TRINITY'S PRIVACY POLICY AND PRACTICES
Our Commitment
Trinity Anglican Church (the Church) is committed to maintain the privacy of its members and employees. While it is necessary for the Church to collect personal information in order to carry out its normal functions, its policy is to use appropriate safeguards to ensure that this information is collected, used and protected according to the ten principles of Canada’s Protection of Personal Information and Electronic Documents Act (PIPEDA).
Introduction
The Act (PIPEDA) balances the needs for organizations to gather and use personal information with the individual’s right to privacy. It gives control to the individual by requiring the organization to obtain consent to collect, use or disclose any such personal information. Personal information includes all information that can identify or give information about an individual.
1. Accountability
The Church is responsible for maintaining and protecting all personal information under its control. A Privacy Officer, The Venerable Richard Salt, has been designated who is responsible for ensuring compliance with the ten PIPEDA principles.
2. Identifying the Purpose
Whenever the Church asks for personal information, the purpose for which it is being collected will be identified. Generally, the information is used to maintain membership lists, to communicate with Parish Council and Mission members, Committee members and other volunteers, to inform members about church activities, to maintain subscription lists to church publications, to register participants for church events and to compile statistical and historical information about the Church. These purposes may change or be added to from time to time.
3. Obtaining Consent
The Church requires an individual’s knowledge and consent to the collection, use or disclosure of personal information. It shall be ensured that the individual reasonably understands why and how the information is to be used when consent is given. Express consent will be obtained when possible and in all cases where the information may be particularly sensitive. Completion of an application or registration form assumes consent to collect the information. Consent may be obtained in person, by phone, by mail or email. Verbal consent should be recorded electronically or on hard copy by the person collecting the information. Written or email consent should be kept on file.
Information collected prior to January 1, 2004 will be handled in a manner consistent with the PIPEDA principles. Individuals may review their personal information held by the Church by contacting the Privacy Officer and may request deletion of any information. Individuals should be informed, however, of the implications of any such deletion or withdrawal of consent.
4. Limiting Collection
The Church will collect its information by fair and lawful means and will limit the collection to the amount and type of information necessary for the identified purpose. Usual information collected is limited to name, title, gender, address, telephone number, email address, baptism and confirmation status, date of birth, and STAR rating (see below).
The STAR – Safety, Trust, Accountability, Respect – program requires additional personal information for the purpose of screening volunteers and staff who accept positions of responsibility in Church activities.
5. Limiting Use, Disclosure and Retention
The Church will use personal information only for the purpose it was collected unless consent is obtained to do otherwise. Information is only accessible to staff persons on a need-to-know basis. Office volunteers may occasionally have access to specific information for the carrying out of their duties. Information released for a specific task or activity will be destroyed when that task or activity is completed. All persons having access to personal information will be provided with guidance on the use and disclosure of such information.
Personal information is not disclosed to any third party without an individual’s consent. The Church membership list is released only to the Anglican Journal for subscription purposes only and further disclosure by that publication to other organizations is protected.
General information may be held by the Church indefinitely for archival and historical purposes.
6. Accuracy
The Church tries to ensure that all the information collected and used is accurate, complete and up-to-date. Individuals are relied upon to inform the Church of any changes in their personal information. Any individual may request to view their personal information for accuracy by contacting the Privacy Officer and may request the Church to make corrections or changes.
7. Safeguarding Personal Information
Personal information is stored in an electronic database that is password protected and access is limited to only those personnel who need to use it for the purposes identified. Any printed or written documents containing personal information are protected against loss, theft or unauthorized access by storing in secured cabinets when not in use. Access to these cabinets is restricted to authorized personnel. Any such information is shredded before discarding. Any material that is uploaded to the Church’s web site that contains personal information on church members will be placed in an area that is accessible only to members who have read and signed the Church Safe Environment Policy and received a 1 STAR rating.
8. Openness
The Church will publish its Privacy Policy and Practices for the handling of personal information on its web site. Individuals requesting information about the Policy and Practices may be directed to the web site where appropriate, or will be provided with a copy of this document.
9. Individual Access
All individuals are entitled to know what personal information the Church holds, how it is used, disclosed and retained. Requests to the Privacy Officer to view their personal information will be honoured in reasonable time and any requested corrections or deletions will be handled as quickly as possible.
10. Challenging Compliance
The Church Privacy Officer will answer any questions or enquiries relating to the collection, use and retention of personal information and will respond promptly to any challenges. If not satisfied by the response, the individual will be advised of avenues of recourse under the Act.
NOTE
We wish to acknowledge the courtesy extended by Rhonda Lorch, Director of Administration, the Evangelical Lutheran Church of Canada for permission to use their Privacy, Policy and Compliance documents in any way that would be helpful to our congregation.
