Personal information gathered by our organization is kept in confidence. The CSA personnel are authorized to access personal information based only on their need to deal with the information for the reason(s) for which the information was obtained. Personal information is not disclosed or shared more widely than is necessary to achieve the purpose for which it was gathered. We also take measures to ensure that the integrity of this information is maintained and to prevent it being lost or prematurely destroyed. We collect, use and disclose personal information only for the purposes that a reasonable person would consider appropriate or obvious in the circumstances and which is allowed by law.
By using our website or interacting with the organization, you consent to CSA’s privacy policy.
Depending on your interactions with the CSA, we may collect different kinds of personal information about you, including:
For employees, contractors, volunteers, Board members, and service providers, your personal information
may be collected in the course of your duties providing services to the CSA and will be used to administer
your role with the CSA and to operate the programs and activities of the CSA.
We use different methods to collect personal information including through:
1) Direct interactions. You may give us your contact, transaction and financial personal information by filling in forms or by corresponding with us by mail, phone, email or otherwise. This includes personal information you provide when you:
a) make a donation and receive a tax receipt, if applicable;
b) apply for membership, subscribe to our publications, contact us, or provide feedback;
c) register for and/or attend a CSA event; or
d) request information and/or marketing materials be sent to you.
2) Automated technologies or interactions. As you interact with our website, we may automatically collect technical personal information about your equipment, browsing actions and patterns. We may collect this personal information by using cookies, server logs and other similar technologies. We may also receive technical personal information about you if you visit other websites employing our cookies if applicable.
We use the information we collect for the following purposes, unless otherwise stated at the time of
collection:
The CSA implements a variety of technical, physical, and procedural security measures to maintain the
safety of your personal information.
MARKETING
Where Canada’s Anti-spam Legislation (CASL) applies to CSA communications with donors or volunteers,
CSA is committed to complying with CASL and, in particular, the provisions setting out the requirements for sending commercial electronic messages.
You will receive marketing communications from us if you are a member, have requested information from us, or made a donation to CSA and you have not opted out of receiving that marketing. You can ask us to stop sending you marketing messages at any time by following the opt-out procedure on any marketing message sent to you or by contacting us at any time. Opting out of marketing communications does not restrict communications related to events and services you have chosen to participate in.
DISCLOSURE TO THIRD PARTIES
The CSA does not currently disclose personal information to any third parties for the purposes of marketing and fundraising such as selling, trading or otherwise transferring personal information to outside parties. If such practices are executed by the organization at any point in time, individuals will be provided with an opportunity to opt out of any such communications.
CHANGE OF PURPOSE
If the CSA wishes to use personal information for a substantially different purpose than the purpose for
which the information was collected, we will seek your express consent describing this new purpose and
document that your consent has been given.
HOW LONG WILL WE RETAIN YOUR PERSONAL INFORMATION?
We will retain your personal information for as long as reasonably appropriate to fulfill the purposes we
collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting
requirements. We may retain your personal information for a longer period in the event of a complaint or
if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
You may ask us to delete your personal information by emailing your request to info@sparthritis.ca, which we will do unless required to retain the information by law.
CORRECTING YOUR PERSONAL INFORMATION
You may ask us to correct your personal information by emailing your request and explanation for the
correction to info@sparthritis.ca.
The CSA will make best efforts to accommodate correctionrequests if satisfied on reasonable grounds that the request should be implemented. If no correction ismade, the CSA will, where possible, annotate recorded personal information with the correction that was
requested but not made.
PERSONAL INFORMATION BREACH NOTIFICATION
Any privacy breach of personal information under the care of the CSA must immediately be reported to the CSA’s Executive Director, who will investigate the nature of the breach and will take appropriate action as required.
In the case of a personal information privacy breach where there is a loss or unauthorized access or
disclosure of personal information, and there exists a real risk of significant harm to the individual(s), the
individual(s) whose private information is breached will be notified promptly by the Executive Director. In
considering risk of significant harm to the individual(s) the sensitivity of the breached information and the
probability that the information will be misused will be considered.
Notice to the individual(s) whose personal information is breached must be given directly to the individual
if possible, and must include a description of the breach, the type of personal information involved, the date of the breach, steps taken by the CSA to reduce the risk of harm and the contact information of the CSA’s Executive Director should the individual(s) have questions.
The notification to the individual(s) must be in person, by telephone, mail, email or other form of
communication that is reasonable. Indirect notification must be given if direct notification would cause harm to the individual(s), cause undue hardship to CSA, or if CSA does not have the individual(s) contact
information. Indirect notification must be given by public communication or other similar measure.
If the CSA notifies the individual(s) involved in a breach, it will also notify other organizations of the breach if such a notification may be able to reduce the risk of harm or mitigate it. Based on the jurisdiction in which the affected individual(s) resides, the applicable regulatory authority may also need to be notified by law.
The CSA will keep a record of any breaches and provide the information to the applicable regulatory authorities upon request or as required. Privacy breach records will be kept for a 24-month period following any breach, or longer if required by law.
Questions, concerns or complaints relating to the CSA’s Privacy Policy on the treatment of personal information should be e-mailed to info@sparthritis.ca. You have the right to make a complaint at any time to the relevant supervisory authority for personal information protection issues. You can contact the Office of the Privacy Commissioner of Canada (“OPC”), see: https://www.priv.gc.ca/en/contact-the-opc/ (if you are concerned about the CSA’s potentially commercial use of your personal information) or your applicable provincial privacy authority. We would, however, appreciate the chance to deal with your concerns before you approach the privacy authority, and we encourage you to contact us in the first instance.