List of active policies
Name | Type | User consent |
---|---|---|
Privacy policy | Privacy policy | Authenticated users |
Summary
We want to make sure that we comply with the legal obligations imposed by the federal government's Personal Information Protection and Electronic Documents Act ("PIPEDA") regarding the collection, use and disclosure of personal information in commercial activities.
That is why we have developed this Privacy Policy. We want you to know what principles and guidelines we have adopted for the collection, use, disclosure and retention of personal information. In this regard, we have adopted as the foundation of our Privacy Policy the 10 Principles that are set out in "Model Code for the Protection of Personal Information". Our objective is to promote responsible and transparent personal information management practices.
Against this background, the following principles guide us in the collection, use, disclosure and retention of personal information. Since we regularly review all of our policies and procedures, and since privacy law can be expected to evolve in Canada as the Office of the Privacy Commissioner and the courts provide guidance as to the application of PIPEDA to specific fact situations, as PIPEDA may itself be amended and as provincial privacy laws are enacted, we may change our Privacy Policy at any time or from time to time. Your continued interactions with Booth University College is an acceptance of our most recent Privacy Policy.
Full policy
BACKGROUND
We want to make sure that we comply with the legal obligations imposed by the federal government's Personal Information Protection and Electronic Documents Act ("PIPEDA") regarding the collection, use and disclosure of personal information in commercial activities.
That is why we have developed this Privacy Policy. We want you to know what principles and guidelines we have adopted for the collection, use, disclosure and retention of personal information. In this regard, we have adopted as the foundation of our Privacy Policy the 10 Principles that are set out in "Model Code for the Protection of Personal Information". Our objective is to promote responsible and transparent personal information management practices.
Against this background, the following principles guide us in the collection, use, disclosure and retention of personal information. Since we regularly review all of our policies and procedures, and since privacy law can be expected to evolve in Canada as the Office of the Privacy Commissioner and the courts provide guidance as to the application of PIPEDA to specific fact situations, as PIPEDA may itself be amended and as provincial privacy laws are enacted, we may change our Privacy Policy at any time or from time to time. Your continued interactions with Booth University College is an acceptance of our most recent Privacy Policy.
Note to Residents of the European Union: In order to comply with the requirements of applicable privacy laws, this Privacy Policy outlines the legal basis on which we process your Personal Data (referred to as personal information in this Policy). Please see the relevant sections below for additional information as required by applicable laws.
Note to Website Users: Please see the information below for specific information relating to your use of the https://boothuc.ca/ website (the “Website”).
SCOPE AND APPLICATION
The scope and application of our Privacy Policy is as follows:
- The 10 Principles that form the basis of our Privacy Policy are interrelated, and we will strive to adhere to them as a whole.
- Our Privacy Policy applies to personal information about our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders that we collect, use or disclose in the course of commercial activities.
- Our Privacy Policy applies to the management of personal information in any form, whether written, oral or electronic.
- Our Privacy Policy does not impose any limits on our collection, use or disclosure of certain information about an individual that is publicly available or that is specified by regulation pursuant to PIPEDA.
- The application of our Privacy Policy is subject to the requirements and provisions of PIPEDA, the regulations enacted thereunder and any other applicable legislation, regulation, court order or other lawful authority.
GOVERNING PRINCIPLES
Principle 1 – Accountability
We are responsible for personal information in our possession or under our control.
1.1 Responsibility for compliance with the provisions of our Privacy Policy rests with our Privacy Officer, who can be reached by using the contact information at the end of this Privacy Policy. Other individuals within our organization may be delegated to act on behalf of our Privacy Officer or to take responsibility for the day-to-day collection and processing of personal information.
1.2 We will implement policies and procedures to give effect to our Privacy Policy, including:
(a) implementing procedures to protect personal information and to oversee our compliance with our Privacy Policy;
(b) developing information materials to explain our policies and procedures;
(c) training our employees, contractors and volunteers about our policies and procedures; and
(d) establishing procedures to receive and respond to inquiries or complaints.
Principle 2 - Identifying Purposes for Collection of Personal Information
We will identify the purposes for which personal information is collected at or before the time the information is collected.
2.1 We collect personal information only for the following purposes:
1. To identify our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders.
2. To establish and maintain responsible relationships with our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders.
3. To promote and ensure the safety and security of our campus community.
4. To understand, develop and/or enhance the needs, desires, concerns or opinions of our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders.
5. To provide educational services and carry out related administrative activities.
6. To manage and develop our operations.
7. To meet legal and regulatory requirements
2.2 When personal information that has been collected is to be used or disclosed for a purpose not previously identified, the new purpose will be identified prior to use. Unless the new purpose is permitted or required by law, consent will be required before the personal information will be used or disclosed for the new purpose.
2.3 The type of information we collect from individuals depends on the context but may include name, contact information, education related information, financial information, and other information that individuals may choose to provide.
Principle 3 - Obtaining Consent for Collection, Use or Disclosure of Personal Information
The knowledge and consent of an individual are required for the collection, use or disclosure of personal information, except where inappropriate.
3.1 In obtaining consent, we will use reasonable efforts to ensure that an individual is advised of the identified purposes for which personal information is being collected and will be used or disclosed. Purposes will be stated in a manner that can be reasonably understood by that individual.
3.2 Generally, we will seek consent to use and disclose personal information at the same time as we collect the information. However, we may seek consent to use and disclose personal information after it has been collected, but before it is used or disclosed for a new purpose.
3.3 In determining the appropriate form of consent, we will take into account the sensitivity of the personal information and the reasonable expectations of the individual to whom the personal information relates.
3.4 An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Individuals may contact us for more information regarding the implications of withdrawing consent.
3.5 In certain circumstances, personal information can be collected, used or disclosed without the knowledge and consent of the individual. For example:
(a) if it is clearly in the interest of the individual and consent cannot be obtained in a timely way, such as when the individual is seriously ill or mentally incapacitated;
(b) if seeking the consent of the individual might defeat the purpose for collecting the information, such as in the investigation of a breach of an agreement or a contravention of a federal or provincial law, or that of a foreign jurisdiction;
(c) if there is an emergency where the life, health or security of an individual is threatened; or
(d) if disclosure is to a lawyer representing us, to comply with a subpoena, warrant or other court order, or is otherwise required or authorized by l law.
Principle 4 - Limiting Collection of Personal Information
We will limit the collection of personal information to that which is necessary for the purposes that we have identified. We will collect personal information by fair and lawful means.
4.1 Generally, we will collect personal information from the individual to whom it relates.
4.2 We may also collect personal information from other sources including employers or personal references, or other third parties who represent that they have the right to disclose the information.
Principle 5 - Limiting Use, Disclosure, and Retention of Personal Information
We will not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as required by law. We will retain personal information only as long as necessary for the fulfillment of the purposes for which it was collected.
5.1 We may disclose an individual’s personal information:
1. To a third party that is involved in supplying that individual with services, on our behalf, or otherwise carrying out our mission;
2. To a third party that we have engaged to perform functions on our behalf, such as direct mail processing;
3. To a public authority or agent of a public authority if, in our reasonable judgment, it appears that there is imminent danger to life or property which could be avoided or minimized by the disclosure of the information;
4. To a third party where that individual has consented to such disclosure;
5. To a third party with whom we are negotiating for the purpose of them taking over some or all of our services; and
6. To a third party where such disclosure is required or permitted by law.
5.2 Only our employees, contractors, Board of Trustees, legal council, government agencies, and volunteers with a business need to know, or whose duties or services reasonably so require, are granted access to personal information about our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders.
5.3 We will keep personal information only as long as it remains necessary or relevant for the identified purposes or as required by law. Depending on the circumstances, where personal information has been used to make a decision about an individual, we will retain, for a period of time that is reasonably sufficient to allow for access by that individual, either the actual information or the rationale for making the decision. A student’s academic record and file are retained by Booth University College as permanent documents.
5.4 We will maintain reasonable and systematic controls, schedules and practices for information and records retention and destruction which apply to personal information that is no longer necessary or relevant for the identified purposes or required by law to be retained. Such information will be destroyed, erased or made anonymous.
5.5 All donors and sponsors will be recognized for their donations, sponsorships or other gifts in accordance with our Donor/Sponsor Recognition Policy unless a particular donor/sponsor wishes to remain anonymous.
Principle 6 - Accuracy of Personal Information
Personal information will be as accurate, complete, and up-to-date as is necessary and as possible for the purposes for which it is to be used.
6.1 Personal information used by us will be as accurate, complete, and up-to-date as possible to minimize the possibility that inappropriate information may be used to make a decision about an individual.
6.2 We will update personal information about an individual as necessary as is possible to fulfill the identified purposes or upon notification by that individual.
Principle 7 - Security Safeguards
We will protect personal information through the use of security safeguards appropriate to the sensitivity of the information.
7.1 We will use appropriate security measures to protect personal information against such risks as loss or theft, unauthorized access, disclosure, copying, use, modification or destruction, regardless of the format in which it is held.
7.2 We will protect personal information disclosed to third parties by contractual or other means stipulating the purposes for which it is to be used and the necessity to provide a comparable level of protection.
Principle 8 - Openness Concerning Policies and Procedures
We will make readily available to our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders specific information about our policies and procedures relating to our management of personal information.
Principle 9 - Access to Personal Information
We will inform an individual of the existence, use and disclosure of his or her personal information upon request, and will give the individual access to that information. An individual will be able to challenge the accuracy and completeness of the information and request to have it amended as appropriate.
9.1 Upon request, we will provide employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders with a reasonable opportunity to review the personal information in the individual’s file. Personal information will be provided in an understandable form within a reasonable time and at minimal or no cost to the individual.
9.2 In certain situations we may not be able to provide access to all of the personal information we hold about an individual. In such a case, we will provide the reasons for denying access upon request. For example:
1. if doing so would likely reveal personal information about another individual or could reasonably be expected to threaten the life or security of another individual;
2. if doing so would reveal any of our confidential information;
3. if the information is protected by solicitor-client privilege;
4. if the information was generated in the course of a formal dispute resolution process; or
5. if the information was collected in relation to the investigation of a breach of an agreement or a contravention of a federal or provincial law, or that of a foreign jurisdiction.
9.3 Upon request, we will provide an account of the use and disclosure of personal information and, where reasonably possible, will state the source of the information. In providing an account of disclosure, we will provide a list of organizations to which we may have disclosed personal information about the individual when it is not possible to provide an actual list.
9.4 In order to safeguard personal information, an individual may be required to provide sufficient identification information to permit us to account for the existence, use and disclosure of personal information and to authorize access to a particular file. Any such information will be used only for this purpose.
9.5 We will promptly correct or complete any personal information found to be inaccurate or incomplete. Any unresolved differences as to accuracy or completeness will be noted in the individual’s file. Where appropriate, we will transmit to third parties having access to the personal information in question any amended information or the existence of any unresolved differences.
9.6 Individuals can obtain information or seek access to their personal information by contacting our Privacy Officer during our office hours
Principle 10 - Challenging Compliance
An individual will be able to address a challenge concerning compliance with the above principles to our Privacy Officer.
10.1 We will maintain procedures for addressing and responding to all inquiries or complaints from any employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders about our handling of personal information.
10.2 We will inform our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders about the existence of these procedures as well as the availability of complaint procedures.
10.4 Our Privacy Officer may seek external advice where appropriate before providing a final response to individual complaints.
10.4 We will investigate all complaints concerning compliance with our Privacy Policy. If a complaint is found to be justified, we will take appropriate measures to resolve the complaint including, if necessary, amending our policies and procedures. An individual will be informed of the outcome of the investigation regarding his or her complaint.
Type of Personal Information that may be collected and used
In providing educational services or otherwise carrying out William and Catherine Booth University College’s mission, we collect personal information about our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders. The specific information that we collect is detailed under “Principle 2” above. We collect information only by lawful and fair means, and not in an unreasonably intrusive way. Wherever possible, we try to collect your personal information directly from you.
When do we disclose personal information?
There are a variety of circumstances where we may need to disclose some personal information about our employees, volunteers, Board of Trustees, potential students, students, alumni, donors, customers, service providers and other stakeholders. For example, we may disclose an individual's personal information:
- To a third party that is involved in supplying that individual with services, on our behalf, or otherwise carrying out our mission;
- To a third party that we have engaged to perform functions on our behalf, such as direct mail processing;
- To a public authority or agent of a public authority if, in our reasonable judgment, it appears that there is imminent danger to life or property which could be avoided or minimized by the disclosure of the information;
- To a third party where that individual has consented to such disclosure;
- To a third party with whom we are negotiating for the purpose of them taking over some or all of our services; and
- To a third party where such disclosure is required or permitted by law.
Any disclosure of an individual's personal information that is contemplated in any of the items above, will be made on a confidential basis. We use contractual or other means to protect the information and to make sure that the information is used only for the purpose(s) for which it was disclosed.
WE WILL NOT DISCLOSE YOUR PERSONAL INFORMATION TO ANY THIRD PARTY FOR THE PURPOSE OF ENABLING THEM TO MARKET THEIR PRODUCTS AND/OR SERVICES TO YOU WITHOUT FIRST SEEKING YOUR EXPRESS CONSENT TO DO SO.
-
How do we protect your personal information?
In order to protect your personal information, we will:
- Not collect, use or disclose your personal information for any purpose other than those identified above, except with your further consent. Consent for any of the identified purposes or for any additional purpose can be provided in writing, orally or electronically. Consent can be expressed or it may be implied in appropriate circumstances;
- Protect your personal information with security safeguards that are appropriate to the sensitivity of the information;
- Protect the confidentiality of your personal information when dealing with other organizations;
- Use reasonable efforts to keep your personal information as accurate and up-to-date as is necessary and as possible, for the purposes for which it is to be used and/or disclosed. Your assistance in keeping your personal information up to date is greatly appreciated;
- Respond to any request you may make for access to your personal information. We will need specific information from you to verify your identity before we can respond to your request. In addition, there may be instances where we will not be able to provide you with the personal information that you have requested. If we deny your request for access to your personal information, we will provide you with an explanation in writing.
- The protection of personal information is of paramount concern to us, and we are prepared to take appropriate and timely steps in the event of any incidents involving personal information in accordance with applicable privacy laws. We will also inform you if your personal information is subject to a breach and the breach creates a real risk of significant harm to the individual.
What are your choices?
We would like to have your consent to continue to collect, use and disclose your personal information for the purposes identified above and you consent to our collection, use, and disclosure of your personal information in accordance with this Policy when you interact with us. However, you do have choices, and you can refuse or withdraw your consent as follows by contacting our Privacy Officer:
-
You may refuse to provide your personal information to us. You may also withdraw your consent for us to collect, use or disclose your personal information at any time, subject to legal or contractual restrictions and reasonable notice. However, in either case, this may limit or eliminate altogether our ability to provide products and/or services to you, to involve you in other organizational activities and/or to communicate with you. A student’s academic file and record are retained by BoothUniversityCollege as permanent documents.
- You may have your name removed from our telephone, mail or e-mail lists. We use these lists to inform you of relevant activities or initiatives that we are contemplating or undertaking and that we think may be of interest to you or fund-raising activities.
Transfer of personal information outside Canada
Booth University College may use agents or service providers located in the United States (U.S.), and in particular, in California, to collect, use, retain and process personal information as part of providing services to you. While Booth University College uses all reasonable efforts to ensure that personal information receives the same level of security in the U.S. as it would in Canada, please be aware that privacy protections under U.S. laws may not be the same, and it may be accessed by the courts, law enforcement and national security authorities.
Website Users
Visitors to the Website should also be aware that anonymous technical information may be collected by Booth University College as a result of a visit to the Website. For example, this information may include the visitor’s IP address, browser type, operating system, domain name, access times and referring website addresses. Booth University College uses this anonymous technical information for purposes such as diagnosing problems with Booth University College’s servers, improving the operation and content of the Website and compiling aggregate and statistical information.
Booth University College will not attempt to link or match such anonymous technical information with any personally-identifiable information unless Booth University College has an individual’s consent, Booth University College (or its service providers) have detected or reasonably suspect any unlawful use of Booth University College’s services or a security breach, or Booth University College has a legal duty or right to do so.
Booth University College may use “cookies” on the Website. “Cookies” are small text files placed on computers that can collect and store a variety of information. Permanent cookies are stored indefinitely on a user’s hard drive unless manually deleted, while temporary cookies are automatically deleted from the user’s browser upon logging out of a website. Web browsers typically allow users to disable permanent and/or temporary cookies.
Please note that the Website uses Google Analytics. There is more information about how Google collects, uses, and processes data at http://www.google.com/policies/privacy/partners/.
Please note that the Website contains links to other websites. Booth University College is not responsible for the privacy practices used or followed by other websites. You are encouraged to be aware of when you leave the Website, and to read the privacy statements of each and every website you may visit that may collect personal information from you.
ADDITIONAL INFORMATION
For more information regarding our Privacy Policy, please contact our Privacy Officer by:
1. telephone: (204) 947 - 6701
2. mail: 447 Webb Place
Winnipeg, MB R3B 2P2
3. e-mail: privacy@BoothUC.ca
For a copy of PIPEDA or to contact the Privacy Commissioner of Canada, please visit the Office of the Privacy Commissioner of Canada’s web site at: https://www.priv.gc.ca/
Additional Information For Residents of European Union
The European General Data Protection Regulation (GDPR) sets out obligations and rights with respect to the personal data of residents of the European Union. We are committed to ensuring that we comply with the requirements of the GDPR. As such, this section outlines additional information relevant to residents of the European Union only. Please see the remainder of our Privacy Policy for more information on our privacy practices.
Your Rights relating to your Personal Data
Subject to some exceptions, the GDPR provides you with the following rights:
- Right of access: You have the right to information about whether and why we process your Personal Data and related information (for example, what Personal Data we are processing).
- Right of rectification: You have the right to correct any inaccurate or incomplete Personal Data that we hold about you.
- Right to erasure: You have the right to ask us to delete Personal Data that we hold about you.
- Right to restrict or object to processing: You have the right to ask us to limit or stop our processing of your personal data in certain cases (for example, if the Personal Data we are processing about you is inaccurate or is for direct marketing purposes).
- Right to data portability: You have the right to ask us for a copy of Personal Data we hold about you and to transfer such data to another entity.
- Right to complain: We encourage you to contact us at the contact information above if you have any questions or concerns with our Personal Data practices. However, you also have the right to complain to regulatory authorities in your jurisdiction. Please contact us at the contact information below if you need information about the appropriate authority.
You may exercise these rights or find out more about these rights by contacting us at the contact information listed above
Retention and Storage of Personal Data
We are based in Canada and process Personal Data in Canada. The European Commission recognizes Canada as providing an adequate level of protection for Personal Data. Our service providers may process your Personal Data outside of Canada (please see above). When your information is processed outside of the European Union, it may be subject to the laws of and be accessible by legal authorities in such other jurisdictions. We have taken appropriate technical, organizational, and legal steps to secure this information.