top of page

The Youth and Parents

Agape Association Inc.

 

Privacy Policy

 

September 19,2023

 

 

 

 

 

The Youth and Parents Agape Association Inc. hereby known as Agape, are committed to protecting and respecting your privacy.  Please read the following carefully to understand how we may use your personal information.

This policy sets out the details of how Agape and all its various programs applies the personal data we collect from you, on our website, as well as other means including in person, by post, by email, social media and by telephone.

We are committed to protecting and respecting your privacy. This policy explains when, how and why we collect personal information about people who take part in our projects and how we keep this information secure, and the conditions under which we may share with others.

If you have any questions relating to our Privacy Policy, or how it may affect you, please email barbara@agapeassociationinc.com

Any changes you make to your communication preferences will be processed by us within ten working days of our receipt of your instruction; however, you may still receive non-essential communications in the intervening time between the submission of your change and when we process that change.

 

TABLE OF CONTENTS

1 – Who we are

2 – How to contact us

3 – Definitions

4 – How and when we collect personal information

5 – The types of personal information we collect

6 – Why do we process your personal data

7 – Who we might share your personal information with

8 – How we store your information

9 – Your rights

10 – Complaints and appeals

11 – Social media platforms

12 – Staff training

13 – Changes to this privacy policy

​

  1. Who we are:

Agape is a non-profit, charitable organization. Our mission is to enhance the vitality of the underprivileged English-speaking and multicultural people of Laval by offering a wide variety of services that promote and improve mental and physical well-being.

Our vision is that all people of Laval have access to the indispensable things in life such as food, shelter and clothing and that all people have equal opportunities with regards to education and healthcare.

Our goal is to enhance the vitality of the English-speaking people of Laval. We try to reduce inequalities in regard to indispensable things such as food, shelter, clothing by providing them, when possible, or advocating for them. We also advocate for better access to healthcare or quality education by participating in a wide variety of projects and partnership that promote and improve overall well-being.

​

    2. How to contact us:

Our registered address is:

3850 Boul. Notre Dame

Laval, QC  H7W 1S7

TEL: 450-686-4333

Contact us by email at: barbara@agapeassociationinc.com

 

  3.​Definitions:

In this Privacy Policy:

 

“Member” means any person who is a member, or applies to be a member, at the Agape Senior Wellness Centre (SWC) as well as our HEY program or any other programs that are run within the Agape organization.  “Membership” shall be construed accordingly.

 

“Personal data/information” means any personal data relating to an identified or identifiable natural person. This includes photos and videos. Personal information is classified into three categories.

  • Information concerning the organizations employees.

  • Information concerning the organizations Board of Directors

  • Information concerning the organizations members and program participants.

 

“Process” or “Processing” means anything that we do with your personal data, including collecting, storing, using and/or deleting the personal data.

 

“Services” means the sport, art, educational and enterprise activities, and other services provided for Members, and the services provided in relation to your Membership, as well as services provided by our food and clothing bank.

 

“You” refers to: an individual who visits our website, follows on social media or provided information in person, by phone, mail or email; a member; a supporter; funder; or member of staff or volunteer, in respect of whom we process personal data; and

 

“Retention” refers to the secure storage of your personal information for the required length of time.

 

“Anonymized” is the process of modifying personal information in such a way as to no longer allow it to be identified, directly or indirectly, at any time in an irreversible manner.

 

4. ​How and when we collect personal information:

Privacy is very important to us. We will only use your personal information in a way that is fair to you and in a clear, honest, and transparent way. We will only collect and store your personal data where and when it is necessary for us to do so and to be used solely in relevancy in dealings with you.

We collect personal information that you provide when you contact us, interact with us, or use our website or social media accounts. This can include when you sign up to receive our brochures, program information, when you make a donation to us, or take part in one of our projects.

 

We collect personal information in several ways, which include:

  • When you use our website or a third-party website to make a donation

  • When you sign up for the email list for any of our programs

  • When you call us by phone to donate, enquire about forthcoming projects or take part in one of our projects or fundraising events.

  • When you contact us by post or email, such as when you return a donation form, return a contact form, or return a sign up via letter/note or form to take part in one of our projects.

  • In person when you come to register for any one of our programs.

  • We very infrequently receive data about some clients from other sources, such as partner organizations (such as CISSS or 811). Please see “what we do with your information” for more details.

When an individual takes part in a project, the info provided will be used solely for the specific project that they are participating in. Agape will securely hold and process the information provided to us for the purpose of joining the project, in accordance with this privacy policy, and future communication will be carried out with the person(s) in charge of that project or their representative.

 

5. The types of personal information we collect:

We collect and store personal information from you when we are required to do so, such as to fulfil a contract you have with us; and when you’ve opted to give it to us, such as to be kept informed about our work by email.

The following list of information is the data we gather directly from you through our website, email, over the phone or by post, which is usually collected when you donate, sign up for our programs, or interact with us:

- Your title, name, and date of birth

- Your postal address and/or billing address

- Your email address and phone number (home and/or cellular)

 

We will also collect and hold details of any contact you have with us as a customer/member or supporter of Agape, which may contain details of:

- contact preferences.

- your age range.

- event registration, attendance, or ticket purchases.

- gifts and donation information.

- Aid status, this may include government forms that you have filled out or provided to us (including but not limited to health and financial information).

- details of correspondence sent to you and received from you by email, post, and over the phone.

- donor status and donation assessment information.

- where relevant, information accessed through social media sites such as Facebook, Twitter, LinkedIn and Instagram (only where you have given permission for this to happen).

- any other information provided by yourself, at the request of Agape.

 

Please be aware that some of the information which we collect from you may constitute sensitive personal information. We will only ever use this information in accordance with this policy and shall maintain strict and necessary measures to protect this information and its confidentiality.

​

We may on occasion take photographs and videos to be used in promotion of our activities. These photos may be used for internal postings as well to be shared on our social media accounts. Should at any point, you do not wish to have you photo taken, please contact the privacy officer to have these changes made to your account. In the case of any minor (under 16) a parental/guardian permission must be obtained in writing.

 

When an individual takes part in one of our projects, the information provided will be used solely for the specific project. Agape will securely hold and process the data provided to us for the purposes of joining the project, in accordance with this policy and will only be contacted for the purposes of said project. We will securely hold and process the data provided to enable us to plan and deliver the projects to the best of our abilities, and in extreme circumstances to contact someone in case of an emergency.

 

Please note that for certain projects it may be necessary to share information with third parties. This will only be done with the participants knowledge and consent. Necessary data will be shared in a secure manner with the relevant partner organizations such as to ensure that specific needs are met. Anonymized data may be shared for use in funding applications, reporting and evaluation.

 

6. Why do we process your personal data:

Depending on your relationship with Agape and the preference you have indicated to us, the information we hold may be used by us for a variety of reasons.

 

We may need to process personal data about you for many essential purposes. We could give lots of examples, but we have set out below a list of the main reasons that we may need to collect and use your personal data. We may not use your personal data for all of these purposes; it will depend on the nature of your relationship with us.

 

Delivery of core services: Delivery of our core activities may require us to record your contact details, eligibility for our services, records of transactions and other communications with you. This may also include fulfilling a contract that we may have with you, including sending invoices or payment received receipts.

 

Communication about, and administration of, your Membership: Where you are a Member, we will need to process your personal data in order to send you essential information about your Membership and/or the Services offered and to help us effectively carry out our activities. For example, we may need to use your personal data to keep you updated about your Membership, to send you information generally relevant to the programs, activities and events that are taking place. We may also send out the occasional surveys about our work, programs and activities to help improve the services that we offer. Tools may be used to monitor the effectiveness of our communications with you, including email tagging, which records when an email from us is opened and/or how many links in a message are opened.

 

Due diligence on donations: We have a duty to ensure that there is no reputational or financial risk to accepting a donation or other kind of support. Where you are a supporter or potential supporter, we may therefore use publicly available sources to carry out due diligence on you to ensure that we are fundraising within the law. If we cannot process your personal data for these purposes, then we may be unable to accept your donation or other support.

 

Research: We may collect data to carry out research on our supporter base. This is to improve our communications and ensure that we understand how best to interact with our valued supporters. Information we gather from individuals as part of this process is only used for our internal research purposes. Anonymized data may be shared for use in funding applications, reporting and evaluation.

 

Management of volunteers: If you are one of our valued volunteers, we may need to use your personal data to manage your volunteering activities, deliver training, involve and update you on our projects and campaigns and to ensure your safety. This may include sending you newsletters or information about our fundraising appeals so that you are best equipped to perform your role and advise the public about our work. If we cannot process your personal data for these purposes, then we may be unable to involve you in our volunteering activities.

 

Staff administration:  Employed staff who are crucial to both delivering our projects and raising the funds to provide our charitable services as well as providing a range of professional and technical support. We process the personal data of our staff for recruitment, staff administration, remuneration, pensions, and performance management purposes.

 

Optional uses:

 

We may also process personal data about you for other optional purposes. We have set out a list of examples below.  This usage of your personal data is on an opt-in basis. If you have opted in, you can choose to opt out of your personal data being used for any of these purposes by contacting us.

 

Fundraising, campaigning, and marketing: We have a range of fundraising and marketing activities that are designed to raise income or promote the aims and objectives of the organization. Where you have opted-in to receive such communications, we may use your personal data to contact you about projects, campaigns, sponsorships, events or volunteering opportunities, which we think you may be interested in.

 

 

Lawfulness of our Processing

 

It’s lawful for us to process personal data where the following conditions apply:

 

Consent: This applies where you have given your consent to the processing of your personal data for one or more specific purposes, or in the case of parent/guardian for children under the age of 16.   For example, we will always ask for your consent to contact you for the purpose of direct marketing by email, phone or SMS text message. Also, should we ever ask you to provide any special categories of personal data (or “sensitive personal data”) about yourself (for example, information about any health condition that may be relevant if you are participating in our activities) we will always seek your explicit consent to process this data or to share the information with a third party.  This also includes the taking and sharing of pictures and videos.

 

Where you have given, us consent to use your personal data in any way, you have a right to withdraw that consent at any time by contacting us. In some cases, withdrawing your consent may impact on our ability to provide the Services to you.

 

Contractual Necessity: This will apply when the processing of your data by our staff and/or in some cases a volunteer is necessary for the performance of our contract with you or in order to take steps at your request prior to entering into a contract with us.  Where you are a member or client, we process personal data about you in order to make the services available to you. We cannot provide the services without access to this personal data.

 

Legal Obligation: This will apply where the processing is necessary for us to comply with a legal obligation, which applies to us. This might include, for example, where we have a legal obligation in relation to a safeguarding issue or in relation to our statutory reporting requirements.

 

Your Vital Interests: This will apply where the processing of your personal data is necessary in order to protect your vital interests.  For example, this would apply if you were ill, and we needed to share your personal data with the emergency services.

 

Legitimate Interests: This will apply where the processing of your personal data is necessary for the purposes of the legitimate interests of Agape (or a third party), provided that such processing is fair and balanced and does not have a disproportionate impact on your rights of data privacy.  We have set out below a list of the legitimate interests that we may rely upon.

​

When we use your personal data for the purposes of our legitimate interests (as set out below), we will always consider if it is fair and balanced to do so and whether it would be within your reasonable expectations that we would use your data in this way. We will balance your rights and our legitimate interests to ensure that the way in which we use your data never goes beyond what you would expect and is not unduly intrusive or unfair.

Governance:

  • Delivery of our charitable purposes as set out in our charitable objectives.

  • Reporting criminal acts and compliance with the legal instructions of law enforcement agencies.

  • Internal and external audit for financial or regulatory compliance purposes.

  • Statutory reporting.

 

Publicity and income generation:

  • Direct marketing by post, email, text and other forms of marketing, publicity or advertisement which are not directed at an individual.

  • Personalization to tailor and enhance the supporter experience in our communications.

  • Analysis, targeting and segmentation to develop fundraising strategies and improve communication efficiency.

  • Processing for research purposes.

  • Profiling, including the use of publicly available information.

 

Operational management:

  • Employee and volunteer recording and monitoring for recruitment, safety, performance management or workforce planning purposes.

  • Physical security, IT and network security.

  • Processing for historical, research or statistical purposes.

 

Financial management and control:

  • Processing of financial transactions and maintaining financial controls.

  • Prevention of fraud, misuse of services, or money laundering.

  • Enforcement of legal claims.

 

Purely administrative purposes, which may include (without limitation):

  • Responding to any solicited enquiry from any of our stakeholders.

  • Delivery of requested products, resources or information packs.

  • Administration of direct debits and other existing financial transactions.

  • Provision of 'thank you' and ‘birthday’ communications and receipts.

  • Maintenance of 'do not contact' suppression lists.

 

 

7. Who we might share your information with:

Your information will never be sold to any third party or external organization for any purpose and will only be shared with a third party in order to provide an essential service. Any third party with whom your data is shared will have to be contractually required to ensure your data is secure and not retained once the service has been fulfilled.  While Agape is responsible for the safety of your data, we are not responsible for the privacy policies and practices of other websites, even if accessing the links through our website. It is recommended that you check the policy of each external website you visit and contact them directly if you have any concerns or questions.

We may have to share information with our funders and/or sponsors. Please be aware that any information that is shared with them is anonymized and purely for statistical purposes.

We may also need to share information with third parties, like volunteers, who are helping us to provide various goods and services. Please be assured that we will have a written contractual agreement in place that will ensure your person information can only be used for the specific reason that we have directed them to do.

The table below sets out a non-exhaustive list of examples of third-party data processors that we share personal data with as of the date of this Privacy Policy. These data processors may change from time to time.

​

​8. How we store your personal information:

We have security measures in place to protect the person information that we have under our control, and to protect it from unauthorized access or improper use.

We will retain your personal information only for as long as it is reasonably necessary to carry out the purposes set out in this privacy notice and fulfil our legal obligations. The retention period will vary according to the purpose we are holding your information for, however in general we will store your information for up to seven (7) years from the date of your last interaction with us. After seven (7) years we will remove all person data, except the bare minimum that we need to keep such as your name and payment history. Any personal information that we have on paper will be shredded. Any digital information will be deleted from all devices, servers and cloud tools. Destruction of all personal information will be documented, this register can be accessed upon demand (see section 9-your rights).

Our current IT systems for storing person information include the following programmes and documents, which are all password protected:

  • Google Office Suite (Including Docs, sheets, Drive, Forms)

  • Dropbox

  • Microsoft Office

  • Accounting software

  • ​

9.Your rights:

 

You have the following rights in respect of your personal data:

 

​ i) A right to request from us access to your personal data and/or a copy of any personal data that we hold in respect of you.

 

To access the information that we have on file with you, you must present yourself in person with proof of identification with a photo such as your passport, driver’s license, or Medicare card. Please be as clear as possible about the information that you are seeking so that we can process the request as quickly as possible. All requests will be processed within thirty (30) days of receipt. If your identity cannot be satisfactorily verified, we may refuse to disclose the information requested. Agape reserves the right to refuse a request if it is abusive, excessive or unjustified.

 

Before disclosing any information, management will carefully examine the information to ensure that it does not contain any third-party information that is confidential or likely to infringe on others’ rights. If third party information is present, the management will assess if that information can be dissociated or must be excluded from disclosure.

 

Once Verification has been complete, the information will be communicated to the person making the request in a written manner (in person, mail or email). All requests for information will be documented in a log that is kept by the privacy officer. 

 

 

ii) A right to request rectification of your personal data.

 

All request for any changes to your personal data must be made in writing. This can be done via mail, email or in person. All requests will be processed within Seven (7) days of receipt. Please note that during that time information may be sent with the incorrect information.

 

 

iii) A right to request erasure or de-indexation of your personal data.

 

Requests for erasure or de-indexation of your personal information must be made in writing or in person. Before we will erase your information we will require proof if identification. If we cannot satisfactorily verify your identity, we reserve the right to refuse the request. The request shall be treated confidentially and shall be completed within seven (7) working days.

 

If you exercise your right to be forgotten, we will ensure that your personal information is removed from our database, except where legal obligations require us to retain it.

​

iv) A right to ask us to restrict processing of your personal data and a right to object to our processing of your personal data.

 

If you ask us to stop sending direct marketing communications to you, we will only keep the minimum amount of information required to ensure we adhere to such requests, such as your name.

 

Please note if you ask us to erase your data and/or restrict processing of your data, we may not be able to provide you with the Services.

 

10. Complaints and appeals:

If a person is dissatisfied with the response to their request to access their information, they may make a formal complaint to the Executive Director. Complaints may be made in writing, by telephone, or by email. Complaints that are frivolous, defamatory or without obvious foundation may be rejected. However, a justification must be provided to the complaint.  All complaints shall be thoroughly investigated and all parties involved will be treated fairly and impartially. The Executive Director shall propose appropriate solutions to resolve the complaint within sixty days.

​

11. Social Media Platforms (e.g. Facebook):

Any communications though external social media platforms that we participate on are subject to the terms and conditions as well as the privacy policies held with each social media platform respectively.

 

Users are advised to use social media platforms wisely and communicate/engage upon them with due care. We will never ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact us by phone or email.

Our website may use social media sharing buttons to help share web content directly from our web page to the social media platform in question.

​

12. Staff Training:

Our staff is trained on a regular basis on the procedures for retaining, destroying and anonymizing personal information, as well as on the risks associated with breaches of policy. This also includes the training of good data security practices and the procedure for retention, destruction and anonymization of personal information.

​

13. Changes to this privacy policy:

We may amend this policy from time to time and any amendments will be posted on our website. The current policy at that time shall apply to all the information which we hold about you.

bottom of page