Principle # 1 – CSGA is accountable for personal information in its possession or control.
- CSGA is accountable for all personal information in its possession or control. This includes any personal information that CSGA received directly from applicants who are individuals, or indirectly, through applicants that are organizations (e.g., seed company corporations, government agencies).
- CSGA has:
- Established and put into effect policies and procedures aimed at properly protecting personal information;
- Appointed its Executive Director as the Chief Privacy Officer to oversee privacy issues at CSGA.
Principle # 2 – CSGA identifies the purposes for which it collects personal information from members before it is collected.
- CSGA collects personal information from applicants and uses and discloses such information, only to provide the services that applicants have requested and to comply with regulatory authorities. The types of information that may be collected and the purpose(s) for which it is collected, are set out in under Principles # 3 and # 4 of this privacy statement.
Principle # 3 – CSGA obtains consent when collecting personal information.
- By signing a CSGA Application form such as the Application for Crop Inspection and Membership, or the Variety Certification Eligibility Application, you are formally acknowledging this consent.
- Such personal information could include:
- Home addresses
- Home telephone and facsimile numbers
- Email addresses
- Personal identification numbers (e.g., grower number)
- Field information (varieties, crop kinds, acreage, previous land use)
- Personal information (e.g., seed production history, crop assignments)
Principle # 4 – CSGA uses or discloses personal information only for purposes for which it has consent or as required by law. CSGA retains personal information only as long as necessary to fulfill those purposes.
- As required by pedigreed seed crop certification standards, CSGA documents the work it performs in records. Such records include personal information obtained from an applicant or the CFIA inspector.
- The personal information collected from an applicant during the course of a crop production year may be disclosed to full time and contracted CSGA employees (e.g. programmers, IT technicians) to the extent required to assess compliance with applicable standards and CSGA policies, including providing quality control reviews of work performed and maintenance and development of database operating systems.
- CSGA collects fees associated with CSGA Branch and CSGA provincial association membership and acreage fees and passes those fees to those organizations. Information necessary for the CSGA Branches and CSGA provincial associations to conduct their business of communicating with, and providing services to, members in their region is disclosed to the relevant CSGA Branch or CSGA provincial association.
Principle # 5 – CSGA endeavors to keep accurate, complete, and up-to-date, personal information in its possession or control, to the extent required to meet the purposes for which it was collected.
- Individual applicants are encouraged to contact CSGA to update their personal information.
Principle # 6 – CSGA protects the privacy of personal information in its possession or control by using security safeguards appropriate to the sensitivity of the information.
- Physical security (e.g., restricted access, locked storage areas and filing cabinets) is maintained over personal information stored in hard copy form. Employees are authorized to access personal information based on applicant assignment and quality control responsibilities.
- Authentication is used to prevent unauthorized access to personal information stored electronically. Encryption is used to prevent unauthorized access to personal information received or sent over the Internet.
- For files and other materials containing personal information entrusted to a third party service provider (e.g. programmers, IT technicians) or regulator (e.g. CFIA, CSI, or CSGA Branch & CSGA provincial associations), CSGA obtains appropriate assurance to affirm that the level of protection of personal information by the third party is equivalent to that of CSGA.
Principle # 7 – CSGA is open about the procedures it uses to manage personal information.
Principle # 8 – CSGA responds on a timely basis to requests from applicants about their personal information which CSGA possesses or controls.
Individual CSGA applicants have the right to contact CSGA and obtain access to their personal information. Similarly, authorized employees of organizations that are applicants to CSGA have the right to contact CSGA and obtain access to personal information provided by that applicant. In certain situations, however, CSGA may not be able to give applicants access to all their personal information. CSGA will explain the reasons why access must be denied and any recourse the applicant may have, except where prohibited by law.
- CSGA has policies and procedures to receive, investigate, and respond to applicants’ complaints and questions relating to privacy.