TSXV: BRO Last: $0.53 Change: +0.01

PRIVACY POLICY
BARKSDALE CAPITAL CORP.
(the “Company”)

Your privacy is very important to us.  The Company has developed this privacy policy (the “Privacy Policy”) for the collection, use and disclosure of personal information in accordance with the standards set out in the Personal Information Protection and Electronic Documents Act (Canada) (the “Act”).

In developing this Privacy Policy, the Company has sought to balance the right of privacy of an individual with respect to their personal information and the Company’s need to collect, use or disclose personal information for legitimate business purposes, on a standard of what a reasonable person would consider appropriate in the Company’s particular circumstances.  As a general proposition, any personal information that the Company collects will not be disclosed to third parties and will be used solely for the exclusive use of the Company.  However, in order to improve the integrity of the information collected, to assist in maintaining security over the information collected or as may be required by law, personal information may need to be disclosed.

In countries different from Canada, where the Company is engaged in business operations, the Privacy Policy will be complemented with additional documents or guidelines in order to comply with local regulations, as appropriate.
The Company recognizes that controlling and safeguarding the collection, use and disclosure of personal information is an ongoing process. The Company is committed to reviewing this Privacy Policy on an ongoing basis and to updating the principles listed herein to better protect the privacy of individuals.

Principle 1 – Accountability

The Company is responsible for all personal information in its possession or control. In fulfilling this mandate the Company has appointed a privacy officer (the “Privacy Officer”) who can be reached by email at info@barksdalecapital.com, by telephone at (778) 588-7139, by fax at (604) 687-3567 and by regular mail at Suite 610 – 815 West Hastings Street, Vancouver, B.C. V6C 1B4.  Accountability for compliance by the Company with the principles and policies set out in this Privacy Policy rests with the Privacy Officer even though other individuals within the Company may be responsible for the day to day collection and processing of personal information. The Privacy Officer may, from time to time, designate one or more individuals within the Company to act on his or her behalf to ensure compliance by the Company with the principles and policies set out herein. The designation of a Privacy Officer does not relieve the Company from responsibility for compliance with these principles. The Company monitors compliance with the policies and principles on an ongoing basis and has implemented policies and practices that give effect to the principles and procedures of this Privacy Policy including: (a) implementing procedures to protect personal information; (b) establishing procedures to receive, react and respond to complaints and inquiries; and (c) training employees and consultants of the Company and communicating to employees and consultants of the Company the intent and spirit of the principles and policies and the particular practices required to meet compliance expectations.

Principle 2 – Identifying Purposes

The Company collects personal information for the following purposes: establishing and maintaining communication with individuals; offering and providing information to meet individual investors’ needs; compiling statistics; and complying with the law. For greater certainty, information collected may also be used to: create usage and website activity summary statistics; direct development and customization of general and online investor services and communications; and assist and develop marketing material and information circulars. The purposes for which personal information is collected shall be identified before or at the time that the information is collected. The purpose of the information collected, used or disclosed by the Company must be apparent and the Company is held accountable to a standard of what a reasonable person would consider appropriate in the circumstances. The Company will make reasonable efforts to identify the purposes for which personal information is collected to an individual from whom the personal information is collected at or before the time of collection. Depending upon the way in which the information is collected, the Company will identify these purposes on its website, as well as verbally or in writing. The Company recognizes that collection of personal information is an evolving process and for personal information that has been collected for a purpose not previously identified, it will identify and obtain consent to the new purpose prior to use, except as permitted or required by law.

To the extent necessary, employees or consultants of the Company collecting personal information from an individual will explain to such individual the purpose for which the information is being collected, including any other purpose that may not be immediately obvious to the individual.

Principle 3 – Consent

The knowledge and consent of an individual is required for the collection, use or disclosure of personal information, except where consent is not required under the Act. In order to fully comply, the Company will make reasonable efforts to ensure that the individual is advised of the purposes for which his or her personal information will be used or disclosed in a manner that is reasonably understood by the individual.

The form of consent sought may vary depending upon the circumstances and the type of information collected. In determining the form of consent to seek, the Company will take into account the sensitivity of the information. Although some information (for example medical records and income records of employees) is almost always considered sensitive, any information can be sensitive depending on the circumstances. In seeking consent the Company will take into account the reasonable expectations of the individual in the particular circumstances.

Generally, the Company will seek consent for the collection, use or disclosure of personal information at the time of the collection. In certain circumstances consent with respect to use or disclosure, as applicable, may be sought after the information is collected but before use (for example, when the Company wants to use the information for a purpose not previously identified).

Principle 4 – Limiting Collection

The Company collects only the personal information necessary for the purposes identified. Information shall be collected by fair and lawful means. The Company will not collect personal information indiscriminately.

Principle 5 – Limiting Use, Disclosure, and Retention of Personal Information

Personal Information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes. If using personal information for a new purpose, the Company will document this purpose. Personal information that is no longer required to fulfill the identified purposes will be destroyed, erased, or made anonymous. The Company will develop guidelines and implement procedures to govern the destruction of personal information.

Principle 6 – Ensuring Accuracy of Personal Information

Personal information will be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. The extent to which personal information will be accurate, complete, and up to date will depend upon the use of the information, taking into account the interests of the individual. Personal information shall be sufficiently accurate, complete and up-to-date to minimize the possibility that inappropriate information may be used to make a decision about an individual.

The Company will not routinely update personal information, unless such a process is necessary to fulfill the purposes for which the information was collected. Personal information that is used on an ongoing basis, including information that may possibly be disclosed to third parties, will generally be accurate and up to date, unless limits to the requirement for accuracy are clearly set out.

Principle 7 – Ensuring Safeguards for Personal Information

The Company will ensure that security safeguards appropriate to the sensitivity of the information will be implemented to protect personal information. The security safeguards will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The Company will protect personal information regardless of the format in which it is held.  The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution, and format of the information, and the method of storage. A higher level of protection will safeguard more sensitive information, such as medical and health records of employees, as appropriate. The methods of protection will include: (i) physical measures, for example, locked filing cabinets and restricted access to offices; (ii) organizational measures, for example, limiting access on a “need-to-know” basis; and (iii) technological measures, for example, the use of passwords, encryption, and audits. The Company will make its employees and consultants aware of the importance of maintaining the confidentiality of personal information and care will be used in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.

Principle 8 – Openness About Personal Information Policies and Practices

The Company will make readily available to individuals specific information about its policies and practices relating to the management of personal information. The Company will be open about its policies and practices with respect to the management of personal information and an individual will be able to acquire information about the Company’s policies and practices without unreasonable effort. This information will be made available in a form that is generally understandable.  The information made available will include:

In addition, the Company may make information on its policies and practices available in a variety of ways including, but not limited to, making brochures available in its place of business, mailing information to its clients, posting signs in its offices, or providing online access.

Principle 9 – Individual Access to Their Own Personal Information

Upon request, an individual will be informed of the existence, use, and disclosure of his or her personal information and will be given access to that information. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate. In certain situations, the Company may not be able to provide access to all the personal information it holds about an individual. Exceptions to the access requirement will be limited and specific. The reasons for denying access will be provided to the individual upon request.

Upon request, the Company will inform an individual whether or not it holds personal information about the individual. The Company will seek to indicate the source of this information and will allow the individual reasonable access to this information.  In addition, upon request, the Company will provide an account of the use that has been made or is being made of this information and an account of the third parties to which it has been disclosed, as appropriate.

An individual will be required to provide sufficient information to permit the Company to provide an account of the existence, use, and disclosure of personal information. The information provided will only be used for this purpose.
The Company will respond to an individual’s request within a reasonable time and at minimal or no cost to the individual. The requested information will be provided or made available in a form that is generally understandable.
If an individual demonstrates the inaccuracy or incompleteness of certain personal information, the Company will amend the information as required. Depending upon the nature of the information challenged, amendment may involve the correction, deletion, or addition of information. Where appropriate, the amended information will be transmitted to third parties having access to the personal information in question. When a challenge is not resolved to the satisfaction of the individual, the Company will record the substance of the unresolved challenge.

Principle 10 – Challenging Compliance with the Company’s Privacy Policies and Practices

An individual will be able to address a challenge concerning compliance with this Privacy Policy with the Privacy Officer. The Company will put procedures in place to receive and respond to complaints or inquiries about its policies and practices relating to the handling of personal information. The complaint procedures will be easily accessible and simple to use. The Company will inform individuals who make inquiries or lodge complaints of the existence of relevant complaint procedures. A range of these procedures may exist and are evolving. The Company will investigate all complaints. If a complaint is found to be justified, the Company will take appropriate measures, including, if necessary, amending its policies and practices.

Currency of this Policy

This policy was adopted by the Board of Directors on January 4, 2019.