SPARK NOVA SCOTIA STARTUP COMPETITION
Privacy, Confidentiality and Security Policy
The Nova Scotia Association of Community Business Development Corporations (“NS Association of CBDCs”), together with marketing service provider Nava Marketing Inc., and supported by the Atlantic Canada Opportunities Agency (“ACOA”), collectively referred to as Spark Nova Scotia (“Spark”) supports innovation and entrepreneurship by providing financing and strategy for entrepreneurs, and, further to the purpose of this website (www.sparknovascotia.com), business funding through the Spark Nova Scotia Startup Competition.
1.0.0 General Privacy Statement
The NS Association of CBDCs (The Association) recognizes the importance of privacy and the sensitivity of personal information. The Association has an obligation to keep confidential all information by which individuals can be identified. The Association is committed to protecting personal information it collects and holds.
1.1.0 Privacy Rights
From January 1, 2004, all businesses engaged in commercial activities must comply with the Personal Information Protection and Electronic Documents Act, and the Canadian Standards Association Model Code for the Protection of Personal Information, which it incorporates. The Act protects individuals’ rights concerning the privacy of personal information. The Association is responsible for the personal information it collects and maintains. To ensure their compliance, the Association has developed this policy.
The Association has developed Ten Privacy Principles and has designated an individual who is accountable for compliance with the Ten Privacy Principles. The Association will also train its Directors and employees about these policies and practices.
1.2.0 Personal Information
Personal information is any information by which an individual can be identified
1.2.1 Collecting personal information
Information can only be collected by lawful and fair means and not in an unreasonably intrusive way. Wherever possible, personal information shall be collected directly from the client.
The Association will ask the client to specifically consent to the collection, use, and disclosure of the client’s personal information. This consent will normally be obtained in writing, but in some circumstances, depending on the nature of the information, the client’s oral consent may be sufficient. Consent may be implied through client conduct.
1.4.0 Use of Client’s Personal Information
Personal information is collected to allow the Association to provide advice and services to the client, and to provide information to the client from time to time. If the client informs the Association that he/she no longer wishes to receive information about CBDC services or otherwise, the client will be removed from the CBDC mailing list.
1.4.1 Disclosure of Personal Information
The Association will not disclose the client’s personal information to any third party except in limited circumstances. When programs require the collection and sharing of personal information, the Association must obtain the client’s consent in writing during the application process. The Association can disclose client personal information when:
• required or authorized by law to do so;
• the client has consented to the disclosure;
• it is necessary in order to engage a third party to provide administrative services to us (like computer back-up services or archival file storage); or
• the information is already publicly known.
1.4.2 Retention of Personal information
The Association receives funding from the Atlantic Canada Opportunities Agency (ACOA), the Province of Nova Scotia and certain other government organizations. The terms of our agreements with those organizations require that the Association maintain the information that we collect for a period of not less than seven years from the date of the project completion.
1.5.0 Correcting Errors
If the Association holds information about the client and the client can establish that it is not accurate, complete and up-to-date, the Association will take reasonable steps to correct it.
1.5.1 Updating Client Information
The Association may use personal information to provide services to the client, it is important that the information be accurate and up-to-date. If during the course of providing service to the client, any of the client’s information changes and the client notifies the Association of this change, the Association will make the necessary changes.
1.6.0 Securing Personal Information
The Association will take all reasonable precautions to ensure that a client’s personal information is kept safe from loss, unauthorized access, modification or disclosure. Among the steps taken to protect the client’s information are:
• premises security;
• restricted access to personal information;
• deploying technological safeguards like security software and firewalls to prevent hacking or unauthorized computer access;
• internal password and security policies.
1.7.0 Client Access to Personal Information
The client may ask for access to any personal information held about him/her. Summary information must be available on request. The Association has the right to be reimbursed for copying charges if copies of the information held are requested by the client.
1.7.1 Denying Access to Personal Information
Client access to personal information is not absolute. Access may be denied when:
• denial of access is required or authorized by law;
• granting access would have an unreasonable impact on other people’s privacy;
• to protect the Association’s rights and property;
• where the request is frivolous or vexatious.
If the client is denied a request for access to, or refused a request to correct information, the Association must explain why.
E-mail is not a 100% secure medium. Clients must be informed of this when contacting the Association to send personal or confidential information.
1.9.0 Requests for Access
If the client has questions, or wishes to access his/her personal information, they should be advised to write to the appointed Privacy Contact, below. If the client is not satisfied with Association’s response, he/she should be advised to contact the Privacy Commissioner of Canada.
Erinn Smith, Executive Director, NS Association of CBDCs
12280 Hwy 224, Unit 5, Middle Musquodoboit, NS B0N 1X0
Ph: (902) 384-3346; E-mail: firstname.lastname@example.org