In accordance with applicable laws, Eagle Ridge Bible Fellowship is committed to protecting the privacy of its members, adherents, donors, volunteers, employees, directors, officers and any other persons about or from whom the Church collects personal information. The Church embraces the principles of the Canadian Standards Association Model Code for the Protection of Personal Information (
link) to ensure that all personal information is properly collected, used only for the purposes for which it is collected and is disposed of in a safe and timely manner when no longer required.
Definitions
Personal Information - Information about an identifiable individual. Personal information includes information that relates to their personal characteristics (e.g. gender, age, income, home address, home phone number, ethnic background, family status, etc.), their health (history, conditions), or their activities and views. Personal information, however does not include contact information
Contact Information - Information that would enable an individual to be contacted at a place of business and includes name, position name or title, business telephone number, business address, business email or business fax number. Contact information is not covered by this policy or BC privacy legislation (PIPA).
1) Accountability
The Church is responsible for maintaining and protecting the personal information under its control. The Church has appointed a shared Privacy Officer role which is responsible to ensure that the Church complies with its privacy obligations in accordance with applicable privacy laws.
Roles for the shared Officer are:
- Church Administrator - point of contact for office/paper/financial issues and "in-person" interaction. Currently Cindy Hardin.
- Website Data Manager - contact for on-line instances, regular data management and inquiries. Currently Dave Heinrichs.
- One or more elected member(s) of the leadership board. Currently Craig Bowers.
2) Identifying Purposes
The Church collects and uses personal information for a variety of purposes including, but not limited to:
- providing services to individuals ministered to by the Church
- establishing and maintaining members lists;
- managing payroll and benefits;
- employee performance evaluations;
- establishing and maintaining lists of donors.
The Church shall identify and explain the purposes for which it collects personal information, to the person from whom the personal information is being collected, before or at the time the information is collected.
3) Consent
Consent will be obtained from the person whose personal information is collected, used and disclosed, unless obtaining the consent would be inappropriate or not required by law. Sometimes the person's consent may be implied by virtue of their membership in the Church or because of the person's conduct within the Church. When it is appropriate, written consent will be obtained.
Written consents will be kept on file for as long as the information is reasonably necessary. A person may withdraw his or her consent at any time, subject to legal or contractual restrictions and reasonable notice. The person will be informed of reasonably foreseeable implications of the withdrawal.
Consent can be provided orally, in writing, electronically, through an authorized representative or it can be implied where the purpose for collecting, using or disclosing the personal information would be considered obvious and the staff/adherent/member voluntarily provides the personal information for that purpose.
Consent may also be implied where a member/adherent/staff is given notice and a reasonable opportunity to opt-out of his or her personal information being used for a stated purposes, and the staff/adherent/member does not opt-out.
4) Limiting Collection
Information collected will be limited to that required for the purpose or purposes identified by the Church. The Church is committed to collection of personal information in a fair, open and lawful manner.
5) Limiting Use, Disclosure and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the person or as required by law. All collected personal information shall be destroyed, erased or made anonymous as soon as the purpose for which it was collected is no longer relevant, or as permitted by the law. Nothing in this Privacy Policy prevents the Leadership Board or pastoral staff from collecting, retaining and using information related to individuals ministered to by the Church, since such information assists in providing quality services to those ministered to.
Data is reviewed annually as part of the membership assessment process (add link when possible to do so).
6) Accuracy
Personal information shall be maintained in as accurate, complete and up-to-date a form as necessary in order to fulfill the purposes for which it was collected.
7) Safeguards
Personal information will be protected by security safeguards that are appropriate to the sensitivity of the personal information. This safeguarding could include physical measures such as locked filing cabinets and premises security, organizational measures such as restricted access to files with personal information or technological measures such as security software.
8) Openness
Information regarding the privacy policy of the Church, as well as the personal information management, shall be available as requested. The information will include:
- Name and address of the Privacy Officer(s) and/or designates
- Means of gaining access to personal information held by the Church
- Copy of any brochures or other information that explains the Church's policies, standards or codes
- Access to Personal Information
9) Access to Personal Information
Access will be granted, where the Church is legally required to release the information and provided that the disclosure does not violate any applicable statues or contracts, to the person to whom the information pertains where there is an appropriate written request. The existence, use and disclosure of the personal information will be granted within a reasonable period of time. Any inaccuracies or incompleteness of personal information will be amended as required.
10) Challenging Compliance
Complaints or inquiries about the collection, use, disclosure or retention of personal information and the Church's compliance with these ten principles should be directed to the Privacy Officer. The Privacy Officer will investigate complaints and ensure that appropriate measure are taken.