Privacy and Confidentiality

Collection of Personal Information

We do not automatically gather any personal information such as your name, phone number, e-mail or address. This information is only obtained if you supply it voluntarily, for example in the following ways:

  • Contacting us via e-mail
  • Asking to be added to an Information Network
  • Asking to receive electronic newsletters or other information

Any personal information you provide to us will not be sold to any third party. We use software that receives and records the Internet Protocol (IP) address of the computer that has contacted our web site. We make no attempt to link these addresses with the identity of individuals contacting our site. The information is used to improve the content of this site and is not shared with other organizations.

On-line Forums and Discussion Groups

If you choose to participate in an on-line forum or discussion group or join an Information Network or similar list, we may ask you to volunteer personal information such as your name and e-mail address for the purposes of effective administration of the forum or discussion group. We will not disclose this information to anyone outside of Sara Riel Inc. without your prior consent.

Sara Riel Inc. Privacy and Confidentiality Policy

1 – POLICIES

1.01

The organization and its employees will take all reasonable steps to maintain the confidentiality of all confidential organizational and personal information.

1.02

The organization and its employees will respect and protect the privacy of personal information by complying with the 10 privacy principles required by the Personal Information Protection and Electronic Documents Act (PIPEDA), as follows:

  1. Accountability
  2. Identifying purpose
  3. Consent
  4. Limiting collection
  5. Limiting use, disclosure and retention
  6. Accuracy
  7. Safeguards
  8. Openness
  9. Individual access
  10. Challenging compliance

1.03

The organization will maintain a privacy policy for distribution to members, clients and other interested parties, and will post this policy on its website. The policy will include references to:

  1. Restrictions placed on that disclosure.
  2. Time limits for holding personal information collected and the commitment to destroying unneeded information.
  3. The process by which individuals may access their personal information.

1.04

The organization will maintain high standards of physical and electronic security wherever personal information is being handled.

1.05

The organization’s Privacy Officer is:
Tara Snider, Executive Director
[email protected]

All requests for access to personal information and all contact with the Privacy Commissioner of Canada will go through the Privacy Officer.

1.06

Employees have a right to understand, access and correct their personal information. Employee personal information collected, used or disclosed will be subject to the same care and conditions as outlined for other personal information.

2 – PURPOSE

2.01

This Statement of Policy and Procedure outlines the organization’s compliance with privacy legislation, principles and practice.

3 – SCOPE

3.01

This policy applies to all organization personnel.

3.02

Compliance with the principles outlined in this policy shall be treated as essential for contract compliance with suppliers, consultants and other contracted organizations.

4 – RESPONSIBILITIES

4.01

It is the responsibility of every employee to ensure that privacy of personal information is protected and respected.

4.02

It is the responsibility of the Privacy Officer to:

  1. Develop and maintain both internal and external privacy policies.
  2. Ensure that systems and processes are in place to support the policies.
  3. Act as an expert resource on privacy within the organization.
  4. Act as a point of contact on privacy issues.

5 – DEFINITIONS

5.01

“Cookies” refer to information stored on a computer hard drive in the course of accessing information from the Internet that tracks information about the individual’s browsing history and use of the Internet.

5.02

“Personal information” refers to all information related to a unique individual including name and contact information, identification numbers or codes, and sensitive personal information.

5.03

“PIPEDA” is the Personal Information Protection and Electronics Document Act, the federal law governing the commercial collection, use and disclosure of personal information.

5.04

“Privacy Commissioner of Canada” refers to the individual who has been identified by the federal government to inform and enforce PIPEDA.

6 – REFERENCES and RELATED STATEMENTS of POLICY and PROCEDURE

Personal Information Protection and Electronics Document Act

7 – PROCEDURES

7.01

All employees will protect and respect confidential and personal information by:

  1. Taking all reasonable steps to secure and protect the information, as follows:
    1. Electronic records of personal information will be subject to limited access by authorized personnel in the performance of their duties.
    2. Printed records of personal information, when they are not under the control of authorized personnel, will be kept in a secure location.
    3. Transmitting out of the secured area, for example, by fax include security measures that only the individual receiving or sending material will have access.
  2. Disclosing to individuals that personal information is being collected and directing them to the Privacy Policy.
  3. The information stored is that every use and disclosure of personal health information is limited to the minimum amount of information necessary to accomplish the purpose for which it is used or disclosed.
  4. Destroying the information when it is no longer required. Personal information will be destroyed two years after it is no longer required.

    7.02

    Appointment and Responsibilities of the Privacy Officer.

    Sara Riel Inc. will appoint a Privacy Officer for the organization whose name and contact information will be publicly available as the point of contact for all inquiries or issues related to privacy of personal information.

    The Privacy Officer is responsible for:

    1. Development and maintenance of the organization’s privacy policies both for the public and for employee records.
    2. Thorough review of the organization’s collection, use and disclosure of personal information to ensure that only required information is dealt with.
    3. Communication of the Privacy policy for the public to the public and to all employees, including necessary employee training.
    4. Communication of the Privacy policy for employee information to all employees, including necessary management training.
    5. Acting as an expert resource for the organization on matters relating to privacy of personal information.
    6. Ensuring that the organization’s systems and procedures meet all legal compliance requirements and also a standard of excellence for respect of personal information.
    7. Documenting and analysing all complaints regarding the use, retention or disclosure of personal information.
    8. Instituting changes to the policy and related procedures he or she deems necessary in order to respect the principles of this policy.

      7.03

      Detailed Guidelines

      1. Personal information may be collected without knowledge or consent only in the following circumstances:
        1. In the event of an emergency that threatens the life, health or security of an individual.
        2. If there are reasonable grounds to believe that the information could be useful to investigate the contravention of a law.
        3. The collection is in the interest of the individual and consent cannot be obtained in a timely way.
        4. The collection of the information with the individual’s knowledge or consent would compromise the availability or accuracy of the information and the collection is required to investigate the contravention of a law.
        5. The information is publicly available.
      2. Personal information may be disclosed without knowledge or consent only in the following circumstances:
        1. In the event of an emergency that threatens the life, health or security of an individual.
        2. To a lawyer representing the organization.
        3. To collect a debt owed to the organization by the individual.
        4. To a government institution that has indicated disclosure is required on a matter relating to national security or the conduct of international affairs.
        5. The information is publicly available.
        6. If required by law.
        7. For other circumstances listed in subsection 7(3) of PIPEDA.
      3. Requests from an individual to provide information about their personal information being collected, used or disclosed by the organization will be answered within 20 days. No fee will be charged for this service.
      4. If an individual withdraws consent for the use of personal information, the Privacy Officer will take all necessary steps to cease the organization’s use of the information within 30 days.”
        Over 10,000 calls supporting Manitobans through the COVID-19 pandemic.

        Struggling? Need to talk?
        204-942-9276

        Skip to content