Privacy at Cornerstone

Core Privacy Policies

Cornerstone Group of Companies provides prospecting and database management products and services to some of the leading organizations in the world. To execute some of our service offerings we perform a number of different technical operations that involve the address and/or other contact information for individuals and businesses provided to us by our Clients. Accordingly, we take very seriously the importance of upholding the highest level of privacy protection and data security practices, while working closely with our Clients and suppliers to ensure that all parties understand their responsibilities with respect to our privacy guidelines.

Cornerstone's privacy policy has been established to protect the privacy of personal information, regardless of how it is collected or stored. To ensure best privacy practices as a marketing industry leader, we have established the Cornerstone Privacy Principles, which are based on the principles set out in the Personal Information Protection and Electronic Documents Act (PIPEDA), as well as the relevant portions of Canada’s Anti Spam Law (CASL).

The Cornerstone Privacy Principles

1. Accountability
Cornerstone is accountable for all information under its control. Bob Coles is Cornerstone’s Chief Privacy Officer. The Chief Privacy Officer is accountable for Cornerstone's compliance with the eleven privacy principles.

Each of our business units has established policies and procedures to comply with the Privacy Code, and has designated one or more persons to be accountable for business unit compliance to Cornerstone's Chief Privacy Officer.

Cornerstone recognizes that it is responsible for personal information in its possession or custody, including information that has been transferred to a third party for processing.

Cornerstone abides by the provisions of the Federal and Provincial privacy laws, and assumes responsibility for doing so.

2. Identifying Purposes for which Personal Information is Collected
As a third-party agent involved in the transfer, rental, updating, cleaning, or exchange of direct response lists and other media Cornerstone makes all reasonable efforts to ensure that list and other media owners specify the nature of the intended use of the data at or before the time the information is collected.

We collect personal information, such as name, phone number and address, from publicly available sources or as otherwise permitted by law.  In addition, we may use statistical models to search the databases.  The models may contain information for a given geographic area such a postal code, including but not necessarily limited to: average age, average income, median home value, modelled ethnicity, etc.  We do not have any personally identifiable information beyond name, address and phone number.  Our database products are integrated into information products, database marketing services, data processing services and sales and marketing solutions.

3. Getting Consent
Cornerstone makes all reasonable efforts to ensure that organizations providing personal information to us or to our Clients have obtained consent from the consumer before disclosing this personal information.
As part of the reasonable efforts made, Cornerstone ensures that all list and other media owners have provided their consumers with a meaningful opportunity to decline to have their name or other information used for any further marketing purposes by a third party.

4. Limits on Collecting Personal Information
As an agent involved in the transfer, rental, or exchange of direct response lists and other media, Cornerstone makes all reasonable efforts to ensure that list and other media owners limit the collection of the personal information on their lists to that which is necessary for the intended use as identified under item 2, "Identifying Purposes."

5. Limits for Using, Disclosing, and Keeping Personal Information
As an agent involved in the transfer, rental, or exchange of direct response lists and other media, Cornerstone agrees to keep personal information only as long as necessary for the identified purposes.

As appropriate, business units within Cornerstone have individually developed formal information-handling policies and practices. As part of these activities, these business units have developed and implemented procedures to direct the retention of personal information. Further, formal guidelines and procedures to ensure the safe destruction or disposal of personal information no longer required have been established and implemented.

6. Keeping Personal Information Accurate
As an agent involved in the transfer, rental, or exchange of direct response lists and other media, Cornerstone defers to the obligation of marketers to keep personal information on consumers as up-to-date as possible for the defined need.

7. Safeguarding Personal Information
As an agent involved in the transfer, rental, or exchange of direct response lists and other media, Cornerstone takes responsibility for the protection of list data. As appropriate, divisions within Cornerstone have developed their own measures to prevent unauthorized access, alteration, or dissemination of list and other media data.

This includes, but is not limited to, restricting physical access to data, organizational restrictions through security clearances on a "need-to-know" basis, and technological measures such as passwords and encryption. We also use care to destroy personal information so as to prevent unauthorized parties from gaining access to this information.

8. Making Information About Policies and Procedures Available
Cornerstone is open and forthcoming about the policies and procedures it uses to manage personal information. Consumers have ready access to information about these policies and procedures. Cornerstone makes every effort to ensure that the consumer easily understands the handling practices and procedures for personal information.

Complaints or inquiries can be directed to The Chief Privacy Officer, who is accountable for all Cornerstone policies and practices relating to privacy.

Bob Coles
Cornerstone Group of Companies, Ltd.
20 Eglinton Avenue West, 5th Floor
Toronto, ON,  M4R 1K8

9. Individual Access to Personal Information
Cornerstone works with consumers, list and other media owners to protect the right of the consumer to know of the existence, use and disclosure of his or her personal information and to provide access to that information.

Cornerstone will make all reasonable efforts to provide this information to the consumer upon request. The procedure for responding to consumers' requests for access is available from The Chief Privacy Officer. When a consumer asks, Cornerstone will make these procedures known to the consumer.

The consumer must recognize that they are required to provide Cornerstone with sufficient personal information to allow us to determine whether we do hold personal information pertaining to them. The provision of this information shall not be used for any other purpose.

Cornerstone will respond to a consumer's request within a reasonable time and at minimal or no cost to the individual. Since Cornerstone is a third party involved in the transfer rather than collection and usage of the data, Cornerstone may have to incur a significant cost to fulfill a consumer's request. In such cases, the consumer will be advised of this cost and agreement will be obtained for payment by the consumer before Cornerstone begins the work.

If Cornerstone denies a consumer's request for access to personal information, we will provide the consumer with legally defensible reasons for the denial. The consumer may then opt to challenge Cornerstone's decision (see item 10, "Challenging Compliance").

10. Handling Complaints and Questions
Consumers may challenge Cornerstone's compliance with its own privacy code. Cornerstone has policies and procedures in place to receive, investigate and respond to consumers' complaints and inquiries. Information regarding these procedures and the complaint escalation process is available through Cornerstone's Chief Privacy Officer.

Our strict adherence to each of these principles demonstrates our commitment to providing advice and information to both our Clients and concerned consumers about the use of personal information.

11. Choice and the Do Not Contact List
One of the most important principles of direct response advertising is to let consumers choose to get off of marketing lists.

Cornerstone is a member of the Canadian Marketing Association (CMA) and abides by their ethical guidelines, which includes the assurance that all members keep an updated list of individuals and businesses who have requested that they do not receive any third party advertising from them. Additionally, the CMA maintains a comprehensive do-not-contact list that members are obliged to use whenever they are planning a marketing campaign.

The Canadian Marketing Association (CMA) maintains a do not contact service. The Do Not Contact Service lets individuals reduce the number of marketing offers they receive by mail. Consumers register to have their names removed from marketing lists held by members of the Canadian Marketing Association. You can register for the Do Not Contact Service by visiting

In addition, consumers can reduce unwanted telemarketing calls by registering their telephone number with the National Do Not Call List (DNCL). You can register for the National Do Not Call Service by visiting

If you would not like to be on any of our mailing lists please click here.

Privacy Resources
There are a number of resources that provide more information about Canadian privacy regulations and legislation. These include:
Cornerstone's Internet Privacy Policy
Learn more about Cornerstone's Internet (Website) Privacy Policy.

Last Updated: November 2015

Trademark Notices
Trademarks are valuable company assets that help us differentiate Cornerstone and its products and services from those of our competitors.
  • Universe Canada™ is a trademark of the Cornerstone Group of Companies.
  • Google™ is a trademark of Google Inc.