Privacy Policy
Ravensong Aquatic Club Privacy Policy
“Organization” refers to: Ravensong Aquatic Club
Background
1. BC provincial legislation is the Personal Information Protection Act. BC is one of three provinces where the federal legislation (PIPEDA) is not applied. PIPEDA is not typically applied to not-for-profits.
2. The BC act states: The purpose of PIPA is to govern the collection, use and disclosure of personal information by organizations in a manner that recognizes both the right of individuals to protect their personal information and the need of organizations to collect, use or disclose personal information for purposes that a reasonable person would consider in the circumstances.
3. This Privacy Policy is based on the standards required by PIPA as interpreted by the Organization.
Definitions
4. The following terms have these meanings in this Policy:
a) “Commercial Activity” – any particular transaction, act or conduct that is of a commercial character.
b) “Personal Information” – any information about an individual that relates to the person’s personal characteristics including, but not limited to: gender, age, income, home address, home phone number, ethnic background, family status, health history, and health conditions
c) “Stakeholder” – Individuals employed by, or engaged in activities on behalf of, the Organization including: coaches, staff members, contract personnel, volunteers, managers, administrators, committee members, and directors and officers of the Organization
d) “Individual” - All categories of membership defined in the Organization’s Bylaws as well as all individuals employed by, or engaged in activities with, the Organization including, but not limited to, athletes, coaches, convenors, officials, volunteers, managers, administrators, committee members, and directors and officers of the Organization
Purpose
5. The Organization recognizes Individuals’ right to privacy with respect to their Personal Information. This Policy describes the way that the Organization collects, uses, safeguards, discloses, and disposes of Personal Information.
Application of this Policy
6. This Policy applies to all Stakeholders and Individuals in connection with personal information that is collected, used or disclosed during Organization activity.
7. Except as provided in PIPA, the Organization’s Board of Directors will have the authority to interpret any provision of this Policy that is contradictory, ambiguous, or unclear.
Obligations
8. The Organization is obligated to follow and abide PIPA in all matters involving the collection, use, and disclosure of Personal Information.
9. In addition to fulfilling the legal obligations required by PIPA, the Organization’s Stakeholders will not:
a) Publish, communicate, divulge, or disclose to any unauthorized person, firm, corporation, or third party any Personal Information without the express written consent of the Individual
b) Knowingly place themselves in a position where they are under obligation to any organization to disclose Personal Information
c) In the performance of their official duties, disclose Personal Information to family members, friends, colleagues, or organizations in which their family members, friends, or colleagues have an interest
d) Derive personal benefit from Personal Information that they have acquired during the course of fulfilling their duties with the Organization
e) Accept any gift or favour that could be construed as being given in anticipation of, or in recognition for, the disclosure of Personal Information
Accountability
10. The Privacy Officer is responsible for the implementation of this policy and monitoring information collection and data security and ensuring that all staff receives appropriate training on privacy issues and their responsibilities. The Privacy Officer also handles personal information access requests and complaints. The Privacy Officer may be contacted at the following address:
Liz Nardi, Club Registrar
breakerregistrar@gmail.com
Ravensong Aquatic Club, PO Box 557, Qualicum Beach, BC, V9K 1T1
11. Duties - The Privacy Officer will:
a) Implement procedures to protect personal information
b) Establish procedures to receive and respond to complaints and inquiries
c) Record all persons having access to personal information
d) Ensure any third-party providers abide by this Policy
e) Train and communicate to staff information about the Organization’s privacy policies and practices.
Identifying Purposes
12. The Organization may collect Personal Information from Individuals and prospective Individuals for purposes that include, but are not limited to:
Communications
a) Sending communications in the form of e-news or a newsletter with content related to the Organization’s programs, events, fundraising, activities, discipline, appeals, and other pertinent information
b) Publishing articles, media relations and postings on the Organization’s website, displays or posters
c) Award nominations, biographies, and media relations
d) Communication within and between Stakeholders and Individuals
e) Discipline results and long-term suspension list
f) Checking residency status
Registration, Database Entry and Monitoring
a) Registration of programs, events and activities
b) Database entry at the Coaching Association of Canada and to determine level of coaching certification, coaching qualifications, and coach selection.
c) Database entry to determine level of officiating certification and qualifications
d) Determination of eligibility, age group and appropriate level of play/competition
e) Athlete Registration, outfitting uniforms, and various components of athlete and team selection
f) Technical monitoring, officials training, educational purposes, sport promotion, and media publications
Sales, Promotions and Merchandising
a) Purchasing equipment, coaching manuals, resources and other products
b) Promotion and sale of merchandise
General
a) Travel arrangement and administration
b) Implementation of the Organization’s screening program
c) Medical emergency, emergency contacts or reports relating to medical or emergency issues
d) Determination of membership demographics and program wants and needs
e) Managing insurance claims and insurance investigations
f) Video recording and photography for personal use, and not commercial gain, by spectators, parents and friends
g) Video recording and photography for promotional use, marketing and advertising by the Organization
h) Payroll, honorariums, company insurance and health plans
13. The Organization’s Stakeholders may collect Personal Information from Individuals and prospective Individuals for other purposes, provided that documented consent specifying the use of the Personal Information is obtained from the Individuals or prospective Individuals.
Consent
14. By providing Personal Information to the Organization, Individuals are implying their consent to the use of that Personal Information for the purposes identified in the Identifying Purposes section of this Policy.
15. At the time of the collection of Personal Information and prior to the use or disclose of the Personal Information, the Organization will obtain consent from Individuals by lawful means, in a manner similar to the form in Appendix A. The Organization may collect Personal Information without consent when it is reasonable to do so and permitted by law.
16. In determining whether to obtain written or implied consent, the Organization will take into account the sensitivity of the Personal Information, as well the Individuals’ reasonable expectations. Individuals may consent to the collection and specified use of Personal Information in the following ways:
a) Completing and/or signing an application form
b) Checking a check box, or selecting an option (such as ‘Yes’ or ‘I agree’)
c) Providing written consent either physically or electronically
d) Consenting orally in person
e) Consenting orally over the phone
17. The Organization will not, as a condition of providing a product or service, require Individuals to consent to the use, collection, or disclosure of Personal Information beyond what is required to fulfill the specified purpose of the product or service.
18. An Individual may withdraw consent in writing, at any time, subject to legal or contractual restrictions. The Organization will inform the Individual of the implications of withdrawing consent.
19. The Organization will not obtain consent from Individuals who are minors, seriously ill, or mentally incapacitated. Consent from these individuals will be obtained from a parent, legal guardian, or a person having power of attorney.
20. The Organization is not required to obtain consent for the collection of Personal Information, and may use Personal Information without the Individual’s knowledge or consent, only if:
a) It is clearly in the Individual’s interests and the opportunity for obtaining consent is not available in a timely way
b) Knowledge and consent would compromise the availability or accuracy of the Personal Information and collection is required to investigate a breach of an agreement or a contravention of a federal or provincial law
c) An emergency threatens an Individual’s life, health, or security
d) The information is publicly available as specified in PIPA
21. The Organization is also not required to obtain consent for the collection of Personal Information if the information is for journalistic, artistic, or literary purposes.
22. The Organization may disclose Personal Information without the Individual’s knowledge or consent only:
a) To a lawyer representing the Organization
b) To collect a debt that the Individual owes to the Organization
c) To comply with a subpoena, a warrant, or an order made by a court or other body with appropriate jurisdiction
d) To a government institution that has requested the information and identified its lawful authority, if that government institution indicates that disclosure is for one of the following purposes: enforcing or carrying out an investigation, gathering intelligence relating to any federal, provincial, or foreign law, national security or the conduct of international affairs, or administering any federal or provincial law
e) To an investigative body named in PIPA or a government institution, if the Organization believes the Personal Information concerns a breach of an agreement, contravenes a federal, provincial, or foreign law, or if the Organization suspects the Personal Information relates to national security or the conduct of international affairs
f) To an investigative body for purposes related to the investigation of a breach of an agreement or a contravention of a federal or provincial law
g) In an emergency threatening an Individual’s life, health, or security (the Organization will inform the Individual of the disclosure)
h) To an archival institution
i) 20 years after the individual's death or 100 years after the record was created
j) If it is publicly available as specified in PIPA
k) If otherwise required by law
Accuracy, Retention, and Openness
23. In order to minimize the possibility that inappropriate Personal Information may be used to make a decision about a Member, Personal Information will be accurate, complete, and as up-to-date as is necessary for the purposes for which it will be used.
24. Personal Information will be retained as long as reasonably necessary to enable participation in the Organization programs, events, and activities, and in order to maintain historical records as may be required by law or by governing organizations.
25. The Organization’s Stakeholders will be made aware of the importance of maintaining the confidentiality of Personal Information and are required to comply with the Organization’s Confidentiality Policy.
26. Personal Information will be protected against loss or theft, unauthorized access, disclosure, copying, use, or modification by security safeguards appropriate to the sensitivity of the Personal Information.
27. Personal Information that has been used to make a decision about an Individual will be maintained for a minimum of one year in order to allow the individual the opportunity to access the Personal Information after the decision has been made.
28. The Organization will make the following information available to Individuals:
a) This Privacy Policy
b) Any additional documentation that further explains the Organization’s Privacy Policy
c) The name or title, and the address, of the person who is accountable for the Organization’s Privacy Policy
d) The means of gaining access to Personal Information held by the Organization
e) A description of the type of Personal Information held by the Organization, including a general account of its use
f) Identification of any third parties to which Personal Information is made available
Access
29. Upon written request, and with assistance from the Organization after confirming the Individual’s identity, Individuals may be informed of the existence, use, and disclosure of their Personal Information and will be given access to that Personal Information. Individuals are also entitled to be informed of the source of the Personal Information and provided with an account of third parties to which the Personal Information has been disclosed.
30. Unless there are reasonable grounds to extend the time limit, requested Personal Information will be disclosed to the Individual, at no cost to the Individual, within thirty (30) days of receipt of the written request.
31. Individuals may be denied access to their Personal Information if the information:
a) Is prohibitively costly to provide
b) Contains references to other individuals
c) Cannot be disclosed for legal, security, or commercial proprietary purposes
d) Is subject to solicitor-client privilege or litigation privilege
32. If the Organization refuses a request for Personal Information, it shall inform the Individual the reasons for the refusal and identify the associated provisions of PIPA that support the refusal.
Compliance Challenges
33. Individuals are able to challenge the Organization for its compliance with this Policy.
34. Upon receipt of a complaint, the Organization will:
a) Record the date the complaint is received
b) Notify the Privacy Officer who will serve in a neutral, unbiased capacity to resolve the complaint;
c) Acknowledge receipt of the complaint by way of telephone conversation and clarify the nature of the complaint within seven (7) days of receipt of the complaint
a) Appoint an investigator using the Organization’s personnel or an independent investigator, who will have the skills necessary to conduct a fair and impartial investigation and will have unfettered access to all file and personnel
d) Upon completion of the investigation and within thirty (30) days of receipt of the complaint, the investigator will submit a written report to the Organization
e) Notify the complainant the outcome of the investigation and any relevant steps taken to rectify the complaint, including any amendments to policies and procedures
35. the Organization will not dismiss, suspend, demote, discipline, harass, or otherwise disadvantage any the Organization Individual or Stakeholder who:
a) Challenges the Organization for its compliance with this Policy
b) Refuses to contravene this Policy, PIPA
c) Takes precautions not to contravene this Policy, PIPA; even though said precautions may be in opposition to the regular duties performed by the Individual