Kindred Privacy Code
At Kindred, we understand that privacy is a critical issue for all our members. Our privacy code outlines our principles and procedures regarding the confidentiality and security of member personal information.
This code outlines the principles Kindred applies when protecting members’ privacy. We believe that ensuring the accuracy, confidentiality, and security of the information we hold about you is more than simply a legal requirement; it is an ethical obligation.
This code is based on the Canadian Standards Association (CSA) Model Code for the protection of personal Information (CAN/CSA-Q830-96) and the Federal Personal Information Protection and Electronic Documents Act (PIPAEDA). Based on these models, we have tailored our own ten privacy principles to meet the specific needs and expectations of our membership.
This code applies to Kindred. It outlines the principles and commitments we make to you, our member, to protect the privacy of your personal information. This code does not apply to the information collected, used or disclosed with respect to corporate or commercial entities that are members. However, Kindred exercises the same care and diligence in protecting the confidentiality of this information.
“Collection” – the act of gathering, acquiring, or obtaining personal information from any source, including third parties, by any means.
“Consent” – involves voluntary agreement with what is being done or proposed. Consent may be expressed or implied. Express consent can be given orally or in writing, it is unequivocal, and does not require any inference on the part of Kindred. Implied consent exists when Kindred can reasonably infer consent based upon the action or inaction of the member.
“Member” – is any individual who uses, or applies to use, financial services with Kindred.
“Kindred” – means Kindred Credit Union Limited.
“Disclosure” – the act of making personal information available to others outside of Kindred.
“Use” – the treatment and handling of personal information by and within Kindred.
“Personal Information” – information about an identifiable individual that is recorded in any form; excluding the individual’s name, business title, business address and business phone number.
“Third-Party” – an individual or organization other than Kindred and the member.
To understand the financial and banking needs of our members;
- To develop and manage products and services to meet the needs of our members;
- To contact our members directly for products and services that may be of interest;
- To determine the eligibility of our members for different products and services;
- To ensure a high standard of service to our members;
- To meet regulatory requirements;
- To verify a member's identity.
Section 3: Member Consent
3.0 Kindred will obtain member consent to collect, use or disclose any personal information except where detailed in this code. Kindred will make reasonable efforts to ensure that members understand how their personal information will be used and disclosed.
3.1 A member's consent can be express, implied, or given through an authorized representative such as a lawyer, agent or broker. A member can withdraw consent at anytime, with certain exceptions (see section 3.3). Kindred, however, may collect, use or disclose personal information without the member's knowledge or consent in exceptional circumstances:
- A description of the type of personal information held by Kindred, including a general account of its use;
- A copy of any brochures or other information that explain the policies and procedures; and
- An explanation of what personal information is made available to related organizations such as affiliated companies.
Section 9: Providing Member Access to Personal Information
9.0 Members have a right to access their personal information held by Kindred. Upon request, Kindred will, within a reasonable time period, tell the member what personal information it has, what it is being used for, and to whom it has been disclosed, if applicable, and within the time period for which records are available.
9.1 Members may be asked to be specific about the information they would like to access and to submit their request in writing to the Privacy Officer at Kindred’s head office.
9.2 Members will be required to provide personal information to identify themselves to enable Kindred to provide an account of the existence, use, and disclosure of personal information.
9.3 Kindred will make the information available within 30 days, or provide written notice of extension where additional time is required to fulfill the request. When information is not provided within 30 days of the request, Kindred will, no later than 30 days after the date of the request, send a notice of extension to the member, advising of the new time limit, the reasons for extending the time limit and of the right of the member to make a complaint to the Commissioner regarding the extension.
9.4 The information will be made available at a cost that will vary with the type and amount of information requested. Where a cost will be incurred by the member, Kindred will inform the member of the cost and request further direction from the member on whether or not Kindred should proceed with the request.
9.5 When reporting to members to whom their information has been disclosed, Kindred will not document information transfers necessary for the daily provision of products and services to members. For example, transfers to organizations that process debit card purchases, cheque clearing, credit card transactions, and automated banking transactions will not be documented. Upon request, Kindred will provide a list of organizations where member personal information may have been sent.
9.6 If a request is refused, Kindred will notify the member in writing, documenting the reasons for refusal and resources for redress available to the member.
9.7 In certain situations, Kindred may not be able to provide access to any or all personal information about a member. In such cases, Kindred will explain the reasons it will not provide the requested information, and identify resources for recourse available to the member. The reasons for not providing information may include that it is unreasonably costly to provide, information that would threaten the life or security of another individual, information generated in a formal dispute resolution process, information that contains references to other individuals, information that cannot be disclosed for legal, security, or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege.
9.8 If the information is demonstrated to be inaccurate or incomplete, Kindred will amend the information as required. Where appropriate, Kindred will transmit the amended information to Third Parties having access to the information in question.
Section 10: Compliance and Complaints
10.0 Members are to direct any complaints, concerns or questions regarding this privacy code in writing to the Privacy Officer. If the Privacy Officer is unable to address the member's concerns, the issue can be referred to the office of the CEO. At any point in this process the member may also write to the Privacy Commissioner.
10.1 Contact Information: