Contact Us

PRIVACY POLICY

1.0 Purpose of Privacy Policy

The Churh of St Stephen, Downsview, here after referred to as CSSD, is a not-for-profit religious organization with a volunteer board of directors whose purpose is to:

• To preach and advance the teachings of the Christian faith and the religious tenets, doctrines, observances and culture associated with that faith.
• To establish and maintain and support a house of worship with services conducted in accordance with the tenets and doctrines of the Christian faith.
• To support and maintain missions and missionaries in order to propagate the Christian faith.
• To establish and maintain a religious school of instruction for children, youth and adults.

This privacy policy has been developed to comply with Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). PIPEDA sets out rules for the collection, use and disclosure of personal information in the course of commercial activity as defined in the Act.

The ten principles of PIPEDA that form the basis of this Privacy Policy are as follows:

1. Accountability: organizations are accountable for the personal information they collect, use, retain and disclose in the course of their activities, including, but not limited to, the appointment of a Chief Privacy Officer;
2. Identifying Purposes: organizations are to explain the purposes for which the information is being used at the time of collection and can only be used for those purposes;
3. Consent: organizations must obtain an Individual’s express or implied consent when they collect, use, or disclose the individual’s personal information;
4. Limiting Collection: the collection of personal information must be limited to only the amount and type that is reasonably necessary for the identified purposes;
5. Limiting Use, Disclosure and Retention: personal information must be used for only the identified purposes, and must not be disclosed to third parties unless the Individual consents to the alternative use or disclosure, or as required by law
6. Accuracy: organizations are required to keep personal information in active files accurate and up-to-date;
7. Safeguards: organizations are to use physical, organizational, and technological safeguards to protect personal information from unauthorized access or disclosure.
8. Openness: organizations must inform their donors and members and train their employees about their privacy policies and procedures;
9. Individual Access: an individual has a right to access personal information held by an organization and to challenge its accuracy if need be; and
10. Provide Recourse: organizations are to inform donors, members and employees of how to bring a request for access, or complaint, to the Chief Privacy Officer, and respond promptly to a request or complaint by the individual.

This Privacy Policy applies to CSSD’s Rector, Wardens, employees and contracted employees, volunteers and members. As well, CSSD ensures that all Board members, employees, volunteers and third party service providers sign confidentiality agreements in the performance of their duties or prior to any transfer of an individual’s personal information in the course of providing advice, and other related information and/or services.

1.2 Definitions

“Personal information” means any information about an identifiable individual. It may include without limitation, information relating to identity, nationality, age, gender, address, telephone number, e-mail address, date of birth, marital status, education, skills, and donations as well as certain personal opinions or views of an Individual.

“Business information” means business name, business address, business telephone number, name(s) of officer(s), job titles, business registration numbers (GST, HST and source deductions). Although business information is not subject to PIPEDA, confidentiality of business information will be treated with the same security measures by CSSD staff, members and Board members, as is required for individual personal information under PIPEDA.

“Chief Privacy Officer”, for the purpose of this policy, means the person who occupies the position of Rector’s Warden.

“Individual” means any person who provides personal information to CSSD in the process of volunteering, donating or becoming a member of CSSD.

“Member” means a person who has completed membership requirements as defined in the canons of the Anglican Diocese of Toronto.

“Application” means an application form or related forms completed by the individual(s) to participate in CSSD activities.

“Data base” means the list of names, addresses, telephone numbers and related information of individuals held by CSSD in the forms of, but not limited to, computer files, paper files, and files on computer hard-drives.

“File” means the information collected in the course of processing an application, as well as information collected/updated to maintain /service the account.

“Express consent” means the individual signs the application, or other forms containing personal information, authorizing CSSD to collect, use, and disclose the individual’s personal information for the purposes set out in the application and/or forms.

“Implied Consent” means the organization may assume that the individual consents to the information being used, retained and disclosed for the original purposes, unless notified by the individual.

“Third Party” means a person or company that provides services to CSSD in support of the programs, benefits, and other services offered by CSSD, such as other lenders, credit bureaus, persons with whom the individual does business, but does not include any Government office or department to whom CSSD reports in the delivery of such programs, benefits or services.

2.0 Purposes of Collecting Personal Information

Personal information is collected in order to track volunteers and their skills, track donations, provide receipts and communicate information. The individual is the main source of information but CSSD may also ask to obtain information directly from a third source where the individual does not have the required information. Only that information which is required for these purposes will be collected.

3.0 Consent

An individual’s express, written consent will be obtained before or at the time of collecting personal information. The purposes for the collection, use or disclosure of the personal information will be provided to the individual at the time of seeking his or her consent. Once consent is obtained from the individual to use his or her information for those purposes, CSSD has the individual’s implied consent to collect or receive any supplementary information that is necessary to fulfil the same purposes. Express consent will also be obtained if, or when, a new use is identified.

An individual can choose not to provide some or all of the personal information at any time.

An individual can withdraw consent to CSSD’s use of personal information at any time by making such request in writing.

This Privacy Policy does not cover statistical data from which the identity of individuals cannot be determined. CSSD retains the right to use and disclose statistical data as it determines appropriate.

4.0 Limiting Collection

Personal information collected will be limited to the purposes set out in this Privacy Policy, CSSD applications, and/or other forms.

5.0 Limiting Use, Disclosure and Retention

5.1 Use of Personal Information

Personal information will be used for only those purposes to which the individual has consented with the following exceptions, as permitted under PIPEDA:

CSSD will use personal information without the individual’s consent, where:

• the organization has reasonable grounds to believe the information could be useful when investigating a contravention of a federal, provincial or foreign law and the information is used for that investigation;
• an emergency exists that threatens an individual’s life, health or security;
• the information is for statistical study or research;
• the information is publicly available;
• the use is clearly in the individual’s interest, and consent is not available in a timely way;
• knowledge and consent would compromise the availability or accuracy of the information, and
• collection is required to investigate a breach of an agreement.

5.2 Disclosure and Transfer of Personal Information

Personal information will be disclosed to only those CSSD employees, members of CSSD committees, and the Rector and Wardens that need to know the information for the purposes of their work.

Personal information will only be disclosed to third parties with the individual’s knowledge and consent.

PIPEDA permits CSSD to disclose personal information to third parties, without an individual’s knowledge and consent, to:

• a lawyer representing CSSD;
• collect a debt owed to CSSD by the individual;
• comply with a subpoena, a warrant or an order made by a court or other body with appropriate jurisdiction;
• a law enforcement agency in the process of a civil or criminal investigation;
• a government agency or department requesting the information; or,
• as required by law.

PIPEDA permits CSSD to transfer personal information to a third party, without the individual’s knowledge or consent, if the transfer is simply for processing purposes and the third party only uses the information for the purposes for which it was transferred. CSSD will ensure, by contractual or other means that the third party protects the information and uses it only for the purposes for which it was transferred.

5.3 Retention of Personal Information

Personal information will be retained in files as long as the file is active and for such periods of time as may be prescribed by applicable laws and regulations.

A file will be deemed inactive if the individual requests removal or is deceased or has ceased to become a member and is inactive for 2 years

6.0 Accuracy

CSSD endeavours to ensure that any personal information provided by the individual in his or her active file(s) is accurate, current and complete as is necessary to fulfill the purposes for which the information has been collected, used, retained and disclosed. Individuals are requested to notify CSSD of any change in personal or business information.

Information contained in inactive files is not updated.

7.0 Safeguards

CSSD will use physical, organizational, and technological measures to safeguard personal information to only those CSSD employees, volunteers, or third parties who need to know this information for the purposes set out in this Privacy Policy.

Organizational Safeguards: Access to personal information will be limited to Members of the CSSD committee(s) and/or Board of Directors, who are not permitted to copy or retain any personal information on individuals or donors and must return for destruction all such information given to them to review once the purpose for being provided with this information has been fulfilled.

Employees and members of CSSD committee(s) and/or Board of Directors are required to sign a confidentiality agreement binding them to maintaining the confidentiality of all personal information to which they have access.

Physical Safeguards: Active files are stored in locked filing cabinets when not in use. Access to active files is restricted to CSSD authorized members and authorized third parties.

All inactive files or personal information no longer required are shredded prior to disposal to prevent inadvertent disclosure to unauthorized persons.

Technological Safeguards: Personal information contained in CSSD computers and electronic databases are password protected. Access to any of the CSSD’s computers also is password protected. CSSD’s Internet router or server has firewall protection sufficient to protect personal and confidential business information against electronic attacks.

8.0 Openness

CSSD will endeavour to make its privacy policies and procedures known to the individual via this Privacy Policy. This document will also be available on CSSD’s website: ststephensdownsview.com

9.0 Individual Access

An Individual who wishes to review or verify what personal information is held by CSSD, or to whom the information has been disclosed (as permitted by the Act), may make the request for access, in writing, to the CSSD’s secretary. Upon verification of the individual’s identity, the Chief Privacy Officer will respond within 60 days.

If the individual finds that the information held by CSSD is inaccurate or incomplete, upon the individual providing documentary evidence to verify the correct information, CSSD will make the required changes to the individual’s active file(s) promptly.

10.0 Complaints/Recourse

If an individual has a concern about CSSD’s personal information handling practises, a complaint, in writing, may be directed to the CSSD’s Chief Privacy Officer.

Upon verification of the individual’s identity, CSSD’s Chief Privacy Officer will act promptly to investigate the complaint and provide a written report of the investigation’s findings to the individual.

Where CSSD’s Chief Privacy Officer makes a determination that the individual’s complaint is well founded, the Chief Privacy Officer will take the necessary steps to correct the offending information handling practise and/or revise CSSD’s privacy policies and procedures.

Where CSSD’s Chief Privacy Officer determines that the individual’s complaint is not well founded, the individual will be notified in writing.

If the individual is dissatisfied with the finding and corresponding action taken by CSSD’s Chief Privacy Officer, the individual may bring a complaint to the Federal Privacy Commissioner at the address below:

The Privacy Commissioner of Canada
www.privcom.gc.ca
112 Kent Street,
Ottawa,Ontario K1A 1H3
Tel 1-800-282-1376

Questions/Access Request/Complaint

Any questions regarding this or any other privacy policy of CSSD may be directed to the Chief Privacy Officer. Requests for access to information, or to make a complaint, are to be made in writing and sent to the Chief Privacy Officer at the address below:

Chief Privacy Officer will review and revise the Privacy Policy from time to time as required by changes in privacy law. Notification of any changes in the Privacy Policy will be posted on CSSD’s website, as well as in CSSD’s Privacy Statement. Any changes in the Privacy Policy will apply to Personal information collected from the date of the posting of the revised Privacy Policy on CSSD’s website: ststephensdownsview.com/p>

The main church phone number is able to send and receive SMS text messages. Your phone may recognize that these messages do not come from an indivual’s phone and ask you to reply YES to confirm you agree to receiving messages from the church phone number, or reply STOP to block text messages from the church phone number.

If you reply STOP, you will not receive our reply when you text us… and we may not know that you have not received it.

If you have requested automated text reminders and wish to discontinue, contact the Parish Office.

There is no charge to the Parish for sending or receiving SMS text messages. Check you personal cell phone plan to know if your cell service provider charges you for receiving text messages.