CFFB's Privacy Policy

Our Commitment to Protecting Your Privacy

At the Centre for Family Business, our commitment to protecting the confidentiality and security of your Personal Information is a priority! We have adopted the ten privacy principles established by the Canadian Standards Association’s model Code for the Protection of Personal Information. These ten principles form part of the Personal Information Protection and Electronic Documents Act. This ‘Act’ establishes rules governing the collection, use and disclosure of Personal Information.

What is Personal Information?

Under the Act, Personal Information is broadly defined as information (data) – oral, written or electronic – about an identifiable individual. Personal Information includes, but is not limited to, the following:

  • name, address and telephone number
  • age, gender, family and marital status
  • identification numbers (such as Social Insurance Number or driver’s license)
  • financial and employment information
  • credit rating, payment records
  • medical and health information

What Is NOT Personal Information?

The name, title, business address of business telephone number of an employee of an organization (‘business card information’) is not considered Personal Information. Any data that we have collected in which all the ‘personal identifiers’ have been removed, making it impossible to determine the identity of the person to whom it relates, is also not considered Personal Information.

Why We Ask For Your Personal Information?

The Personal Information we ask for depends on the services you may require. While the majority of the information you provide us with is not considered Personal Information, (‘basic business card information’) it is important for you to know that the Centre for Family Business does not sell, trade or rent its database contact information to any organization for any purpose.

Our Ten Privacy Principles:

  • Accountability: All staff and volunteers of the Centre for Family Business are accountable for protecting the confidentiality and security of all Personal Information under their control. We have designated an individual to oversee our compliance with the Act and ensure that our ten privacy principles are upheld.
  • Identifying Purposes: We will identify the purposes for which your Personal Information is being collected either before or at the time of collection.
  • Consent: We will explain the reason for and obtain your consent before using or disclosing your Personal Information. It is your right to choose not to provide us with some or all of your Personal Information. You may even deny us or withdraw consent to the use or disclosure of your Personal Information for certain purposes.
  • Limiting Collection: We will limit the collection of your Personal Information to only those details that are necessary for purposes identified.
  • Limiting Use, Disclosure and Retention: We will only use your Personal Information for the purposes for which it was collected, unless you have consented otherwise. Your Personal Information will only be retained for the time necessary to fulfill the purposes for which it was collected, and to meet any legal or regulatory requirements.
  • Accuracy: We will keep your Personal Information as accurate, complete and up-to-date as possible to fulfill the purposes for which it was collected. You can assist us in ensuring your information is current by providing us with any changes to your Personal Information, such as an address change. You have the right to challenge the accuracy and completeness of your Personal Information and amend it as necessary.
  • Safeguards: We will protect the Personal Information we collect from you with security safeguards. Even through the use of firewalls, system protections and procedures designed to prevent loss, misuse, unauthorized access, disclosure, alteration or destruction of your Personal Information unencrypted, electronically transmitted information is not 100% secure. Therefore, we cannot guarantee the security of any information you transmit to us electronically or that you request us to transmit to you via public Internet.
  • Openness: We will make available to you information about our polices and practices relating to the management of Personal Information.
  • Access: We will give you access to your Personal Information at your request, subject to any legal or business restrictions.
  • Challenging Compliance: You may contact us with any questions, concerns or suggestions with the respect to our ten privacy principles at the address below:

Chief Privacy Officer

To reach our Chief Privacy Officer, please send a letter to the Centre for Family Business at:

140 Westmount Road North,
Conrad Grebel University College
Waterloo, ON, N2L 3G6

Or call the Centre for Family Business at (519) 749-1441