Personal Information Privacy Commitment Statement

Similar documents
Credit Union Code for the Protection of Personal Information

The Manitoba Child Care Association PRIVACY POLICY

Credit Union Board of Directors Introduction, Resolution and Code for the Protection of Personal Information

PACIFIC EXPLORATION & PRODUCTION CORPORATION (the Corporation )

3. Consent for the Collection, Use or Disclosure of Personal Information

Boys and Girls Clubs of Kawartha Lakes B: Administration B4: Information Management & Policy: Privacy & Consent Technology

PROTECTION OF PERSONAL INFORMATION

PERSONAL INFORMATION PROTECTION ACT

The Ten privacy principles and our commitment to them are as follows:

THE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT (PIPEDA) PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK

Taking care of what s important to you

Personal Information Protection and Electronic Documents Act

SASKATCHEWAN OFFICE OF THE INFORMATION AND PRIVACY COMMISSIONER INVESTIGATION REPORT F Saskatchewan Workers Compensation Board

Personal Information Protection and Electronic Documents Act (PIPEDA)

NORTHWESTEL CODE OF FAIR INFORMATION PRACTICES. Effective January 1, 2001

Protecting your privacy

We will not collect, use or disclose your personal information without your consent, except where required or permitted by law.

Taking care of what s important to you

Doing Business. A Practical Guide. casselsbrock.com. Canada. Dispute Resolution. Foreign Investment. Aboriginal. Securities and Corporate Finance

AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010

PERSONAL HEALTH INFORMATION PROTECTION ACT, 2004: AN OVERVIEW FOR HEALTH INFORMATION CUSTODIANS

Protection. Code of Practice. of Personal Data RPC001147_EN_D_19

We ask that you contact our Privacy Officer in the event you have any questions or concerns regarding this Code or its implementation.

DATA PROTECTION POLICY

You may choose not to provide us with any of this information, but not doing so will affect our ability to provide you with storage.

5.00 Employee in relation to the university, includes a volunteer and a service provider.

Children s Hearings (Scotland) Act asp 1

Cryopreservation Agreement between the Cryonics Institute and Suspended Animation

The Winnipeg Foundation Privacy Policy

Beacon Financial Group - Privacy Policy

Questions and answers for custodians about the Personal Health Information Privacy and Access Act (PHIPAA)

PERSONAL INFORMATION PRIVACY POLICY FOR EMPLOYEES AND VOLUNTEERS [ABC SCHOOL]

Pacific Smiles Group Privacy Policy

PRIVACY AND CREDIT REPORTING POLICY

PRIVACY POLICY. comply with the Australian Privacy Principles ("APPs"); ensure that we manage your personal information openly and transparently;

Western Union Money Transfer Service User Agreement

Appendix : Business Associate Agreement

The Archives and Public Records Management Act

Credit Reporting Privacy Policy of Baybrick Pty Ltd

PRIVACY POLICY. Privacy Statement

Index All entries in the index reference page numbers.

NOTICE TO BANKS MONETARY AUTHORITY OF SINGAPORE ACT, CAP. 186 PREVENTION OF MONEY LAUNDERING AND COUNTERING THE FINANCING OF TERRORISM - BANKS

DATA PROTECTION POLICY

Personal Data Protection LAWS OF MALAYSIA. Act 709 PERSONAL DATA PROTECTION ACT 2010

Privacy fact sheet 17

CORPORATE TRAVEL MANAGEMENT PRIVACY POLICY

M&T BANK CANADIAN PRIVACY POLICY

TERMS OF SERVICE TELEPORT REQUEST RECEIVERS

Coffey International Limited Privacy Policy. July 2014

Northwest Cardiology Associates 400 W. Northwest Hwy Barrington, IL Fax HIPAA Notice of Privacy Practices ( Notice )

National Home Health Care HIPAA Notice of Privacy Practices

communications between us and your financial, legal or other adviser, or your broker or agent;

Thompson Jenner LLP Last revised April 2013 Standard Terms of Business

Daltrak Building Services Pty Ltd ABN: Privacy Policy Manual

ROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014.

Data Protection Good Practice Note

Personal Data Act (1998:204);

Detailed Notice of Privacy Practices Effective Date: September 20, 2013

Privacy Policy. Board for Lutheran Education Australia. Policy. Purpose. Exclusion

The Amendment of the Loan Agreement (for Business)/ Overdraft Facility Agreement (for Consumption)/ Money Mortgage Agreement*

NOTE: SERVICE AGREEMENTS WILL BE DRAFTED BY RISK SERVICES SERVICE AGREEMENT

DATA PROTECTION POLICY. Examples of personal data which TWM may require from clients include the following and for the reasons ascribed to each;

National Association of Pharmacy Regulatory Authority s Privacy Policy for Pharmacists' Gateway Canada

HUMAN RESOURCES MANAGEMENT 53 Personnel Records

NOTICE OF PRIVACY PRACTICES Walter Chiropractic Clinic, 5219 Peters Creek Rd Ste 5, Roanoke VA 24019

NOTICE OF PRIVACY PRACTICES

Abilities Centre collects personal information for the following purposes:

BERMUDA INTERNATIONAL COOPERATION (TAX INFORMATION EXCHANGE AGREEMENTS) ACT : 47

The Manitowoc Company, Inc.

HIPAA PRIVACY POLICIES AND PROCEDURES

NOTICE OF THE POWERS TO SEARCH PREMISES AND OF THE RIGHTS OF OCCUPIERS UNDER SECTION 194 OF THE ENTERPRISE ACT 2002 ( THE ACT )

INDIVIDUAL CLIENT AGREEMENT AGILITY FOREX LTD INDIVIDUAL CLIENT AGREEMENT

Data Protection Policy

OBJECTS AND REASONS. (a) the regulation of the collection, keeping, processing, use or dissemination of personal data;

PRIVACY POLICY Personal information and sensitive information Information we request from you

New Ross Credit Union Web Site Statement

Passenger Protect Program Transport Canada

CONSUMER FRAUD ALERT: PROTECT YOURSELF.

Information with a person who is involved in your medical care or payment for your care, such as your family or a

Responsibilities of Custodians and Health Information Act Administration Checklist

Video Surveillance. Purpose. Policy

NOTICE OF PRIVACY PRACTICES

NSW Self Insurance Corporation Amendment (Home Warranty Insurance) Act 2010 No 30

Protection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1

Code of Practice on the Identity Card Number and other Personal Identifiers Compliance Guide for Data Users

KESWICK MULTI-CARE CENTER, INC. NOTICE OF PRIVACY PRACTICES

SUBJECT: VOYAGEUR TRANSPORTATION CORPORATE POLICIES/PROCEDURES TITLE: PRIVACY OF PERSONAL HEALTH INFORMATION

Standard conditions of the Electricity Distribution Licence

MULTICARE ASSOCIATES OF THE TWIN CITIES, P.A. NOTICE OF PRIVACY PRACTICES

Photography and filming in schools Code of Practice

Consumer Collection Agencies

NOTICE OF HEALTH INFORMATION PRACTICES

PRIVACY POLICY. Consent

2015 No FINANCIAL SERVICES AND MARKETS. The Small and Medium Sized Business (Finance Platforms) Regulations 2015

EHR Contributor Agreement

The Youth Drug Detoxification and Stabilization Act

Government of Bermuda. The Personal Information Protection Act (PIPA) Draft Model For Consultation

2015 No FINANCIAL SERVICES AND MARKETS. The Small and Medium Sized Businesses (Credit Information) Regulations 2015

REVIEW REPORT

Information Privacy Policy

Transcription:

Personal Information Privacy Commitment Statement In accordance with applicable laws, Niverville Community Fellowship (the Church ) is committed to protecting the privacy of its members, adherents, donors, volunteers, employees, directors, and any other persons about or from whom the Church collects personal information. The Church embraces the principles of the Canadian Standards Association Model Code for the Protection of Personal Information to ensure that all personal information is properly collected, retained, used and disclosed only for the purposes disclosed, and disposed of in a safe and timely manner when no longer required. In being, or becoming a member or adherent of the Church, it is recognized by all such individuals that the Bible portrays believers as members of one body (see I Corinthians 12). This requires the sharing of personal information with the body. Further, it is recognized that the Church is affiliated with both the Evangelical Mennonite Mission Conference and the Mennonite Church Manitoba (the Conferences ). Because of that affiliation, the Church, its members and adherents by voluntary implied contract submit to, and are bound by, the Constitutions of the Conferences. Except as otherwise stated in the Constitution or other governing documents of the Church and Conferences, or the operation of law, authority for the collection, retention, use, and disclosure of personal information shall be subject to the Church s Privacy Policy. Other persons or organizations who act for, or on behalf of the Church are required to comply with the Privacy Policy and will be given restricted access to personal information solely to perform the services that they may be retained to perform on behalf of the Church. The Church has designated the Elder of Human Resources to be its Privacy Officer. Any inquiry, request, or concern related to privacy matters should be made in writing to the Privacy Officer who can be contacted at: Privacy Officer Niverville Community Fellowship c/o Elder of Human Resources Box 206, Niverville, Manitoba ROA 1E0 E-mail: privacy@nivcf.ca 1

Niverville Community Fellowship Privacy Policy In accordance with applicable laws, Niverville Community Fellowship (the Church ) is committed to protecting the privacy of its members, adherents, donors, volunteers, employees, directors, and any other persons about or from whom the Church collects personal information. The Church embraces the principles of the Canadian Standards Association Model Code for the Protection of Personal Information to ensure that all personal information is properly collected, retained, used and disclosed only for the purposes disclosed, and disposed of in a safe and timely manner when no longer required. Definitions Collection: the Act or process of collecting; in this case, personal information from individuals. Consent: permission to do something; in this case, to collect, retain, use, and/or disclose personal information collected from individuals. Disclosure: making certain information known; in this case, personal information collected from individuals. Personal Information: information about an identifiable individual Privacy Officer: an employee of an organization who is responsible for compliance with the organization s privacy policies 1. Accountability The Church is responsible for maintaining and protecting the personal information under its control. The Church has appointed a Privacy Officer who is responsible to ensure that the Church and its designated individuals comply with their privacy obligations in accordance with applicable privacy laws when involved in the collection, retention, use and disclosure of personal information. 2

2. Identifying Purposes The Church collects, retains, uses, and discloses personal information for a variety of purposes including, but not limited to: Providing services to individuals ministered to by the Church, such as: o Vacation Bible School; and o Youth Nights Establishing and maintaining member lists; Managing payroll and benefits; Employee performance evaluations; Establishing and maintaining lists of donors. Videotaping and Online Streaming of Church Services (explained at Section 2.1) The Church shall identify and explain the purposes for which it collects personal information, to the person from whom the personal information is being collected, before or at the time the information is collected. If the Church chooses to use personal information for a purpose not identified when collected, it will be identified to the person prior to use, and consent will be obtained. 2.1 Videotaping and Online Streaming of Church Services The Church videotapes and audiotapes its services. Recordings are then transmitted via closed circuit television broadcast to other areas of the Church and/or live streamed to the Internet. There is the possibility that an attendee of these services will be filmed, recorded and/or photographed as part of the audience or individually. The Church will either announce prior to its Sunday morning services, or any other service in which videotaping and online streaming is done, of the intention to videotape or the Church will place two signs near the sanctuary of the church indicating to attendees that its services will be videotaped and live streamed to the Internet. By virtue of their attendance during a videotaped church service, each attendee grants their permission to be videotaped, audio taped, and/or photographed for commercial and non-commercial purposes, and agrees to the following: 3

To be recorded, filmed, videotaped, or photographed by any means; To allow commercial and/or non-commercial use of their likeness, image, voice and words without compensation; To allow their likeness, image, voice and words to be live streamed on the Church s website and transmitted via closed circuit television broadcast; To allow the Church to retain and store any recordings of its services, including but not limited to, storage of the recordings on the Church s website; To waive their privacy rights during the videotaping, recording or photographing; To release the Church from any and all liability for loss or damage from the commercial or other use of their likeness, image, voice or words; 3. Consent Consent will be obtained from the person whose personal information is collected, retained, used, and disclosed, unless obtaining consent would be inappropriate or not required by law. Sometimes the person s consent may be implied by virtue of their membership in the Church or because of the person s conduct within the Church. The Church adopts, but does not limit itself to, the situations where knowledge or consent for the collection, use and disclosure of personal information is not required as listed in section 7 of the Personal Information Protection and Electronic Documents Act, SC 2000, c5, which is attached as Schedule A to this Privacy Policy. When it is appropriate, written consent will be obtained. Written consents will be kept on file for as long as the information is reasonably necessary. A person may withdraw his or her consent at any time, subject to legal or contractual restrictions and reasonable notice. The person will be informed of reasonably foreseeable implications of the withdrawal. 4. Limiting Collection Personal information collected will be limited to that required for the purpose or purposes identified by the Church. The Church is committed to collecting personal information in a fair, open, and lawful manner. 4

5. Limiting Use, Disclosure and Retention Personal information will only be used, retained or disclosed by the Church for the purposes for which it was collected. The Church will only use personal information for other purposes with the consent of the person, or if required by law. All collected personal information shall be destroyed, erased or made anonymous as soon as the purpose for which it was collected is no longer relevant, or as permitted by the law. 6. Accuracy The Church will endeavour to keep collected personal information in as accurate, complete and up-to-date form as is necessary for the purposes for which the Church intends to use the information. 7. Safeguards Personal information will be protected by security safeguards that are appropriate to the sensitivity of the personal information. The safeguards could include physical measures such as locked filing cabinets and premises security, organizational measures such as restricted access to files with personal information or technological measures such as security software. Employees of the Church have been, and will continue to be educated as to the importance of confidentiality of personal information, and the proper methods for securing and maintaining the confidentiality of that information. 8. Openness Information regarding the Church s Privacy Policy, as well as the personal information management, shall be available upon request. The information will include: The name and address of the Privacy Officer; The means of gaining access to personal information held by the Church; A copy of any brochures or other information that explains the Church s policies, standards or codes 5

A description of the personal information being retained by the Church, and the purposes for which the information is used What, if any, personal information is being shared by the Church with third parties, and the names of the third parties who have been provided with personal information 9. Access to Personal Information Access to personal information will be granted where the Church is legally required to release the information and provided that the disclosure does not violate any applicable statutes or contracts, to the person to whom the information pertains where there is an appropriate written request. Access to personal information will be granted within thirty (30) days of a request at little or no cost to the person making the request. The Church will also assist any person who informs the Church that it requires assistance in preparing a request for access to personal information. Should the Church require additional time to respond to a request for personal information, it may extend the response period by at least an additional thirty (30) days for any reason listed at section 8(4) of the Personal Information and Electronic Documents Act, SC 2000, c.5, found at Schedule B to this Privacy Policy. If the Church does require an extension of time to respond to a request, it shall provide notice of the extension to the person who has made the request within thirty (30) days of the request being made. If an individual is unsatisfied with the accuracy or completeness of the collected personal information, they may challenge any inaccuracy or incomplete part of the information. Any inaccuracy or incompleteness of personal information will be amended by the Church as required. 10. Challenging Compliance Complaints or inquiries about the collection, use, disclosure, or retention of personal information and the Church s compliance with these ten principles should be directed to the Privacy Officer. The Privacy Officer will investigate complaints and ensure that the appropriate measures are taken. Should a challenge not be resolved to the individual s satisfaction, the challenge will be recorded by the Church and kept on file. 6

Schedule A to the Niverville Community Fellowship Privacy Policy Section 7 of the Personal Information and Electronic Documents Act, SC 2000, c.5 Collection, Use, and Disclosure of Personal Information without Knowledge or Consent of the Individual(s) Collection without knowledge or consent 7. (1) For the purpose of clause 4.3 of Schedule 1, and despite the note that accompanies that clause, an organization may collect personal information without the knowledge or consent of the individual only if (a) the collection is clearly in the interests of the individual and consent cannot be obtained in a timely way; (b) it is reasonable to expect that the collection with the knowledge or consent of the individual would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province; (c) the collection is solely for journalistic, artistic or literary purposes; (d) the information is publicly available and is specified by the regulations; or (e) the collection is made for the purpose of making a disclosure (i) under subparagraph (3)(c.1)(i) or (d)(ii), or (ii) that is required by law. Use without knowledge or consent (2) For the purpose of clause 4.3 of Schedule 1, and despite the note that accompanies that clause, an organization may, without the knowledge or consent of the individual, use personal information only if (a) in the course of its activities, the organization becomes aware of information that it has reasonable grounds to believe could be useful in the investigation of a contravention of the laws of Canada, a province or a foreign jurisdiction that has been, is being or is about to be committed, and the information is used for the purpose of investigating that contravention; (b) it is used for the purpose of acting in respect of an emergency that threatens the life, health or security of an individual; (c) it is used for statistical, or scholarly study or research, purposes that cannot be achieved without using the information, the information is used in a manner that will ensure its confidentiality, it is impracticable to obtain consent and the organization informs the Commissioner of the use before the information is used; (c.1) it is publicly available and is specified by the regulations; or (d) it was collected under paragraph (1)(a), (b) or (e). 7

Disclosure without knowledge or consent (3) For the purpose of clause 4.3 of Schedule 1, and despite the note that accompanies that clause, an organization may disclose personal information without the knowledge or consent of the individual only if the disclosure is (a) made to, in the Province of Quebec, an advocate or notary or, in any other province, a barrister or solicitor who is representing the organization; (b) for the purpose of collecting a debt owed by the individual to the organization; (c) required to comply with a subpoena or warrant issued or an order made by a court, person or body with jurisdiction to compel the production of information, or to comply with rules of court relating to the production of records; (c.1) made to a government institution or part of a government institution that has made a request for the information, identified its lawful authority to obtain the information and indicated that (i) it suspects that the information relates to national security, the defence of Canada or the conduct of international affairs, (ii) the disclosure is requested for the purpose of enforcing any law of Canada, a province or a foreign jurisdiction, carrying out an investigation relating to the enforcement of any such law or gathering intelligence for the purpose of enforcing any such law, or (iii) the disclosure is requested for the purpose of administering any law of Canada or a province; (c.2) made to the government institution mentioned in section 7 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Act as required by that section; * (c.2) made to the government institution mentioned in section 7 of the Proceeds of Crime (Money Laundering) Act as required by that section; * [Note: Paragraph 7(3)(c.2), as enacted by paragraph 97(1)(a) of chapter 17 of the Statutes of Canada, 2000, will be repealed at a later date.] (d) made on the initiative of the organization to an investigative body, a government institution or a part of a government institution and the organization (i) has reasonable grounds to believe that the information relates to a breach of an agreement or a contravention of the laws of Canada, a province or a foreign jurisdiction that has been, is being or is about to be committed, or (ii) suspects that the information relates to national security, the defence of Canada or the conduct of international affairs; (e) made to a person who needs the information because of an emergency that threatens the life, health or security of an individual and, if the individual whom the information is about is alive, the organization informs that individual in writing without delay of the disclosure; (f) for statistical, or scholarly study or research, purposes that cannot be achieved without disclosing the information, it is impracticable to obtain consent and the organization informs the Commissioner of the disclosure before the information is disclosed; 8

(g) made to an institution whose functions include the conservation of records of historic or archival importance, and the disclosure is made for the purpose of such conservation; (h) made after the earlier of (i) one hundred years after the record containing the information was created, and (ii) twenty years after the death of the individual whom the information is about; (h.1) of information that is publicly available and is specified by the regulations; (h.2) made by an investigative body and the disclosure is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province; or (i) required by law. Use without consent (4) Despite clause 4.5 of Schedule 1, an organization may use personal information for purposes other than those for which it was collected in any of the circumstances set out in subsection (2). Disclosure without consent (5) Despite clause 4.5 of Schedule 1, an organization may disclose personal information for purposes other than those for which it was collected in any of the circumstances set out in paragraphs (3)(a) to (h.2). 9

Schedule B to the Niverville Community Fellowship Privacy Policy Section 8(4) of the Personal Information and Electronic Documents Act, SC 2000, c.5 Extension of the Time Limit to Respond to an Individual s Request for Access to Personal Information Extension of time limit (4) An organization may extend the time limit (a) for a maximum of thirty days if (i) meeting the time limit would unreasonably interfere with the activities of the organization, or (ii) the time required to undertake any consultations necessary to respond to the request would make the time limit impracticable to meet; or (b) for the period that is necessary in order to be able to convert the personal information into an alternative format. In either case, the organization shall, no later than thirty days after the date of the request, send a notice of extension to the individual, advising them of the new time limit, the reasons for extending the time limit and of their right to make a complaint to the Commissioner in respect of the extension. 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information