Policy on Privacy
Purpose and Scope
This policy relates to the collection and management of all members’ personal information during the course of their activities. Information that may not be in the custody of the Institute but which has been transferred to a third party shall be treated by that third party in a way that is consistent with the Institute’s privacy obligations to its members.
It outlines the Institute’s general practices concerning the collection, use, disclosure, retention and destruction of personal information and is consistent with the requirements of Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and analogous provincial privacy legislation in the provinces of Alberta, Québec and British Columbia (the “Provincial Acts”)
Its purpose is to provide guidelines which balance both the right of all members to protect their personal information and the Institute’s need to collect and use personal information for representational purposes, to further its members’ interests or as authorized or required by law.
Commitment to the Protection of Privacy
The Professional Institute of the Public Service of Canada (the Institute) is committed to protecting the privacy, accuracy and security of both Institute and Rand Employee (RM) members’ personal information by adhering to the highest standards of confidentiality.
Personal information refers to information about an identifiable individual, but it does not include the name, title, PIPSC membership class, business address or telephone number of an employee of an organization
Privacy Officer refers to a designated staff position as identified by the COO
Officer, for the purpose of this policy, refers to all individuals identified as officers in the Institute by-laws, as well as any PIPSC members elected to serve on a constituent body executive.
Institute Member, for the purpose of this policy, refers to all categories of members found in article 6 of the Institute By-Laws and Regulations.
Rand Employee Member, for the purpose of this policy, refers to a public service employee part of a bargaining unit represented by the Institute but who has not signed up for membership with the Institute.
PIPSC shall obtain the consent of all members (PIPSC or RM) before collecting their personal information, except where obtaining consent is impractical and collection is otherwise authorized by law.
All members providing information to the Institute after seeking assistance in matters related to collective bargaining or collective agreement administration, including the investigation and resolution of labour relations issues, will be deemed to have consented.
All members may refuse to give consent or may withdraw consent by providing written notice to PIPSC’s Privacy Officer, subject to legal restrictions on such refusal or withdrawal. Where consent is refused or withdrawn, it is done on the understanding that such refusal or withdrawal may impact the representational services that PIPSC is able to provide and may ultimately cause PIPSC to withdraw such representational services. PIPSC will not withdraw its representational services without reasonable notice to the member.
Collection, Use and Disclosure
PIPSC may collect and use the personal information of all members where such collection and use is necessary for PIPSC, its officers and employees to fulfill their respective duties, and/or to advance PIPSC’s purpose and mandate and its various collective agreements, and/or where such collection and use is in the best interest of PIPSC and its members.
In the course of its business and in order to maintain the highest quality of service to PIPSC members and, on occasion, RM members, PIPSC will be required to collect certain personal information in order to:
1. Carry out its representational obligations;
2. Maintain a complete record or its membership;
3. Investigate and settle grievances, appeals, claims, etc.;
4. Collect and manage membership dues;
5. Assist in representing its members with respect to employment under the collective agreement;
6. Verify eligibility for strike pay and benefits;
7. Provide information about membership programs and benefits;
8. Administer the business of the union and constituent body;
9. Provide internet based information (e.g. address changes, email bulletin, general meetings and conference registration);
10. Develop and offer training and professional development;
Only information that is required for the provision of services or the fulfilment of PIPSC’s mandate will be collected. If members’ personal information is needed for any purposes other than those set out above, PIPSC will not use or disclose it without obtaining additional consent from PIPSC and RM members unless authorized or required by law.
PIPSC strives to ensure that the personal information it has on file is accurate and as up-to-date as necessary for the identified purposes for which it is to be used. Individuals are encouraged to make corrections to any personal information that is found to be inaccurate by contacting the Privacy Officer.
PIPSC members are, upon request to the Privacy Officer, entitled to access and review information held by PIPSC in accordance with the principles of PIPEDA and other applicable legislation
Safeguarding and Destruction
PIPSC shall maintain appropriate policies, procedures and safeguard protecting personal information of members that it collects from loss, theft, copying, and unauthorized access. Individuals having access to personal information will maintain confidentiality and will not disclose the personal information of any members to third parties without their consent, except where disclosure is reasonably necessary to further the interests of PIPSC’s membership, to preserve health and safety and/or as authorized or required by law.
PIPSC will maintain electronic and/or paper records and will preserve the confidentiality of such records by employing reasonable and appropriate physical and technological safeguards. Periodically, PIPSC will review its records and only retain records where necessary or prudent to further the interests of PIPSC members, or where the retention of records is required by law. Where records do not need to be retained, the original records will be either returned destroyed. Destruction of records will be done in a manner that is consistent with this Policy and any applicable legislation.
PIPSC does not seek to collect information that can personally identify website visitors, except when such information is provided on a voluntary basis such as registering for a mailing.
PIPSC reserves the right to amass non-personal information in order to perform behavioural analysis in order to improve the user’s experience. Such data is generally automatically collected through small files known as “cookies” or other electronic means. Users are able to disable, delete or alter the use of “cookies” through their browser.
If members have any questions, concerns or complaints related to this policy, they are encouraged to contact the Privacy Officer in writing.
Relevant legislation and regulations:
2. Privacy Officer coordinates