Canadian Society of Association Executives (CSAE) Privacy Policy
The Canadian Society of Association Executives (CSAE) is committed to protecting the privacy of the personal information of its members, students, subject matter experts and all users of its services. This Privacy Policy has been prepared to affirm CSAE’s commitment to maintaining high standards of confidentiality, to provide information on about CSAE’s practices concerning the collection, use and disclosure of your personal information and to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable statutes.
The principles that form the basis of this Privacy Policy are interrelated and CSAE adheres to all of the principles as a whole. Each principle should be read in conjunction with the accompanying commentary. As permitted by PIPEDA, the commentary in this Privacy Policy has been drafted to reflect privacy issues specific to CSAE. CSAE will continue to review this Privacy Policy to make sure that it remains current with exceptions, changing technologies, industry standards and applicable laws.
In this Privacy Policy, “we”, “us”, “our” and “ours” means CSAE, and “you” means
(and “your” refers to) anyone who provides personal information to us.
1. Scope and application
This Privacy Policy applies to personal information, in any form, collected, used or disclosed by CSAE in the course of commercial activities. It will not typically apply to information directly regarding CSAE’s corporate clients. However, such information may be protected by other CSAE policies and through contractual arrangements.
This Privacy Policy does not impose any limits on the collection, use or disclosure of the following information by CSAE:
- information about an individual that is publicly available and is specified by regulation pursuant to PIPEDA;
- personal information that is not collected, used or disclosed, for commercial purposes;
- non-personally identifiable information; and
- the name, title, business address or telephone number of an employee of an organization, where collection, use or disclosure of such information is solely for the purpose of communicating with the person about his or her employment, business or profession.
The application of this Privacy Policy is subject to the requirements and provisions of PIPEDA, and any other applicable legislation or regulation. If you reside in British Columbia, Alberta or
Québec, then the substantially similar provincial privacy law of your province will apply to our handing of your personal information, rather than PIPEDA. In that case, reference in this Privacy Policy to PIPEDA shall be deemed to include your province’s substantially similar privacy law.
2. Definitions
collection: The act of gathering, acquiring, recording, or obtaining personal information from any source, including third parties, by any means.
consent: Voluntary agreement for the collection, use and disclosure of personal information for defined purposes. The form of consent we seek may vary, depending upon the circumstances and the type of personal information. In determining the form of consent, we take into account the sensitivity of the personal information and your reasonable expectations. Consent may be provided directly by you, or by your authorized representative, in accordance with applicable law.
disclosure: Making personal information available to a third party.
employee: An employee of, or an independent contractor to, CSAE. The inclusion of independent contractors within the definition of “employee” is for convenience of reference only and should in no manner imply that such independent contractors are our employees within the meaning of employment legislation or are in an employee-employer relationship with us.
personal information: Information about an identifiable individual, but does not include information that is used for the purpose of communicating or facilitating communication with an individual in relation to their employment, business or profession, such as the individual’s name, position name or title, work address, work telephone number, work fax number or work electronic address. Where an individual provides his or her home address to CSAE as their business contact information, the CSAE considers it to be business contact information, and is therefore not subject to protection as personal information. Information about corporations is not considered personal information.
third party: An individual or organization outside of CSAE.
use: The treatment, handling, and management of personal information by and within CSAE or by a third party with the knowledge and approval of CSAE.
we: Means (and “us”, “our”, and “ours” refer to) CSAE.
you: Means (and “your” refers to) the user of our services and products, and your successors, heirs, administrators, executors and assigns (as the case may be).
3. Accountability for our handing of personal information
CSAE is responsible for all personal information under its control and has designated the CSAE Privacy Officer to oversee privacy compliance. Other individuals within CSAE may be delegated to act on behalf of the CSAE Privacy Officer or to take responsibility for the day to day management of personal information. CSAE trains and communicates with employees about CSAE’s privacy practices, including this Privacy Policy.
As appropriate, CSAE implements privacy policies and procedures to properly enforce this Privacy Policy, and we use contractual or other means to provide a comparable level of privacy protection while personal information is being processed or used by a third party.
4. Reasons why we collect, use and disclose personal information
CSAE collects personal information from you for the following purposes:
- to provide you with information, products, or services that you request from us, including legislative updates, professional development programs and other services that we make available, from time to time;
- to respond to member and other stakeholder needs;
- to carry out our obligations and enforce our rights arising from any contracts with you, including for billing and collection or to comply with legal or regulatory requirements;
- to notify you about changes to any products or services we offer or provide;
- to improve our products or services, marketing, or customer relationships and experiences;
- to measure or understand the effectiveness of the advertising we serve to you and others, and to deliver relevant advertising to you;
- to authenticate your identity, such as when you sign into your account;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent, or as required or permitted by law.
Further reference to “identified purposes” mean the purposes identified in this section of this Privacy Policy.
We will indicate the identified purposes to you, orally, electronically or in writing, at or before the time your personal information is collected. Persons collecting personal information may explain the identified purposes or refer individuals to a designated person within CSAE who can explain these identified purposes.
5. Collection of personal information
If you request information, products or services from CSAE, we will collect your name and contact details, including address(es), mailing preference, telephone and fax numbers, email address, and language preference.
You may also provide us your credit card information in order to pay for items you purchase. We collect this information only to set up your account, process the order, and provide you with the services you are purchasing. We do not store credit card information for later use.
CSAE collects and retains information about your transaction history when you use CSAE services and various programs.
CSAE also provides individuals with an opportunity to specify certain preferences in service delivery; if an individual chooses to provide such information, CSAE will collect and maintain language preference in order to send individuals the information they need in the language they prefer, as well as other special needs requested for a specific event (i.e., meal preference).
CSAE will only collect personal information that is necessary for the purposes identified in this Privacy Policy.
We collect no personal information about you unless you choose to provide that information to us. We do not use techniques that collect personal information about anyone without their knowledge. We only collect personal information about individuals when they specifically and knowingly provide it to us– for example, when they apply for membership, register for a program or complete a registration form. As a limited exception to this principle, we may collect personal information without your consent, where permitted by PIPEDA and other applicable laws.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You may contact us for more information regarding the implications of withdrawing consent.
6. Consent for us to contact you about our products and services
The information you provide to CSAE – such as your name, address, etc. – allows CSAE to inform you about events and activities and to notify you of issues, events or special offers which may be of interest to you. By becoming a member or by requesting information or registering for events or courses offered by CSAE, you are giving CSAE permission to contact you by way of the information you provide. Members may choose not to be contacted by CSAE – please use the “Update Profile” section of the CSAE website (www.csae.com) to customize your communications preferences, or contact CSAE Member Services at info@csae.com or 416-363-3555, ext. 239.
7. Disclosure of personal information
CSAE will not disclose personal information for purposes other than those purposes for which it was collected, except with your consent or as required or permitted by law. CSAE may disclose your personal information:
- when we have your consent, whether express or implied;
- to your authorized representatives;
- if and when we are involved in a corporate reorganization or if we sell or lease all or part of our business;
- to meet legal and regulatory requirements; and
- where required or permitted by law.
In such circumstances, we will not disclose more information than is required for the purpose for which the information is being disclosed. We will also, whenever it is reasonable and practicable to do so, enter into privacy agreements with third parties with whom we share personal information.
We will retain personal information only as long as it remains necessary or relevant for the identified purposes or as required or permitted by law. Where personal information has been used to make a decision about you, CSAE shall retain, for a period of time that is reasonably sufficient to allow for access by you, either the actual information or the rationale for making such decision.
Only our employees who require access for legitimate reasons or whose duties reasonably so require are granted access to personal information.
We maintain reasonable controls, schedules and practices for personal information management retention and destruction. Personal information that is no longer necessary or relevant for the identified purposes, or is required by law to be retained, is destroyed, erased or made anonymous, as appropriate in the circumstances.
CSAE may share aggregate information – not personal information – about its members and customers with sponsors, potential sponsors and other parties to help them better understand CSAE members and their interests. Such aggregate information is used to give CSAE demographic data about its members in order to improve the organization and the programs and services we provide.
8. CSAE Website
Cookies
CSAE’s website uses cookies to customize your experience on our website. A cookie is a text-
only string of information that a website transfers to the cookie file of the browser on your computer’s hard drive, making it possible for the website to remember who you are and what your preferences are.
There are different types of cookies. A “session” cookie is erased from memory when a visitor’s
browser closes. A “persistent” cookie expires based on a time set by the web server. Persistent cookies help websites identify specific visitors and their preferences when they return to a website.
Disabling or blocking cookies may affect your ability to use our website. If you want to change your cookie preferences, you must change your browser’s preferences to enable/keep, disable/block/restrict, or delete/remove cookies. For the best experience of our website, we recommend enabling cookies. Enabling cookies is handled by your browser’s security settings,
which are specific to each browser and operating system. Please check with the company that created your browser if you need more information.
Pixel tags
We may also use web beacons, clear gifs, or other similar technologies (Pixel Tags). A Pixel Tag is an electronic image, often a single pixel (1×1), which is ordinarily not visible and which
may be associated with cookies on the visitors’ storage drives. We may use Pixel Tags to track your use of our website for advertising, marketing, or promotional purposes, and to determine whether you opened an email message from us. This information also enables us to customize the services we offer you.
Retargeting
In some instances, we may generate profiles from your personal information. We may disclose these profiles to third parties to enable them to provide targeted content or advertisements to you, or for their own business analysis and research purposes, based on the fact that you have previously visited our website (this process is sometimes referred to as Retargeting). So, you should be aware that:
- we may disclose information about which products and services you have viewed on our website, to third party vendors, so that they can use that information to deliver advertisements about products and services we think may be of interest to you;
- for more information about how Retargeting works, you can visit Google’s
website, which provides information about how Google Ads uses Retargeting;
- Retargeting uses cookies. A number is assigned to the web browser, which identifies that web browser on a specific computer (but does not directly identify the user of the computer). That number is then used by the third party vendor, to determine which websites you have visited, for the purpose of Retargeting; and
- if you would like to opt out of Retargeting, please see the “Your choices about
how our website collects your information” heading below.
Website traffic patterns
Our internet servers may passively and automatically collect certain information about website visitors’ traffic patterns, which may be linked to their Internet Protocol (IP) addresses (which are unique internet “addresses” assigned to all internet users by their internet service providers). Server logs may record statistical information, such as visitors’ IP addresses, type of operating systems, time and duration of visit, pages requested, and identify categories of visitors by items such as domains and browser types. These statistics are generally collected and used on an aggregate basis.
Other information collected by our website
- Non-personal information, that does not directly or indirectly reveal your identity or directly relate to an identified individual, such as statistical or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal information. For example, we may aggregate personal information to calculate the percentage of users accessing a specific website feature.
- Technical information, including your login information, browser type and
version, time zone setting, browser plug-in types and versions, operating system and platform, or information about your internet connection, the equipment you use to access our website, and usage details.
- Non-personal details about your website interactions, including the full Uniform
Resource Locators (URLs), clickstream to, through and from our website (including date and time), products or services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse
away from the page, or any phone number used to call our customer service number.
Why do we collect this information?
The information we collect automatically is statistical information and may include personal information, and we may maintain it or associate it with personal information we collect in other ways, that you provide to us, or receive from third parties. It helps us to improve our website and to deliver a better and more personalized service, including by enabling us to:
- estimate our audience size and usage patterns;
- store information about your preferences, allowing us to customize our website according to your individual interests, including showing you advertisements that we think will be of interest to you;
- speed up your searches;
- recognize you when you return to our website; and
- show our advertisements on external sites.
Your choices about how our website collects your information
We strive to provide you with choices regarding the personal information you provide to us.
You can opt out of several third-party ad servers’ and networks’ cookies simultaneously by using opt out tools created by Google Advertising, the Digital Advertising Alliance of Canada or by the Network Advertising Initiative. You may also opt out of our use of Google Analytics by visiting the Google Analytics opt out page. We may have reporting of your aggregate interactions with our ads across the Google Display Network or DoubleClick for Advertisers in conjunction with activity on our website.
You can also access these websites to learn more about online behavioural advertising and how to stop websites from placing cookies on your device. Opting out of a network does not mean you will no longer receive online advertising. It does mean that the network from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.
In addition, we have created mechanisms to provide you with the following control over your information:
- Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on
Adobe’s website. If you disable or refuse cookies, please note that some parts of this website may not be accessible or may not function properly.
- Third-Party Advertising. If you do not want us to share your personal information
with unaffiliated or non-agent third parties for promotional purposes, you can opt out by sending us an email stating your request to CSAE Member Services at info@csae.com or 416-363-3555, ext. 239.
- Promotional Offers. If you have opted in to receive certain emails from us but no
longer wish to have your email address/contact information used by CSAE to
promote our own or third parties’ products or services, you can opt out by contacting CSAE Member Services at info@csae.com or 416-363-3555, ext. 239. If we have sent you a promotional email, you may unsubscribe by clicking the unsubscribe link we have included in the email.
- If you do not want us to use information that we collect or that you
provide to us to deliver advertisements according to our advertisers’ target- audience preferences, you can opt out by using the opt out tools created by the Digital Advertising Alliance of Canada, the Network Advertising Initiative or Google Advertising.
9. Accuracy of personal information
We make reasonable efforts to ensure that personal information we collect, use or disclose is as accurate, complete and up-to-date as necessary for the purposes for which it is to be used. If you find any errors in our personal information holdings, we should be informed so that we can make the appropriate corrections. We will convey these corrections to any third party that may have been provided inaccurate information. For personal information that remains in dispute, we will make note in our records of your opinion as to accuracy of the relevant personal information.
10. Security of personal information
CSAE endeavours to maintain appropriate safeguards and adequate physical, procedural and technical security with respect to our offices and information storage facilities so as to prevent any unauthorized access, disclosure, copying, use, or modification of personal information.
Safeguards include securing physical documents and technological measures by way of secure access and encryption. CSAE employees are authorized to access personal information based only on their need to deal with the information for the reason(s) for which it was obtained.
Safeguards are in place to ensure that the information is not disclosed or shared more widely than is necessary to achieve the purpose for which it was gathered. We also take measures to ensure the integrity of this information is maintained and to prevent its being lost or destroyed.
We protect personal information disclosed to third parties by contractual agreements stipulating the confidentiality of the personal information and the purposes for which it is to be used.
To ensure the integrity and privacy of the personal and credit card information you pass to us via the Internet when you make an online transaction, CSAE has obtained a Secure Socket Layer (SSL) Server Certificate, the industry standard with 128-bit encryption. All information collected within a secure page is encrypted while being transmitted to CSAE’s secure server. The server is protected by a firewall that is regularly updated when new patches and fixes are released.
We may engage service providers to assist us with fulfilling the purposes for which personal information has been collected, used and disclosed, and, in some instances, these service providers may be located outside Canada. We only select service providers that protect personal information in a manner that is comparable to the protection we provide under our own privacy policies. However, personal information may be subject to, and accessed under, the laws of the countries in which our service providers operate. If you have any questions about our transfer of personal information to our service providers outside Canada, or if you would like to learn more about our privacy policies in that regard, please contact the CSAE Privacy Officer at the contact information provided below.
11. Openness concerning our policies and procedures
We are open about the policies, procedures and practices we use to protect your personal information. Information about these policies, procedures and practices will be made available to you either electronically or in writing.
12. Access to your personal information
You may access any personal information that we have concerning you, and which has been collected, used or disclosed for a commercial purpose, by sending a written request to the CSAE Privacy Officer. CSAE may advise you in advance if there is a minimal charge to conduct a search of our records and will respond within 30 days or advise that the request for access is subject to an extension as authorized by PIPEDA.
To protect your privacy, you may be required to provide sufficient identification, in order to permit us to account for the existence, use and disclosure of certain personal information and to authorize access to such information. Any such information will only be used for this purpose.
We may not be able to provide personal information to you if doing so would violate the privacy of a third party or if certain personal information is subject to legal privilege, contains information proprietary to us or a third party, is too costly to retrieve, or cannot be disclosed for other legal reasons. If we are unable to provide access to all or part of your personal information, we will explain our reasons for such a decision.
Where you have been provided with access to your personal information, you shall be able to challenge the accuracy and completeness of your personal information and have it amended as appropriate.
Personal information that is disclosed to third parties by us will be subject to the general laws applicable in the jurisdiction in which the third-party conducts business. As a result, and in certain limited situations, we may not be legally permitted to account for certain collections, uses or disclosures of personal information. In most circumstances, however, we shall provide an account of the collection, use and disclosure of personal information and, where reasonably possible, we shall state the source of the personal information. In providing an account of disclosure, we shall provide a list of organizations to which we may have disclosed your personal information when it is not possible to provide an actual list.
13. Challenging compliance with privacy laws
All questions or concerns regarding our privacy practices should be directed to the CSAE Privacy Officer.
We will investigate all complaints concerning compliance with this Privacy Policy and if a complaint is found to be justified, we will take appropriate measures to resolve the complaint including, if necessary, amending our privacy policies and procedures. We will inform you of the outcome of the investigation regarding your complaint.
14. Third-Party Ad Networks
We use third parties such as network advertisers to serve advertisements on our Site and on third-party websites or other media (e.g., social networking platforms). This enables us and these third parties to target advertisements to you for products and services in which you might be interested. Third-party ad network providers, advertisers, sponsors and/or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), Flash LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third party’s specific privacy policy, not this one. We may provide these third-party advertisers with information about you.
Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and their choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and their choices regarding having information used by NAI members.
Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through our Site or on other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt out on the DAA or NAI websites, your opt-out may not be effective. Additional information is available on the DAA’s website at www.aboutads.info or the NAI’s website at www.networkadvertising.org.
Online Behavioral Advertising and How You Can Opt-Out
We may work with third-party advertising companies who may utilize cookies and web beacons, and data collected on our services, to customize advertisements to you on our services, as well as on other websites or mobile applications in their networks beyond our services. Among other things, these customized advertisements may advertise our products and services and third party products and services on websites or mobile applications not affiliated with us. Some of these ads are online behavioral advertising – which serve advertisements that are more likely to be of interest to you using non-personal behavioral information. Such ads may contain cookies that allow monitoring of websites and mobile applications (including our own services) and your response to such advertisements. Cookies or web beacons placed by these companies do not collect personal information, and the third-party advertising companies do not have access to or use your name, address, e-mail address, telephone number or other personal information; they may however, anonymously track your usage across our services and other websites or mobile applications in their networks. We limit companies that place our ads from using information for any purpose other than to assist us in our advertising efforts.
For more information about these third-party advertising companies’ privacy policies, visit the Network Advertising Initiative’s website at http://www.networkadvertising.org. If you prefer to not receive targeted advertising, you can opt-out of network advertising programs that use your information. To do so, please visit: the Network Advertising Initiative’s opt-out page.
15. Contact Us
If you have any questions or concerns about this Privacy Policy or about CSAE’s information handling practices, please contact us at:
Attn: Privacy Officer Tracy Folkes Hanson President & CEO
CSAE
2 Sheppard Avenue East
Toronto ON M2N 5Y7
Email: tracy@csae.com
Please also visit the Office of the Privacy Commissioner of Canada’s website at https://www.priv.gc.ca/en/.