Aikido Tendokai Privacy Policy

General

  1. Background– Privacy of personal information is governed by the federal Personal Information Protection and Electronics Documents Act (“PIPEDA”). This policy describes the way that Aikido Tendokai (“AT”)  collects, uses, safeguards, discloses and disposes of personal information, and states the AT’s commitment to collecting, using and disclosing personal information responsibly. This policy is based on the standards required by PIPEDA and the AT’s interpretation of these responsibilities.
  2. Definitions– The following terms have these meanings in this Policy:
    1. Commercial Activity”– Any particular transaction, act or conduct that is of a commercial character.
    2. IP Address”– A numerical label that is assigned to electronic devices participating in a computer network that uses internet protocol for communication between devices.
    3. Personal Information” – any information about an individual that relates to the person’s personal characteristics and likeness including, but not limited to: gender identity, age, income, home address or phone number, ethnic background, family status, health history, and health conditions as well as video or still images of the individual.
    4. Representatives”– Members, directors, officers, committee members, employees, athletes, coaches, officials, sport assistants, managers, trainers, volunteers, administrators, contractors and registrants within the AT
  3. Purpose–The purpose of this policy is to govern the collection, use and disclosure of personal information in the course of commercial activities in a manner that recognizes the right to privacy of individuals with respect to their personal information and the need of the AT to collect, use or disclose personal information.

Application of this Policy

  1. Application– This Policy applies to Representatives in connection with personal information that is collected, used or disclosed during any commercial activity related to the AT.
  2. Ruling on Policy– Except as provided in PIPEDA, the Board of Directors of the AT will have the authority to interpret any provision of this Policy that is contradictory, ambiguous, or unclear.

Obligations

  1. Statutory Obligations The AT is governed by the Personal Information Protection, Electronic Documents Act in matters involving the collection, use and disclosure of personal information.
  2. Additional Obligations In addition to fulfilling all requirements of PIPEDA, the AT and its Representatives will also fulfill the additional requirements of this Policy. Representatives of the AT will not:
    1. Disclose personal information to a third party during any business or transaction unless such business, transaction or other interest is properly consented to in accordance with this Policy;
    2. Knowingly place themselves in a position where they are under obligation to any organization to disclose personal information;
    3. In the performance of their official duties, disclose personal information to family members, friends or colleagues, or to organizations in which their family members, friends or colleagues have an interest;
    4. Derive personal benefit from personal information that they have acquired during the course of fulfilling their duties with the AT; or
    5. Accept any gift or favour that could be construed as being given in anticipation of, or in recognition for, the disclosure of Personal Information.

Accountability

  1. Privacy Officer– The Privacy Officer is responsible for the implementation of this policy and monitoring information collection and data security and for ensuring that all staff receive appropriate training on privacy issues and their responsibilities. The Privacy Officer also handles personal information access requests and complaints. The Privacy Officer may be contacted as follows:

Aikido Tendokai

Robert Carroll

Address: 380 Queen St. East, Toronto, ON, M5A 1T1

Tel: 416-703-5992

Email: rscarroll@bell.net

  1. Duties– The Privacy Officer will:
    1. Implement procedures to protect personal information;
    2. Establish procedures to receive and respond to complaints and inquiries;
    3. Record all persons having access to personal information;
    4. Ensure any third-party providers abide by this Policy; and
    5. Train and communicate to staff information about the AT’s privacy policies and practices.
  2. Employees– The AT shall be responsible to ensure that the employees, contractors, agents, or otherwise of the AT are compliant with PIPEDA and this Policy.

Identifying Purposes

  1. Purpose– Personal information may be collected from Representatives and prospective Representatives for purposes that include, but are not limited to, the following:

Communications:

  1. Sending communications in the form of e-news or a newsletter with content related to AT programs, events, fundraising, activities, discipline, appeals, and other pertinent information
  2. Publishing articles, media relations and postings on AT website, displays or posters
  3. Award nominations, biographies, and media relations
  4. Communication within and between Representatives
  5. Discipline results and long-term suspension list
  6. Checking residency status
  7. Posting images, likeness or other identifiable attributes to promote AT

Registration, Database Entry and Monitoring:

  1. Registration of programs, events and activities
  2. Database entry to determine level of officiating certification and qualifications
  3. Determination of eligibility, age group and appropriate level of play/competition
  4. Participant Registration, outfitting uniforms, and various components of class and team selection
  5. Technical monitoring, club/instructor review, instructor training, educational purposes, media publications and promotion of Aikido
  6. Selection in relation to grading/promotion, instructor training, instructor, dojo-cho, shidoin, examination committee, and/or other opportunities, responsibilities or positions as the AT and/or its members may decide from time to time.
  7. Implementation of classification
  8. Technical monitoring, coach/club review, officials training, educational purposes, media publications, and sport promotion

Sales, Promotions and Merchandising:

  1. Purchasing equipment, coaching manuals, resources and other products
  2. Promotion and sale of merchandise

General:

  1. Travel arrangement and administration
  2. Implementation of a AT screening program
  3. Medical emergency, emergency contacts or reports relating to medical or emergency issues
  4. Determination of membership demographics and program wants and needs
  5. Managing insurance claims and insurance investigations
  6. Video recording and photography for personal use, and not commercial gain, by spectators, parents and friends
  7. Video recording and photography for promotional use, marketing and advertising by AT
  8. Payroll, honorariums, company insurance and health plans
  1. Purposes not Identified– The AT shall seek consent from individuals when personal information is used for Commercial Activity not previously identified. This consent will be documented as to when and how it was received.

Consent

  1. Consent– The AT shall obtain consent by lawful means from individuals at the time of collection and prior to the use or disclosure of this information. The AT may collect personal information without consent where reasonable to do so and where permitted by law.
  2. Implied Consent– By providing personal information to the AT, individuals are consenting to the use of the information for the purposes identified in this policy.
  3. Withdrawal– An individual may declare to the Privacy Officer in writing to withdraw consent to the collection, use or disclosure of personal information at any time, subject to legal or contractual restrictions. The AT will inform the individual of the implications of such withdrawal.
  4. Legal Guardians– Consent shall not be obtained from individuals who are minors, seriously ill, or mentally incapacitated and therefore shall be obtained from a parent, legal guardian or person having power of attorney of such an individual.
  5. Exceptions for Collection– The AT is not required to obtain consent for the collection of personal information if:
    1. It is clearly in the individual’s interests and consent is not available in a timely way;
    2. Knowledge and consent would compromise the availability or accuracy of the information and collection is required to investigate a breach of an agreement or contravention of a federal or provincial law
    3. The information is publicly available as specified in PIPEDA.
  1. Exceptions for Use– The AT may use personal information without the individual’s knowledge or consent only:
    1. If the AT has reasonable grounds to believe the information could be useful when investigating a contravention of a federal, provincial or foreign law andthe information is used for that investigation;
    2. For an emergency that threatens an individual’s life, health or security;
    3. Aggregate information for statistical or scholarly study or research;
    4. If it is publicly available as specified in PIPEDA;
    5. If the use is clearly in the individual’s interest and consent is not available in a timely way; or
    6. If knowledge and consent would compromise the availability or accuracy of the information and collection was required to investigate a breach of an agreement or contravention of a federal or provincial law.
  1. Exceptions for Disclosure– The AT may disclose personal information without the individual’s knowledge or consent only:
    1. To a lawyer representing the AT;
    2. To collect a debt the individual owes to the AT;
    3. To comply with a subpoena, a warrant or an order made by a court or other body with appropriate jurisdiction;
    4. To a government institution that has requested the information, identified its lawful authority, and indicated that disclosure is for the purpose of enforcing, carrying out an investigation, or gathering intelligence relating to any federal, provincial or foreign law; or that suspects that the information relates to national security or the conduct of international affairs; or is for the purpose of administering any federal or provincial law;
    5. To an investigative body named in PIPEDA or government institution on the AT’s initiative when the AT believes the information concerns a breach of an agreement, or a contravention of a federal, provincial, or foreign law, or suspects the information relates to national security or the conduct of international affairs;
    6. To an investigative body for the purposes related to the investigation of a breach of an agreement or a contravention of a federal or provincial law;
    7. In an emergency threatening an individual’s life, health, or security (the AT must inform the individual of the disclosure);
    8. Aggregate information for statistical, scholarly study or research;
    9. To an archival institution;
    10. 20 years after the individual’s death or 100 years after the record was created;
    11. If it is publicly available as specified in the regulations; or
    12. If otherwise required by law.

Limiting Collection, Use, Disclosure and Retention

  1. Limiting Collection, Use and Disclosure– The AT shall not collect, use or disclose personal information indiscriminately. Information collected will be for the purposes specified in this Policy, except with the consent of the individual or as required by law.
  2. Retention Periods– Personal information shall be retained as long as reasonably necessary to enable participation in the AT, to maintain accurate historical records and or as may be required by law.
  3. Destruction of Information– Documents shall be destroyed by way of shredding and electronic files will be deleted in their entirety.

Safeguards

  1. Safeguards– Personal information shall be protected by security safeguards appropriate to the sensitivity of the information against loss or theft, unauthorized access, disclosure, copying, use or modification.

Breaches

  1. Breaches– The AT is required to report breaches of its security safeguards and any unauthorized disclosure of, or access to, personal information to the Office of the Privacy Commissioner if the breach, disclosure, or access may pose a “real risk of significant harm” to an individual. A “real risk of significant harm” is defined as: “Bodily harm, humiliation, damage to reputation or relationships, loss of employment, business or professional opportunities, financial loss, identity theft, negative effects on the credit record and damage to or loss of property”.
  2. Reporting– The AT will report the breach or unauthorized access or disclosure to the Office of the Privacy Commissioner in the form and format specified by the Office of the Privacy Commissioner or will be subject to financial penalties.
  3. Records and Notification– In addition to reporting the breach or unauthorized access or disclosure, the AT will keep records of the breach and inform affected individuals.

Individual Access

  1. Access– Upon written request, and with assistance from the AT, an individual may be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. Further, an individual is entitled to be informed of the source of the personal information along with an account of third parties to whom the information has been disclosed.
  2. Response– Requested information shall be disclosed to the individual within 30 days of receipt of the written request at no cost to the individual, or at nominal costs relating to photocopying expenses, unless there are reasonable grounds to extend the time limit.
  3. Denial– An individual may be denied access to his or her personal information if the information:
    1. Cannot be disclosed for legal, security, or commercial proprietary purposes; or
    2. Is subject to solicitor-client privilege or litigation privilege.
  4. Reasons– Upon refusal, the AT shall inform the individual the reasons for the refusal and the associated provisions of PIPEDA.
  5. Identity– Sufficient information shall be required to confirm an individual’s identity prior to providing that individual an account of the existence, use, and disclosure of personal information.

Challenging Compliance

  1. Challenges– An individual shall be able to challenge compliance with this Policy and PIPEDA to the designated individual accountable for compliance.
  2. Procedures– Upon receipt of a complaint the AT shall:
    1. Record the date the complaint is received;
    2. Notify the Privacy Officer who will serve in a neutral, unbiased capacity to resolve the complaint;
    3. Acknowledge receipt of the complaint by way of written communication and clarify the nature of the complaint within three (3) days of receipt of the complaint;
    4. Appoint an investigator using Organization personnel or an independent investigator, who shall have the skills necessary to conduct a fair and impartial investigation and shall have unfettered access to all relevant file and personnel, within ten (10) days of receipt of the complaint;
    5. Upon completion of the investigation and within twenty-five (25) days of receipt of the complaint, the investigator will submit a written report to the AT; and
    6. Notify the complainant to the outcome of the investigation and any relevant steps taken to rectify the complaint, including any amendments to policies and procedures within thirty (30) days of receipt of the complaint.
  3. Whistleblowing– The AT shall not dismiss, suspend, demote, discipline, harass or otherwise disadvantage any director, officer, employee, committee member volunteer, trainer, contractor, and other decision-maker within the AT or deny that person a benefit because the individual, acting in good faith and on the basis of reasonable belief:
    1. Disclosed to the commissioner that the AT has contravened or is about to contravene PIPEDA ;
    2. Has done or stated an intention of doing anything that is required to be done in order to avoid having any person contravene PIPEDA ; or
    3. Has refused to do or stated an intention of refusing to do anything that is in contravention of PIPEDA .

IP Address

  1. IP Address– The AT does not collect, use or disclose personal information such as IP Addresses.

Applicable Law

  1. Applicable Law– The AT website is created and controlled by the AT in the province of Ontario. As such, the laws of the province of Ontario shall govern these disclaimers, terms and conditions in relation to the AT website or other AT publication, whether via social media or other means. The Provincial/Territorial Organization and Dojo to which a Registrant belongs may also collect and use the Registrants’ personal information in which case any such use, and these disclaimers, terms and conditions in relation thereto, shall be governed by the laws of the Province or Territory in which the Provincial/Territorial Organization in question is located.