Privacy

GLAD TIDINGS CHURCH (SUDBURY) PRIVACY POLICY
Effective:  February, 2015

Glad Tidings Church (Sudbury) (the “Church” or “we”) knows how important your privacy is to you. Our relationship with you is founded on trust and we are committed to maintaining that trust. For these reasons, we have created the following privacy policy (the “Privacy Policy”).  It confirms our dedication to protecting your privacy and maintaining the trust that you have placed in our organization.

This Privacy Policy covers our treatment of the Personal Information we collect from you in connection with the services we provide.  This Privacy Policy may be updated from time to time by the Church at which time we will give you reasonable notice.  Please check our website periodically to see the current Privacy Policy.

For the purposes of this Privacy Policy, “Personal Information” refers to any information about an identifiable individual.  Information will be about an “identifiable individual” where there is a serious possibility that an individual could be identified through the use of that information, alone or in combination with other information.

1. Collection of Personal Information
The Church collects Personal Information from you in the course of providing services to you [e.g. through our website and when you communicate with us through online and other forms of communication].  The Personal Information we may collect from you includes:
•Contact information, such as your name, address, telephone number and email address;
•Financial information, such as a credit card or banking information;
•Marital status is collected for marriage certificates;
•Photographs and videos may be collected with your consent during Church services; and
•Age, gender and religious denomination.
 
When you provide us with information through our website or in connection with a service, we assume you consent to our collecting it and using it for the specific purposes identified in this Privacy Policy.  We do not collect Personal Information indiscriminately and we do not collect any information about you unless you provide it to us willingly.  The Church does not collect Personal Information about visitors to our website through internet cookies or other covert or unobvious electronic means.

2. Use of Personal Information
The Personal Information we collect from you may be used by the Church for the following limited purposes:

a) Membership Applications: To formally join the Church you will provide Personal Information including your name, address, telephone number and e-mail address on the membership application form for internal purposes including maintaining contact lists.


b) Church Directory, Visitor Card, and Information Updates:

i. Church Directory - to be included in communication systems you will need to provide your telephone number, address, and e-mail address to the Church. The Church Directory is used for internal and external purposes.  For external purposes, your prior consent to the disclosure of your information will be requested.
ii.Visitor Cards - are used to connect with new people and to promote the Church.
iii.Information Updates - are sent to contact members and adherents of the Church as necessary. The Church also maintains a birthday and anniversary list that you can choose to be listed on, if so you will need to provide the relevant information.


c) Attendance Records: The Church collects Personal Information such as age, gender, and religious denomination from members and adherents for attendance records and to assess growth and help us establish a vision for the Church. This Information also helps us track target ministries. The Church also uses this information in the Annual Church Life Review (ACLR) for the Pentecostal Assemblies of Canada (the Church’s International office).


d) Church Ceremonies: The Church will collect Personal Information including names, telephone numbers, and addresses for certificates issued after a marriage ceremony or a water baptism or baby dedication.


e) Facility Rental: If you wish to rent Church facilities (i.e.: for weddings, baby showers, or funerals), the application form will include Personal Information, such as your name, address, telephone number, and e-mail address.


f) Sign-up and Registration Forms: If you choose to register for Church events, programs, volunteer projects or mission trips you will need to provide your Personal Information including your name, telephone number, address, and e-mail address as well as any other relevant information for the trip or program (i.e.: information about potential health restrictions) and applicable medical information (i.e.: Health card, Physician’s name, etc.).


g) Scheduling Appointments and Meetings with Church Staff: To schedule an appointment or meeting with a member of the Glad Tidings staff you will need to provide contact information such as your telephone number or e-mail address. Doing so allows Church staff to contact you if we need to change your appointment or follow-up in any other way. 


h) Police Checks for Volunteers: All leaders and volunteers at Glad Tidings Church interacting with minors and the vulnerable sector must complete a police check. The police check form requires that you submit Personal Information.


i) Donations: You can donate to the Church via pre-authorized debit, cheque, or cash. If you choose to donate via pre-authorized debit the Church will need to collect your banking information. If you donate with a cheque we will also receive your banking information. If you donate via debit or credit card, you will need to present your card for the transaction, but we do not store debit or credit card numbers. Transactions must be completed in person, not over the telephone.


j) Staff payroll: Glad Tidings Church collects personal banking information from its staff to facilitate staff payroll.


k) Security Footage: Signage is provided to inform you of this practice. Security footage is therefore collected through your implied consent.


l) Logged Files: When you log onto the Internet, your Internet Service Provider automatically assigns an IP address to your computer. Web servers identify your computer by its IP address, and the Church may use your IP address to help diagnose problems with our servers and to administer our website, and to constantly improve the value of the materials available on the site.


m) Photographs and Videos: Where consent is obtained, photographs and videos containing images and sounds may be collected and used in print or electronically, including on the Church’s website and social media pages, for the purpose of live-streaming and promoting the Church for spiritual and educational purposes and any other purposes as stated herein.


n) Other:  Personal Information may also be collected from individuals who are not members of the Church to establish and maintain our donor lists, to establish and maintain our mail lists, to contact you to advise you of any changes to programs or workshops, or to advise you of new programs or workshops offered by the Church.

We may provide further details to you about Personal Information that we collect or uses that we may make of your Personal Information either at the time we ask you to provide that information or through changes to this Privacy Policy.  Although you may choose to not share your Personal Information with the Church, your involvement in Church activities and the Church community may be limited if Personal Information is not shared. 

If at one time you signed up to be part of our Directory or Information Updates, but no longer wish to be a part of that list, or any future lists, you may unsubscribe by contacting the Chief Privacy Compliance Officer.

3. Disclosure of Personal Information


By providing your Personal Information to the Church, you have confirmed your trust in us. We are honoured by this trust and take pride in serving you. The Church will not disclose your Personal Information to any third party, except as necessary to fulfill the purposes identified in this Privacy Policy.  The Church does not sell, barter, trade or give away your Personal Information to other charitable or non-profit organizations, or to any commercial organizations.  The Church may share your Personal Information in the following limited ways:
•Marriage licenses with Personal Information are sent to the provincial government;
•Personal Information is shared as  necessary to book travel arrangements for Church events and mission trips;
•Personal Information is shared as necessary with auditors for the Church’s annual audit;
•Personal Information collected for use in the ACLR is shared with the Pentecostal Assemblies of Canada;
•Banking information is shared with the Church’s banking institution to process donations; and
•Some Personal Information will be shared as necessary with our lawyers (i.e.: such as sharing staff salaries in order to write employment contracts). 

4. Storage, Processing and Security of Personal Information


The Church stores and maintains Personal Information in conformity with the requirements of the Personal Information Protection and Electronic Documents Act and the Model Code for the Protection of Personal Information created and approved by the Canadian Standards Association.  When we use third party service providers for the storage or processing of Personal Information, we use contractual or other means to ensure that your Personal Information is protected.  In some cases, third party service providers may store or transfer Personal Information in or to countries where compliance with Canadian privacy laws cannot always be guaranteed.  Please rest assured that the Church makes reasonable efforts to contract only with trustworthy service providers who are committed to protecting the privacy of your Personal Information.

i. Where your Personal Information is stored

We use a variety of secure means to store your Personal Information. These include:
•Electronic password protection is used to secure digital financial information;
•An offsite secure server farm is used to store financial and other Personal Information; and
•Locked cabinets in secure areas are used to store hard copies of financial information, marriage license information, and registration/permission forms.

Permission forms for Church events are initially copied. During an event the original form remains at the Church, while the copies are brought to and from events. After an event is over, all documents are returned to the Church and the copies are shredded. 

ii. Who has access to your Personal Information

Relevant Staff and Board Members of Glad Tidings Church (Sudbury) have access to your Personal Information as required (i.e.: to organize / lead events, to work with the Church Directory, and to send the Information Update). Volunteers in leadership positions also have access to registrations forms that are submitted for their programs. The Business Administrator and applicable officers of the Board (or their designate(s)) are the only individuals that have access to donations and tax receipt information. Church members and adherents have access to the Church Directory and to sign-up sheets when they are visible in public spaces during sign-up times.

5. The Model Code for the Protection of Personal Information
The Church applies the ten principles of the Model Code for the Protection of Personal Information when collecting, using or disclosing your Personal Information:

(i) Accountability

The Church is responsible for the Personal Information collected and maintained by it and which is under its control. In order to fulfill this responsibility we have designated a Chief Privacy Compliance Officer whose contact information is available at the bottom of this page, to be responsible for the day-to-day care and control of Personal Information.  We have taken the following measures to ensure compliance with this Privacy Policy:           
(a) Developing procedures to protect Personal Information;           
(b) Developing procedures to receive and respond to complaints and inquiries;           
(c) Training our staff about our policies and practices respecting Personal Information; and           
(d) Developing and distributing information to our staff and the general public explaining our policies and procedures respecting Personal Information.

(ii) Identifying Purposes

The Church is committed to openness to you regarding its collection and use of Personal Information, as discussed above. To demonstrate this openness, we require the consent of individuals prior to using their Personal Information for any purpose other than that for which it was originally collected or stated within this Privacy Policy. Similarly, if any individuals wish to be advised of the Personal Information we have related to them, they can contact us at the address set out in Section 6 below.

(iii) Consent

The Church is committed to ensuring that you are aware of how your Personal Information is used. We are dedicated to obtaining the informed consent of individuals who provide us with their Personal Information. To this end, all our employees, personnel or agents are instructed to provide information about how Personal Information is used by us to all interested individuals who inquire, as well as obtain the informed consent of those who provide their Personal Information. As well, we may periodically request written confirmation from you to ensure that the Personal Information collected and maintained by us is up-to-date and accurate. We also may ensure that we have your continuing consent to use and retain your Personal Information. The Church will not disclose your Personal Information, without notice.  It will only do so if required by law or in the good faith belief that such action is necessary to:
(a) conform to obligations imposed by law or statute;
(b) meet an emergency need; and/or
(c) as required pursuant to a criminal investigation.

(iv) Limiting Collection

The Church restricts the collection of Personal Information only to that information that is necessary for the limited purposes noted above. We are committed to collecting Personal Information in a fair, open and lawful manner. For this reason, the Church does not indiscriminately collect Personal Information. We collect Personal Information to fulfill the above-noted purposes only, and for no other purposes.

(v) Limiting Use, Disclosure and Retention

The Church does not use Personal Information for purposes other than those for which it was originally collected, unless it has first obtained the consent of the person from whom such information was received. We retain Personal Information only for as long as it is needed and only for the fulfillment of the purposes for which it was originally collected, or for as long as legally required. Once Personal Information is no longer needed, hard copies are shredded and disposed of, and digital information is erased.  When disposing of or destroying Personal Information which is no longer needed, the Church ensures the appropriate measures are taken regarding the disposal or destruction so as to prevent unauthorized parties from gaining access to the information.

(vi) Accuracy

The Church is committed to maintaining accurate, complete and up-to-date Personal Information. If you are aware of changes to the Personal Information you have given to us, simply inform us of the changes and we will update our records accordingly. You may check and correct your Personal Information by contacting the Church and/or the Chief Privacy Compliance Officer assigned to oversee the day-to-day care and control of Personal Information by writing or emailing your request to the address set out in Section 6 below.

(vii) Safeguards

The Church has developed and implemented security safeguards appropriate to the sensitivity of the Personal Information kept by us. We also ensure that any of our employees who deal with Personal Information are properly trained and are aware of the necessary and appropriate measures required to protect Personal Information. Any Personal Information kept by us is disposed of or destroyed once it is no longer needed to meet the purposes for which it was collected.

(viii) Openness

The Church makes information about its policies and practices respecting the collection and maintenance of Personal Information available to all interested parties. We are pleased to answer any questions that you may have regarding the collection and maintenance of Personal Information. Please forward any questions in writing or email to the address set out in Section 6 below.

(ix) Individual Access

You can also request access to your Personal Information held by us. However, we reserve the right to confirm the identity of the person seeking access to Personal Information before complying with any access requests. Please forward your access request in writing or email to the address set out in Section 6 below.

(x) Challenging Compliance

As noted above, the Church has designated an official who is responsible for the day-to-day care and control of Personal Information. This official will receive and respond to all information requests regarding our privacy policies or about your Personal Information under our care and control. We investigate all complaints received by us and will respond in writing in a timely manner. If any complaint is found to be justified, then we will take appropriate measures to resolve the matter to the satisfaction of the complainant.

6. Additional Information

If you would like more information about our policies, or if you would like to access or correct the Personal Information we have about you in our records, then please contact our Chief Privacy Compliance Officer by email or in writing, as provided below:

ATTENTION: 
CHIEF PRIVACY COMPLIANCE OFFICER
Glad Tidings Church (Sudbury)
1101 Regent Avenue
Sudbury, Ontario P3E 5P8
privacy@gtsudbury.ca