Our Commitment to Protecting Your Privacy
The Mood Disorders Association of BC is committed to protecting the privacy of its support group members, facilitators, donors, volunteers, employees, and other stakeholders. We value the trust of those we deal with and of the public, and we recognize that maintaining this trust requires us to be transparent and accountable in maintaining the confidentiality of the personal information that you choose to share with us.
Mood Disorders Association of BC embraces the principles of British Columbia’s Personal Information Protection Act (PIPA). We are committed to ensuring that all personal information is properly collected, used only for the purposes for which it is collected, and is disposed of in a safe and timely manner when no longer required.
The Privacy Principles
Mood Disorders Association of BC is committed to protecting the privacy and confidentiality of your personal information. The following principles reflect our pledge to safeguard your personal information:
1. We are accountable for your personal information
We are responsible for all personal information in our possession or under our control. All employees, agents and authorized service providers of Mood Disorders Association of BC are required to protect the confidentiality of your personal information. We take every precaution to ensure confidentiality of your information. The information that an individual or an employer provides to us is used only for MDABC purposes as outlined in section 2.
2. We collect, use and disclose personal information only for certain purposes that we identify to you
We collect, use or disclose information only for use in MDABC’s day-to-day activities to:
- Administer your MDABC Membership, send you notice of annual and extraordinary general meetings of the society and contact you about renewal
- Send MDABC Newsletters to Members of Support Groups
- Administer your donation and contact you about renewal
- Know who our donors are
- Respond to your information requests
- Periodically, as we are able, to send you literature on MDABC or invite you to recognition and information sessions
- Thank you and recognize your gift and/or volunteer contributions
We obtain personal information about you lawfully and fairly. Personal information collected will be limited to that required for the purposes identified by us.
3. We will obtain your consent
We collect, use or disclose your personal information with your permission. The way we seek consent may vary depending on the sensitivity of the information and the reasonable expectations of the individual. Your permission may be expressed in writing or it may be implied and may be given to us verbally or electronically.
You may withdraw your permission to collect, use and disclose your personal information at any time, subject to legal or contractual restrictions and reasonable notice.
We respect your right to be removed from our mailing list. You always have the opportunity to decline receiving further communication from us by contacting our Privacy Officer, Martin Addison, Executive Director, at email@example.com.
We will obtain individual and explicit consent before making information available to third parties.
4. We will limit collection
We will limit the amount and type of personal information collected to that which is necessary for our identified purposes.
5. We will limit use, disclosure and retention
We will keep your personal information only as long as it is necessary to satisfy the purposes for which it was obtained or as required by law. Where personal information is no longer required to fulfill the identified purposes, it will be destroyed, erased, or made anonymous.
6. We keep your personal information accurate and up to date
We will use our best efforts to ensure that personal information is as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. You are entitled to seek a correction of your personal information if you believe that the information in our possession is not correct.
7. We safeguard your personal information
We will protect personal information with safeguards appropriate to the sensitivity of the information. Our safeguards will protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification, regardless of the format in which the information is held.
When you make an online donation, a secure connection is established and your information is encrypted to prevent interception during the transaction. This secure connection is maintained until the transaction is completed or terminated. The software that enables these processes is routinely updated to maximize protection of your information. For credit card transactions, we use an industry-standard secure service.
8. We will be open about our privacy practices
We will make readily available to you specific information about our policies and practices relating to the management of personal information.
9. We allow you to access your personal information
Upon written request, we will inform an individual of the existence, use, and disclosure of their personal information and we will provide access to that personal information. We will respond to an individual’s written request within a reasonable time (generally within 30 days).
10. You may register a complaint
You may register a privacy-related complaint by contacting Mood Disorders Association of BC’s Privacy Officer. We will explain our procedure and provide information about other complaint procedures available. If we find a complaint to be justified, we will take all appropriate measures, including if necessary, amending our policies and practices.
For more information, please contact our Privacy Officer, Martin Addison, Executive Director, at (604) 873-0103 or at firstname.lastname@example.org.
Anti-Spam (CASL) Compliance
The federal government has passed Canadian Anti-Spam Legislation (CASL) aimed at reducing the flow of unsolicited commercial electronic messages (CEM). MDABC complies with this new law which came into effect July of 2014. This page summarizes and simplifies the complex requirements of the CASL.
This FAQ includes the following topics:
What is the Canadian Anti-Spam Legislation (CASL)?
The primary purpose of the Canadian Anti-Spam Legislation (usually called the CASL) is to regulate the distribution of commercial electronic messages and control spam (unwanted Commercial Electronic Messages, or CEMs). The law prevents the distribution of commercial messages sent through electronic means, such as email and text messages, without the consent of the recipient. It also requires that all electronic messages clearly identify the sender and include an unsubscribe measure.
Other provisions concerning commercial software will be phased in beginning in 2015. They prohibit the installation of computer programs without consent (e.g., viruses, spyware); the unauthorized altering of transmission data; and the provision of false or misleading information in a message.
The CASL is one of the world’s most stringent anti-spam laws. General information on the CASL is available at fightspam.gc.ca.
When did the CASL come into force?
The law came into force on July 1, 2014.
Who does the CASL apply to?
The CASL applies to most organizations in Canada, including MDABC.
Scope of the CASL
What kinds of electronic messages are regulated by the CASL?
The CASL applies to “Commercial Electronic Messages” (CEMs), which are defined as any “electronic messages” that encourage participation in a “commercial activity”. These terms are defined below.
An “electronic message” is any message sent to an electronic account, e.g. an email, a text message, or an instant message. Interactive two-way voice communications, fax messages or voice recordings sent to a telephone account are not considered to be electronic messages.
A “commercial activity” is broadly defined as “any particular transaction, act or conduct or any regular course of conduct that is of a commercial character, whether or not the person who carries it out does so in the expectation of profit”. Examples of commercial activities include purchasing, selling, bartering or leasing products, goods or services, or land; providing a business, investment or gaming opportunity; or advertising or promoting any of these activities.
How does the CASL affect MDABC?
The law does not apply to messages related to the core activities of MDABC. MDABC, like other not-for-profit organizations, is not a commercial entity; it provides a public service and is primarily dependent on donor funding. Therefore, its core activities -- those activities that are central to its mandate and responsibilities -- are not of a “commercial character” and do not fall under the CASL. MDABC’s core activities are defined in the Societies Act.
Also, certain types of messages are specifically exempted from the scope of the CASL. See question 2.6 for a complete list of all of these exemptions.
Therefore, very few of MDABC’s electronic messages are subject to the CASL.
What does the CASL change?
The biggest change is that MDABC requires consent to send electronic messages related to MDABC events, membership renewals, mental health programs, special offers, contests and promotions.
This mostly affects email but also applies to messages sent directly to users on social media (for example, a direct message on Twitter). Commercial messages delivered by mail or phone are not changed by the legislation.
What are examples of activities that fall under the CASL?
Here are examples of messages sent by MDABC that do not fall under the scope of the CASL because they are of a non commercial nature:
- A message reminding you to renew your annual MDABC membership
- A message about special charitable events and contests
- A message containing information about sources of other mental health information,
- A message about volunteer or research opportunities
- A message about new MDABC services
Are donation requests considered to be commercial electronic messages?
Messages that have as their primary purpose raising funds for MDABC (fundraising messages) are exempt from this legislation. Consent is not required from the recipient before these messages are sent.
What are the exemptions to the CASL?
Messages that do not relate to the core activities of MDABC may nevertheless be exempted from the CASL. The exemptions are as follows:
- Messages sent by or on behalf of an individual to another individual with whom they have a personal or family relationship;
- Messages sent to a person who is engaged in a commercial activity and consists solely of an inquiry or application related to that activity;
- Messages sent within an organization that concern the activities of that organization;
- Messages sent between organizations with a relationship that concern the activities of the receiving organization;
- Messages sent in response to requests, inquiries or complaints, or otherwise solicited by the recipient;
- Messages sent to satisfy, provide notice of, or enforce a right, legal or juridical obligation;
- Messages sent on an electronic messaging service if the required information and unsubscribe mechanism are readily available on the user interface, and the recipient has consented to receive the message;
- Messages sent to a limited-access secure and confidential account to which messages can only be sent by the person who provides the account;
- Messages that a sender reasonably believes will be accessed in a listed foreign state, and conform to the anti-spam laws of such foreign state;
- Messages sent by or on behalf of a registered charity as defined in s.248(1) of the Income Tax Act, and have as their primary purpose raising funds; and
How the CASL Affects Individuals Receiving Messages from MDABC
What counts as consent to receive commercial electronic messages?
The law contemplates two types of consent: express consent or implied consent.
Express consent means that someone has explicitly given consent to receive commercial messages from MDABC. Express consent could be collected through an online form, or it can be collected in person.
Implied consent is time limited and occurs if someone has a pre-existing relationship with MDABC. MDABC has a prior business relationship with its patients as they attend our offices for consultations or Group Medical Visits. Non-business relationships exist with volunteers and donors.
Under the legislation, organizations have three years from July 1, 2014, during which they can assume implied consent for anyone with a prior relationship with that organization.
After that time, implied consent expires two years from the date your relationship with MDABC ends (for example, when a patient starts a relationship with a new psychiatrist external to MDABC).
If someone does not provide consent, MDABC may still send that person electronic messages that do not contain commercial content. MDABC may also continue to send messages that have as their primary purpose raising funds for the Society.
What do I agree to by providing consent?
You agree to receive messages from MDABC that have commercial content. You can unsubscribe at any time from emails you no longer want to receive.
Your consent will be recorded and stored to ensure that, going forward, we send commercial messages only to those individuals for whom we have consent.
For most people, providing consent will mean that nothing changes to the emails you currently receive from MDABC.
Will I continue to receive electronic messages from MDABC if I do nothing?
You might continue to receive commercial emails if we have your implied consent.
Implied consent exists if you have a pre-existing relationship with MDABC, such as taking attending a CBT program, attending a support group, volunteering or making a donation.
You may also still receive electronic messages that do not contain commercial content. This mostly includes news and information items and fundraising appeals.
You can unsubscribe at any time from emails you no longer want to receive.
I unsubscribed to email from MDABC. Why do I still keep getting messages?
Every email that MDABC sends has an option to unsubscribe. However, unsubscribing from one email list may not remove you from every mailing list.
Other CASL Requirements
What are the other CASL requirements?
In addition to the requirements related to CEMs, the CASL also contains the following prohibitions that take effect starting in 2015:
Installing unwanted computer programs: In order to prevent the installation of viruses, spyware, and other unwanted programs, CASL prohibits the installation of any program without the consent of the computer owner.
Altering transmission data: CASL prohibits the alteration of transmission data in an electronic message so that the message is delivered to a destination other than that specified by the sender.
Providing false or misleading information: CASL prohibits false or misleading information in CEMs, including:
(a) any representation in the body of the message that is false or misleading in a material respect;
(b) any false or misleading representation made in a “locator”, i.e. a name, URL, or other information used to identify the source of data in a computer system; and
(c) any false or misleading representation in the “From” or “Subject” line of a message.
Harvesting addresses: CASL prohibits the use of programs that “harvest” email addresses to create mailing lists.
Collecting personal information: CASL prohibits the use of computer systems to collect personal information without authority.