Privacy Policy
1. Purpose
The Association is responsible for all personal information under its control and designates the Executive Director as the Chief Privacy Officer.
This policy outlines the types of information collected by the Association, how this information is used, and how it is protected.
2. Definition of Personal Information
The Association defines personal information as information about an identifiable individual. Personal information may include information that relates to
- personal characteristics (e.g., gender, age, race, religion, marital status, home address or telephone number)
- education (e.g. degree, year of graduation, institution and specialization)
- employment information (e.g. address or telephone number, current employer, past employers, or salary)
- health information
- financial information
- criminal history
- government-issued identification (e.g. Social Insurance Number (SIN), driver’s licence or any other identifying number)
Information is considered personal and about an “identifiable individual” when there is a serious possibility that an individual could be identified through the use of that information, alone or in combination with other information
3. Methods of Collection
All personal information is collected with the knowledge and consent of the individual as required. Personal information collected by the Association is provided by members or employees in writing, including email and fax, online through member profile, verbally over the phone, or in person, and through attendance at its events.
4. Use of Personal Information
The Association uses the personal information it collects for purposes such as, but not limited to:
- contact members
- circulate renewal information
- process payments
- provide members with The Journal or other continuing education information
- offer and deliver benefits, products, services, and programs
- host events such a local meetings and annual conference
- verify certification status with employers and prospective employers and/or regulating bodies
- verify eligibility for accommodations
- conduct member surveys and research as necessary
5. Protection of Personal Information Collected and Stored
Personal information is protected by security safeguards appropriate to the sensitivity of the information. Security safeguards in place may include secure servers, locked cabinets, records lifecycle management, and privacy protocols to ensure the protection of any personal information.
Personal information collected and stored by the Association will not be used or disclosed for purposes other than those for which it was collected, except as required by law. Personal information collected by the Association will not be distributed to third-party services without the consent of the individual.
Personal information will only be retained as long as it is needed for the Association to conduct its business. Information not required for long-term use will be destroyed ensuring confidentiality following verification (eg. medical documentation provided to determine eligibility for accommodations or credit card information for purchases).
To ensure personal information is kept safe by all members, the Association makes all policies, practices, and procedures related to the management of personal information readily available to all members and employees of the organization.
6. Accessing Personal Information and Opt-out Policy
An individual may request access to the personal information collected, stored, and used by the Association. Members are responsible for ensuring their personal information is up-to-date and can view their member profiles on ODAA.org to make changes as they occur.
All members and employees have the right to challenge the accuracy and completeness of their personal information and have it amended as appropriate.
Individuals may opt out of many of the above uses of their personal information, including unsubscribing from communications from the Association.
7. Exceptions
Under specific circumstances, the Association may be required to disclose personal information without the consent of an individual. Such circumstances may include, but not be limited to, as required by a legal investigation, to aid in a situation where people’s safety and lives may be at risk, or if disclosure aids in times of emergency, matters of legal investigation, or facilitates the conservation of historically significant records.
8. Policy Updates
The Association reserves the right to make changes to this privacy statement at its sole discretion without notice to the user.
9. Complaints
Individuals have the right to complain about any aspect of the Association’s compliance with the provisions relating to the protection of personal information to the Office of the Privacy Commissioner of Canada.
Complaints may also be made to the Executive Director of the Association in their role as the Chief Privacy Officer.
Last updated 19 April 2020.