Privacy Policy

Image: HCMA Architecture + Design

Collection of Personal Information and Visitor Policy

This privacy policy applies to Catalyst Community Developments Society (“Catalyst”). Catalyst believes strongly that every person has the right to privacy. When visiting or interacting with Catalyst, our properties or our offices or using our website or any of its electronic applications, you agree to be bound by this privacy policy. Catalyst collects personal information from individuals with a commitment to the protection of individual privacy. Catalyst asks for and maintains information on its visitors and clients to provide a better, more personal experience. Catalyst has taken measures to protect the security and confidentiality of personal information.

Catalyst is committed to protecting your privacy and to complying with the Personal Information Protection Act (“PIPA”). We will not sell or trade any of the information accumulated throughout the course of business about web visitors, clients or other contacts to any third parties.

Contact Information

If you have any questions regarding this privacy policy or the privacy practices of Catalyst, please contact Catalyst’s Privacy Manager at privacy@catalystcommdev.org.

Privacy Policy

1. OBJECTIVE AND SCOPE OF POLICY

Catalyst Community Developments Society (the “Society”) is committed to protecting the privacy of employees, tenants, and others dealing with the Society. This policy informs you of the Society’s practices concerning the collection, use and disclosure of personal information and ensures compliance with applicable privacy laws, including the B.C. Personal Information Protection Act (“PIPA”).

Society employees and contractors or agents who provide services to the Society that entail dealing with personal information are required to comply with this policy.

2. WHAT IS PERSONAL INFORMATION?

This policy applies to “personal information”. This is defined by legislation as any information about an identified or easily identifiable individual. Personal information does not include business contact information (e.g. business telephone and fax number, business address and email), information about corporations or other entities or information about individuals not associated with their identity (e.g. anonymous statistics). In addition, any personal information that is disclosed in work product created by employees, (e.g. a memorandum about a business trip that discloses some personal information about you) is not considered protected personal information.

Personal information is very broadly defined and includes unrecorded information or information recorded in any form, including in writing, electronically or on video or audio tape. Personal information includes relatively obvious or publicly available information such as home address, age or hair colour, through to more sensitive information such as credit card numbers or other financial information.

3. THE COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION

The Society collects only such personal information about individuals dealing with the Society, such as our tenants and tenant applicants, as is reasonably required to provide our services to them. The Society collects only such personal information about employees and job applicants as is reasonably necessary for the purposes of establishing, managing and terminating the employment relationship.

Generally speaking, the Society will obtain your consent to the collection, use and disclosure to others of your personal information, subject only to exceptions permitted or required by law. In many situations, where you voluntarily provide personal information about yourself and the purpose or use of the information is obvious, providing the information constitutes sufficient consent. For example, personal information submitted in an application to rent or an application for employment will be used to assess you as a potential tenant or employee. In other situations, the Society will seek your consent in writing, electronically or orally to the collection, use or disclosure to others of your personal information.

There are circumstances permitted under applicable privacy laws where the collection, use, or disclosure of personal information may be done without consent and other situations where collection, use or disclosure is required by other legislation. Such situations include:

  1. Where disclosure of information is required by applicable legislation or by order of an authorized court, tribunal, or regulatory or law-enforcement agency;
  2. Where the Society believes, on reasonable grounds that it is necessary to protect the health or safety of you or another;
  3. Where it is necessary to collect monies owing to the Society or respond to proceedings against the Society; and
  4. as part of an investigation into possible breach of an individual’s obligations to the Society or proceeding involving the Society.

You may, on reasonable advance notice in writing to the appropriate Society manager, withdraw consent to any collection, use or disclosure of personal information and we will comply with your request, except where such withdrawal would frustrate a legal obligation e.g. to maintain records to comply with record-keeping requirements of tax legislation or employment standards legislation. You should also appreciate that withdrawal of such consent may deprive you of benefits or other advantages from the Society or others.

4. DISCLOSURE OF PERSONAL INFORMATION

The Society does not sell, trade, barter or exchange for consideration any personal information it has obtained. When using services of contractual service providers who may receive personal information collected by the Society, the Society ensures that they agree to use such personal information solely for the purposes of providing those services and they agreed to comply with relevant portions of this policy.

In order to service clients and tenants and to administer employment relationships, the Society transmits personal information to affiliates and external service providers. For our tenants, we may share personal information about you with other non-profit agencies who are our partners in operating some buildings and with governmental agencies that require that information to verify we are meeting conditions of our funding. Tenant information is both received from and shared with our property managers in connection with managing the tenancy. While the Society will take steps to ensure your privacy is respected, this may entail sending personal information data outside of Canada, where it may be subject to access by governmental agencies of the foreign jurisdiction pursuant to foreign law.

As set out above, there are a limited number of situations where disclosure of personal information maintained by the Society is either required by law (e.g. legislation entitling law enforcement agencies to obtain information) or disclosure without consent is permitted by law (e.g. an emergency where your consent cannot be obtained).

As a tenant or employee, you may wish us to provide reference information about you, your employment or your tenancy with us or, for employees, your employment income to a prospective employer, landlord or provider of credit. We will require your written consent to disclosure of any personal information about you to persons bona fide purporting to be seeking such references. We only collect reference and past employer information about applicant tenants and employees with your consent.

5. ACCURACY AND PROTECTION OF PERSONAL INFORMATION

The Society endeavours to ensure that all personal information in its possession is as accurate, current and complete as possible for the purposes for which it is used by the Society. You can assist us by advising us of any changes in your personal information, e.g. changes in your home address, phone number or email address.

The Society takes appropriate security measures to ensure that both paper and electronic records containing personal information are secure from loss, unauthorized use, access or copying, disclosure or modification. Security measures include locking areas containing sensitive special personal information and general security of our offices. Our computer systems include passwords to gain access to sensitive personal information, as well as access restrictions to server folders that contain sensitive personal information. The Society limits access to personal information to those who “need to know” to provide you with our services as a tenant or who are involved with administering your employment relationship.

6. ACCESSING AND UPDATING PERSONAL INFORMATION

The Society allows individuals to have reasonable access to their personal information and will endeavour to provide requested information within reasonable time and generally within 30 days following a written request. Individuals may request:

  1. Information about what types of personal information are collected, how it is used, and to whom it is disclosed; or
  2. To review some or all personal information about them kept by the Society.

upon written request to the appropriate manager or to the Privacy Manager identified below.

Although the Society will generally comply with such requests, the Society may decline access to personal information on grounds permitted or required under PIPA, including the following situations:

  1. Where the requested personal information does not exist, is not recorded or cannot be located;
  2. Where the cost of assembling, retrieving and providing access to the personal information would be disproportionate to the benefits of access;
  3. Where such disclosure would entail disclosing personal information about another person, e.g. a person who made a comment or observation about the individual making the access request;
  4. Where the information was collected without consent for the purpose of an investigation or proceeding and the investigation or proceeding has not been completed.

Individuals may request that the Society correct records of personal information. If the Society concludes the requested change is unwarranted, it will so advise the requesting person, but will append the requested change to the record kept by the Society.

In cases where a request entails significant time and effort to compile responsive information, the Society may require pre-payment of a reasonable fee for compilation and copying of the requested information.

7. RETENTION AND DESTRUCTION OF PERSONAL INFORMATION

The Society endeavours to only retain personal information for so long as it is either:

  1. required to be retained by law, e.g. Income Tax Act requirements; or
  2. reasonably necessary for Society business needs,

subject to the requirement under PIPA to retain information that was used to make a decision directly affecting the individual for one year after the date of the decision.

When personal information is no longer needed, it will be destroyed in a suitably secure manner, e.g. shredding of paper records containing personal information.

8. SOCIETY RIGHT OF ACCESS TO ALL DATA ON SYSTEMS

Employees should be aware that, for a variety of reasons including ensuring appropriate use of Society computer resources and monitoring productivity, the Society reserves the right to monitor or review without advance notice all employee use of the Society’s computers, including all emails sent or received and Internet usage. Employees therefore should have no expectation of privacy when using the Society computer systems for personal reasons. Any such use should be restricted to nonworking time, be reasonable in scope and not place undue demands on the computer system or result in the introduction of potentially harmful material such as viruses to the Society’s computer system.

9. DATA BREACH

Notwithstanding our security arrangements, there is the risk that some of your personal information may be accessed by unauthorized persons through accidental loss or sharing of such information or “hacking” into our computer systems. If this occurs, the Society will comply with any applicable requirements under Privacy Laws. Generally, we will try to evaluate the scope of the loss, the potential risks to persons affected and where appropriate or required under Privacy Laws, notify such persons of the breach and any other relevant information, including steps to mitigate the risk.

10. COMPLAINTS OR QUESTIONS

If you wish to access your personal information, you must make the request directly to the Manager whom you believe is responsible for the personal information you wish to review. Alternatively, you may contact the Privacy Manager for the Society who may be reached at privacy@catalystcommdev.org. The Privacy Manager is generally responsible for firm compliance with applicable privacy legislation and with the application and administration of this policy. You may contact the Privacy Manager with any questions arising out of this policy.

11. TENANTS

The Society follows PIPA when dealing with tenant applicants and tenants. We adhere to the attached Guidance document from the Office of the Information and Privacy Commissioner on privacy in the landlord-tenant relationship, as it may be updated from time to time.

Guidance PIPA Landlord Tenancy

Please see attached PDF from the Office of the Information & Privacy Commissioner for British Columbia.

Canada’s Anti-Spam Law

Catalyst makes every reasonable effort to comply with Canada’s Anti-Spam Law. Any individual that has received an electronic message in error or has any other concern with Catalyst’s electronic message policies and practices should contact us.