Approved by the Board of Directors: June 19, 2017

Purpose:

FSIO values individuals’ privacy. Therefore, FSIO protects personal information that it collects.

Scope:

Board of Directors, Executive Assistant, Volunteers/Committee Members

Policy:

Information that FSIO Collects

FSIO collects names (individual and/or organization), contact information (e.g., email, phone number, address, and fax number), and basic information about agencies (e.g., type of agency).

FSIO also collects credit card information when payments are made in person.

In addition, FSIO gathers information about how FSIO’s website and communications are being used (e.g., which web pages are visited most frequently and how many people open e-bulletins). The information about website use is anonymous.

How Information is Collected

Information is collected through registration forms and through WordPress and Google Analytics, which use cookies.

Payment information collected through PayPal is governed by PayPal’s privacy policy.

How Information is Used

FSIO collects information to administer memberships, distribute information, organize events, process payments, and communicate with stakeholders.

FSIO also uses the information to assess its services, make improvements, and plan future activities.

With permission from individuals, FSIO may use information for promotional, advocacy, and fundraising purposes (e.g., publishing a testimonial on its website or presenting a list of members to a potential funder).

Information is retained for as long as an individual/organization is a member or the information is required for administrative or tax purposes.

How Information is Protected

Firewalls, passwords, encryption, and other industry-recognized safeguards protect information. Paper files are stored in a locked location.

Only board and staff members who need the information to carry out their duties have access to personal information. Volunteers who have access to names and contact information to communicate on behalf of FSIO are under the supervision of a board and/or staff member.

FSIO’s forum is private to members, who set up a password to protect their account. FSIO encourages members to respect each other’s privacy, yet FSIO does not take responsibility for how members use comments posted in the forum.

Disclosure of Personal Information

FSIO discloses personal information when required by law. Otherwise, FSIO does not publicize or share information that is not publicly available, unless you provide written consent.

Individuals may opt out of Google Analytics, and members may opt not to be part of the FSIO Forum.

Responsibility:

The Board’s Executive Committee oversees the handling of personal information. Board members, FSIO members, and stakeholders are welcome to provide feedback.

Consequences:

This policy will help to ensure individuals’ trust in FSIO and will guide decisions about requests for member information. Conversely, failure to follow this policy may weaken FSIO’s reputation.

Procedure:

How do I access, make corrections to, or delete my personal information held by FSIO?

 Can I opt out of web analytics?

 Yes; follow instructions in your browser’s help menu.

 For how long is my personal information retained?

  •  For as long as you are a member of partner, or for 5 years after you leave FSIO.
  • Payment records are kept for 6 years.
  • Records and all associated copies or back-up files are shredded (i.e., paper records), permanently deleted (e.g., user accounts or database entries), or sanitized according to NIST (National Institute of Standards and Technology)’s Guidelines for Media Sanitation (e.g., computer files).

 Who will see my profile and posts in the FSIO forum?

  •  Posts are visible to FSIO website administrators, who moderate which comments appear publicly to all forum members.
  • Profiles are visible to all forum members.
  • Your profile name is your first name and last name (the first and last name of the individual who applied for membership, in the case of organizations).

 What if a third party requests member information?

  •  Requests are relayed to the Board, who may share anonymous data, publicly available information, or the list of members who have given permission for their name to be publicized on FSIO’s membership list.

 How are concerns about use of personal information addressed?

  •  Direct concerns about the use of personal information to admin@fsio.ca or chair@fsio.ca.
  • The Executive Assistant or Chair of the Board will relay the concerns to the Executive Committee, which will consult with other board members to address the concern.

Who is responsible for activities referenced in the privacy policy?

Executive Assistant:

  1. Change passwords on all FSIO accounts annually, in June.
  2. Manage personal information recorded on paper.
  3. With Treasurer, manage FSIO’s PayPal account.
  4. Manage access to FSIO’s email database, following direction from the Board’s Executive Committee.
  5. Delete administrative accounts when a board or staff member leaves FSIO.
  6. Conduct annual data retention audit, in July.

Treasurer

  1. With Executive Assistant, manage FSIO’s PayPal account.