First Church of God
FIRST CHURCH OF GOD
POLICY TO PROTECT PERSONAL INFORMATION
This policy is to safeguard personal information entrusted to First Church of God and to comply with the requirements of the Personal Information Protection and Electronic Documents Act (PIPEDA), the Personal Information Protection Act (PIPA) and any other applicable legislation.
The First Church of God is committed to maintaining the accuracy, confidentiality and security of all personal information in its custody and control. The Church, its Leadership Team, officers, employees and volunteers are required to comply with this policy. As part of this commitment, the First Church of God has adopted the following ten principles, based on the values set by the Canadian Standards Association’s Model Code for the Protection of Personal Information and Canada’s Personal Information Protection and Electronic Documents Act.
The First Church of God recognizes that:
Privacy is the right of the individual
Confidentiality is the Church’s obligation to protect that privacy
Security is the policy and procedures we use to achieve both
The First Church of God has appointed a Privacy Officer who is responsible for the organization’s compliance with this policy. Each Leadership Team, Committee, employee and volunteer is responsible for maintaining and protecting the personal information under its custody and control and is accountable for maintaining the confidentiality of such information. The Privacy Officer can be contacted through the Church Office.
2. Identifying purposes
The First Church of God collects and uses personal information about individuals solely for the following purposes:
To enable communication regarding church programs and activities;
To provide specific services as requested by an individual;
To provide income tax receipts; and,
To meet statutory and regulatory requirements.
Business contact information and certain publicly available information, such as names, addresses and telephone numbers as published in public telephone directories, are not considered personal information for the purposes of this policy.
Unless you advise otherwise, provision of personal information on official church forms, constitutes consent for the Church to collect, use and disclose personal information for the purposes stated in this policy.
An individual may refuse or withdraw consent at any time, subject to legal and contractual restrictions and reasonable notice. The choice to provide us with personal information is always the individual’s. Although decisions to withhold particular information may impact the church’s ability to meet specific requirements for the provision of certain services, the church will not withhold services if not directly related to the information.
An individual may refuse or withdraw consent by contacting the Privacy Officer through the church office. The Privacy Officer will explain the options and any consequences of refusing or withdrawing consent, and will record the individual’s choice.
4. Limiting collection
The personal information the Church collects shall be limited only to that which is necessary for the purposes identified.
Where reasonably possible the First Church of God will collect information directly from the individual or their legal guardian.
5. Limiting use, disclosure and retention
The personal information the Church collects will only be used or disclosed for the purposes for which it was collected, unless an individual has provided additional consent or when it is required or permitted by law.
The only circumstance under which personal information may be disclosed to third parties is when the disclosure is consistent with the purpose for which it was collected, for the fulfillment of any purposes identified above, or as required by law.
Where personal information is disclosed to third parties for the fulfillment of any purposes identified above, the church will make all reasonable efforts to ensure that the third party has appropriate security procedures in place for the protection of the personal information being transferred.
Where it is reasonable to do so, and where legislation permits, the First Church of God will obtain informed consent from individuals prior to releasing personal information to a third party.
Personal information will be retained only for as long as is necessary for the fulfillment of the purposes for which it was collected, or as required by law.
6. Accuracy and Correction
The First Church of God will make all reasonable efforts to ensure that personal information is as accurate, complete, and current as required for the purposes for which it was collected. If an individual finds any inaccuracies in our information, they should inform the church office and we will make the appropriate corrections promptly. In some cases, the Church relies on the individual to ensure that certain information, such as mailing address, email address and telephone number, is current, complete and accurate.
The First Church of God uses appropriate security safeguards to protect personal information from risks such as loss, misuse, unauthorized access, disclosure, or alteration. Safeguards include physical, administrative, and electronic security measures.
All employees and volunteers of the Church are required to abide by the privacy standards we have established and sign the attached Confidentiality Agreement. They are also required to work within the principles of ethical behaviour, and must follow applicable laws and regulations. In the course of daily operations, access to personal information is restricted to those employees and volunteers whose job responsibilities require them to access it.
The First Church of God will provide information to individuals about our policies and procedures relating to the overall management of personal information that is under our custody or control or with regard to specific personal information about which an individual may have a concern. Individuals may contact the Privacy Officer through the church office to access this information.
An individual has the right to access their personal information under the custody or control of the Church. Upon request to the Privacy Officer, the individual will be informed of the existence, use, and disclosure of their personal information and will be given access to the information.
In certain exceptional situations, the Church may not be able to provide access to certain personal information that it holds about an individual. For example, the Church may not provide access to personal information if doing so would reveal personal information about a third party. If access cannot be provided, the First Church of God will notify the individual, in writing, of the reasons for refusal.
10. Handling enquiries and complaints
Any questions or enquiries concerning compliance with our privacy policies and procedures may be addressed to the Privacy Officer through the church office.
Individuals may submit their concerns regarding this policy or the Church’s compliance with this policy or legislation to the Office of the Privacy Commissioner of Alberta.
11. Revisions to this policy
The development of the FIRST CHURCH OF GOD’s policies and procedures for the protection of personal information is an ongoing process. Due to changes in technology and legal requirements, the Church may revise this policy from time to time. For a copy of the current version please contact the church office.