The Vancouver Aquarium Marine Mammal Rescue Society (VAMMR) is committed to adhering to the principles of PIPA (Personal Information Protection Act), PIPEDA (Personal Information Protection and Electronic Documents Act), CASL (Canada’s Anti-Spam Legislation) and embraces ethical guidelines established by the Association of Fundraising Professional.
VAMMR knows that you care how information about you is used and shared, and we appreciate you trusting that we will do so carefully. This Privacy Policy explains our practices and the choices you can make about the way your information is collected and used by VAMMR.
During the course of our various activities, events, and through the conducting of our programs and services, VAMMR gathers and uses personal information to carry out its work and other day-to-day activities. It is reasonable for a person to expect VAMMR to carefully protect the personal information it collects and that any other use other than those for which it was collected, will be disclosed, and subject to consent.
Scope of Policy
This policy applies to all staff, contractors, and volunteers who may have access to personal information through the Society’s records and information systems. Any personal information provided to VAMMR is collected, used and disclosed in accordance with applicable legislation.
How to Contact the Privacy Officer
Questions, inquiries, concerns, or complaints relating to VAMMR’s policy on the treatment of personal information should be emailed to VAMMR’s Privacy Officer at privacy@vammr.org Further information on privacy and your rights in regard to your personal information may be found on the website of the Privacy Commissioner of Canada at www.privcom.gc.ca.
Definition of Personal Information
Personal information includes any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form, such as:
Accuracy
To the extent reasonably practical, personal information of individuals will be as accurate, complete, and up to date as is necessary for the purpose for which it is to be used. Upon written request we provide supporters with access to a description of information that we maintain about them, and can request that any erroneous information be corrected.
Use of Personal Information
VAMMR is firmly committed to data privacy. We do not sell, rent or exchange any personal information we collect.
We do communicate with our supporters via mail, email, and telephone notifications about rescue updates, events, news, bulletins, gift updates in addition to e-receipts, volunteer management, solicitations and acknowledgements of donations, where express or implied consent has been provided. We do use email addresses to define target audiences on social media for the purpose of sharing messages from VAMMR.
A supporter may always opt-out of receiving all, or specific, communications through a variety of tools as outlined below.
Use of Credit Card and Banking Information VAMMR recognizes that, for the purposes of donations, supporters may provide us with their banking or credit card information. We only use this information to process the transaction as intended by the supporter.
Credit card transactions are processed through Level 1 PCI DSS (Payment Card Industry Data Security Standard) service providers and payment gateways. VAMMR’s credit card processing service providers and payment gateways are reviewed periodically, or whenever a provider is changed.
VAMMR uses Fundraise Up as an online donation platform. All donation data collected is subject to the provisions of the General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act of 2018 (“CCPA”), and other applicable privacy laws. Non-Personal Information that is collected remains anonymous or non-personally identifiable. All Personally Identifiable Information (PII) is encrypted. Financial information such as banking information or credit card number, name, CVV code or date of expiration, is collected and stored by a third party payment processor. Financial information is not stored by Fundraise Up.
Credit card transactions processed online through our website, Fundraise Up, or onsite with our partner the Vancouver Aquarium, are passed through a secure third-party provided SSL verified connection to adhere to industry standard privacy and security standards. For more information about Vancouver Aquarium’s Privacy Policy, please visit here: https://www.vammr.org/privacy
Retention of Information
The length of retention will vary in relation to the nature of the information collected. Any confidential materials and personal information will be kept with appropriate security when necessary. Care is used in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.
Removal from our Database or Mailing List
Should you ever wish to be removed from our database or solicitation mailing list or to discuss your communication preferences and options, please contact us at support@vammr.org with “Unsubscribe” in the subject line and we will be happy to oblige your requests.
Canada’s Anti-Spam Legislation and Electronic Communication
The Canadian Anti-Spam Legislation (CASL) places a variety of parameters on electronic messages that qualify as Commercial Electronic Messages (CEM’s). As a registered charity, the vast majority of electronic messages generated by VAMMR do not qualify as CEM’s, however VAMMR has chosen to fully comply with the legislation to be consistent with corporate best practices. As such, we ensure our communications are consistent with the provisions outlined below:
For more information, please visit the federal government’s FightSpam website: http://fightspam.gc.ca
Website
VAMMR may collect certain types of information electronically when you interact with our Sites, emails, social media accounts, online advertising, or through technologies such as cookies, web beacons, single pixel gifs and analytics engines.
Cookies: “Cookies” are bits of information sent to your computer from a website through your browser program. Cookies help you access pages faster and allow our server to recognize you as you move from page to page. If you choose not to accept cookies, some sections of our site – such as making online donations, symbolically adopting an animal, or signing up for emails – may not be available to you. VAMMR only reads cookies specifically written for our site and does not use cookies to track a user’s Internet history on other issues. We use cookies to better understand how our site is used and to make sure our information and dynamic content are served correctly. Aggregated data collected by VAMMR may from time to time be provided to our sponsors and underwriters.
Links: To provide users with more information on various issues, we may provide links to third party websites. However, we do not control those websites and their use of data, or necessarily endorse their viewpoints.
Responsibility for Confidentiality
All staff, contractors, and volunteers have a legal obligation to protect personal information obtained in the course of duties with VAMMR. All reasonable measures must be taken to ensure that personal information is collected, used, and disclosed only in circumstances necessary to conduct the business of the Society. Personal or confidential information will only be used, shared, or disclosed with other persons or individuals where consent has been provided and/or in accordance with applicable legislation as identified. Any confidential materials and personal information should be maintained under lock and key and appropriately discarded. The legal obligation to protect personal information does not end with the cessation of the individual’s duties with VAMMR, but continues in perpetuity.
Breach of Confidentiality
Individuals will be held accountable for breaches of confidentiality. Breaches of confidentiality include, but are not limited to, intentional and unauthorized access to, use and/or disclosure of, confidential information. Intentionally viewing confidential information that is not necessary to perform an individual’s role is considered a breach of confidentiality even if that information is not disclosed to another party. Confidential information must not be discussed in any physical location where others, not entitled to receive that information, are present and likely to overhear, unless required in order to fulfill one’s professional role, by law, or with permission from an authorized individual.
All VAMMR staff, contractors and volunteers have a responsibility to report suspected or known breaches of confidentiality without fear of reprisal. If it is established that a breach of confidentiality has occurred, those individuals deemed responsible may be subject to corrective action, or sanctions, up to and including termination of their employment or volunteer relationship with VAMMR, cancellation of contract or services, withdrawal of privileges and/or legal action.
Safeguards
All staff, contractors and volunteers are required to be familiar and abide by this policy.
VAMMR will protect personal information disclosed to third parties for processing through contractual agreements which require that personal information is treated in compliance with PIPA, PIPEDA and this Policy. An example of third parties includes mailing services.
Legal Disclaimer
Though we make every effort to preserve user privacy, we may need to disclose personal information when required by law and wherein we have a good faith belief that such action is necessary to comply with a current judicial proceeding, a court order or legal process served on our society.