THIS POLICY (the “Privacy Policy”)
The Toronto Society of Financial Analysts and its affiliates and agents (“CFA Society Toronto”, “we”, “us”, “our”) provides access to the “cfatoronto.ca” web site (the “Site”) in support of our mission to support and enhance the investment profession and the CFA charter within our community (the “Mission”).
We are committed to protecting the privacy of the Personal Information of users of the Site and Account Holders (collectively, “you”, “your”).
1. Definitions
1.1 “Account Holder” means a user who also registers an account (“Account”) under the Site.
1.2 “Content” means text, images, photos, audio, video, and all other forms of data or communication. “Your Content” means Content that you submit or transmit to or through the Site, such as invitations, and information that you display as part of your account profile. “User Content” means Content that users submit or transmit to or through the Site. “Our Content” means Content that we create and make available on the Site. "Third Party Content" means Content that is made available on the Site by parties other than CFA Society Toronto or its users. "Site Content" means all of the Content that is made available on the Site, including Your Content, User Content, Third Party Content, and Our Content.
1.3 The term “Personal Information” means information about a determined or identifiable individual. This includes but is not limited to your name, address, telephone number, occupation, profession or personal occupation, images, video or photos that may allow proper identification, e-mail address, and any other sensitive information that may be related to race; ethnical condition; political position; religious, philosophical or moral convictions; union affiliation; biometric or genetic data; health condition or sexual preference, or any other considered as personal or sensitive data, regulated or protected under data privacy laws.
1.4 “Site” means the Site, and the software, hardware, tangible and intangible rights or assets, either property, managed, licensed or used by CFA Society Toronto, at its principal place of business, for operating and making available the Mission to internet users, and includes without limitation registered accounts, Site Content and information posted and accessible therein.
1.5 A “User” is someone who accesses, browses or in any way uses the Site or Site Content.
2. Purpose, Scope and Intent
2.1. CFA Society Toronto has created and established this Site as part of the Mission. To carry out the Mission, we make services available through our Site to assist you and other business professionals.
2.2. The purpose of this Privacy Policy is to set out the principles governing our collection, use, processing and disclosure of the Personal Information we may obtain about you during your visit to or use of the Site or otherwise.
3. Information We Collect from You
3.1. We collect your Personal Information primarily from you. We may also collect it from other sources including agents and contractors or other third parties who represent that they have the right to disclose the information.
3.2. When you register for an Account, we may collect from you certain information, including but not limited to the following: a username, password; your first and last name and email address; mailing address; phone number; and information regarding your experience in the investment industry.
3.3. From time to time, we may request other Personal Information in order to provide features, functions or services, but you will always have the choice to decide whether or not to provide the requested information. If you access the restricted access portions of the Site or request certain services, you may be required to provide additional Personal Information.
4. Your Consent
4.1. We may collect, process, use or disclose your Personal Information only with your consent or as permitted or required by law. You will always be asked for your clear, express, affirmative consent to the collection, processing, use and disclosure of your Personal Information when it is requested. If we collect Personal Information relating to your fundamental rights and freedoms, including for example your ethnic origin, political opinions or religious beliefs, we will make it abundantly clear that we are asking for your explicit consent to the collection and processing of such information.
4.2. We also obtain your clear, express, affirmative consent in your registration of an Account or other document, or by facsimile, electronic mail or telephone conversations with our employees, representatives or agents.
4.3. We also obtain consent from an individual representing to us that he or she has the authority to provide such consent.
4.4. The form of consent may vary depending upon the circumstances and the type of information, including the sensitivity of the information and your reasonable expectations, however we will always make sure that any consent you provide is clear, express and affirmative.
4.4. You may opt in to receiving marketing or promotional communications from us at the time of registering an Account or subsequently by contacting us or by online subscribe / unsubscribe. You may withdraw your consent for any other identified purposes at any time, subject to requirements under applicable laws. We may not be able to provide you with a particular service, including without limitation access to an Account or the Site, if you withdraw your consent to certain uses of Personal Information.
5. What We Do with Your Personal Information
5.1. Personal Information provided by you in connection with your business relationship with us, may be used by, collected by, processed by and/or disclosed by us (including our agents and member organizations) for the following purposes:
5.1.1. To evaluate your Account registration application and your eligibility for an Account;
5.1.2. To enable us to enter into contractual relationships with you, including without limitation the Terms of Use, inclusive of the Terms and Conditions;
5.1.3. For contract management and administration;
5.1.4. To provide information and services that you request, and to respond to your comments and inquiries;
5.1.5. In top-level aggregated form to attract users and other Account Holders, as well as to expand, reduce and otherwise make changes to the Site (such aggregated reports will not contain personally identifiable information);
5.1.6. For marketing and promotion of services from CFA Society Toronto and or third parties with which CFA Society Toronto has a relationship to you;
5.1.7. To meet legal and regulatory requirements or to disclose information when we believe in good faith we are compelled to do so by law, a subpoena, court order, regulatory body or similar legal procedure;
5.1.8. If we believe in good faith that the disclosure is necessary to prevent physical harm or financial loss or to report suspected illegal activity;
5.1.9. In connection with business relationships involving CFA Society Toronto, but only where such third party receiving this Personal Information first agrees to be bound by the terms of this Privacy Policy;
5.1.10. To analyze data individually or in aggregate to assist in our internal economic and demographic projections and to display that aggregated data; and
5.1.11. As may be otherwise authorized by you.
5.2. If your Personal Information is to be used, processed or disclosed for any new purposes, we will, to the extent required by law, identify these new purposes prior to such use, processing or disclosure and obtain your clear, express, affirmative consent.
5.3. We will not sell any of your Personal Information that you provide us or provide to a third party for the purpose of solicitation by a third party.
5.4. We may aggregate information (gather up data across all User Accounts) or anonymize such information that is not publicly available, including User generated Content, in a manner that creates non-identifiable information and disclose such information to third parties for other marketing, promotional, statistical and useful purposes. In these situations, CFA Society Toronto does not disclose to these entities any Personal Information. You may at any time object to the use and/or processing of your Personal Information in connection with these purposes.
5.5. In some cases Personal Information may be disclosed, processed and/or stored outside of the country in which you or we reside, and therefore may be available to government authorities under lawful orders and laws applicable there. You are entitled to know whether we are processing your Personal Information, both domestically and in a foreign country. You may contact us at Privacy@cfatoronto.ca to find out whether your Personal Information is being processed and where.
5.6. You are also entitled, at any time, to contact us at Privacy@cfatoronto.ca in the event that you wish to restrict or object to the processing of your Personal Information. We will cooperate with any and all requests that are in accordance with applicable laws. You may complain to a supervisory authority if you feel that we are not responding reasonably to your requests.
5.7. You may, at any time, request that we confirm what Personal Information of yours is in our possession by contacting us at Privacy@cfatoronto.ca. You may also at any time request that we tell you how long your Personal Information will be stored for, how we determine the duration of this storage period and who exactly is in receipt of your Personal Information. We are happy to provide as much information as reasonably possible about how your Personal Information is processed, and will cooperate with any and all requests that are in accordance with applicable laws.
5.8. Lastly, you may at any time request that we delete all of your Personal Information that is in our possession by contacting us at Privacy@cfatoronto.ca, and we will cooperate with any and all requests that are in accordance with applicable laws.
6. Privacy and the Internet
6.1. On the Site we may also collect information that, alone, cannot be used to identify users. Examples of these types of information include IP addresses, cookies, Internet tags and navigational data.
6.1.1. An Internet Protocol (IP) address is a number automatically assigned to users’ computers when they access the Internet. This number does not identify the user’s name, e-mail address or other Personal Information. This information may be used to perform certain operations including without limitation to measure web site traffic, to help to understand how people are using the web site and to improve the web site and services provided.
6.1.2. "Cookies" are small text files that our Site sends to your browser, which provides information to us about your general Internet usage, such as recognizing repeat visitors and allowing us to understand how and when pages are visited. You may opt in to enable a feature in your browser software that will erase cookies or block all cookies, however, some parts of the Site may no longer function properly if cookies are disabled.
6.1.3. Internet tags are smaller than cookies and tell the Site server information such as the IP address and browser type related to a user’s computer. Tags may indicate how many times a page is opened and which information is consulted.
6.1.4. Navigational data (including log files) are used for system management, to improve the content of the Site, for market research purposes and to communicate information to visitors. This may include the web site you came from, your browser type, domain name and time and date of access.
6.2. The Site and electronic message sent by or on behalf of CFA Society Toronto may contain links to other sites. The provision of these links is for your convenience only, and does not constitute an endorsement, recommendation or approval of such other sites. This Privacy Policy is no longer applicable when you leave our Site by way of links or otherwise. Linked sites may or may not maintain their own independent privacy policies and procedures. You should consult these policies and procedures before providing any Personal Information to these linked sites.
7. Maintaining the Accuracy of Your Personal Information
7.1. Youare solely responsible for the accuracy, completeness and up-to-date aspect of the Personal Information you provide to us You are entitled to request that we rectify your Personal Information if you notice any errors or inconsistencies, following which it will be our obligation to promptly amend or update your Personal Information. We shall use reasonable efforts to keep our records of your Personal Information accurate, complete and up-to-date based upon the Personal Information we receive from you.
7.2. You or a person authorized by you, are responsible for informing us about changes to your Personal Information that are necessary to fulfill the identified purposes, such as but not limited to: if your name or address changes; or if a contact person changes.
8. Safeguarding Your Personal Information
8.1. We take commercially reasonable precautions to protect your Personal Information (regardless of the format in which it is held) against loss or theft, unauthorized access, unauthorized disclosure, copying, use, or modification, through safeguards appropriate to the sensitivity of the Personal Information.
8.2. Access to your Personal Information is only given to our employees who need to know the information and whose duties reasonably so require the information in order to fulfill the identified purposes.
8.3. CFA Society Toronto has adopted physical, procedural and technological procedures, including firewalls, in an effort to keep your Personal Information safe. Our Site uses SSL technology, which is an open protocol for secure data communications across computer networks. Data transmitted over the Internet, however, is not guaranteed to be secure and we do not guarantee, warrant or represent that the Personal Information you provide will be transmitted securely or protected completely against interception, loss, misuse or alteration. CFA Society Toronto accepts no responsibility or liability for any damages that may result where Personal Information submitted by you has not been securely transmitted, or has been intercepted, lost, misused or altered.
8.4. CFA Society Toronto uses commercially reasonable technical, physical, operational and procedural safeguards to protect Personal Information and Your Content from loss, misuse, alteration, and unauthorized access or disclosure. Due to the nature of CFA Society Toronto’s business, including its dependence on the public Internet, CFA Society Toronto cannot ultimately ensure that private communications and Personal Information and Your Content will not be intercepted by third parties or otherwise obtained in ways not described in this Privacy Policy. Although CFA Society Toronto attempts to protect the privacy of users, CFA Society Toronto cannot absolutely guarantee that such information will remain private. While no security measure can guarantee against compromise, CFA Society Toronto regularly reviews and updates its security measures in an effort to provide appropriate security for all information held by CFA Society Toronto.
8.5. In the event that a data breach involving your Personal Information occurs, and that the breach is likely to result in a risk to your rights and freedoms, we will notify you of the breach within 72 hours of its occurrence and without undue delay. We will explain the nature of the breach, provide contact information for further information, explain our understanding of the likely consequences of the breach and set out the measures we will take to address the breach and mitigate against its adverse effects. We will also maintain an up to date register of data breaches involving your Personal Information.
8.6. We retain your Personal Information only as long as necessary or relevant (1) for the identified purposes, (2) as required by law, (3) as required by agreements with third parties related to the Mission, (4) where we use your Personal Information to make a decision about your application to register an Account, long enough to allow you access to the information for a reasonable period of time after the decision has been made, and (5) where your Personal Information is the subject of a request from you, for as long as is reasonably necessary to allow you to exhaust any recourse you may have under the law. We shall use commercial reasonable efforts and protocol to dispose of or destroy your Personal Information to prevent unauthorized parties from gaining access to the information. We will not retain Personal Information if we become aware that such information is being unlawfully processed.
9. Special Note About Children
9.1. The Mission and the Site is not directed towards children, nor does CFA Society Toronto believe that the Mission or the Site will be of interest to children. CFA Society Toronto recognizes, however, the important safety issues regarding children who access the Internet. CFA Society Toronto does not knowingly collect, use, or disclose Personal Information from children, and is committed to complying with all applicable laws and requirements. To remove the information related to a child who has registered an Account and permanently remove all Personal Information regarding this child from the Mission database, you should contact our Privacy Officer as provided for herein.
10. Promotional Communications
10.1. When registering an Account, we may offer you the option of receiving notification of special offers by us and other promotional information. You must indicate your affirmative, express consent to receive this valuable service.
10.2. From time to time, we may request information from you via surveys or otherwise. Participation in these surveys or other means is completely voluntary and you therefore have the choice whether or not to disclose the requested information. Information requested may include contact information (such as name, email address and shipping address), and demographic information (such as postal/zip code, etc.). Survey information will be recorded on an individual basis for the purpose of monitoring or improving the quality of the Mission and Mission offerings.
11. Fraud
11.1. If we suspect fraud by an Account Holder, we may investigate and report any evidence, including personally identifiable information, to law enforcement and to the courts in the course of seeking remedies in law or equity.
11.2. Any suspected breaches to the security of the Site should be immediately reported to our Privacy Officer as provided for herein.
12. Individual Access
12.1. Subject to restrictions detailed herein and within reasonable terms, you may obtain access to files on your Personal Information by making a formal request to our Privacy Officer. Following your request we will promptly provide you with a copy of your Personal Information in a machine readable format. We can also provide a copy of your Persona Information to assist with transferring it to another data controller.
13. Account Cancellation
13.1. You may cancel, close and terminate your Account at any time in accordance with our Terms and Conditions.
14. Language and Governing Law
14.1. Where we provided you with a translation of the English language version of the Privacy Policy or any other documentation, you agree that the translation is provided solely for your convenience and that the English language versions of the Privacy Policy and any other documentation will govern the Privacy Policy and your relationship with CFA Society Toronto and the Mission. The parties have required that the Privacy Policy and all related documents be drawn up in English. Les parties ont demandé que ces politique de confidentialité ainsi que tous les documents qui s'y rattachent soient rédigés en anglais.
14.2. Governing Law. This Privacy Policy and all actions contemplated by the same shall be governed by and construed and enforced in accordance with the internal laws of the Province of Ontario, Canada, including the principles of conflict of laws thereof. All acts involving the registration, use or operation of any Account or of the Site shall be deemed as accessed, entered, perfected or finally accepted, at the place of the location of CFA Society Toronto’s headquarters, irrespective of the location of the Site servers. All acts shall be considered as lastly accepted and perfected by CFA Society Toronto and at CFA Society Toronto’s headquarters.
15. Our Privacy Policies and Practices
15.1. You will be asked to provide clear, express, affirmative consent to the collection, processing and use of your information as CFA Society Toronto has outlined in this Privacy Policy and to the Terms of Use. CFA Society Toronto reserves the right to change, modify or update the terms of this Privacy Policy at any time, and such changes, modifications or updates will take effect following your clear, express, affirmative consent thereto.. CFA Society Toronto posts the revised Privacy Policy on the Site and indicates the date of the current statement below, so you know when it was last updated. You should regularly check the Privacy Policy for revisions. Changes will take effect upon the later of their posting, or your consent being obtained.
15.2. You may challenge the accuracy and completeness of your Personal Information held by us and ask us to amend the information as appropriate. Under certain conditions as permitted or required by law, we may not provide you with access to your Personal Information kept in our file. Where we refuse your request, we will identify the reasons for refusing the request. If a complaint is found to be justified, we will take appropriate measures including, if necessary, amending our policies and practices.
15.3. We have appointed a Privacy Officer who shall be accountable for our compliance with applicable privacy laws and this Privacy Policy. If you have inquiries regarding your Personal Information held by us or if you wish to address a challenge regarding our compliance with this Privacy Policy, you may contact our Privacy Officer in writing at the address listed below:
CFA Society Toronto
120 Adelaide Street West, Suite 2205
Toronto, Ontario, Canada
M5H 1T1
Attention: Privacy Officer
TEL.: 416-366-5755, ext 224
EMAIL: PrivacyOfficer@cfatoronto.ca
All inquiries and concerns will be fully investigated and responded to by our Privacy Officer.
This Privacy Policy is subject to applicable privacy laws and our right to change it at any time at our sole discretion.
Approved by Board of Directors: 22 August 2018
Posting Date: 29 August 2018