Personal Information Protection and Electronic Documents Act (PIPEDA)
personal information means information about an identifiable individual while record includes any correspondence, memorandum, book, plan, map, drawing, diagram, pictorial or graphic work, photograph, film, microform, sound recording, videotape, machine-readable record and any other documentary material, regardless of physical form or characteristics, and any copy of any of those things.
Ⅱ Division 1
1.Appropriate purpose- Eduwonka shall collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances.
2. Valid Consent- For the purposes of clause 4.3 of Schedule 1, the consent of an individual is only valid if it is reasonable to expect that an individual to whom Eduwonka’s activities are directed would understand the nature, purpose and consequences of the collection, use or disclosure of the personal information to which they are consenting.
3. Collection without knowledge or consent For the purpose of clause 4.3 of Schedule 1, and despite the note that accompanies that clause, Eduwonka may collect personal information without the knowledge or consent of the individual only if
(a) the collection is clearly in the interests of the individual and consent cannot be obtained in a timely way;
(b) it is reasonable to expect that the collection with the knowledge or consent of the individual would
Disclosure without knowledge or consent- Eduwonka shall adhere to clause 4.3 of Schedule 1, and despite the note that accompanies that clause, will disclose personal information without the knowledge or consent of the individual only if the disclosure is
(a) made to, in the Province of Quebec, an advocate or notary or, in any other province, a barrister or solicitor who is representing Eduwonka;
(b) required to comply with a subpoena or warrant issued or an order made by a court, person or body with jurisdiction to compel the production of information, or to comply with rules of court relating to the production of records;
(b.1) made to a government institution or part of a government institution that has made a request for the information, identified its lawful authority to obtain the information and indicated that Use without consent- Despite clause 4.5 of Schedule 1, Eduwonka may use personal information for purposes other than those for which it was collected in any of the circumstances set out in subsection (2). Disclosure without consent- Despite clause 4.5 of Schedule 1, Eduwonka may disclose personal information for purposes other than those for which it was collected in any of the circumstances set out in paragraphs
(3)(a) to (h.1).
4. Written request
A request under clause 4.9 of Schedule 1 must be made in writing.
Assistance- Eduwonka shall assist any individual who informs the organization that they need assistance in preparing a request to Eduwonka.
Time limit-Eduwonka shall respond to a request with due diligence and in any case not later than thirty days after receipt of the request.
Extension of time limit- Eduwonka may extend the time limit
(a) for a maximum of thirty days if
(i) meeting the time limit would unreasonably interfere with the activities of Eduwonka, or
(ii) the time required to undertake any consultations necessary to respond to the request would make the time limit impracticable to meet; or
(b) for the period that is necessary in order to be able to convert the personal information into an alternative format.
In either case, Eduwonka shall, no later than thirty days after the date of the request, send a notice of extension to the individual, advising them of the new time limit, the reasons for extending the time limit and of their right to make a complaint to the Commissioner in respect of the extension. Costs for responding- Eduwonka may respond to an individual’s request at a cost to the individual only if Eduwonka has informed the individual of the approximate cost; and the individual has advised Eduwonka that the request is not being withdrawn.
When access prohibited- Despite clause 4.9 of Schedule 1, Eduwonka shall not give an individual access to personal information if doing so would likely reveal personal information about a third party. However, if the information about the third party is severable from the record containing the information about the individual, Eduwonka shall sever the information about the third party before giving the individual access.
Sensory disability- Eduwonka shall give access to personal information in an alternative format to an individual with a sensory disability who has a right of access to personal information under this Part and who requests that it be transmitted in the alternative format if
(a) a version of the information already exists in that format; or
(b) its conversion into that format is reasonable and necessary in order for the individual to be able to exercise rights under this Part.
Ⅲ Division 1.1
Breaches of Security Safeguards
Notification to the individual- Unless otherwise prohibited by law, Eduwonka shall notify an individual of any breach of security safe-guards involving the individual’s personal information under Eduwonka’s control if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to the individual.
Content of notification- The notification shall contain sufficient information to allow the individual to understand the significance to them of the breach and to take steps, if any are possible, to reduce the risk of harm that could result from it or to mitigate that harm. It shall also contain any other prescribed information.
Form and manner- The notification shall be conspicuous and shall be given directly to the individual in the prescribed form and manner, except in prescribed circumstances, in which case it shall be given indirectly in the prescribed form and manner.
(Definition of significant harm- For the purpose of this section, significant harm includes bodily harm, humiliation, damage to reputation or relationships, loss of employment, business or professional opportunities, financial loss, identity theft, negative effects on the credit record and damage to or loss of property.)
Real risk of significant harm — factors- The factors that are relevant to determining whether a breach of security safeguards creates a real risk of significant harm to the individual include (a) the sensitivity of the personal information involved in the breach; (b) the probability that the personal information has been, is being or will be misused; and any other prescribed factor.
Notification to organizations-When Eduwonka notifies an individual of a breach of security safeguards under subsection 10.1(3), it shall notify any other organization, a government institution or a part of a government institution of the breach if the notifying organization believes that the other organization or the government institution or part concerned may be able to reduce the risk of harm that could result from it or mitigate that harm, or if any of the prescribed conditions are satisfied.
Records- Eduwonka shall, in accordance with any prescribed requirements, keep and maintain a record of every breach of security safeguards involving personal information under its control.
Ⅳ SCHEDULE 1
Principles Set Out in the National Standard of Canada Entitled Model Code for the Protection of Personal Information, CAN/CSA-Q830-96
Principle 1 — Accountability
Eduwonka is responsible for personal information under its control and shall designate an individual(s) who are accountable for the organization’s compliance with the following principles.
1.1 Accountability for Eduwonka’s compliance with the principles rests with the designated individual(s), even though other individuals within Eduwonka may be responsible for processing of personal information.
1.2 The identity of the individual(s) designated by Eduwonka to oversee the compliance with the principles shall be made known upon request.
1.3 Eduwonka is responsible for personal information in its possession or custody, including information that has been transferred to a third party for processing. Eduwonka shall use contractual or other means to provide a comparable level of protection while the information is being processed by a third party.
1.4 Eduwonka shall implement policies and practices to give effect to the principles, including
(a) implementing procedures to protect personal information; (b) establishing procedures to receive and respond to complaints; (c) training staff and communicating to staff information about Eduwonka’s policies and practices
Principle 2 — Identifying Purposes
The purposes for which personal information is collected shall be identified by Eduwonka at or before the time the information is collected.
2.1 Eduwonka shall document the purposes for which personal information is collected in order to comply with the Openness principle (Clause 4.8) and the Individual Access principle (Clause 4.9).
2.2 Identifying the purposes for which personal information is collected at or before the time of collection allows Eduwonka to determine the information they need to collect to fulfil these purposes. The Limiting Collection principle (Clause 4.4) requires an organization to collect only that information necessary for the purposes that have been identified.
2.3 The identified purposes should be specified at or before the time of collection to the individual from whom the personal information is collected.
2.4 When personal information that has been collected is to be used for a purpose not previously identified, the new purpose shall be identified prior to use. Unless the new purpose is required by law, the consent of the individual is required before information can be used for that purpose. For an elaboration on consent, please refer to the Consent principle (Clause 4.3).
2.5 Persons collecting personal information should be able to explain to individuals the purposes for which the information is being collected.
2.6 This principle is linked closely to the Limiting Collection principle (Clause 4.4) and the Limiting Use, Disclosure, and Retention principle (Clause 4.5).
Principle 3 - Consent
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
Note: In certain circumstances personal information can be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical, or security reasons may make it impossible or impractical to seek consent. Seeking consent may be impossible or inappropriate when the individual is a minor, seriously ill, or mentally incapacitated. In addition, organizations that do not have a direct relationship with the individual may not always be able to seek consent.
3.1 Consent is required for the collection of personal information and the subsequent use or disclosure of this information. Eduwonka shall seek consent for the use or disclosure of the information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use (for example, when Eduwonka wants to use information for a purpose not previously identified).
3.2 The principle requires “knowledge and consent”. Eduwonka shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used. To make the consent meaningful, the purposes must be stated in such a manner that the individual can reasonably understand how the information will be used or disclosed.
3.3 Eduwonka shall not, as a condition of the supply of a service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfil the explicitly specified, and legitimate purposees.
3.4 Consent sought by Eduwonka shall take into account the sensitivity of the information. Although some information (for example, medical records and income records) is almost always considered to be sensitive, any information can be sensitive, depending on the context. For example, the names and addresses of subscribers to a newsmagazine would generally not be considered sensitive information. However, the names and addresses of subscribers to some special-interest magazines might be considered sensitive. 3.5 Eduwonka adheres to PIPEDA’s principle of not sharing the personal information of its users without their consent, with the third party. Eduwonka understands the reasonable expectations of individuals regarding their personal data. Additionally, Consent shall not be obtained through deception.
3.6 Eduwonka shall generally seek express consent when the information is likely to be considered sensitive. As per PIPEDA’s principles, implied consent would generally be appropriate when the information is less sensitive. Consent can also be given by an authorized representative (such as a legal guardian or a person having power of attorney).
3.7 Individuals can give consent in many ways. For example:
(a) an application form may be used to seek consent, collect information, and inform the individual of the use that will be made of the information. By completing and signing the form, the individual is giving consent to the collec- tion and the specified uses;
(b) a check-off box may be used to allow individuals to request that their names and addresses not be given to other organizations. Individuals who do not check the box are assumed to consent to the transfer of this information to third parties;
(c) consent may be given orally when information is collected over the telephone; or at the time that individuals use the service.
3.8 An individual may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Eduwonka shall inform the individual of the implications of such withdrawal.
Principle 4 — Limiting Collection
The collection of personal information shall be limited to that which is necessary for the purposes identified by Eduwonka. Information shall be collected by fair and lawful means.
4.1 Eduwonka shall not collect personal information indiscriminately. Both the amount and the type of information col- lected shall be limited to that which is necessary to fulfil the purposes identified. Eduwonka shall specify the type of information collected as part of their information-handling policies and practices, in accordance with the Openness principle (Clause 4.8).
4.2 Eduwonka shall collect personal information by fair and lawful means. Eduwonka shall adhere to keep the process of information collection transparent for the sake of individual and maintain the purpose for which the information was collected. This implies that consent with respect to collection shall not be obtained through deception.
4.3 This principle is linked closely to the Identifying Purposes principle (Clause 4.2) and the Consent principle (Clause 4.3).
Principle 5 —Limiting Use, Disclosure, and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfilment of those purposes.
5.1 When using personal information for a new purpose, Eduwonka shall document this purpose (see Clause 4.2.1).
5.2 Eduwonka shall develop guidelines and implement procedures with respect to the retention of personal information. These guidelines should include minimum and maximum retention periods. Personal information that has been used to make a decision about an individual shall be retained long enough to allow the individual access to the information after the decision has been made. Eduwonka may be subject to legislative requirements with respect to retention periods.
5.3 Personal information that is no longer required to fulfil the identified purposes shall be destroyed, erased, or made anonymous. Eduwonka shall develop guidelines and implement procedures to govern the destruction of personal information.
5.4 This principle is closely linked to the Consent principle (Clause 4.3), the Identifying Purposes principle (Clause 4.2), and the Individual Access principle (Clause 4.9).
Principle 6 — Accuracy
Personal information shall be as accurate, complete, and up- to-date as is necessary for the purposes for which it is to be used.
6.1 Eduwonka will ensure that the extent to which personal information is accurate, complete, and up-to-date and will depend upon the use of the information, taking into account the interests of the individual. Information shall be sufficiently accurate, complete, and up-to-date to minimize the possibility that inappropriate information may be used to make a decision about the individual.
6.2 Eduwonka shall not routinely update personal information, unless such a process is necessary to fulfil the purposes for which the information was collected.
6.3 Personal information that is used on an ongoing basis, including information that is disclosed to third parties, should generally be accurate and up-to-date, unless limits to the requirement for accuracy are clearly set out.
Principle 7 — Safeguards Personal information shall be protected by security safe- guards appropriate to the sensitivity of the information.
7.1 The security safeguards shall protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. Eduwonka shall protect personal information regardless of the format in which it is held.
7.2 The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution, and format of the information, and the method of storage. More sensitive information shall be safeguarded by a higher level of protection. The concept of sensitivity is discussed in Clause 4.3.4.
7.3 The methods of protection shall include
(a) physical measures, for example, locked filing cabinets and restricted access to offices;
(b) organizational measures, for example, security clearances and limiting access on a “need-to-know” basis; and
(c) technological measures, for example, the use of passwords and encryption.
7.4 Eduwonka shall make their employees aware of the importance of maintaining the confidentiality of personal information.
7.5 Care shall be used in the disposal or destruction of personal information, to prevent unauthorized parties from gaining access to the information (see Clause 4.5.3).
Principle 8 — Openness
Eduwonka shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
8.1 Eduwonka shall be open about their policies and practices with respect to the management of personal information. Individuals shall be able to acquire information about Eduwonka’s policies and practices without unreasonable effort. This information shall be made available in a form that is generally understandable.
8.2 The information made available shall include
(a) the name or title, and the address, of the person who is accountable for Eduwonka’s policies and practices and to whom complaints or inquiries can be forwarded; (b) the means of gaining access to personal information held by Eduwonka; (c) a description of the type of personal information held by Eduwonka, including a general account of its use; (d) a copy of any brochures or other information that explain Eduwonka’s policies, standards, or codes; and (e) what personal information is made available to related organizations (e.g., subsidiaries).
8.3 According to PIPEDA, Eduwonka may make information on its policies and practices available in a variety of ways. The method chosen depends on the nature of its business and other considerations.
Principle 9 — Individual Access
Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information held by Eduwonka and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Note: In certain situations, Eduwonka may not be able to provide access to all the personal information it holds about an individual. Exceptions to the access requirement should be limited and specific. The reasons for denying access shall be provided to the individual upon request. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security, or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege.
9.1 Upon request, Eduwonka shall inform an individual whether or not Eduwonka holds personal information about the individual. It may indicate the source of this information. Eduwonka shall allow the individual access to this information.
In addition, Eduwonka shall provide an account of the use that has been made or is being made of this information and an account of the third parties to which it has been disclosed.
9.2 An individual may be required to provide sufficient information to permit Eduwonka to provide an account of the existence, use, and disclosure of personal information. The information provided shall only be used for this purpose.
9.3 In providing an account of third parties to which it has disclosed personal information about an individual, Eduwonka shall attempt to be as specific as possible. When it is not possible to provide a list of the organizations to which it has actually disclosed information about an individual, Eduwonka shall provide a list of organizations to which it may have disclosed information about the individual.
9.4 Eduwonka shall respond to an individual’s request within a reasonable time and at minimal or no cost to the individual. The requested information shall be provided or made available in a form that is generally understandable. For example, if the Eduwonka uses abbreviations or codes to record information, an explanation shall be provided.
9.5 When an individual successfully demonstrates the inaccuracy or incompleteness of personal information, Eduwonka shall amend the information as required. Depending upon the nature of the information challenged, amendment involves the correction, deletion, or addition of information. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
9.6 When a challenge is not resolved to the satisfaction of the individual, the substance of the unresolved challenge shall be recorded by Eduwonka. When appropriate, the existence of the unresolved challenge shall be transmitted to third parties having access to the information in question.
Principle 10 — Challenging Compliance An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for Eduwonka’s compliance.
10.1 The individual accountable for the organization’s compliance is discussed in Clause 4.1.1.
10.2 Eduwonka shall put procedures in place to receive and respond to complaints or inquiries about their policies and practices relating to the handling of personal information. The complaint procedures should be easily accessible and simple to use.
10.3 Eduwonka shall inform individuals who make inquiries or lodge complaints of the existence of relevant complaint procedures. A range of these procedures may exist.
10.4 Eduwonka shall investigate all complaints. If a complaint is found to be justified, Eduwonka shall take appropriate measures, including, if necessary, amending its policies and practices.