3.0 Personal Information Protection Principles
LUSA is accountable for the protection of all personal information within the organization's possession or control, including any personal information that has been transferred to a third party for regulatory, legal or processing purposes. LUSA will require a comparable level of protection of this information from its third party relations.
• Identifying Purposes
Personal information that LUSA collects from customers includes:
The member’s names, parents names and address and other contact information, such as telephone numbers, email address, information about a member’s transactions with LUSA, such as account balances, payment history, reference information, such as date of birth of children and or adults registering with LUSA. Medical information to be used in case of emergency situations.
When an individual applies for membership with LUSA, we will make the individual aware of the purposes for which LUSA is requesting the personal information. If LUSA identifies other purposes for which the personal information may be used, LUSA will seek the individual's consent prior to such use. LUSA will advise that it is the individual's right to refuse permission for LUSA to use personal information for any new purposes.
Additional purposes for collecting personal information may be identified to an individual before or at the time of collection. However, at a minimum LUSA will collect personal information for the following purposes:
To verify the registration identity;
To determine the members eligibility for age group registration;
To assist us in updating the customer’s contact details;
For pre-authorized payments;
For medical circumstances that are important to supply the coaches; To respond to the member’s inquiries about teams;
To prevent fraud with respect to both the customer and LUSA;
To meet legal, regulatory and settlement requirements.
4.0 Personal Information Protection Principles
The knowledge and consent of an individual are generally required for the collection, use or disclosure of personal information and LUSA will seek to obtain consent before or when it collects, uses or discloses personal information about an individual. An individual can provide consent to the collection, use and disclosure of personal information about them expressly or implicitly. However, LUSA will collect, use or disclose personal information without an individual's knowledge and consent only in limited circumstances and as permitted by law, such as in the case of an emergency where the life, health or security of an individual is threatened.
Subject to certain legal and contractual restrictions and reasonable notice, an individual can refuse or withdraw their consent to the collection, use or disclosure of personal information about them at any time.
5.0 Limiting Collection
LUSA limits the amount and type of personal information it collects to that which is necessary for the business of the utility and as permitted by law. Each affiliate of LUSA will be responsible for its own collection, use and disclosure of information. Personal Information will be collected using procedures that are fair, transparent and lawful.
6.0 Limiting Use, Disclosure and Retention
LUSA will only use the personal information for the purpose for which it was collected, unless consent is given by the individual to use or disclose it for another purpose or as is required by law. LUSA will develop explicit retention periods for closed accounts, after which the personal information will be destroyed or made anonymous.
Under certain exceptional circumstances, LUSA may have a legal duty or right to disclose personal information without the individual's knowledge or consent.
LUSA shall take all reasonable steps to ensure that all personal information will be kept accurate, complete and up to date.
Individuals may challenge the accuracy and completeness of personal information about them and have it amended, as appropriate.
In executing its responsibilities with respect to the confidentiality of personal information, LUSA will employ a number of safeguards, appropriate to the sensitivity of the information, to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
Such safeguards will include physical measures, organizational measures and technological measures, for example locked filing cabinets, restricted access to offices, security clearances, limiting access on a “need to know” basis and the use of passwords and encryption. Procedures for implementing these measures will be communicated to all employees and third parties to ensure compliance with this principle.
LUSA will make its policies and practices relating to the protection of personal information available to its members. LUSA will keep its members informed of these policies and practices and members shall be provided access to all related policies and procedures via the LUSA web page. The information will be available in a format that is easy to understand.
10.0 Individual Access
Any member of LUSA can have access to the personal information about them that LUSA has in its possession or control. Any member may request that their personal information be amended for purposes of accuracy and completeness.
Members can make their requests by telephone (604-530-3470), via email (email@example.com) or in writing (PO Box 26015, Langley, BC, V3A 8J2. Response to an individual’s request will be made in a timely and efficient manner.
11.0 Challenging Compliance