PRIVACY POLICY

Introduction

Intelligent Mechatronic Systems Ins. ("IMS") is committed to keeping personal information accurate, confidential, secure and private. The IMS Privacy Code is an embodiment of this commitment. This Privacy Code is based on the Personal Information Protection and Electronic Documents Act (PIPEDA), and on the Canadian Standards Association (CSA) Model Code for the Protection of Personal Information (CAN/CSA-Q830-96). It describes how IMS subscribes to the principles of the PIPEDA, and the CSA Model Codes. A copy of the PIPEDA is available at www.privcom.gc.ca.

The Scope Of This Privacy Code

This Privacy Code describes the principles IMS will use to protect the privacy of personal information in its possession or control. This Privacy Code does not apply to information about business customers who carry on business as corporations, partnerships or in other forms of association. IMS does, however, protect the confidentiality of such information in accordance with the law and IMS's own policies. This Privacy Code does apply to personal information of individual owners of sole proprietorships.

Changes To This Privacy Code

In order to ensure that this Privacy Code is kept up to date, we reserve the right to change this Privacy Code from time to time. Any changes will be effective 30 days following IMS providing you with notice. Notice of changes to the Privacy Code may be distributed through IMS communications and/or posted on the IMS web site. If you access or choose to continue to be serviced by IMS after the effective date of the change, you automatically accept the change.

Definition Of Terms Used In This Privacy Code

Client Services

The client services representatives at IMS to whom the public is encouraged to address their initial questions and concerns about an IMS product or service. Client Services may be reached by telephone at: 1-877-273-7483 or e-mail at: clientservices@intellimec.com

Direct marketing

Promotions targeted to individuals whose personal information indicates that a certain product may be of interest to them. This includes mail, e-mail and telemarketing initiatives. This does not include individuals who have requested through national opt-out direct mail or telemarketing lists, who IMS will endeavor to remove from any activities of this nature.

IMS

"IMS" is the operating name of Intelligent Mechatronic Systems Inc.

Personal information

Information about an identifiable individual, but does not include the name, title or business address or business telephone number of an employee of an organization. IMS Privacy Policy August 2007 Page 3

Privacy Officer

The department at IMS that is responsible for ensuring the protection of individuals' personal information. The Privacy Office may be contacted by mail at: PRIVACY OFFICER IMS 161 Roger Street Waterloo, Ontario N2J 1B1 (519) 745-8887 or toll free 1-877-273-7483

The Ten Principles of Privacy In Summary

These ten principles of privacy are interrelated and must be read in conjunction with the accompanying commentary.

1. IMS's Accountability

IMS is accountable for all personal information in its possession or control, including any personal information transferred to third parties for processing. IMS has established policies and procedures to comply with this Privacy Code, and has designated one or more persons accountable for compliance.

2. Identifying the Purposes Of Collecting Personal Information

IMS will inform individuals of the purpose for which personal information will be used before or when they consent to its collection.

3. Obtaining Consent

IMS will obtain consent before or when it collects, uses or discloses personal information about an individual.

An individual can provide consent to the collection, use and disclosure of personal information about them expressly, implicitly, or through an authorized representative. An individual can withdraw consent at any time, with certain exceptions.

IMS will collect, use or disclose personal information without an individual's consent only in limited circumstances as permitted by law.

4. Limits For Collecting Personal Information

IMS limits the amount and type of personal information it collects. IMS will collect personal information only for the identified purposes or as otherwise permitted by law.

5. Limits for Using, Disclosing And Keeping Personal Information

IMS will use or disclose personal information only for the reasons it was collected, unless an individual gives consent to use or disclose it for another reason.

Under certain circumstances, IMS may have a legal duty or right to disclose personal information without consent

IMS will keep personal information only as long as necessary for the identified purposes.

6. Keeping Personal Information Accurate

IMS will keep the personal information in its possession or control accurate, complete, current and relevant, based on the most recent information available to IMS.

Individuals may challenge the accuracy and completeness of personal information about them and have it amended as appropriate.

7. Safeguarding Personal Information

IMS protects personal information with safeguards appropriate to the sensitivity of the information.

8. Making Information About Policies And Procedures Available

IMS will be open about the procedures used to manage personal information. Individuals will have access to information about these procedures through this Privacy Code, by contacting our Client Services associates or by contacting the Privacy Office. The information will be available in a format that is easy to understand.

9. Providing Access To Personal Information

When an individual requests it, when possible, IMS will advise the individual what personal information IMS has in its possession or control about the individual, what it is being used for, and to whom it has been disclosed.

When an individual requests it, IMS will give an individual access to personal information about them which is in the possession or control of IMS. In certain situations, however, IMS may not be able to give individuals access to all of their personal information.

10. Handling Complaints And Questions

Individuals may challenge IMS's compliance with this Privacy Code. Complaints and inquiries should be directed to our Client Services associates or sent to the Privacy Office.

Principle 1: IMS'S Accountability

IMS is accountable for all personal information in its possession or control, including any personal information transferred to third parties for processing. IMS has established procedures to comply with this Privacy Code, and has designated one or more persons to be accountable for compliance.

1. Senior management of IMS will have ultimate accountability for protecting personal information. Senior management has delegated the day-to-day management of procedures involving personal information protection to one or more persons.
2. IMS's Privacy Office is responsible for overall personal information protection and IMS's compliance with this Privacy Code. In addition, Customer Service associates are able to respond to most inquiries about the protection of personal information.
3. IMS will allow the following categories of IMS employees to access individuals' personal information in IMS's control:
   • Sales and Service Personnel;
   • Marketing Personnel;
   • Security Personnel;
   • Audit Personnel;
   • IT Personnel;
   • Operations Personnel;
   • Legal and Compliance Personnel;
   • Human Resources Personnel will have access to information about IMS's employees.
4. IMS is also accountable for personal information that has been transferred to a third party for processing. IMS's policies for safeguarding personal information transferred to third parties are set out in sections 7.4 and 7.5 of this Privacy Code.
5. To practice the principles of this Privacy Code, IMS:
   • has established procedures to protect the privacy of personal information;
   • has established procedures to receive and respond to questions and complaints;
   • gives the public access to this Privacy Code; and
   • has trained IMS staff to understand and follow IMS's procedures.

   IMS also oversees compliance with this Privacy Code through regular audits and other compliance procedures. Senior management reports to a committee of its Board of Directors regarding compliance with this Privacy Code.

Principle 2: Identifying The Purposes of Collecting Personal Information

IMS will identify the purposes of collecting personal information, before or when consent is provided.

1. Except as noted below, when an individual registers for a product or service, IMS will make the individual aware of the purposes for which IMS is requesting the personal information. If IMS identifies other purposes for which the personal information may be used, IMS will seek the individual's consent prior to starting these uses. IMS will advise that it is the individual's right to refuse permission for IMS to use personal information for any new purposes.

   In some cases IMS will not explain those purposes or obtain the individual's consent. (See section 3.4 and section 5.1 for details).

2. IMS will clearly identify the purposes for which it is collecting personal information in writing, verbally (either in person or over the telephone), or by any other means it communicates with individuals.
3. Individuals can ask for information about the purposes for which IMS collects personal information when they phone, or write to the Privacy Office.
4. Unless additional purposes are identified to an individual before or at the time of collection, IMS will collect personal information for the following purposes:
   • to help identify new clients and;
   • to determine the suitability of products or services for an individual or the eligibility of an individual for products and services;
   • to set up and manage products and services that meet an individual's needs;
   • to offer products and services to meet those needs;
   • to provide ongoing service; and
   • to meet legal and regulatory requirements,
5. IMS takes care to explain purposes which are not as obvious as others. The purposes for collecting a name or address are obvious and do not need to be explained, but the purpose for collecting, using and disclosing other personal information may not be as self-evident. IMS may collect, disclose and use personal information for some or all of the following purposes:
   • an individual's date of birth (“DOB”) and other identifying information may be collected and used to verify the identity of a client and to protect the client and IMS from error or fraud.
   • personal information is used by IMS to determine initial and ongoing eligibility for products and services and to notify the clients of such products by website, mail, e-mail or phone;
   • personal information including account details may be collected from or disclosed to an individual's insurance broker or insurance company, if that individual agrees to forward that information, and such an arrangement exists between IMS and the individuals insurance company.
   • personal information may be collected and used to ensure that a client's instructions can be properly verified;
   • personal information may be collected, used and disclosed to investigate client complaints;
   • should you open an account to be operated on behalf of a third party, personal information of that third party will be collected from you in accordance the products functionality

Principle 3: Obtaining Consent

IMS will obtain consent before or when it collects, uses or discloses personal information about an individual. An individual can provide consent to the collection, use and disclosure of personal information about them expressly, implicitly or through an authorized representative. IMS will collect, use or disclose personal information without an individual's consent only in limited circumstances as permitted by law.

Subject to certain legal and contractual restrictions and reasonable notice, an individual can refuse or withdraw their consent to the collection, use or disclosure of personal information about them at any time.

1. IMS will obtain consent before or when it collects, uses or discloses personal information. Generally, IMS will seek consent to use and disclose personal information at the same time it collects the information. In some circumstances, IMS may identify a new purpose and seek consent to use and disclose personal information after it has been collected.
2. IMS will explain to individuals in plain language how personal information will be used or disclosed before they give their consent.
3. Consent to the collection, use and disclosure of personal information can be expressed, implied, or given through an authorized representative of the individual.
   • Individuals can express consent verbally, such as when information is collected over the telephone, in writing, such as when completing and signing an application, or electronically, such as when applying on a computer.
   • Individuals can imply their consent, for example, by using an IMS product or service. In such a case, IMS may assume that the individual consents to the use of the personal information for the purpose of using an IMS product or service.
   • By applying for an IMS product, individuals consent to the disclosure of his or her account information and other related personal information.
   • Individuals can also give consent through an authorized representative, such as a legal guardian or a person with a power of attorney. This may be necessary, for example, if IMS cannot obtain express consent from an individual who is a minor, seriously ill, or mentally incapacitated.
4. IMS may collect, use or disclose personal information without the individual's knowledge and consent only in limited circumstances as permitted by law.
   • IMS may collect, use and disclose personal information without the individual's knowledge or consent if it is clearly in the individual's best interests to do so and consent can not be sought in a timely manner. An example of such a circumstance is when an individual is seriously ill.
   • IMS may collect, use and disclose personal information without individuals' knowledge or consent in certain circumstances where the information is publicly available. An example would be the name, address and phone number of a subscriber to a telephone directory that is available to the public where the subscriber can refuse to have their personal information appear in the telephone directory.

5. Subject to certain legal or contractual restrictions and reasonable notice, an individual may refuse or withdraw consent at any time.

   IMS will inform individuals of the consequences of refusing or withdrawing consent when individuals seek to do so. Refusing or withdrawing consent for IMS to collect, use or disclose personal information could mean that IMS cannot provide the individual with a product, service or information of value to the individual.

   IMS, however, will not unreasonably withhold products, services or information from individuals who refuse to give consent or who withdraw consent.

Principle 4: Limits On The Collection Of Personal Information

IMS limits the amount and type of personal information it collects. IMS will collect personal information only for purposes it has already identified to the individual or as permitted by law. IMS will collect personal information using procedures which are fair and lawful.

1. IMS will collect only the amount and type of information needed for the purposes documented by IMS and identified to the individual.
2. IMS will collect personal information about an individual primarily from that individual. Except as permitted by law, IMS will only collect personal information from external sources if individuals have consented to such collection.

Principle 5: Limits On Using, Disclosing And Keeping Personal Information

IMS will use or disclose personal information only for the purposes for which it was collected, unless consent is given to use or disclose it for another purpose.

Under certain exceptional circumstances, IMS may have a legal duty or right to disclose personal information without the individual's knowledge or consent.

IMS will keep personal information only as long as necessary for the identified purposes.

1. IMS may disclose personal information without consent when required or permitted by law. Examples of such disclosure include:
   • Subpoenas, search warrants and other court and government orders;
   • debt collection or demands from other parties who have a legal right to personal information; and
   • disclosure of personal information to a lawyer (or, in Quebec, a notary or an advocate) who represents IMS.
2. In any of the circumstances referred to in Principle 5.1, IMS will protect the interests of its clients by making sure that:
   • orders or demands appear to comply with the laws under which they were issued, and
   • IMS does not comply with casual requests for personal information from government or law enforcement authorities.

   IMS may notify individuals that an order or demand has been received, if the law does not prohibit such notification. IMS may notify individuals by telephone, or by letter to the client's usual address.

3. IMS may want to use personal information in its possession or control to market products and services to individuals, either directly through IMS or through its existing subsidiaries, affiliates or approved network. IMS will obtain the individual's consent before using or disclosing personal information for this purpose.

   When an individual applies for a product or service and provides personal information, IMS will advise the individual that his/her personal information may be used by IMS to market other products and services to the individual.

4. IMS will destroy, delete or make anonymous any personal information no longer needed for its identified purposes or for legal requirements.

Principle 6: Keeping Personal Information Accurate

IMS will keep the personal information in its possession or control accurate, complete, current and relevant, based on the most recent information available to IMS.

Individuals may challenge the accuracy and completeness of personal information about them and have it amended as appropriate.

1. IMS will make reasonable efforts to minimize the possibility of using inaccurate, incomplete or outdated personal information to make a decision about the individual.
2. IMS will update personal information only if it is necessary for the purposes for which it was collected.
3. IMS will make reasonable efforts to keep personal information in its possession and control accurate and current if the information is used on an ongoing basis, unless limits on the need for accuracy are clearly set out by IMS.
4. IMS will also rely on individuals to keep certain personal information relating to them accurate, complete and current. If an individual demonstrates to IMS that personal information relating to them is inaccurate, incomplete, out of date or irrelevant, IMS will revise or delete the personal information. If necessary, IMS will disclose the revised personal information to any third parties to whom IMS disclosed wrong or outdated information in order to permit them to revise their records.
5. If IMS does not agree to revise personal information as requested by the individual, the individual may challenge IMS's decision. IMS will make a record of this challenge, and, if necessary, disclose the challenge by the individual to any third parties to whom IMS has disclosed the personal information.

Principle 7: Safeguarding Personal Information

IMS will protect personal information with safeguards appropriate to the sensitivity of the information.

1. IMS will safeguard personal information in its possession or control from loss or theft and from unauthorized access, disclosure, duplication, use or modification.
2. The safeguards employed by IMS to protect personal information will vary depending on the sensitivity, amount, distribution, format and storage of the personal information. IMS stores most of your information electronically. Recent paper records containing individuals' personal information are stored in files kept onsite at our Waterloo head office, and older records containing individuals' personal information may be stored at an offsite storage facility. IMS will give the highest level of protection to the most sensitive personal information.

3. IMS will safeguard personal information in its possession or control through security measures.

   For example:

   • physical security, such as secure locks on filing cabinets and restricted access to offices;
   • organizational security, such as controlled entry in data centres and limited access to relevant information; and
   • electronic security, such as passwords, personal identification numbers and encryption.

4. IMS may transfer personal information to third parties for processing, including, market research, data processing services, collection, service agents, and for other goods and services. IMS will require these third parties to safeguard all personal information in a way that is consistent with IMS's measures and/or as regulated by law.

   When IMS contracts with third parties, they are given only the information necessary to perform the services as set out in the contract. The third parties are prohibited from storing, analyzing or using the personal information transferred by IMS for any other purpose. The third parties are required to protect personal information transferred by IMS in a manner that is consistent with privacy policies and practices established by IMS.

5. IMS will use care when disposing of or destroying personal information in order to prevent unauthorized access to the information.

Principle 8: Making Information About Policies And Procedures Available To Individuals

IMS will be open about the procedures used to manage personal information. Individuals will have access to information about these procedures through IMS's Privacy Code, by contacting our Client Services associates or by writing to the Privacy Office. The information will be available in a format that is easy to understand.

1. IMS will make this Privacy Code available to the public.
   • An electronic version of this Privacy Code is available on IMS's website at www.intellimec.com
2. Information about this Privacy Code will be available in a format that is easy to understand.
   • IMS has produced a summary of this Privacy Code. The summary is available at www.intellimec.com and at the beginning of this document.
   • The contact information of the Client Services associates and the Privacy Office are provided in the summary as in this Privacy Code, so individuals know where to address complaints and questions about IMS's personal information policies and procedures.
3. IMS may make information about its procedures available in a variety of ways, depending on the nature of the services individuals are using and the sensitivity of the personal information.
   • IMS may make brochures available through e-mail information to its clients, establish a toll-free telephone service or provide on-line access.

Principle 9: Access To Personal Information

When an individual requests it, IMS will advise what personal information IMS has in its possession or control about the individual, what it is being used for and to whom it has been disclosed.

When an individual requests it, IMS will give the individual access to personal information about them which is in the possession or control of IMS. In certain exceptional situations IMS may not be able to give individuals access to all of the personal information about them.

1. An individual has the right to know and access, on request, what personal information about the individual IMS has in its possession or control, the right to access that personal information and to know to which third parties IMS has disclosed that information. Individuals may direct their requests by telephone to the Client Services associates or, in writing, to the Privacy Office.
2. IMS has established procedures for responding to requests for access to personal information. IMS will respond to requests within a reasonable time. Individuals must be specific about the personal information that may be in IMS's possession or control. In the unlikely event that IMS determines that there will be a cost to the individual in granting such access, IMS shall inform the individual of the costs permitted by law prior to granting such access.
3. IMS will identify from whom it collected the personal information, to whom it has disclosed the personal information, and how and when the information was disclosed. IMS will take this data from its records, and will provide it to the individual.
4. In some cases, IMS may not provide access to personal information that is in its possession or control. This may occur when:
   • providing access to personal information would be likely to reveal personal information about a third party;
   • providing the personal information could result in a threat to the security of another individual;
   • disclosing the information would reveal confidential commercial information;
   • the personal information is protected by solicitor-client privilege;
   • the information is the result of arbitration or other formal dispute resolution process; or
   • the information has been collected for the purposes of a legal investigation.
5. If IMS denies the individual's request for access to personal information, IMS will advise the individual of the reason for the refusal. The individual may then appeal IMS's decision to the Privacy Commissioner of Canada.

Principle 10: Handling Individuals' Complaints And Questions

Individuals may challenge IMS's compliance with this Privacy Code. IMS will have policies and procedures to receive, investigate, and respond to individuals' complaints and questions.

1. IMS has policies and procedures to receive, investigate, and respond to individuals' complaints and questions relating to privacy. Individuals are advised to direct their complaints and questions by telephone to the Direct Associates or in writing to the Privacy Office.
2. IMS will investigate all complaints. If it finds a complaint justified, IMS will attempt to resolve it. If necessary, IMS will modify its policies and procedures to ensure that other individuals will not experience the same problem.
3. If individuals are not satisfied with the way IMS has responded to their complaint, they can contact the Federal Privacy Commissioner