Privacy Policy

Type: Operational

Target audience: Public

1.0 Introduction

As an agency of the Government of Ontario, the Ontario Trillium Foundation (OTF) is committed to respecting the privacy rights of individuals and ensuring the protection of the personal information in its custody and control in compliance with the Freedom of Information and Protection of Privacy Act in Ontario (FIPPA) and Ontario Archives and Recordkeeping Act 2006.

2.0 Purpose

To ensure that OTF's practices involving personal information are consistent with the FIPPA Part III – Protection of Individual Privacy.

3.0 Scope

This policy applies to all data assets provided, owned or managed by OTF.

4.0 Policy

  • OTF collects only the minimum necessary personal information, whether recorded or verbal.
  • OTF provides notice when it collects personal information (either directly from the individual or indirectly from another source) unless it is waived or is an exception under FIPPA. At a minimum, the notice will provide the authority for the collection, the purpose for collecting the personal information and contact information for further inquiries.
  • OTF uses personal information under the following circumstances:
    • with the individual’s consent;
    • for the purpose identified at time of collection or for a consistent purpose.
  • OTF discloses personal information where permitted under FIPPA. Some of the circumstances in which organizations are permitted to disclose personal information include:
    • where the individual has consented to the disclosure;
    • for the purpose for which the personal information was obtained or compiled or for a consistent purpose;
    • where the disclosure is necessary and proper in the discharge of the organization’s functions;
    • for the purpose of complying with another Act;
    • for law enforcement purposes;
    • in compelling circumstances affecting the health or safety of an individual;
    • in compassionate circumstances, to facilitate contact with the next of kin or a friend of an individual who is injured, ill or deceased;
    • to facilitate the auditing of shared cost programs between the Government of Ontario and the Government of Canada.
  • OTF follows the Ontario Archives and Recordkeeping Act 2006, for retention and disposal requirements for personal information.
  • Only those individuals who need a record for the performance of their duties have access to it and take the necessary steps to protect the organization’s personal information records from accidental destruction.
  • OTF prepares a written Privacy Impact Assessment before collecting personal information.
  • OTF takes reasonable steps to ensure that personal information on the organizations’ records are not used unless accurate and up to date.
  • OTF takes necessary administrative, technical and physical safeguards/precautions to protect personal information (at rest, in motion, in use) and to prevent or reduce the likelihood of a theft, loss or unauthorized use or disclosure of personal information from occurring, and to mitigate the risks to individuals in the event of such an occurrence.
  • OTF takes steps that are reasonable in the circumstances to ensure that personal information in the custody or under the control of OTF is protected against theft, loss and unauthorized use or disclosure and to ensure that the records containing the personal information are protected against unauthorized copying, modification or disposal.
  • In the event of a breach, OTF will follow its privacy breach protocol, and OTF’s CEO shall notify affected individuals and report privacy breaches to the Information and Privacy Commissioner.
  • Contracts for data collection and processing are subject to a Threat Risk Assessment.
  • OTF Board members, volunteers and staff, must sign and follow a Code of Conduct and Ethics that includes a commitment to “Store, handle, and transfer all records, in all formats, in a way that attends to the needs of OTF and its stakeholders for privacy and security.”
  • OTF provides contact information for questions or concerns about any collection, use or disclosure of personal information by OTF, or to request access to personal information in its custody and control.
  • Where personal information from different sources are merged into a single record for an individual (data integration), records will be de-identified, including any linking of records or information. Data integration may be conducted to compile information, including statistical information to enable analysis in relation to management, planning and/or evaluation of OTF funded programs and services.
  • No person or entity (including but not limited to staff and volunteers) shall use or attempt to use information that has been de-identified, either alone or with other information, to identify an individual.
  • The collection, use and treatment methodologies (including de-identification and linkage) of personal information will be summarized and published annually in a publicly available report or part of a publicly available report establishing the requirements of FIPPA have been met.

5.0 Definitions

Breach: The result of an unauthorized access to, or collection, use or disclosure of personal information.

Control (of a record): The power or authority to make a decision about the use or disclosure of the record.

Custody (of a record): The keeping, care, watch, preservation or security of the record for a legitimate business purpose. While physical possession of a record may not always constitute custody, it is the best evidence of custody.

Consistent Purpose: Where personal information has been collected directly from the individual to whom the information relates, the purpose of a use or disclosure of that information, without consent, is a consistent purpose only if the individual might reasonably have expected such a use or disclosure. This means that the original purpose and the proposed purpose are so closely related that the individual would expect that the information would be used for the consistent purpose, even if the use is not spelled out.

De-identification: The removal of the following information from a record:

  1. Information that identifies an individual.
  2. Information that could be used, either alone or with other information, to identify an individual based on what is reasonably foreseeable in the circumstances.

Information Practices: The practices and procedures of an institution for actions in relation to personal information, including:

  1. when, how and the purposes for which the institution collects, uses, modifies, discloses, retains or disposes of personal information, and
  2. the administrative, technical and physical safeguards and practices that the institution maintains with respect to protecting the information; 

Linkage: The joining of two different datasets for the same individual into one dataset containing more data fields for the purposes of data integration using a data key or other unique identifier.

Personal information: Recorded information about an identifiable individual, including:

  1. information relating to the race, national or ethnic origin, colour, religion, age, sex, gender, sexual orientation or marital or family status of the individual;
  2. information relating to the education or the medical, psychiatric, psychological, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved;
  3. any identifying number, symbol or other particular assigned to the individual;
  4. the address, telephone number, fingerprints or blood type of the individual;
  5. the personal opinions or views of the individual except if they relate to another individual;
  6. correspondence sent to an institution by the individual that is implicitly or explicitly of a private or confidential nature, and replies to that correspondence that would reveal the contents of the original correspondence;
  7. the views or opinions of another individual about the individual; and
  8. the individual's name if it appears with other personal information relating to the individual or where disclosure of the name would reveal other personal information about the individual.

Privacy: The principle that an individual has the right to control their own personal information.