2. Identifying purposes
4. Limiting collection
5. Limiting use, disclosure, and retention
9. Individual access
10. Challenging compliance
All directors, officers, employees and volunteers of Peace Portal Alliance Church are required to comply with the Policy and may be given restricted access to personal information solely to fulfill the purposes as set out in this Policy.
All other persons or organizations who act for, or on behalf of, Peace Portal Alliance Church are also required to comply with the principles and the Policy and may be given restricted access to personal information solely to fulfill the purposes as set out in this Policy. The Peace Portal Counseling Centre also abides by its own professional standards in protecting the privacy and confidentiality of its clients.
The Peace Portal Alliance Church has appointed Dean Cooper as their Privacy Officer who will be responsible for overseeing the Policy as well as any inquiries, requests or concerns relating to privacy matters. You may contact the Privacy Officer at the following address:
Peace Portal Alliance Church
15128 27B Avenue
Surrey, BC V4P 1P2
This Policy covers our treatment of the personal information we collect from our church family.
In this Policy we will outline the purposes behind our collection and use of our church family members’ personal information. In addition we will outline our policies concerning the collection, use, distribution and retention of this information. Finally we will also set out our policies for addressing any concerns or complaints.
Requests to Add, Change or Delete
If at any time, you wish to add, change or delete your personal information that is retained by our office, please contact our Privacy Officer at:
Peace Portal Alliance Church
15128 27B Avenue
Surrey, BC V4P 1P2
Principle 1 – Accountability
Peace Portal Alliance Church is responsible for personal information which we collect, use or distribute and any personal information in our custody or under our control. In order to fulfill our responsibility and comply with current legislation:
1.2 We shall make known the name or names of the Privacy Officer(s) and contact information upon request.
1.5 Our policy is made available to our church family mermbers through the church office and our website.
1.6 In the event that personal information is made available to a contracted third party, we will hold that party responsible to maintain comparable levels of protection of privacy while the information is in their control.
Principle 2 – Identifying Purposes
2.1 Peace Portal Alliance Church is committed to ensuring that the purposes for which personal information is used are identified.
2.2 Peace Portal Alliance Church will only collect personal information from our church family members that is necessary to fulfill the following purposes:
• To verify identity;
• To identify church family member preferences;
• To understand the financial and banking needs of our church family members;
• To deliver requested products and services
• To provide counseling services;
• To send out association membership information;
• To contact our church family members for fundraising;
• To ensure a high standard of service to our church family members;
• To meet regulatory requirements;
2.3 Peace Portal Alliance Church will make these purposes known to individuals at the time that personal information is being collected either orally, electronically or in writing.
2.4 Unless required by law, Peace Portal Alliance Church will notify and obtain the consent of an individual before using previously collected information for a new purpose.
Principle 3 – Consent
3.1 Peace Portal Alliance Church will obtain reasonably informed consent of a church family member to collect, use or disclose personal information except where we are authorized to do so without consent.
3.2 Consent can be provided orally, in writing, electronically or through an authorized representative. We will take reasonable steps to ensure that consent given is clearly understood.
3.3 Consent can be implied where the purpose for collecting using or disclosing the personal information would be considered obvious and the church family member voluntarily provides personal information for that purpose.
3.4 In general, the use of products and services by a church family member, or the acceptance of employment or benefits by an employee, constitutes implied consent for Peace Portal Alliance Church to collect, use and disclose personal information for all identified purposes.
3.5 Consent may also be implied where a church family member is given notice and a reasonable opportunity to opt-out of his or her personal information being used for mailing lists and fundraising and the church family member does not opt-out.
3.6 Subject to certain exceptions, church family member’s can withhold or withdraw their consent for Peace Portal Alliance Church to use their personal information in certain ways.
3.7 A church family member may not be able to withhold consent when withdrawal of consent would frustrate the performance of a legal obligation.
3.8 Peace Portal Alliance Church will not require consent to the collection and use of information in order to access goods or services unless that information is necessary to fulfill the purpose identified. In a situation where a church family member’s decision to withhold or withdraw their consent to certain uses of personal information may restrict our ability to provide a particular service or product we will explain the consequences of withdrawing consent to assist the church family member in making the decision.
3.9 The following are examples of when we may collect, use or disclose the personal information of a church family member without their consent:
• When the collection, use or disclosure of personal information is permitted or required by law;
• When collection is clearly in your best interests and we are unable to obtain your consent in a timely way;
• In an emergency that threatens an individual’s life, health, or personal security;
• When disclosure is required to comply with a court order;
• When disclosure is required for archival purposes;
• When the personal information is available from a public source (e.g., a telephone directory);
• When the personal information is available through observation at a public event to which you attended voluntarily;
• When the collection, use or distribution is necessary to determine your suitability to receive an honour, award or similar benefit or to be selected for an athletic or artistic purpose;
• When we require legal advice from a lawyer;
• For the purposes of collecting a debt;
• To protect ourselves from fraud;
• To investigate an anticipated breach of an agreement or a contravention of law
Principle 4 – Limiting Collection
4.1 Peace Portal Alliance Church shall limit the collection of personal information to the purposes set out in this policy in compliance with our legal obligations.
4.2 Peace Portal Alliance Church will not collect personal information indiscriminately.
4.3 The purposes for collecting personal information shall be reasonably clear at the time of collection and we will not deceive or mislead our church family members as to why information is being collected.
Principle 5 – Limiting Use, Disclosure and Retention
5.1 Peace Portal Alliance Church will only use and disclose personal information where necessary to fulfill the purposes identified at the time of collection or for a purpose reasonably related to those purposes except where we are authorized to do so (see Principle 3 – Consent).
5.2 Peace Portal Alliance Church will not use or disclose church family member personal information for any additional purpose unless we obtain consent to do so.
5.3 Peace Portal Alliance Church will not sell church family member lists or personal information to other parties without consent.
5.4 Peace Portal Alliance Church will only retain personal information as long as it is needed for the purposes for which it was collected or consented to. Peace Portal Alliance Church will maintain reasonable schedules to ensure that personal information is reviewed on an ongoing basis to determine relevance and if retention is required.
5.5 When personal information collected is no longer relevant to its purpose or when it is permitted by law, Peace Portal Alliance Church will ensure that it is deleted, destroyed or made anonymous. In general, all personal information shall be deleted, destroyed or made anonymous no later than seven years after the purpose for which it was collected has been completed unless the law requires otherwise.
5.6 If Peace Portal Alliance Church uses personal information to make a decision that directly affects the church family member we will retain that personal information for at least one year to give the church family member a reasonable opportunity to request access to it.
Principle 6 – Accuracy
6.1 Peace Portal Alliance Church is committed to ensuring the accuracy of its information and will take reasonable efforts to ensure that personal information is accurate and complete where it is necessary.
6.2 Peace Portal Alliance Church will update information when it is necessary or when an individual notifies us. Church family members may request correction to their personal information in order to ensure its accuracy and completeness. A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought. This request should be directed to the Privacy Officer.
Principle 7 – Safeguards
7.1 Peace Portal Alliance Church is concerned about the safety of our church family member’s personal information. In order to address security concerns, we have developed the following safeguards:
• Physical security measures including locked cabinets, restricted access to areas where sensitive personal information is kept, security alarm systems, etc;
• Organizational security measures including employee confidentiality agreements, sensitive information restricted to those involved, etc.; and
• Technological security measures including use of passwords, firewalls and security encryptions.
7.2 Peace Portal Alliance Church shall protect personal information disclosed to third parties by contractual agreement that stipulates the confidentiality and safeguard requirements that are comparable to our own.
7.3 We will use appropriate security measures when destroying personal information such as
• Shredding any documents;
• Deleting any electronic records;
7.4 Peace Portal Alliance Church will routinely review and update our security measures.
7.5 Peace Portal Alliance Church shall stress to both employees and volunteers the importance of safeguarding the confidential nature of personal information.
Principle 8 – Openness
8.1 Peace Portal Alliance Church is committed to making its privacy policies and procedures available and clear to all interested parties.
8.3 Any questions or concerns regarding our policy or procedure may be directed in writing to our Privacy Officer.
Principle 9 – Individual Access
9.1 Church family members have a right to access their personal information, subject to limited exceptions including, but not limited to:
• Situations where disclosure may reveal the personal information of another individual;
• Situations where the health or safety of an individual may be jeopardized.
9.2 A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought and should be forwarded to the attention of the Privacy Officer. We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request. A reasonable fee may be charged for providing access to personal information, in which case we will inform the church family member prior to proceeding.
9.3 We will endeavour to make all information provided easy to understand and explain any acronyms, abbreviations, etc. used.
9.4 We reserve the right to confirm the identity of the individual seeking access to personal information before complying with any access requests. In this event, information related to the church family member’s identity would be used exclusively for the purposes of confirming access.
9.5 In certain situations, it may not be possible to provide access to all the personal information that is held and a request may be refused in whole or in part. For example, information may not be provided if to do so would reveal personal information about a third party or jeopardize the security of another.
9.6 If a request is refused in full or in part or if the information requested is not available, we will notify the church family member in writing, providing the reasons for refusal and the recourse available to the church family member. This notification will be kept on file.
9.7 In the event that information provided is shown to be incomplete or inaccurate, we will amend the church family member’s personal information appropriately. When appropriate, we will transmit this correction to third parties with access to this information. When a challenge is not resolved to the church family member’s satisfaction, we will destroy all personal information under our care and control.
Principle 10 – Challenging Compliance
10.2 The Privacy Officer shall receive and respond to all personal information requests including challenges or complaints.
10.3 It is Peace Portal Alliance Church’s policy that all complaints shall be investigated.
10.4 If a complaint is found to be justified, the Officer shall take appropriate measures, including, if necessary, amending this Policy.
10.5 The Privacy Officer may seek external advice where appropriate before providing a final response to individual complaints.
10.6 If the Privacy Officer is the subject of the complaint, then the Chair of the Personnel Committee will address any complaints or concerns. If the Privacy Officer is unable to resolve the concern, the church family member may also write to the Information and Privacy Commissioner of British Columbia.
10.7 Peace Portal Alliance Church’s procedure for dealing with complaints is as follows:
• Record the date and nature of a complaint when it is received
• Acknowledge receipt of the complaint promptly
• Review the matter fairly and impartially, providing to the individual where possible, access to all relevant records.
• Notify the individual of the outcome of the investigation promptly and clearly.
• Correct any inaccurate or incomplete information when possible.
10.8 The contact information for the Privacy Officer is as follows:
Peace Portal Alliance Church
15128 27B Avenue
Surrey, BC V4P 1P2