Introduction
The British Columbia Sustainable Energy Association (BCSEA) is a non-profit society and a registered charity. BCSEA supports sustainable energy policy, innovation, and education in British Columbia. Our vision is to achieve a 100% sustainably powered British Columbia and to become the go-to resource for advancing energy literacy in British Columbia.
BCSEA is committed to providing exceptional service to members, donors, volunteers, employees, contractors and others. Providing this service can involve the collection, use and disclosure of personal information. We put a high priority on protecting personal information.
BCSEA is covered by British Columbia’s Personal Information Protection Act (PIPA). PIPA sets out the rules for how BC businesses and not-for-profit organizations may collect, use and disclose personal information. BCSEA is committed to complying with PIPA.
This Personal Information Protection Policy outlines the principles and practices BCSEA follows in collecting, using and disclosing personal information.
Definitions
Personal Information – means information about an identifiable individual.
Personal information does not include contact information (described below).
Contact information – means information that would enable an individual to be contacted at a place of business and includes name, position name or title, business telephone number, business address, business email or business fax number. Contact information is not covered by this policy or PIPA.
Privacy Officer – means the individual designated responsibility for ensuring that BCSEA complies with this policy and PIPA.
Collecting Personal Information
1.1 Unless the purposes for collecting personal information are obvious BCSEA will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection. Occasionally, information is collected at in-person events.
1.2 BCSEA will only collect personal information that is necessary to fulfill the following purposes:
To maintain an accurate database;
To organize fundraising activities including solicitations to donate by mail and email;
To provide charitable tax receipts for donations;
To implement our program work
To conduct internal surveys and focus groups;
To notify members, donors, volunteers, employees, contractors and others about the BCSEA’s activities, through emails, newsletters, brochures, reports, our website and awareness resources;
To verify identity of members, donors, volunteers, employees, contractors and others;
To identify member’s, donor’s, volunteer’s, employee’s, contractor’s and other’s, preferences;
To collect financial and banking information of our members, donors, employees, contractors and others in order to process confidential membership payments, donations, registration fees, program fees, and remuneration;
To deliver requested services;
To meet regulatory requirements.
1.3 If you provide a logo or images for upload to the website, be aware that visitors to the website can download all images on the website.
1.4 If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
1.5 Articles or images on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Consent
2.1 BCSEA will obtain consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent).
2.2 Consent can be provided orally, in writing, or electronically. Or consent it can be implied where the purpose of collecting, using or disclosing the personal information is obvious.
2.3 Consent is implied where a person is given notice and a reasonable opportunity to opt out and does not opt out of the use of his or her personal information by BCSEA for routine communication such as mail-outs, notification of events, membership campaigns, volunteer recruitment, newsletters, and fundraising.
2.4 A person can withhold or withdraw their consent for the BCSEA to use their personal information, except if BCSEA requires the personal information to meet a legal obligation.
2.5 BCSEA may collect, use or disclose personal information without consent in the following limited circumstances:
When the collection, use or disclosure of personal information is required by law;
In an emergency that threatens an individual’s life, health or personal security;
When the personal information is available from a public source (ie: telephone directory);
When the personal information is required for BCSEA to obtain legal advice;
For the purposes of collecting debt;
To protect BCSEA or its members and supporters from fraud;
To investigate an anticipated breach of an agreement or a contravention of law.
A full listing of such circumstances can be found in sections 12, 15, and 18 of PIPA.
Using and Disclosing Personal Information
3.1 We will only use or disclose personal information where necessary to fulfill the purposes identified at the time of collection or for a purpose reasonably related to those purposes such as:
Described in Paragraph 1.2 of this document
To advise members, donors, volunteers, employees, contractors and others about products and services that may be of interest
3.2 We will not use or disclose member’s, donor’s, volunteer’s, employee’s, contractor’s and other’s personal information for any additional purpose unless we obtain consent to do so.
3.3 We will not sell member’s, donor’s, volunteer’s, employee’s, contractor’s and other’s lists or personal information to other parties unless we have consent to do so.
3.4 If you request a password reset, your IP address will be included in the reset email.
3.5 Visitor comments may be checked through an automated spam detection service.
Retaining Personal Information
4.1 If we use member’s, donor’s, volunteer’s, employee’s, contractor’s and other’s personal information to make a decision that directly affects the members, donors, volunteers, employees, contractors and others we will retain that personal information for at least one year so that members, donors, volunteers, employees, contractors and others have a reasonable opportunity to request access to it.
4.2 Subject to policy 4.1, we will retain member’s, donor’s, volunteer’s, employee’s, contractor’s and other’s personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose.
4.3 If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Ensuring Accuracy of Personal Information
5.1 We will make reasonable efforts to ensure that member’s, donor’s, volunteer’s, employee’s,contractor’s and other’s personal information is accurate and complete where it may be used to make a decision about the members, donors, volunteers, employees, contractors and others or disclosed to another organization.
5.2 Members, donors, volunteers, employees, contractors and others may request correction to their personal information in order to ensure its accuracy and completeness. A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought. A request to correct personal information should be forwarded to the Privacy Officer at info@bcsea.org.
5.3 If the personal information is demonstrated to be inaccurate or incomplete, we will correct the information as required and send the corrected information to any organization to which we disclosed the personal information in the previous year. If the correction is not made, we will note the correction request in the file.
Security
6.1 We are committed to ensuring the security of member’s, donor’s, volunteer’s, employee’s,contractor’s and other’s personal information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.
6.2 The following security measures will be followed to ensure that member’s, donor’s, volunteer’s, employee’s,contractor’s and other’s personal information is appropriately protected:
With the use of user IDs, passwords, two step authentication, firewalls, and encryption;
By restricting members, volunteers, donors, employees, contractors and others access to personal information as appropriate;
By restricting access to personal information for any contractual service provider as appropriate.
6.3 We will use appropriate security measures when destroying member’s, donor’s, volunteer’s, employee’s, contractor’s and other’s personal information such as shredding documents, and deleting electronically stored information.
6.4 We will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security and compliance with PIPA.
6.5 No method of transmission over the Internet or method of electronic storage, is 100% secure. While we strive to use commercially reasonable means to protect your Personal Information, we cannot guarantee its absolute security.
6.6 Our Site may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
BCSEA has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party sites or services.
Providing Member’s, Donor’s, Volunteer’s, Employee’s, Contractor’s and Other’s Access to Personal Information
7.1 The members, donors, volunteers, employees, contractors and others have a right to access their personal information, subject to limited exceptions. Exceptions include:
When the personal information is protected by solicitor-client privilege;
When disclosure of the personal information would reveal confidential commercial information that could, in a reasonable person’s opinion, harm the competitive position of your organization;
When the personal information was collected for an investigation or proceeding that has not concluded (including any appeals);
When the organization is a credit reporting agency and the personal information was last disclosed by the agency in a credit report more than 12 months before the request was made;
When the information was collected by a mediator or arbitrator in conducting a mediation or arbitration if the mediator or arbitrator was appointed under a collective agreement, a law or by a court;
When the information is in a document that is subject to a solicitor’s lien.
A full listing of the exceptions to access can be found in section 23 of PIPA.
7.2 A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought. A request to access personal information should be forwarded to the Privacy Officer at info@bcsea.org.
7.3 Upon request, we will also tell members, donors, volunteers, employees, contractors and others how we use their personal information and to whom it has been disclosed if applicable.
7.4 We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request.
7.5 A minimal fee may be charged for providing access to personal information. Where a fee may apply, we will inform members, donors, volunteers, employees, contractors and others of the cost and request further direction from the members, donors, volunteers, employees, contractors and others on whether or not we should proceed with the request.
7.6 If a request is refused in full or in part, we will notify the members, donors, volunteers, employees, contractors and others in writing, providing the reasons for refusal and the recourse available to the members, donors, volunteers, employees, contractors and others.
Questions and Complaints: The Role of the Privacy Officer or designated individual
8.1 The Privacy Officer or designated individual is responsible for ensuring BCSEA’s compliance with this policy and the Personal Information Protection Act.
8.2 The members, donors, volunteers, employees, contractors and others should direct any complaints, concerns or questions regarding BCSEA’s compliance, in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, the members, donors, volunteers, employees, contractors and others may also write to the Information and Privacy Commissioner of British Columbia.
BCSEA’s Privacy Officer or designated individual may be contacted at: info@bcsea.org
Canada’s Anti-Spam Legislation (CASL)
CASL is Canada’s Anti-Spam Legislation and BCSEA is CASL compliant.
Changes to This Privacy Policy
BCSEA may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on the Site. You are advised to review this Privacy Policy periodically for any changes.
