The Personal Information Protection and Electronic Documents Act (PIPEDA) is the guiding legislation and is based on the principles set out in the National Standard of Canada entitled Model Code for the Protection of Personal Information, CAN/CSA-Q830-96. The purpose of the PIPEDA is to establish “rules to govern the collection, use and disclosure of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information and the need of organizations to collect, use or disclose personal information for purposes that a reasonable person would consider appropriate in the circumstances” (S.3).
Personal information is any information that identifies a person or information that could lead to a person’s identity being inferred.
Information collected by CCAT
We collect the following information from members in the course of running the organization:
- name, home address, and home telephone/cell number
- business contact information
- e-mail address
- credit card information* (for payment of annual dues, conference and course registrations, etc.)
- banking information* (from cheques for payment of annual dues, conference and course registrations, etc.)
* The credit card and banking information is used only for the purpose it was given. This information is stored only in hard-copy if it was included in membership, conference or course registration forms.
Why we collect this information
Personal information is collected in order to
- create and maintain membership and conference attendance lists;
- provide members with access to Members’ Only areas of the CCAT website;
- inform members and others of upcoming conferences, courses, and other events;
- register participants for conferences, courses, and workshops;
- provide news of CCAT and the administrative justice system to members and other interested persons.
How we collect the information
We gather information from membership applications, registration forms for conferences and courses, and from questionnaires or surveys distributed from time to time.
How we store the information
Personal information is stored on the CCAT computers, accessed only by the Executive Director and those under his supervision. Paper copies of membership applications and conference registrations are stored in secure storage for the length of time specified in accounting and tax regulations.
Firewall and anti-virus software- The CCAT computers are protected by a firewall and anti-virus software.
Cookies - When someone visits the CCAT site, a “cookie” or small data file is placed in their browser file. This enables the person (if a member) to move around the site without constantly having to login. CCAT uses a “session” cookie, meaning that once the member or other visitor logs out or closes the browser, the cookie is removed from their computer.
Most browsers are set to accept cookies but users can change this so no cookies are accepted or only after approval by the user.
IP addresses - Computers have unique IP addresses (Internet Protocol Addresses) that identify them when logged onto the Internet. This is how web servers can deliver requested web pages to a specific computer.
CCAT logs IP addresses to monitor how much traffic is coming to the site but the IP addresses are not normally linked to someone’s personal information. However, this canbe done to protect the site or CCAT members or if required to do so by law enforcement authorities.
E-mail- E-mail is not a secure method of communication and members should not send personal information to CCAT by e-mail.
Members’ access to their own personal information
Members may request to see their personal information held by CCAT and should be prepared to confirm their identify before any information is released. If there are any errors, members should inform CCAT in writing.
Retention of personal information
Lists of current and previous members, together with their personal information, are kept indefinitely for statistical and reference purposes. The same is true for conference and course registration forms.
Disclosure of personal information
Personal information of members is held in confidence and disclosed only with specific permission of the member. No information is released or sold to third parties except (1) to sister administrative justice organizations in order to promote conferences and other professional development events and (2) where required or authorized by law. In that situation, only the specific information required will be released.
Members may request anonymity and that their name not be published in any membership or conference attendance lists.
If members have any concerns, questions, or complaints, please contact the CCAT Executive Director at email@example.com.