suite 1600
Toronto, ON M5H 1T1
Phone: 416-969-6277
Fax: 416- 969-6383
E-mail: privacy@ieso.ca

We will respond to your inquiry or investigate your concern as quickly as possible.
 
Who can I contact for further information?
If you have any questions or concerns about the IESO’s privacy practices, your personal information or the administration of the FIPPA that remain unresolved after contacting our Privacy Office, you may contact Ontario’s Information and Privacy Commissioner at:

Information and Privacy Commissioner of Ontario
2 Bloor Street East, Suite 1400
Toronto, Ontario  M4W 1A8
info@ipc.on.ca

Telephone: 416-326-3333
Long Distance: 1-800-387-0073 (within Ontario)
TDD/TTY: 416-325-7539
Pour joindre l'agente des communications bilingue, veuillez composer le 416-326-4804
Fax: 416-325-9195

Last modified: March 16, 2015


1 Effective January 1, 2015, the IESO and the Ontario Power Authority (together, the “predecessor entities”) amalgamated into a new organization that continued operations under the IESO name. This Privacy Policy applies to any information collected by the predecessor entities prior to January 1, 2015.