INTRODUCTION
RCCFDC is a federally supported not-for-profit community organization with a volunteer Board of Directors and professional staff whose purpose is to support community economic development and small business growth through business loans or loan guarantees.
This statement summarizes RCCFDC’s privacy policies and procedures that have been developed to comply with Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). PIPEDA sets out rules for the collection, use and disclosure of a client’s or customer’s personal information, as well as safeguarding that information in the course of commercial activity as defined in the legislation.
WHAT IS “PERSONAL INFORMATION”
Under PIPEDA, “Personal Information” means any information that is identifiable to an individual, including name, address, telephone number, Social Insurance Number, and date of birth. It also includes, but is not limited to, other information relating to identity, such as, nationality, gender, marital status, financial information and credit history.
PURPOSES FOR PERSONAL INFORMATION
RCCFDC collects only the personal information required to assess a prospective applicant’s eligibility for financial assistance, as well as to report to FedDev, the federal department that administers the Ontario Community Futures Program.
CONSENT
At the time of completing a loan application, the express, written consent of the individual applicant will be sought for the collection, use, retention and disclosure of their personal information for the purposes set out in RCCFDC’s privacy policy.
An applicant may choose not to provide some or all of the personal information requested, but if RCCFDC is unable to collect sufficient information to validate a financing request, the application for financing may be turned down.
ACCURACY
RCCFDC endeavours to ensure that all personal information in active files is accurate, current and complete. When a client notifies RCCFDC that his or her personal information requires correction or updating, the necessary changes will be made. Information contained in closed files is not updated.
LIMITING USE, RETENTION & DISCLOSURE
RCCFDC uses and retains personal information for only those purposes to which the individual has consented.
Personal information will be disclosed to only those RCCFDC employees, volunteer members of committees and/or Board of Directors that need to know the information for the purposes set out in the RCCFDC Privacy Policy.
SAFEGUARDS
RCCFDC utilizes a number of physical, organizational and technological measures to safeguard personal information from unauthorized access or inadvertent disclosure in accordance with its Information Security, Retention and Destruction Policy, including but not limited to:
Physical
Active files are stored in locked filing cabinets located in work areas restricted to RCCFDC employees and authorized volunteers. Closed files are stored in locked cabinets for seven years, after which the information is shredded prior to disposal.
Organizational
RCCFDC employees, volunteers, and third-party service providers sign confidentiality agreements binding them to safeguard the confidentiality of personal information to which they have access.
Technological
Personal information contained on RCCFDC computers and electronic databases is password protected. As well, the Internet server or router has firewall protection to protect against virus attacks and to hack into the database.
Electronic Transmission of Information
Notwithstanding the technological safeguards implemented by RCCFDC, all Internet transmissions are susceptible to possible loss, misrouting, interception and misuse. For this reason, as part of the application that individuals sign consenting to their personal information being collected, used, retained, and disclosed, RCCFDC will assume that it has the individual’s consent to communicate via the Internet unless notified to the contrary.
INDIVIDUAL ACCESS
An individual who wishes to review or verify what personal information is held by RCCFDC may do so by making a request in writing to the RCCFDC ‘s Chief Privacy Officer. Upon verification of the individual’s identity, the Executive Director/Chief Privacy Officer will provide a written report within 60 days.
INVESTIGATING COMPLAINTS
Any concern or issue about RCCFDC’s personal information handling practices may be made, in writing, to the Executive Director/Chief Privacy Officer. Upon verification of the individual’s identity, the Chief Privacy Officer will act promptly to investigate the complaint and provide a written report to the individual.
If the individual is dissatisfied with the report provided by the Chief Privacy Officer, or feels that the corrective action taken by RCCFDC is insufficient, the individual may direct a complaint to the Federal Privacy Commissioner in writing. The address of the Federal Privacy Commissioner is provided in this Privacy Statement for your convenience.
AMENDMENTS TO OUR PRIVACY POLICY
This Privacy Statement is a summary of RCCFDC’s Privacy Policy. For full particulars of RCCFDC Privacy Policy a copy may be obtained from RCCFDC.
The RCCFDC Privacy Policy and this Privacy Statement are in effect May 10, 2014 and are retroactive to January 1, 2004. RCCFDC’s Privacy Policy and this Privacy Statement may be updated from time to time to reflect amendments in applicable Federal and Provincial laws. Any changes to this Privacy Policy will be posted on RCCFDC website and will apply to personal information collected from the date of the posting of the revised Privacy Policy.
CONTACT INFORMATION
If you have any questions regarding RCCFDC’s Privacy Policy, Information Security, Retention and Destruction Policy, and/or this Privacy Statement, or you wish to make access to personal information request, please contact: info@rccfdc.org or call (613) 431-3951.
For a copy of PIPEDA or for answers to other questions regarding privacy legislation, please see additional resources below.
Office of the Privacy Commissioner of Canada
www.priv.gc.ca
30 Victoria Street
Gatineau, Quebec K1A 1H3
Information and Privacy Commissioner of Ontario
www.ipc.on.ca