The information, software, products, and services published on this website may include inaccuracies or errors, including pricing errors. In particular, The Canadian Spondylitis Association and the affiliated, co-branded and/or linked website partners through whom we provide service (collectively, “The Canadian Spondylitis Association affiliates”) do not guarantee the accuracy of, and disclaim all liability for any errors or other inaccuracies relating to the information, software, products, and services published on this website.
The Canadian Spondylitis Association and its respective suppliers make no representations about the suitability of the information, software, products, and services contained on this website for any purpose, and the inclusion or offering of any products or services on this website does not constitute any endorsement or recommendation of such products or services by The Canadian Spondylitis Association. All such information, software, products, and services are provided “as is” without warranty of any kind. The Canadian Spondylitis Association and its respective suppliers disclaim all warranties and conditions that this website, its servers or any email sent from The Canadian Spondylitis Association is free of viruses or other harmful components. The Canadian Spondylitis Association and its respective suppliers hereby disclaim all warranties and conditions with regard to this information, software, products, and services, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title, and noninfringement.
In no event shall The Canadian Spondylitis Association be liable for any direct, indirect, punitive, incidental, special, or consequential damages arising out of, or in any way connected with, your access to, display of or use of this website or with the delay or inability to access, display or use this website (including, but not limited to, your reliance upon opinions appearing on this web site; any computer viruses, information, software, linked sites, products, and services obtained through this website; or otherwise arising out of the access to, display of or use of this website) whether based on a theory of negligence, contract, tort, strict liability, or otherwise, and even if The Canadian Spondylitis Association has been advised of the possibility of such damages.
The CSA recognizes Canada’s Personal Information Protection & Electronic Documents Act (PIPEDA)’s
definition of “personal information” as information about an identifiable individual. This includes any
factual or subjective information, recorded or not, about an identifiable individual, such as:
● age, name, email, address, or ID numbers;
● opinions, evaluations, comments, or intentions (for example, to acquire goods or services); and
● donor records, medical records, or employee files.
During our organizational activities, this may include such information as financial information related to
processing donations or information about an individual having spondylarthritis.
● Business contact information and certain publicly available information, such as names, addresses, and telephone numbers as published in telephone directories, are not considered personal information. Where an individual uses their home contact information as business contact
information as well, we consider that the contact information provided is business contact
information and is not therefore subject to protection as personal information, when used solely
for the purpose of communicating or facilitating communication with the individual in relation to
their employment, business or profession.
Personal information gathered by our organization is kept in confidence. The CSA personnel are authorized to access personal information based only on their need to deal with the information for the reason(s) for which the information was obtained. Personal information is not disclosed or shared more widely than is necessary to achieve the purpose for which it was gathered. We also take measures to ensure that the integrity of this information is maintained and to prevent it being lost or prematurely destroyed. We collect, use and disclose personal information only for the purposes that a reasonable person would consider appropriate or obvious in the circumstances and which is allowed by law.
WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
Depending on your interactions with the CSA, we may collect different kinds of personal information about you, including:
● Identity Personal information includes first name, last name, employer.
● Contact Personal information includes address, email and telephone numbers.
● Financial Personal information includes bank account and credit card details.
● Transaction Personal information includes details about payments.
● Technical Personal information includes internet protocol (IP) address, your login personal
information, time zone setting and location.
● Profile Personal information includes your username and password, donations made by you, your
interests, preferences, and feedback.
● Usage Personal information includes information about how you use our website.
● Marketing and Communications Personal information includes your preferences in receiving
marketing from us and our third parties and your communication preferences.
For employees, contractors, volunteers, Board members, and service providers, your personal information
may be collected in the course of your duties providing services to the CSA and will be used to administer
your role with the CSA and to operate the programs and activities of the CSA.
HOW IS YOUR PERSONAL INFORMATION COLLECTED?
We use different methods to collect personal information including through:
1) Direct interactions. You may give us your contact, transaction and financial personal information by filling in forms or by corresponding with us by mail, phone, email or otherwise. This includes personal information you provide when you:
a) make a donation and receive a tax receipt, if applicable;
b) apply for membership, subscribe to our publications, contact us, or provide feedback;
c) register for and/or attend a CSA event; or
d) request information and/or marketing materials be sent to you.
2) Automated technologies or interactions. As you interact with our website, we may automatically collect technical personal information about your equipment, browsing actions and patterns. We may collect this personal information by using cookies, server logs and other similar technologies. We may also receive technical personal information about you if you visit other websites employing our cookies if applicable.
WHAT DO WE USE YOUR INFORMATION FOR?
We use the information we collect for the following purposes, unless otherwise stated at the time of
1) To personalize your experience (your information helps us to better respond to your individual
2) To improve our website (we continually strive to improve our website offerings based on the
information and feedback we receive from you);
3) To improve customer service (your information helps us to more effectively respond to your
customer service requests and support needs);
4) To process donations and other contributions to CSA (in compliance with Canada Revenue Agency requirements);
5) To administer the programs and activities of the CSA; and
6) To communicate with constituents via various communications methodologies including but not
limited to newsletters, emails, physical mail and social media messages.
HOW DO WE PROTECT YOUR INFORMATION?
The CSA implements a variety of technical, physical, and procedural security measures to maintain the
safety of your personal information.
Where Canada’s Anti-spam Legislation (CASL) applies to CSA communications with donors or volunteers,
CSA is committed to complying with CASL and, in particular, the provisions setting out the requirements for sending commercial electronic messages.
You will receive marketing communications from us if you are a member, have requested information from us, or made a donation to CSA and you have not opted out of receiving that marketing. You can ask us to stop sending you marketing messages at any time by following the opt-out procedure on any marketing message sent to you or by contacting us at any time. Opting out of marketing communications does not restrict communications related to events and services you have chosen to participate in.
DISCLOSURE TO THIRD PARTIES
The CSA does not currently disclose personal information to any third parties for the purposes of marketing
and fundraising such as selling, trading or otherwise transferring personal information to outside parties. If such practices are executed by the organization at any point in time, individuals will be provided with an
opportunity to opt out of any such communications.
CHANGE OF PURPOSE
If the CSA wishes to use personal information for a substantially different purpose than the purpose for
which the information was collected, we will seek your express consent describing this new purpose and
document that your consent has been given.
HOW LONG WILL WE RETAIN YOUR PERSONAL INFORMATION?
We will retain your personal information for as long as reasonably appropriate to fulfill the purposes we
collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting
requirements. We may retain your personal information for a longer period in the event of a complaint or
if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
You may ask us to delete your personal information by emailing your request to
[email protected], which we will do unless required to retain the information by law.
CORRECTING YOUR PERSONAL INFORMATION
You may ask us to correct your personal information by emailing your request and explanation for the
correction to [email protected]. The CSA will make best efforts to accommodate correction
requests if satisfied on reasonable grounds that the request should be implemented. If no correction is
made, the CSA will, where possible, annotate recorded personal information with the correction that was
requested but not made.
PERSONAL INFORMATION BREACH NOTIFICATION
Any privacy breach of personal information under the care of the CSA must immediately be reported to the CSA’s Executive Director, who will investigate the nature of the breach and will take appropriate action as required.
In the case of a personal information privacy breach where there is a loss or unauthorized access or
disclosure of personal information, and there exists a real risk of significant harm to the individual(s), the
individual(s) whose private information is breached will be notified promptly by the Executive Director. In
considering risk of significant harm to the individual(s) the sensitivity of the breached information and the
probability that the information will be misused will be considered.
Notice to the individual(s) whose personal information is breached must be given directly to the individual
if possible, and must include a description of the breach, the type of personal information involved, the date of the breach, steps taken by the CSA to reduce the risk of harm and the contact information of the CSA’s Executive Director should the individual(s) have questions.
The notification to the individual(s) must be in person, by telephone, mail, email or other form of
communication that is reasonable. Indirect notification must be given if direct notification would cause harm to the individual(s), cause undue hardship to CSA, or if CSA does not have the individual(s) contact
information. Indirect notification must be given by public communication or other similar measure.
If the CSA notifies the individual(s) involved in a breach, it will also notify other organizations of the breach if such a notification may be able to reduce the risk of harm or mitigate it. Based on the jurisdiction in which the affected individual(s) resides, the applicable regulatory authority may also need to be notified by law.
The CSA will keep a record of any breaches and provide the information to the applicable regulatory authorities upon request or as required. Privacy breach records will be kept for a 24-month period following
any breach, or longer if required by law.
WHEN THIS POLICY DOES NOT APPLY
Please check https://spondylitis.ca/legal/ or call 1-866-989-8787 for further information.
information should be e-mailed to [email protected].
You have the right to make a complaint at any time to the relevant supervisory authority for personal
information protection issues. You can contact the Office of the Privacy Commissioner of Canada (“OPC”), see: https://www.priv.gc.ca/en/contact-the-opc/ (if you are concerned about the CSA’s potentially commercial use of your personal information) or your applicable provincial privacy authority. We would, however, appreciate the chance to deal with your concerns before you approach the privacy authority, and we encourage you to contact us in the first instance.