Privacy Policy
Updated: September 9, 2020
The Foundation (“The Foundation”) is a not-for-profit charitable foundation that is focused on being a conduit to the mortgage industry to help improve our society through charitable activities with a focus on housing and homeless.
The Foundation recognizes that your right to privacy is an essential issue and understands your interest in protecting the personal information that you choose to provide through any online tools or forms provided by The Foundation. For these reasons, our privacy policy (the “Privacy Policy”) provides you with all the safeguards as standardized in the Personal Information Protection and Electronic Documents Act, 2001, c. 5 (the “PIPEDA”). It confirms our dedication to protecting your privacy and maintaining the trust that you have placed us.
A. GENERAL INFORMATION
Our Privacy Policy only applies to personal information that we collect, use or disclose in the course of our activities. As such, our Privacy Policy does not apply to the collection, use or disclosure of information that is:
- aggregated or anonymized in a manner such that it cannot be connected to an individual;
- the name, title, business address or telephone number of an employee of an organization; or
- publicly available and is specified by the
Our Privacy Policy applies to all of The Foundation’s Board of Directors, volunteers and/or employees. As well, we may enter into confidentiality or contractual agreements with third parties which are engaged to perform services on our behalf and to whom we transfer personal information for processing.
B. INTERNET USAGE
You can visit The Foundation’s website at www.MPCFoundation.ca to obtain information about it/to research its products and services/to use its on-line tools without telling it who you are or revealing any other identifiable information. We do not collect identifying information about visitors to our website. The only information we collect is non-identifying information such as the name of your Internet service provider, the type of Internet browser you use, the referring web site, the pages you requested and the date and time of those requests.
We collect this non-identifying information to create aggregate data in order to determine the level of interest in the information provided on the website and to improve the content of the website. In this regard, The Foundation may share aggregate data about its members and customers – not individual data – with partners charitable organizations and/or other parties to help them better understand MPC Foundation members and customers, and their interests. Such aggregate data is used to give MPC Foundation demographic data about its members and customers in order to improve the organization, and the programs and services we provide.
We collect this non-identifying information through the use of cookies and through our server log files, including IP Addresses. Our website does not link IP Addresses to any personally identifiable information. Cookies identify which areas of our website you have visited or customized, and make these pages readily accessible the next time you visit. If you do not want non-identifying information collected through the use of cookies, you can disable it by changing the setting of your Internet browser.
In addition, The Foundation may provide links to other websites managed by third parties/may permit third parties to offer users subscriptions/registration-based services through its website. As The Foundation cannot control or be responsible for the actions or policies of such third parties, you should check the applicable privacy policy of such third parties when visiting their websites or when providing any personal information to them. Please also note that we cannot control or prevent the use of cookies or any information obtained through cookies by such third parties.
By becoming a member of The Foundation subscription mailing list, you are giving The Foundation permission to contact you at the address, email and/or phone number provided, to the extent permitted by other applicable laws, including CASL and the Unsolicited Telecommunications Rules.
Finally, please be advised that information voluntarily disclosed online in discussion areas/other public areas of The Foundation’s website can be collected, used and disclosed by third parties. Any submissions made to discussion areas/other public areas on The Foundation’s website are done at the user’s risk and on the understanding that such information may be accessible to third parties. We cannot control and will not be liable for any damages that may arise from such user activity.
C. TEN PRINCIPLES
Our Privacy Policy is based upon and applies the ten principles of PIPEDA as follows:
1. ACCOUNTABILITY
The Foundation is responsible for personal information under its control and has designated the Executive Director as the Chief Privacy Compliance Officer accountable for its compliance with the Privacy Policy. The Chief Privacy Compliance Officer can be reached by regular mail at:
ATTENTION:
Mortgage Professionals Canada Foundation
(Privacy Office) 2005 Sheppard Ave E., Suite 401
Toronto, ON M2J 5B4
Or by e-mail at: info@mpcfoundation.ca
- To fulfill our responsibility for personal information under our control, we have implemented the following policies and practices to give effect to our Privacy Policy, including:
-
- implementing procedures to protect personal information, as discussed in section 7 below on “Safeguards”;
- developing information to explain the organization’s policies and procedures, as discussed in section 8 below on “Openness”;
- establishing procedures to receive and respond to complaints and inquiries, as discussed in sections 9 and 10 below on “Individual Access” and “Challenging Compliance”; and
- training our support team and regularly communicating information about our policies and
- We remain responsible for personal information in our possession or custody, including information that we transfer to a third party for processing. As such, we enter into confidentiality or contractual agreements with third parties requiring third parties to provide a level of security comparable to that provided under our Privacy
2. IDENTIFYING PURPOSES
We are committed to identifying the purposes for which personal information is collected at or before the time the information is collected and to documenting the purposes for which personal information is collected.
- We collect personal information for the following general purposes:
-
- to establish and maintain our mailing lists:
The Foundation may produce new products and services, such as newsletters, magazines and books; or promote new activities and events. Our mailing lists are used to inform you of these new products, services and upcoming events in which you may be interested. If you do not want The Foundation to use your personal information for these optional purposes, please contact the Chief Privacy Compliance Officer using the contact information set out in section 1. We do not sell or provide our marketing lists to third parties. - to effectively fulfill transactions:
The Foundation obtains and maintains sufficient personal information from you to complete purposes in relation to your business relationship with us. - for optional purposes:
The Foundation may wish to use or disclose the personal information you provide to offer you other products or services or allow select organizations to offer you other products and services. The collection, use and disclosure of your personal information for such additional purposes is entirely optional and not required as a condition of membership. You may decline or withdraw your consent at any time to the extent permitted by other applicable laws, including CASL and the Unsolicited Telecommunications Rules, by contacting our Chief Privacy Compliance Officer. We do not sell or provide our mailing lists to third parties.
- to establish and maintain our mailing lists:
We will not use previously collected personal information for a new purpose without first identifying the new purpose and obtaining your consent for the new use, unless otherwise permitted by law.
3. CONSENT
We are committed to obtaining your consent for the collection of your personal information and the subsequent use or disclosure of this information, unless otherwise permitted by law. To this end, our volunteers and/or employees are instructed to provide information about how we use personal information to all individuals who inquire, as well as obtain the consent of those who provide their personal information.
- In obtaining consent, we make a reasonable effort to ensure that you are advised, in a manner that can be reasonably understood, of the purposes for which the information will be used.
- You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting The Foundation’s Chief Privacy Compliance Officer at the address set out in Section
- Please be advised that at no time does your relationship with us require that you provide us with your personal information if you do not wish to. We will only require you to consent to the collection, use or disclosure of personal information as a condition to our providing products or services to you if such collection, use or disclosure is required in order to fulfill the identified purposes.
Note: In certain circumstances personal information can be collected, used or disclosed without your knowledge and consent. For example, legal, medical or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking consent might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate if you were a minor, seriously ill, or mentally incapacitated. In addition, we may not be able to seek consent if we do not have a direct relationship with you. For example, seeking consent may be impractical for a charity or a direct-marketing firm that wishes to acquire a mailing list from another organization. In such cases, the organization providing the list would be expected to obtain your consent before disclosing personal information.
4. LIMITING COLLECTION
We limit the collection of personal information to that which is necessary for the general purposes noted above in section 2 on “Identifying Purposes”, and only by fair and lawful means.
- We do not collect personal information indiscriminately. Both the amount and the type of information we collect is limited to that which is necessary to fulfill the general purposes noted above in section 2 on “Identifying Purposes”.
5. LIMITING USE, DISCLOSURE AND RETENTION
We do not use or disclose personal information for purposes other than those for which it was originally collected, except with your consent or as otherwise permitted by law. In addition, we retain personal information only as long as necessary for the fulfillment of those purposes.
- Please note that PIPEDA permits us to disclose your personal information without your knowledge or consent for the purpose of collecting a debt owed by you to
- We will retain personal information that has been used to make a decision about you for as long as is necessary to allow you access to the information after the decision has been
- We will retain personal information that is the subject of a request for as long as is necessary to allow you to exhaust any recourse under PIPEDA that you may
6. ACCURACY
We are committed to maintaining as accurate, complete and up-to-date personal information as is necessary for the purposes for which it is to be used. If you are aware of changes to the personal information you have given us, simply write or email us at the address set out in Section 1 above regarding the changes and we will update our records accordingly.
- In determining the extent to which personal information shall be accurate, complete and up-to- date, we will take into account the use of the information and your We will also seek to minimize the possibility that inappropriate or incorrect information may be used to make a decision about you.
- We will not routinely update personal information, unless it is necessary to fulfill the purposes for which the information was collected or we receive notification from you to do
7. SAFEGUARDS
We have developed and implemented security safeguards commensurate to the level of sensitivity of the personal information to protect the personal information.
- We have implemented security safeguards to protect personal information against such risks as loss or theft, as well as unauthorized access, disclosure, copying, use or
- The Foundation protects personal information with physical security measures, such as locked filing cabinets and restricted access to areas where personal information is
- The Foundation protects personal information with organizational security measures, such as limiting access on a “need-to-know” In addition to ensuring our volunteers/employees are aware of the importance of maintaining the confidentiality of your personal information, we also enter into confidentiality or contractual agreements with third parties to whom we provide your personal information.
- The Foundation uses technological security measures, including passwords and encryption, to prevent unauthorized access to personal information stored on computer
- When disposing of or destroying personal information which is no longer needed, The Foundation ensures that appropriate measures are taken regarding the disposal or destruction so as to prevent unauthorized parties from gaining access to the personal
8. OPENNESS
We make specific information about our policies and practices relating to the management of your personal information readily available to you.
- The Foundation is pleased to answer any questions that you may have regarding its policies and practices with respect to the management of personal information. Please forward any questions in writing or email to the address set out in Section 1
- The Foundation makes information about its policies and practices easy to understand by including:
- the name or title, and address, of the person accountable for its compliance with the Privacy Policy and to whom inquiries or complaints can be forwarded;
- the means of gaining access to personal information held by The Foundation;
- a description of the type of personal information held by The Foundation, including a general account of its use;
- a copy of any brochures or other information that explain The Foundation’s policies, standards or codes; and
- what personal information is made available to related
9. INDIVIDUAL ACCESS
Upon receipt of a written request, we will inform you of the existence, use and disclosure of your personal information and will give you access to that information. You will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
- Upon receipt of your written request, we will provide an account of the use that has been made or is being made of your personal information and an account of the third parties to which it has been disclosed. When it is not possible to provide a list of the third parties to which we have actually disclosed your personal information, we will provide a list of organizations to which we may have disclosed your personal
- In responding to your written request, we may require you to provide sufficient information to permit us to verify your identification before we provide an account of the existence, use and disclosure of your personal information. Please forward your request in writing or email to the address set out in Section 1
- Within 30 days after receipt of your written request, we will either respond to your query or send you a notice of extension, advising you of the new time limit, the reasons for extending the time limit and your right to make a complaint to the Commissioner. We may extend the time limit for a maximum of 30 days if meeting the time limit would unreasonably interfere with our activities or is impracticable because we need to undertake consultations necessary to respond to your query. Or, we may extend the time limit for whatever period is necessary to convert the personal information into an alternative
- We will respond to your written request at no or minimal cost to you. If there is a cost involved for the transcription, reproduction or transmission of your personal information, we will inform you of the approximate cost beforehand and will only proceed if you have advised us that the request is not being
- The requested information will be provided or made available in a form that is generally understandable. For example, if we use abbreviations or codes to record information, we will provide an explanation of such abbreviations or
- When the accuracy or completeness of your personal information is successfully challenged, we will amend your personal information as required. Any unresolved challenges will be recorded in your file. Where appropriate, the amended information or the existence of the unresolved challenge will be transmitted to third parties having access to the information in
- In certain situations, we may not be able to provide access to all the personal information we hold about you. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege. The reasons for denying access will be provided to you upon request, along with any recourse that you may have under
10. CHALLENGING COMPLIANCE
As noted above, The Foundation is responsible for personal information under its control and has designated its Chief Privacy Compliance Officer as the person accountable for its compliance with the Privacy Policy. A challenge concerning compliance with PIPEDA can be addressed to The Foundation’s Chief Privacy Compliance Officer at the address provided in Section 1 above.
- We have procedures in place to receive and respond to complaints or inquiries about our policies and practices relating to the handling of personal
- We inform individuals who make inquiries or lodge complaints of the existence of the existence of relevant complaint
- We investigate all If a complaint is found to be justified, then we take appropriate measures to resolve the matter including, if necessary, amending our policies and practices.
- We reserve the right to seek legal advice where appropriate before providing a final response to inquiries or
D. CHANGES TO PRIVACY POLICY
We reserve the right to modify our Privacy Policy at our sole discretion. In particular, the Chief Privacy Compliance Officer will periodically review and modify our Privacy Policy in response to developments and changes in privacy law. Any modifications shall be effective immediately upon its publication by any means, including posting on this website. You agree to regularly review our Privacy Policy posted at this website, be aware of any modifications and be bound by the same.