Our Commitment to Your Privacy
Sandhills Credit Union its employees have always been committed to keeping our customer personal information accurate, confidential, secure and private. The Privacy Code that follows builds on this commitment. This code is based on the Credit Union Central of Canada Model Privacy Code and on the Model Code for the Protection of Personal Information (CAN/CSA-Q830-96) included as Schedule 1 of the federal Personal Information Protection and Electronic Documents Act. This Code describes how Sandhills Credit Union subscribes to the principles set out in those model codes.
The 10 Principles
Ten interrelated principles form the basis of the Sandhills Credit Union Code for the protection of Personal Information (“the Code”). Each principle must be read in conjunction with the accompanying commentary.
Sandhills Credit Union is responsible for personal information under its control and shall designate a Privacy Officer who is accountable for the credit union’s compliance with the principles of the Code.
2. Identifying Purposes
The purposes for which personal information is collected will be identified by the credit union at or before the information is collected.
Where clearly in the interests of the member, the knowledge and consent of the Member are required for the collection, use, or disclosure of personal information, except in specific circumstances as described within this Code.
4. Limiting Collection
The collection of personal information will be limited to that which is necessary for the purposes identified by the credit union. Information shall be collected by fair and lawful means.
5. Limiting Use, Disclosure, and Retention
Personal information will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the Member or as required by law. Personal information will be retained only as long as necessary for the fulfilment of those purposes.
Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information. The credit union shall apply the same standard of care as it applies to safeguard its own confidential information of a similar nature.
The credit union shall make readily available specific, understandable information about its policies and procedures relating to the management of personal information.
9. Individual Access
Upon request, a Member shall be informed of the existence, use, and disclosure of their personal information, and will be given access to that information. A Member is entitled to challenge the accuracy and completeness of the information and have it amended as appropriate. Note: In certain situations, the credit union may not be able to provide access to all the personal information it holds about a member. Exceptions to the access requirement will be limited and specific.
A Member shall be able to question compliance with the above principles to the credit union’s Privacy Officer. The credit union will have policies and procedures to respond to the Member’s questions and concerns.