Westgate Mennonite Collegiate is committed to protecting individual privacy and maintaining the accuracy, confidentiality and security of all personal and financial information.
This Privacy Protection Policy is in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA). This legislation recognizes the right to privacy of individuals with respect to their personal information, and applies to students, parents, staff and board members of Westgate Mennonite Collegiate. To ensure personal information is protected, secure safeguards are established as well as adherence to the Ten Privacy Principles outlined by PIPEDA (attached).
What is Personal Information?
Personal information is information about an identifiable individual. It includes the full name, address, telephone number, e-mail address, and any other information that identifies the individual.
Protecting Personal Information
- Personal information is kept in strict confidence.
- Personal information is not shared, rented, or sold to any organization outside the school without your consent.
- Paper information is either under supervision or secured in a locked or restricted area.
- Electronic hardware is firewall and password protected.
- Staff are trained to collect, use and disclose personal information only as necessary to fulfill their duties and in accordance with the School’s privacy policy.
- External consultants and agencies (e.g. the school’s auditor) with access to personal information must enter into privacy agreements with us or acknowledge that they abide by PIPEDA.
Retention and Destruction of Your Personal Information
The Compliance Officer will ensure that personal information is destroyed, erased, as soon as the purpose for which it was collected is no longer relevant, or as permitted by law. There shall be an annual review of the need to continue retaining personal information. Except as required to be retained by law, or as established by Westgate Mennonite Collegiate policy, all personal information shall be destroyed/deleted in a timely manner after the purpose for which it was collected has been completed.
Accuracy and Accessibility of Your Personal Information
You may check your information on file to verify, update and correct it and to have obsolete information removed. Such requests should be put in writing to the attention of the Compliance Officer.
Upholding the Westgate Mennonite Collegiate Privacy Protection Policy
Access to your information is restricted to authorized staff that has been trained in accordance with the School’s Privacy Policy.
Compliance Officer
The Business Manager is the designated Compliance Officer.
BASIC PRIVACY PRINCIPLES (As defined by the Personal Information Protection and Electronic Documents Act)
Accountability:Â An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.
Identifying Purposes:Â The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
Consent:Â The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except where inappropriate.
Limiting Collection:Â The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.
Limiting Use, Disclosure, and Retention:Â Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.
Accuracy:Â Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
Safeguards:Â Security safeguards appropriate to the sensitivity of the information shall protect personal information.
Openness:Â An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
Individual Access:Â Upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Challenging Compliance:Â An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization’s compliance.