At the Alberta Equestrian Federation Society (AEF), we are committed to providing our members/clients/employees with exceptional service. As providing this service involves the collection, use and disclosure of some personal information about our members, protecting their personal information is one of our highest priorities.
While we have always respected our members’/clients’/employees’ privacy and safeguarded their personal information, we have strengthened our commitment to protecting personal information as a result of Alberta’s Personal Information Protection Act (PIPA), which sets out the ground rules for how Alberta businesses and not-for-profit organizations may collect, use and disclose personal information. The AEF adheres strictly to the Government of Canada’s regulations pertaining to personal data.
We will inform our members/clients/employees of why and how we collect, use and disclose their personal information, obtain their consent when/where required, and only handle their personal information in a manner that is reasonable and appropriate.
This Policy, in compliance with PIPA, outlines the principles and practices we will follow in protecting members’ personal information. Our privacy commitment includes ensuring the accuracy, confidentiality, and security of our members’/clients’/employees’ personal information and allowing our members to request access to it, and correction of, their personal information.
Personal Information – Information about an identifiable individual, including both current and former employees. Personal information includes information that relates to their personal characteristics (e.g. gender, age, income, ethnic background, family status, etc.), or their activities and views (e.g. religious, political, opinions expressed by the individual, etc.). Personal information, however, does not include contact information.
Contact Information – Information that would enable an individual, business, club, stable or facility to be contacted and includes name, telephone number(s), address, email or fax number. Contact information is not covered by this Policy or PIPA.
Privacy Officer – The individual designated responsible for ensuring that AEF complies with this policy and PIPA.
Service Provider – An organization that provides a service (directly or indirectly) for, or on behalf of, another organization. This definition is not limited to organizations providing services under contract with the principal organization; a service provider may be a subcontractor. A service provider may also be a parent corporation, a subsidiary or an affiliate.
Collecting Personal and Contact Information
Unless the purposes for collecting personal information are obvious and the client/member/employee voluntarily provides his or her personal information for those purposes, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection.
- We will only collect client/member information that is necessary to fulfill the following purposes
- Name, address, phone number, cell phone number, fax number and email address for the purpose of communicating and reporting about the AEF’s membership, programs, events and activities.
- Banking information, social insurance number, criminal record check, resume, and beneficiaries for the AEF payroll, company insurance and health plan.
- Criminal record check and related personal reference information for the purpose of implementing the volunteer screening program.
- Contact information for use in the event of a medical emergency.
- Name, address, phone number, cell phone number, gender, date of birth and email address for the purpose of insurance coverage, managing insurance claims and conducting insurance investigations.
- Name and address for the purpose of mailing annual membership renewals and AEF publications (e.g. Alberta Bits).
- AEF membership number, member’s first and last name, gender, year of birth, zone of residence and membership status for the purpose of ‘membership verification’ for AEF affiliated events, activities and programs.
Cookies are small internet text files which contain a unique identification number. This number is transferred from a website to the user’s hard drive so that website may identify separate visitors and track user activity. Cookies will not inform a website of any personally identifiable information about the user.
Links to other websites
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should be aware that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide while visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
AEF will obtain consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent).
Consent can be provided orally, in writing, electronically, through an authorized representative, or consent is implied where the purpose for collecting using or disclosing the personal information would be considered obvious and the member/client/employee voluntarily provides personal information for that purpose.
When an individual consents to disclosure of his or her personal information by one organization to another organization for a particular purpose, the individual is deemed to consent to the collection of that information for that particular purpose by that other organization.
Consent may also be implied when a member does not opt-out from having his or her personal information being used for mail-outs, marketing, or fundraising; after having been given a reasonable opportunity to do so.
Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), members/clients/employees can withhold or withdraw their consent for AEF to use their personal information in certain ways. A decision to withhold or withdraw their consent to certain uses of personal information may restrict our ability to provide a particular service or product. If so, we will explain the situation to assist them in making the decision.
- We may collect, use or disclose personal information without the member’s/clients’/employee’s knowledge or consent in the following limited circumstances:
- When the collection, use or disclosure of personal information is permitted or required by law.
- In an emergency that threatens an individual’s life, health, or personal security.
- When the personal information is available from a public source (e.g., a telephone directory).
- When we require legal advice from a lawyer; the use of the information is necessary to comply with a collective agreement that is binding on the organization under section 128 of the Labour Relations Code.
- The use of information is necessary to comply with an audit or inspection of or by the organization if it is authorized or required by Alberta or Canada’s statutes or regulations.
- For the purposes of collecting a debt.
- To protect ourselves from fraud.
- To investigate an anticipated breach of an agreement or a contravention of law.
In situations where AEF is reasonably able, we will consult Alberta’s PIPA before collecting, using or disclosing personal information without consent to ensure compliance.
Using and Disclosing Personal Information
We will only use or disclose member personal information where necessary to fulfill the purposes identified at the time of collection, or for a purpose reasonably related to those purposes, such as:
- To conduct surveys in order to enhance the provision of our services.
- To contact our members/clients/employees directly about services that may be of interest.
We will not use or disclose personal information for any additional purpose unless we obtain consent to do so, or if it’s included in the exceptions listed above in compliance with Alberta’s PIPA.
We will not sell member/client/employee lists or personal information to other parties.
Retaining Personal Information
If we use member/client/employee personal information to make a decision that directly affects them, we will retain that personal information for at least one year so that the member/client/employee has a reasonable opportunity to request access to it.
AEF will retain personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose.
Ensuring Accuracy of Personal Information
AEF will make reasonable efforts to ensure that member/client/employee personal information is accurate and complete where it may be used to make a decision about them or disclosed to another organization.
Members/clients/employees may request correction to their personal information in order to ensure its accuracy and completeness. A request to correct personal information must be made by providing sufficient detail to identify the personal information and the correction being sought.
If the personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required and send the corrected information to any organization to which we disclosed the personal information in the previous year. If the correction is not made, we will note the members’ correction request in the file.
Securing Personal Information
We are committed to ensuring the security of our members’ personal information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks.
The following security measures will be followed to ensure that member personal information is appropriately protected:
- Methods of protection and safeguards include, but are not limited to:
- Locked filing cabinets.
- Restricted access to offices.
- Security clearances.
- Need-to-know access and technological measures including the use of passwords, encryption and firewalls.
- The following steps will be taken to ensure security:
- Paper information is either under supervision or secured in a locked or restricted area.
- Electronic hardware is either under supervision or secured in a locked or restricted area at all times. In addition, passwords are used on computers.
- Paper information is transmitted through sealed, addressed envelopes or in boxes by reputable courier/delivery companies.
- Electronic information is transmitted either through a direct line or is encrypted.
- Staff is trained to collect, use and disclose personal information only as necessary to fulfill their duties and in accordance with this policy.
- External consultants and agencies with access to personal information will provide AEF with appropriate privacy assurances.
AEF will use appropriate security measures when destroying personal information such as shredding documents and deleting electronically stored information. We will ensure that all records are destroyed or personal information rendered non-identifying when information is no longer needed. The records will be destroyed in a reasonable time frame.
AEF will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security.
Providing Access to Personal Information
Members/clients/employees have a right to access their personal information, subject to limited exceptions.
A full listing of the exceptions to access can be found in section 24 of PIPA. Some examples include: solicitor-client privilege, disclosure would reveal personal information about another individual, health and safety concerns.
A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought. A request to access personal information should be forwarded to the Privacy Officer.
Upon request, we will also tell members how we use their personal information and to whom it has been disclosed if applicable.
We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request.
A minimal fee may be charged for providing access to personal information. Where a fee may apply, we will inform the member/client/employee of the cost and request further direction from the member on whether or not we should proceed with the request.
If a request is refused in full or in part, we will notify the member in writing, providing the reasons for refusal and the recourse available to the member.
Questions and Complaints
The Privacy Officer is responsible for ensuring AEF compliance with this policy and the Personal Information Protection Act.
Members should direct any complaints, concerns or questions regarding AEF compliance in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, the member may also write to the Information and Privacy Commissioner of Alberta.
Executive Director Alberta Equestrian Federation
403-253-4411 ext 5
Office of the Information and Privacy Commissioner of Alberta
Suite 2460, 801 6 Avenue SW
Calgary, Alberta T2P 3W2