Ambrose University ("Ambrose") is committed to protecting the privacy of the personal information of its stakeholders: employees, students, donors, volunteers, etc. We value the trust of those we deal with, and of the public, and recognize that maintaining this trust requires that we be transparent and accountable in how we treat the information that they choose to share with us.
During the course of our mandate to glorify God as a Christian learning community committed to the education and formation of men and women for service we frequently gather and use personal information. Anyone from who we collect such information is entitled to expect that it will be carefully protected and that any use of or other dealing with this information will be subject to consent.
Defining personal information
Personal information is any information in any form (for example, paper, digital, audio–visual, graphic) that can be used to distinguish, identify or contact a specific individual (for example, name, home address, home phone number, ID numbers), and information about an individual (for example, physical description, educational qualifications, blood type). This information can include an individual’s opinions or beliefs, as well as facts about, or related to, the individual. The Personal Information Protection Act (Alberta) does not apply to certain publicly available information such as an individual’s name, address and home phone number contained in a telephone directory. For PIPA to apply, the personal information in question needs to be about an individual.
Business contact information is a sub–set of personal information. It includes an individual’s name and position and title, business telephone number, business address, business e–mail, business fax number and other business contact information. This information can be disclosed without consent to allow an organization to contact an individual as a representative of their organization.
At Ambrose we are committed to abiding by the following ten privacy principles:
- Accountability: Ambrose is responsible for personal information under its control. A designated individual is responsible for monitoring our ongoing compliance with the Privacy Principles.
- Identifying purposes: The purpose for which personal information is collected will be identified by Ambrose.
- Consent: Consent is required for the collection, use and disclosure of personal information, subject to certain exceptions. Such exceptions are set out in the law and include where legal, medical or security reasons make it impossible or impractical to seek consent. Consent may be expressed in writing, given verbally, electronically or through our, or authorized representatives. In certain circumstances, it may also be implied.
- Limiting collection: The collection of personal information must be by fair and lawful means and be limited to that which is necessary for the purposes identified.
- Limiting use, disclosure and retention: Personal information may only be used or disclosed for the purposes for which it was collected, other purposes consented to or as required or permitted by law. It may only be kept for as long as is necessary to satisfy the purposes for which it was collected or as required or permitted by law.
- Accuracy: Ambrose will make every effort to ensure that stakeholders’ personal information is as accurate, complete and current as required for the purpose for which the personal information was collected.
- Safeguards: Ambrose is committed to safeguarding its stakeholders’ personal information in order to prevent it from unwarranted intrusion, release or misuse. Ambrose will use security safeguards that are appropriate to the sensitivity of the information, in order to protect personal information.
- Openness: Information about Ambrose' privacy policies and practices for managing personal information shall be made available to those that request it.
- Individual access: Upon written request, an individual will be informed of the existence, use and disclosure of their personal information and will be given access to it, subject to certain exceptions, as permitted by law. The individual may also verify the accuracy and completeness of their information and request that it be amended, if appropriate.
- Inquiries and concerns: Ambrose may be contacted regarding inquiries or concerns about its privacy policies and practices.
The Ambrose website automatically collects anonymous usage data through Google Analytics. Information collected cannot be traced back to the end user, and is used to perform statistical analysis of user trends and interests and to help us make this site more useful to visitors. Visitors can choose to sign up for an account in order to access additional functionality (e.g. form submission), and all information is stored on a secured server located on the Ambrose University campus. Credit card information that is submitted for online payments is not stored on our servers, and is transferred through a secure connection (SSL) to Moneris, an industry leader in payment processing.
Privacy Compliance Officer, Ambrose University
150 Ambrose Circle SW
Calgary, AB T3H 0L5
Or e–mailed to: firstname.lastname@example.org
Further information on privacy and your rights regarding personal information may be found on the website of the Privacy Commissioner of Alberta at www.oipc.ab.ca.