1. GENERAL STATEMENT
This policy applies to the Ottawa Macdonald-Cartier International Airport Authority (“the Authority”). The federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) requires federally regulated businesses to comply with the Act, both in respect of their customers and their employees. We are committed to meeting our privacy obligations and upholding the requirements of PIPEDA.
2. GENERAL PRINCIPLES
This policy establishes limits on collection, use, distribution and retention of personal information, to protect the privacy of our employees and all persons with whom we do business.
3. DEFINITIONS
“Information Privacy” means:
The ability of an individual to exercise a substantial degree of control over the collection, use, and disclosure of their personal information.
Personal information includes any information about an individual. This includes information such as name, address, age, ID numbers, income, ethnic origin, employee files, credit records or medical records. An individual’s name need not be attached to the information in order for it to qualify as personal information.
“Protection Privacy” means:
- We keep personal information in strict confidence;
- Individuals have control over their information and have access to it; and
- We respect their privacy.
4. PRIVACY CO-ORDINATOR’S ROLE
The Vice-President, Legal Affairs is the person who will be responsible for the policy and the procedures to implement this policy. The Vice-President, Legal Affairs is also the first point of contact with respect to privacy concerns. The Vice-President, Legal Affairs will deal with questions which might arrive from this policy and procedures and will handle all complaints related to this policy. Where necessary, the Vice-President, Legal Affairs will converse with other members of the Authority to order to obtain an answer to an individual’s inquiry.
The Vice-President, Legal Affairs may be reached at 613-248-2000, ext. 1109, or by email at [email protected].
5. EMPLOYEE RIGHTS
The Authority collects personal information that is provided voluntarily when individuals provide their name, address and any additional details. The Authority may also collect personal information during the course of administering the employment relationship. Such information shall only be used for the purposes consistent with its collection. Individuals may access their files at any time by appointment with the Manager of Human Resources at 613-248-2000, ext. 1101.
Personal information will be collected for the following purposes:
- Hiring;
- Payroll and benefits administration;
- Training;
- Discipline;
- Emergency notification and response;
- Workers’ compensation;
- Qualifications;
- Security Clearances and operations;
- Airside driving; and
- Airport Authority vehicle operation.
6. CUSTOMER RIGHTS
The Authority collects personal information that is provided voluntarily when individuals provide their name, address and any additional details. Individuals may access their files at any time by appointment with the manager of the department to whom they provided the information at 613-248-2000.
Personal information will be collected from non-Airport Authority employees for such purposes as:
- Parking permits;
- Control of abandoned vehicles;
- Security clearances;
- Airside driving permits;
- Surveys;
- Receiving and responding to complaints and claims;
- Investigation of accidents and incidents, including monitoring movement across, access to and egress from the Authority’s premises; and
- Evaluation of proposals from service providers.
Personal information may also be collected from customers by way of video surveillance and other security technologies which occur as part of the Authority’s approved security practices. Such information will be only be collected, used and disclosed in accordance with the terms of PIPEDA.
7. CONSENT
The Authority will only use personal information with consent, unless the use, collection, or disclosure without consent is permitted by PIPEDA.
Consent can be express or implied. Express consent can be verbal or written. All forms to be filled in will explain the reason for obtaining the information as well as a signature page which will act as a signed consent form.
8. USE, DISCLOSURE AND RETENTION
Personal information will only be used for the purposes for which it is collected, except with the consent of the individual or as required by the law. Personal information shall be retained only as long as necessary for fulfillment of those purposes. Personal information shall be securely destroyed using secure and approved methods in compliance with applicable laws.
9. ACCURACY
Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate. In order to do so, please contact the Authority’s Vice President, Legal Affairs at the coordinates mentioned in Article 4.0.
10. SECURITY OF INFORMATION
Personal information will be protected from unauthorized disclosure by means appropriate for the nature of the information being stored. This may include secured spaces, locked cabinets, passwords, firewalls, encryption and other technologically appropriate security measures.
The Authority also has in place policies and processes to assist with the protection, use, disclosure and retention of personal information.
11. FURTHER INQUIRIES
In the event that the Authority’s response to your complaint/concern is not to your satisfaction, we invite you to contact the Office of the Privacy Commissioner of Canada:
Office of the Privacy Commissioner of Canada
30, Victoria Street
Gatineau, Quebec
K1A 1H3
Toll-free: 1-800-282-1376 Phone: 819-994-5444
Website: www.priv.gc.ca
Updated January 13, 2020