Politique de confidentialité
Privacy policy

PERSONAL INFORMATION PROTECTION POLICY

1. Purpose

The purpose of this policy is to establish how Eastside Movement for Business and Economic Renewal Society (EMBERS) collects, uses, protects, and manages personal information in the course of its operations.

This policy is intended to ensure that personal information is handled in accordance with the Personal Information Protection Act, SBC 2003, c 63.

2. Scope

This policy applies to all individuals who work for or with EMBERS and who may have access to personal information, including:

a. employees; b. contractors and consultants; c. volunteers; and d. board members.

This policy applies to personal information relating to employees, program participants, clients, donors, partners, and other individuals whose information may be collected in connection with EMBERS programs or operations.

3. Personal Information

For the purposes of this policy, personal information means information about an identifiable individual.

Personal information may include:

a. names, addresses, telephone numbers, or email addresses; b. identification numbers or government-issued identifiers; c. financial or banking information; d. employment or educational history; e. health or support service information provided in connection with EMBERS programs; and f. information relating to program eligibility or participation.

Personal information does not include business contact information used solely for business purposes.

4. Collection of Personal Information

EMBERS will collect personal information only for purposes that are reasonable and necessary for its programs and operations.

Personal information may be collected for purposes including:

a. administering employment relationships; b. delivering employment or training programs; c. providing counselling or support services to program participants; d. administering funding programs or reporting obligations to funders; and e. managing organizational operations.

Personal information will be collected directly from the individual wherever reasonable to do so.

5. Use and Disclosure of Personal Information

Personal information will be used only for the purposes for which it was collected or for purposes that are reasonably related to those purposes.

Personal information may be used or disclosed for purposes including:

a. delivering EMBERS programs or services; b. administering employment or contractual relationships; c. reporting program outcomes to funders or partners where required; d. complying with legal or regulatory requirements; and e. protecting the safety of employees, participants, or the public.

Personal information will not be disclosed to third parties except where disclosure is authorized by law, required for program delivery, or consent has been obtained.

6. Protection of Personal Information

EMBERS will take reasonable steps to protect personal information against loss, unauthorized access, use, disclosure, or destruction.

Security measures may include:

a. restricted access to records containing personal information; b. secure electronic systems and password protection; c. secure storage of paper records; and d. policies and procedures governing access to personal information.

Individuals who have access to personal information must take reasonable steps to safeguard that information.

7. Access to Personal Information

Individuals may request access to personal information about themselves that is held by EMBERS.

Requests for access must be made in writing.

EMBERS will respond to access requests within a reasonable period of time and may require verification of identity before providing access.

Access may be limited where permitted by law.

8. Correction of Personal Information

Individuals may request correction of personal information that they believe to be inaccurate or incomplete.

If a correction request is accepted, EMBERS will update the information as appropriate.

Where EMBERS does not agree that a correction is necessary, the individual may request that a statement of disagreement be attached to the record.

9. Retention and Destruction

Personal information will be retained only as long as necessary to fulfill the purposes for which it was collected and to comply with legal or operational requirements.

When personal information is no longer required, EMBERS will ensure that it is securely destroyed or anonymized.

Secure destruction methods may include:

a. shredding physical records; b. permanent deletion of electronic records; and c. secure destruction services provided by qualified vendors.

10. Privacy Breaches

Any suspected or confirmed breach involving personal information must be reported promptly to management.

A privacy breach may include:

a. unauthorized access to personal information; b. unauthorized disclosure of personal information; c. loss or theft of records containing personal information; or d. accidental disclosure of personal information.

Upon becoming aware of a privacy breach, EMBERS will take reasonable steps to:

a. contain the breach; b. assess the potential impact;

c. notify affected individuals where appropriate; and d. implement measures to prevent recurrence.

11. Responsibilities

All individuals who work for or with EMBERS are responsible for protecting personal information and complying with this policy.

Managers are responsible for ensuring that personnel under their supervision understand and comply with this policy.

12. Policy Review

This policy may be updated from time to time to ensure continued compliance with applicable privacy legislation and best practices.

13. Acknowledgement

By accessing or using the EMBERS Workforce app, you acknowledge that you have read and understood this Personal Information Protection Policy and agree to the collection, use, and protection of your personal information as described herein.