Our Commitment to Privacy

The Squamish Community Foundation (“we”, “our”, “us”)  is committed to protecting the privacy of the information of its employees, members, donors and other stakeholders and individuals.. We value the trust of those we deal with, and of the public, and recognize that maintaining this trust requires that we be transparent and accountable in how we treat the information that donors choose to share with us. During the course of our various projects and activities, we frequently gather and use personal information. Anyone from whom we collect such information should expect that it will be carefully protected and that any use of or other dealing with this information is subject to consent.

To ensure balance between an individual’s right to protect his or her personal information and our need to collect, use or disclose personal information for reasonable business purposes, the Squamish Community Foundation complies with British Columbia’s Personal Information Protection Act (PIPA).

1: Definitions

  • Personal Information. Personal information is any information that can be used to distinguish, identify or contact a specific individual. This information can include an individual’s opinions or beliefs, as well as facts about, or related to, the individual. Exceptions: business contact information and certain publicly available information, such as names, addresses, email addresses and telephone numbers as published in public directories, are not considered personal information. Where an individual uses his or her home contact information as business contact information as well, we consider that the contact information provided as business contact information.
  • People means grant applicants, members, donors, volunteers, employees and stakeholders.
  • Foundation means the Squamish Community Foundation
  • A member is an individual as defined in Part X of the Society’s Bylaws.
  • An employee includes a volunteer, a person providing services under contract or a person entitled to wages for work performed.
  • A donor is a person, group or organization that provides monetary or in-kind support to the Society
  • A stakeholder is any individual, group or organization that may have an interest in or is impacted by the work of the Society.
  • Sensitive Personal Information Is Personal Information that, if lost, compromised or disclosed could result in substantial harm, embarrassment, inconvenience or unfairness to an individual. Sensitive Personal Information generally includes health-related information, data revealing racial or ethnic origin, financial information, political opinions, religious or philosophical beliefs, genetic or biometric data, and information concerning a person’s sex life or sexual orientation. Depending on the context, otherwise non-sensitive personal information may become sensitive.
  • Meaningful consent means that an individual understands the purpose, nature, use, and consequences of providing their Personal Information. This information must be clearly explained and made easily accessible to the person giving consent.
  • Express Consent occurs when an individual willingly agrees to the collection, use and disclosure of their Personal Information either verbally or in writing.
  • Deemed Consent occurs when an individual volunteers information for an obvious purpose that a reasonable person would consider appropriate in the circumstances. Deemed consent is only appropriate to use in circumstances where those purposes are considered so obvious that notification is unnecessary.
  • Use of Personal Information means using the information internally to provide an individual with a service or benefit, or to otherwise comply with the law.
  • Disclosing Personal Information means showing, sending or giving an organization, government or individual access to the personal information in question.
  • Privacy Officer means one or more designated individuals within the Foundation who functions as the first point of contact when privacy issues arise and has the authority to intervene on privacy issues. The Privacy Officer is responsible for developing, implementing and maintaining a privacy policy; conducting a privacy audit and self-assessment; managing privacy training; responding to requests for access to and correction of personal information; and working with the Information and Privacy Commissioner in the event of an investigation.

2: General Confidentiality

The Foundation is responsible for personal information under its control and must have policies and procedures that protect personal information. The Foundation must identify the reasonable purposes for which the collection, use, and disclosure of personal information is required. The foundation collects personal information from members, directors, donors, volunteers, grant recipients, contractors and others.  The Foundation recognizes that not only does it have legal responsibilities with respect to the collection, use, protection, and disclosure of personal information, but also an imperative to protect the relationship of trust with those from whom we collect personal information. The Board and all its committees act as a whole. Deliberations including the opinions of individual Board and committee members will be kept confidential. Board members are required to hold in the strictest confidence all matters dealt with by the Board during in-camera meetings and matters related to personnel and property.

3: What Information We Collect

Information can be collected through a variety of methods including phone, email, online, and in person when you:

  • Make a donation
  • Subscribe to our newsletter
  • Apply for a grant
  • Register for an event
  • Contact us through our website
  • Engage with us on Social Media

This information may include:

  • Name
  • Email address
  • Mailing Address
  • Phone Number
  • Donation details
  • Payment information (processed securely through third-party providers)
  • Organizational details (for grant applications)

We may also collect non-identifiable information such as website usage data (e.g., cookies, analytics)

4: Purposes of Collection

Collection of personal information must be limited to that which is necessary for the purposes of the Foundation. The Foundation must not require someone to consent to the collection, use or disclosure of personal information beyond what is necessary to our purpose.

We will only collect personal information that is necessary to fulfill the following purposes:

    1. To verify identity
    2. To provide donors with information about how donated funds are used by the Foundation
    3. To keep donors informed about the Foundation’s activities
    4. To determine donor motivation in creating a fund and assist in making decisions about distributions from the fund
    5. For the purposes of establishing, managing, or terminating employment (letters of application, results of interview, personal references, performance evaluations, letters of resignation or termination), including Volunteers
    6. To issue charitable tax receipts to donors (names, addresses and other personal information) and comply with the CRA for requirements for gift processing
    7. Organizational governance (board member names, addresses, phone numbers, date of birth, etc.)
    8. To inform the development/evaluation of our programs
    9. For other purposes that are reasonably considered to be within the mandate of the Foundation.

5: Consent

The Foundation obtains consent for the collection, use, and disclosure of personal information in accordance with applicable privacy legislation and Canada’s Anti-Spam Legislation (CASL). Consent may be express or implied, depending on the nature of the information and the relationship with the individual.

  • Individuals must provide consent before we may collect their personal information, use their personal information or disclose their personal information. Such consent must be given voluntarily and cannot be required as a condition of supplying a service unless the Personal Information is necessary to provide the service.
  • At the time in which consent is requested, the individual must be notified of the purpose of the collection of personal information. Consent must not be obtained using false or misleading means or by misleading the individual about why they are collecting, using or disclosing the information.
  • As much as possible, the Foundation will obtain express consent for the collection, use and disclosure of personal information. Express consent can be given in writing or verbally. Express consent must be collected directly from the individual, rather than from someone else.
  • Consent for collection of Sensitive Personal Information must always be made expressly and in writing.
  • Under CASL: Express consent does not expire until withdrawn/un-subscribed
  • In some circumstances, consent may be implied, such as where an individual makes a donation, registers for an event, volunteers, or otherwise engages with the Foundation. Under CASL, implied consent for electronic communications may generally continue for up to two years following the individual’s last interaction or transaction with the Foundation.
  • The Foundation will obtain express written consent from people in order to use photographs of them in any public-facing materials, whether online or in print.
  • The collection of personal information shall be limited to that which is necessary for the purposed identified by the Foundation. Even if an individual volunteers more personal information than is needed for our intended purposes, we will not record, use or disclose the irrelevant information.
  • A description of the purposes for the collection, use and disclosure of personal information will be included on consent forms. Such description must include when and to whom we will disclose the personal information.

6: Using and Disclosing Personal Information

  • We will only use or disclose personal information where necessary to fulfill the purposes identified at the time of collection or for a purpose reasonably related to those purposes.
  • We will not use or disclose personal information for any additional purpose unless we obtain consent to do so.
  • Personal information such as the name and address of a donor may be disclosed to a recipient organization or individual only when consent has been obtained from a donor.
  • We will not sell personal information about clients, volunteer, staff or donor lists to other parties

7: Cancelling or Changing Consent

  • A person can modify, withhold or withdraw their consent for the Foundation to use their personal information. A person’s decision to modify, withhold or withdraw their consent to use of personal information may restrict our ability to provide a particular service. If so, we will explain the situation to assist the person in making the decision.

8: Access & Correction to Personal Information

  • People have a right to access their personal information personal information we hold about you and to request corrections if it is inaccurate or incomplete.
  • A request to access personal information must be made in writing and provide sufficient detail to identify the personal information being sought.
  • A request to access personal information should be forwarded to the Privacy Officer. The requesting individual will be asked to provide proof of identity.
  • Upon request, we will inform individuals how we use and have used their personal information and to whom it has been disclosed, if applicable.
  • We will make requested information available within 30 business days or provide written notice of an extension where additional time is required to fulfill the request. If a request is refused in full or in part, we will notify the individual in writing, providing the reasons for refusal and the recourse available to them.

9: Ensuring Accuracy of Personal Information

  • We will make reasonable efforts to ensure that personal information is accurate and complete where it may be used to make a decision about an individual or disclosed to another organization.
  • Individuals may request correction to their personal information in order to ensure its accuracy and completeness. A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought.

10: Protection of Personal Information

  • To the best of our abilities, we will ensure the security of personal information to protect it from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.
  • The following measures will be implemented to ensure personal information is appropriately protected:
    1. Administrative Safeguards
      1. All staff and directors will be trained on privacy policies and procedures.
      2. All staff, volunteers, and contractors are required to sign confidentiality agreements indicating their understanding of the privacy laws and policies and agree to abide by them.
  • Avoid discussing a person’s personal information in a way that would disclose the information to someone who is not entitled to receive it.
  • Physical Safeguards
    1. Personal information will be stored in a locked location that is not accessible to the public.
    2. Confidential destruction of personal information including cross-shredding of documents and deleting and wiping electronically stored information.
  • Technology Safeguards
    1. Use of unique user IDs and passwords for all users for systems access.
    2. Portable electronic devices such as tablets and laptops must be under one person’s control at all times. They must not be left unattended in a car or in any other unsecured location.
  • Any cloud services used to transmit or store data are password protected and use encryption or two-factor authentication.

11: Retention of Personal Information

  • If we use personal information to make a decision that directly affects an individual, we will retain that personal information for at least one year so that the individual has a reasonable opportunity to request access to it.
  • The Foundation must destroy documents containing employee personal information once the purpose for which the personal information was collected is no longer served by keeping it as long as the law does not require otherwise.
  • Subject to the above, we will retain personal information only as long as necessary to fulfill the identified purposes or other lawful purpose.
  • Any cloud service provider used by the Society will have a clear and consistently applied privacy policy.

12: Compliance and the Privacy Officer

  • The Foundation must designate a Privacy Officer. The Executive Director will serve as the privacy officer for the Foundation. The Privacy Officer is responsible for ensuring the organization’s compliance with this policy and the Personal Information Protection Act and other applicable legislation related to privacy.
  • The name and contact information for the Privacy Officer will be made available to the public on the Foundation’s website.
  • The Foundation will maintain procedures to receive and respond to complaints or inquiries about its policies and practices relating to the handling of personal information. The procedures will be easily accessible.
  • Individuals should direct any complaints, concerns, requests or questions in writing to the Privacy Officer.
  • The Society’s designated Privacy Officer is the Executive Director.

13: Cookies & Website Analytics

Our website may use cookies and similar technologies to:

  • Understand how visitors use our site
  • Improve user experience
  • Support marketing and outreach efforts

You can adjust your browser settings to refuse cookies if you prefer.

14: Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those sites and encourage you to review their policies.

15: Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last updated” date.

Contact Us:

If you have questions about this Privacy Policy or how your information is handled, please contact:

Squamish Community Foundation
Email: info@squamishfoundation.com
Phone: 604.848.8683
Website: www.squamishfoundation.com