Tourism Industry Association of Alberta (TIAA)
PERSONAL INFORMATION PROTECTION POLICY
TIAA’s is Committed to Privacy
The Tourism Industry Association of Alberta, hereinafter referred to as “TIAA”, is committed to safeguarding the personal information entrusted to us by our members. TIAA manages your personal information in accordance with Alberta’s Personal Information Protection Act and other applicable laws. This policy outlines the principles and practices we follow in protecting your personal information. This policy applies to TIAA and any person providing services to members on our behalf. A copy of this policy can be provided to any member of TIAA on request.
What is Personal Information?
Personal information means information about an identifiable individual. This includes an individual’s name, home address and phone number, age, sex, marital or family status, an identifying number, financial information, educational history, etc. TIAA informs its members before, or at the time of collecting personal information, of the purposes for which it is collecting information. However, TIAA doesn’t provide this notification when a member volunteers information for an obvious purpose (eg. producing a credit card to pay for membership dues when the information will be used only to process a payment). Personal information collected may be used for purposes such as:
- to support TIAA membership application or renewal processes;
- to ensure TIAA can deliver a robust website experience that supports member interests and supports future organizational planning efforts;
- to advise members of upcoming meetings, workshops and seminars delivered by TIAA or other organizations that would be considered of general interest to TIAA members;
- to assist with supporting payment for seminars, workshops, special events, membership dues and other aspects associated with your membership;
- to conduct research and analyze member demographics to support future planning efforts;
- to ensure responsiveness in communications to member concerns, or suggestions;
- to determine member satisfaction with TIAA program and services; and,
- to ensure provincial and federal requirements have been met.
TIAA asks for consent to collect, use or disclose client personal information, except in specific circumstances where collection, use or disclosure without consent is authorized or required by law. TIAA may assume your consent in cases where you volunteer information for an obvious purpose. TIAA may ask for your express consent for some purposes and may not be able to provide certain services if you are unwilling to provide consent to the collection, use or disclosure of certain personal information. In cases that do not involve sensitive personal information, we may rely on “opt-out” consent. For example, TIAA may disclose your contact information to other organizations that we believe may be of interest to you, unless you request that we do not disclose your information. As standard practice, you will be asked to provide consent when joining TIAA as a member by checking the appropriate box on the TIAA membership application form.
A member may withdraw consent to the use and disclosure of personal information at any time, unless the personal information is necessary for TIAA to fulfil its legal obligations. TIAA will respect your decision, but may not be able to provide you with certain products and services if we do not have the necessary personal information. TIAA may collect, use or disclose client personal information without consent only as authorized by law. For example, TIAA may not request consent when the collection, use or disclosure is reasonable for an investigation or legal proceeding, to collect a debt owed to our organization, in an emergency that threatens life, health or safety, or when the personal information is from a public telephone directory.
How Does TIAA Use and Disclose Personal Information?
TIAA uses and discloses client personal information only for the purposes for which the information was collected, except as authorized by law. The law also allows TIAA to use member contact information for the purpose of collecting a debt owed to our organization, should that be necessary. If TIAA wishes to use or disclose your personal information for any new business purpose other than to support the aims of the mission, vision and mandate of the association as articulated in the member Bylaws, TIAA will ask for your consent.
How Does TIAA Safeguard Personal Information?
TIAA undertakes to ensure that member information is accurate and complete. TIAA relies on its members to notify us when there is a change to their personal information that may affect their relationship with our association. If you are aware of an error in our information concerning you, please advise TIAA and we will correct it in a timely manner. In some instances, we may require a written request for correction. TIAA takes all reasonable efforts to protect sensitive personal information. TIAA also takes every reasonable effort to prevent against the loss, misuse, disclosure or modification of personal information, as well as unauthorized access to personal information. TIAA will notify the Office of the Information and Privacy Commissioner of Alberta promptly of any security breach that affects personal information if it presents a significant risk of harm to an individual, or the TIAA membership as a whole. TIAA retains personal information only as long as is reasonable to fulfil the purposes for which the information was collected, or for other legal or business needs. TIAA destroys records containing personal information once the information is no longer needed. TIAA further employs security measures to ensure the confidentiality and protection of member information, including shredding paper records and permanently deleting electronic records.
Access to Records Containing Personal Information
TIAA members have a right of access to their own personal information in a record that is in our custody or under our control, subject to some exceptions. For example, organizations are required under the Personal Information Protection Act to refuse to provide access to information that would reveal personal information about another individual. Organizations are authorized under the Act to refuse access to personal information if disclosure would reveal confidential business information. Access may also be refused if the information is privileged or contained in mediation records.
If TIAA refuses a request in whole or in part, we will provide the reasons for the refusal. In some cases where exceptions to access apply, we may withhold that information and provide you with the remainder of the record.
You may make a request for access to your personal information by writing to TIAA’s Privacy Officer to ensure compliance with PIPA. You must provide sufficient information in your request to allow us to identify the information you are seeking.
You may also request information about TIAA’s use of your personal information and any disclosure of that information to persons outside our organization. You may also request a correction of an error or omission in your personal information. TIAA will respond to your request within 45 calendar days, unless an extension is granted. We may charge a reasonable fee to provide information, but not to make a correction. We will advise you of any fees that may apply before beginning to process your request.
Questions and Complaints
If you have a question or concern about any collection, use or disclosure of personal information by TIAA, or about a request for access to your own personal information, please contact TIAA’s Privacy Officer to ensure compliance with PIPA in the first instance:
Tourism Industry Association of Alberta
Contact Information – firstname.lastname@example.org
If you are not satisfied with the response you receive, you should contact the Information and Privacy Commissioner of Alberta:
Office of the Information and Privacy Commissioner of Alberta
Suite 2460, 801 - 6 Avenue, SW Calgary, Alberta T2P 3W2
Phone: 403-297-2728 Toll Free: 1-888-878-4044
E-mail: email@example.com Website: www.oipc.ab.ca
Policy Last Revised: October 15, 2019