The Canadian Medical Foundation (CMF) is a registered Canadian Charity with a history of collaboration with like-minded individuals and corporations.
This Policy applies to all personal information that has been or will be collected, used and disclosed by CMF.
What do we mean by ‘Personal Information’?
Throughout this Policy, we discuss “personal information”, and it is important from the outset to set out what we mean by this term. “Personal information” is defined as information about an identifiable individual. In general, business contact information used for business purposes is not considered personal information.
Why does CMF collect, use and disclose personal information?
CMF collects, uses and discloses personal information only for purposes that a reasonable person would consider appropriate in light of the circumstances. CMF will identify the purposes for which personal information is collected, used or disclosed at or before the time such information is collected, used or disclosed. Unless an exception to consent exists in applicable privacy laws, personal information will only be collected, used or disclosed with the individual’s consent, which may be express or implied depending on the level of sensitivity of the information. Following are examples of the purposes for which CMF collects, uses and discloses personal information:
What Types of Personal Information does CMF collect, use and disclose?
Primarily, CMF collects and uses personal information about its donors, recipients and volunteers. CMF may also obtain and process personal information about individuals who attend CMF or CMF sponsored events.
Additionally, the CMF logs http requests to our server. These logs capture computer information, navigation and clickstream data.
Some of the information collected does not identify individuals. Other information, such as your domain name or IP address, may identify a person depending on the naming standards followed by Internet service providers (ISPs). Individuals may wish to ask them about their policies and practices.
The information CMF may capture may include the following:
Withdrawal of Consent
An individual may withdraw consent to the collection, use or disclosure of his or her personal information at any time, subject to legal or contractual restrictions and reasonable notice to CMF. Any request for withdrawal of consent shall promptly be referred to the Privacy Officer (details listed at the bottom of this Policy).
Privacy Practices and safeguards:
Personal information gathered by our organization is protected by CMF against such risks as loss, theft, unauthorized access, disclosure, copying, use, modification or destruction through appropriate practices and security measures. Technical, physical and organizational safeguards are in place to ensure that the information is not disclosed or shared more widely than is necessary to achieve the purpose for which it was collected. We also take measures to ensure that the integrity of this information is maintained and is not lost or destroyed.
Physical and Organizational Controls
CMF’s representatives are authorized to access personal information based only on their need to deal with the information for the reason(s) for which it was collected. The CMF utilizes a password protected state-of-the-art cloud-based information systems and limits access to those CMF staff and agents with only direct need to the information.
CMF uses commercially available levels of security that have become standard for e-commerce-enabled Websites or sites that collect private information from users such as credit card numbers, account numbers or passwords. CMF’s Website uses industry standard security protocols such as “Secure Sockets Layer” (SSL). The encryption being provided under this protocol is a 64-bit encryption. CMF also uses passwords and access codes for anyone wishing to view personal and other information we receive when a product or service is requested and paid for online, or when an online donation is made. CMF’s security systems are routinely updated to maximize protection of such information.
For the purpose of fundraising and data collection, personal information gathered by CMF is sometimes provided to suppliers, such as mail distribution centres and data base management companies. All outside suppliers for CMF are required to sign a privacy agreement which states that the supplier is complying in full with applicable privacy laws and has appropriate safeguards in place for the protection of the personal information, the treatment of the personal information complies with the terms of the privacy agreement, and outlines the contact person at the supplier for details regarding the supplier’s privacy policies and practices. CMF uses third party suppliers that may be located outside of Canada or that may transfer your personal information outside of Canada, in which case the personal information may be accessible to law enforcement or other authorities in such countries.
Access to, and/or Correction of, Personal Information
CMF will make reasonable efforts to ensure that any personal information collected, used or disclosed by or on its behalf is accurate and complete to the extent that is reasonable for its purpose in collecting, using or disclosing the information. CMF will ensure that:
Automated technologies or interactions
As you interact with our Website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this information by using cookies, server logs and other similar technologies.
Where applicable and unless exempt from such requirements, CMF complies with Canada’s Anti-Spam Legislation (CASL) including requesting “opt-in” consent from recipients to be able to send electronic messages to our customers, donors, members and others.
CMF regularly reviews our corporate security systems especially as they relate to privacy.
CMF has designated the President and Chief Executive Officer as the Chief Privacy Officer.