The Canadian Tax Foundation (the “CTF”) collects personal information as necessary in the course of its relationship with its members, customers, contributors and others having dealings with it. “Personal information” means information about an identifiable individual. For example, when a person obtains membership, registers for an event, or purchases a publication or other product, personal information relating to payment, including contact information like physical or electronic address may be collected. The CTF may also keep a record of contacts, including copies of correspondence and history of transactions.
This information is used only for the purposes for which it was collected, namely to provide goods and services to members and customers, to process payments and correspondence and to keep members and customers informed of activities and products. Under no circumstances does the CTF rent, sell or trade any of this personal information.
This information is retained only so long as is necessary for the fulfilment of the purposes for which it is collected.
All personal information provided to the CTF by members, customers, contributors and others having dealings with it is kept physically and electronically secure, as is appropriate to the sensitivity of the particular information. All such information is used only for the purposes for which it was collected, and access to it is limited to staff who require it to perform necessary job functions.
The CTF has put in place and maintains specific security safeguards to protect personal information against loss, theft, unauthorized access, disclosure, copying, or use or unauthorized modification. These safeguards include the use of password protocols, encryption and other security software to protect personal information when goods or services are purchased. This software is updated periodically to improve protection.
In very limited circumstances, the CTF may disclose personal information to third parties who provide services to the CTF in the normal course of business. For example, some personal financial information must be disclosed to the bank in order to process payments of fees or other financial transactions or couriers in order to ship orders to members or others. In these circumstances, the CTF discloses only the information that is necessary to obtain the service in question.
Service providers who perform internal functions for the CTF, such as information storage, are bound by contract to keep personal information provided to them by the CTF confidential, to safeguard it and to use it only for the purposes of rendering the contracted services.
The CTF may also disclose personal information in other circumstances specifically permitted or required by applicable legislation, such as where a government institution has lawful authority to obtain the information.
Consent and Access to Information
The CTF obtains the consent, either express or implied, of members, and others with whom it has dealings to use their personal information for the purposes for which it has been collected. Based on this, it is expected that these persons have an understanding of how this information is used and the limited circumstances in which it is shared with third parties. If any member or other person with whom the CTF has dealings wishes to withdraw this consent, this may be accomplished by written notification to the CTF Privacy Officer. However, it must be understood that in cases where such consent is withdrawn, or where it is not given, there could be circumstances in which the CTF will be unable to service a membership or provide requested products or services.
Any member, customer, contributor or other person having dealings with the CTF may request a copy of that person’s personal information contained in the records of the CTF, or a list of third parties to whom that information has been disclosed, by written request to the CTF Privacy Officer. Acceptable proof of identification will be required before responding to such a request. In some cases it will not be possible to provide a person with the complete record of that person’s personal information, because of other applicable constraints, such as where that record contains non-severable personal information about another person. In such circumstances, an explanation of the reason for this will be provided. There are also other circumstances, such as where information was generated as part of a formal dispute resolution process, where personal information collected by the CTF will not be disclosed upon such a request.
If any member, customer, contributor or other person having dealings with the CTF feels that that person’s personal information as contained in the records of the CTF is inaccurate, incomplete or out of date, or otherwise wishes to enquire about or challenge compliance by the CTF regarding the use of that person’s personal information, that person may so advise the CTF Privacy Officer in writing. The Privacy Officer will then examine the request and make such correction or take such action as is necessary in the circumstances.
All such requests shall be processed within thirty (30) days.
Contact the Privacy Officer at firstname.lastname@example.org.