Community Development Corporation of Sault Ste. Marie & Area
Thursday, September 21, 2017

Privacy Statement

INTRODUCTION

The CDC is a federally supported not–for–profit community organization with a volunteer Board of Directors and professional staff whose purpose is to support community economic development and small business growth through business loans or loan guarantees.

This brochure summarizes the CDC's privacy policies and procedures that have been developed to comply with Canada's Personal Information Protection and Electronic Documents Act ("PIPEDA"). PIPEDA sets out rules for the collection, use and disclosure of a client's or customer's personal information, as well as safeguarding that information in the course of commercial activity as defined in the legislation.

WHAT IS "PERSONAL INFORMATION"

Under PIPEDA, "Personal Information" means any information that is identifiable to an individual, including name, address, telephone number, Social Insurance Number, and date of birth. It also includes, but is not limited to, other information relating to identity, such as, nationality, gender, marital status, financial information and credit history.

PURPOSES FOR PERSONAL INFORMATION

CDC collects only that personal information required to assess a prospective applicant's eligibility for financial assistance, as well as to report to the Government of Canada, and the federal department that administers the Ontario Community Futures Program.

CONSENT

At the time of completing a loan application, the express, written consent of the individual applicant will be sought for the collection, use, retention and disclosure of their personal information for the purposes set out in the CDC's privacy policy.

An applicant may choose not to provide some or all of the personal information requested, but if the CDC is unable to collect sufficient information to validate a financing request, the application for financing may be turned down.

ACCURACY

The CDC endeavours to ensure that all personal information in active files is accurate, current and complete. When a client notifies the CDC that his or her personal information requires correction or updating, the necessary changes will be made. Information contained in closed files is not updated.

LIMITING USE, RETENTION & DISCLOSURE

The CDC uses and retains personal information for only those purposes to which the individual has consented.

Personal information will be disclosed to only those CDC employees, volunteer members of committees and/or Board of Directors that need to know the information for the purposes set out in the CDC Privacy Policy.

SAFEGUARDS

The CDC utilizes a number of physical, organizational and technological measures to safeguard personal information from unauthorized access or inadvertent disclosure in accordance with its Information Security, Retention and Destruction Policy, including but not limited to:

Physical

Active files are stored in locked filing cabinets located in work areas restricted to the CDC employees and authorized volunteers. Closed files are stored in locked cabinets for a period of seven years, after which, the information is shredded prior to disposal.

Organizational

The CDC employees, volunteers, and third party service providers sign confidentiality agreements binding them to safeguarding the confidentiality of personal information to which they have access.

Technological

Personal information contained on the CDC computers and the electronic databases are password protected. As well, the Internet server or router has firewall protection to protect against virus attacks and hacking into the database.

Electronic Transmission of Information

Notwithstanding the technological safeguards implemented by the CDC, all Internet transmissions are susceptible to possible loss, misrouting, interception and misuse. For this reason, as part of the application that individual's sign consenting to their personal information being collected used, retained, and disclosed, the CDC will assume that it has the individual's consent to communicate via the Internet unless notified to the contrary.

INDIVIDUAL ACCESS

An individual who wishes to review or verify what personal information is held by the CDC, may do so by making a request, in writing to the CDC's Chief Privacy Officer. Upon verification of the individual's identity, the Chief Privacy Office will provide a written report within 60 days.

INVESTIGATING COMPLAINTS

Any concern or issue about the CDC's personal information handling practises may be made, in writing, to the Chief Privacy Officer. Upon verification of the individual's identity, the Chief Privacy Officer will act promptly to investigate the complaint and provide a written report to the individual.

If the individual is dissatisfied with the report provided by the Chief Privacy Officer, or feels that the corrective action taken by the CDC is insufficient, the individual may direct a complaint to the Federal Privacy Commissioner in writing. The address of the Federal Privacy Commissioner is provided in this Privacy Statement for your convenience.

AMENDMENTS TO OUR PRIVACY POLICY

This Privacy Statement is a summary of the CDC's Privacy Policy. For full particulars of the CDC's privacy policies and procedures, please request a copy of the Privacy Policy from the CDC or a copy may be obtained from the Internet website at: www.ssmcdc.com.

The CDC Privacy Policy and this Privacy Statement are in effect October 15, 2004 and is retroactive to January 1, 2004. The CDC's Privacy Policy and this Privacy Statement may be updated from time to time to reflect amendments in applicable Federal and Provincial laws. Any changes to this Privacy Policy will be posted on the CDC website and will apply to personal information collected from the date of the posting of the revised Privacy Policy.

CONTACT INFORMATION

If you have any questions regarding the CDC’s Privacy Policy, Information Security, Retention and Destruction Policy, and/or this Privacy Statement, or you wish to make an access to personal information request, please contact:

Chief Privacy Officer
CDC E-mail: cdc@ssmcdc.com
672 Queen Street East Phone:(705)942–9000
Sault Ste. Marie, Ontario Facsimile:(705)942–0274
P6A 2A4

OTHER HELPFUL PRIVACY LINKS

For a copy of PIPEDA, or for answers to other questions regarding privacy legislation, below are some helpful privacy links.

Federal Privacy Commissioner
112 Kent Street
Ottawa, ON K1A 1H3

CDC of Sault Ste. Marie & Area Privacy Policy (PDF)

Siskind, Cromarty, Ivey & Dowler LLP
Privacy Law Group