Protection of Personal Information
The purpose of this Privacy Policy (Policy) is to inform you about the types of Personal Information the International Actuarial Association (as follows, "IAA", "we" or "us") collects about you in the process of conducting the principal activities of IAA and providing general membership benefits as well as providing specific products and services. It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may correct that information. This Policy sets out a summary of the principles and procedures that the IAA follows in meeting its privacy commitments and complying with the requirements of the laws and regulations under applicable privacy laws in Canada, including the Personal Information Protection and Electronic Documents Act (PIPEDA).
From time to time, we may amend this Policy without notice. The Policy is current as of the "last revised" date which appears at the bottom of this page. We will treat Personal Information in a manner consistent with the Policy under which it was collected unless we have your consent to treat it differently. This Policy applies to any information we collect or receive about you, from any source.
Principle #1 — IAA is accountable for personal information in its possession or control.
IAA is accountable for all personal information in its possession or control. It uses a “cloud based” database system to store, manage and retrieve personal information it has collected. It has industry standard security measures in place to protect against the loss, misuse and alteration of the information under our control. This includes any personal information that the IAA has received directly from members, customers or other organizations (e.g., corporations, government entities, not-for-profit organizations).
IAA has:
- established and put into effect policies and procedures aimed at properly protecting personal information
- ensured that the cloud-based service provider’s privacy policy is consistent with our internal privacy policy
- educated its staff and volunteers regarding this privacy policy and their role and responsibilities in protecting personal information; and
- Appointed a Privacy Officer to oversee privacy issues at the IAA
Principle #2 — IAA identifies the purposes for which it collects personal information from and about you before it is collected.
We identify the purposes for which we use your Personal Information at the time we collect such information from you and obtain your consent, in any case, prior to such use.
Some of the primary purposes for which we collect and use your Personal Information include:
- to provide services to you in your capacity as a member of the organization
- to post information on a listserve or blog
- to complete a transaction with you when you purchase a membership, product or service from us
- to advise you of the IAA products or services that may be of interest to you
- to complete a survey, where the use of the data collected in the survey will be disclosed in the survey itself
- to send you electronic newsletters that may be of interest to you or to which you have subscribed, and to better understand which articles are of interest to you,
- to respond to inquiries you submit we may require you to provide personal information to enable us to answer your question
We may also use your Personal Information as otherwise permitted or required by law.
Principle #3 — IAA obtains consent before collecting personal information from you.
We explain options and obtain your implicit or explicit consent at the time of or prior to collecting, using or disclosing your Personal Information. We will always collect Personal Information by fair and lawful means (for example, when you complete an application form or purchase a product or service from us). We may collect Personal Information about you from third parties such as other institutions and organizations. We also collect your Personal Information where we have obtained your consent to do so or as otherwise permitted or required by law.
Where is it reasonable to do so or permitted by law, we may rely on implied consent. For example, when sending e-mail messages of a commercial nature, reliance on implied consent is permitted by our members or those who have recently purchased a product or services from us.
Except as required to process a transaction or to maintain member records, providing us with your personal information is voluntary. You may withdraw or modify your consent at any time, subject to legal and contractual restrictions, provided that reasonable notice is given to us. If you withdraw your consent, you may not be made aware of certain products, publications, services or events being offered by us.
Personal Information is any information that is identifiable to you. This information may include, but is not limited to, your mailing address, phone numbers and email address. Personal Information, however, generally does not include your name, business title and business address or business telephone number in your capacity as an employee of an organization.
Principle #4 — IAA discloses personal information only for purposes for which it has consent, or as permitted or required by law.IAA retains personal information only as long as necessary to fulfil those purposes.
We identify to whom, and for what purposes, we disclose your Personal Information, at the time of or prior to collecting such information from you and obtain your consent to such disclosure. For example, we may disclose your Personal Information:
- in the case of members for the purposes of providing services to members;
- to our volunteers, for the purposes of the volunteers performing volunteer functions
- to third party service providers, for the purpose of providing member benefits or facilitating commercial transactions with us;
- to such persons and for such purposes for which you provide your consent; and
- as otherwise permitted or required by law.
We may keep a record of your Personal Information, correspondence or comments in a file. We will utilize, disclose or retain your Personal Information for as long as necessary to fulfil the purposes for which it was collected and as permitted or required by law.
Principle #5 — IAA endeavors to keep accurate, complete, and up-to-date, personal information in its possession or control, to the extent required to meet the purposes for which it was collected.
We will ensure that your Personal Information is kept as accurate, complete and up-todate as possible based on information provided to us by your member organization. We expect you, from time to time, to supply us with written updates to your Personal Information, if applicable.
Principle #6 — IAA protects the privacy of personal information in its possession or control by using security safeguards appropriate to the sensitivity of the information.
We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. We do not store credit card information provided by members and customers. The only employees who are granted access to your Personal Information are those with a business 'need-to-know' or whose duties reasonably require such information.
You can visit our Web Site without telling us who you are or revealing any information about yourself, including your email address. However, our web server may collect the IP address and domain you used to access our Web Site, the type and version of web browser and operating system you are using, unique devise identifiers and mobile network information, log information, location information, demographic information, the number, duration and frequency of visits to our Web Site and the web site you came from and visited next. This anonymous information cannot be traced to a specific individual User, it is used by us simply to measure the number of visits, average time spent, page views, most popular preferences and other statistics about visitors to the Web Site and to determine the characteristics in which users use our Web Site and services. We may use this data to monitor Web Site performance for systems administration purposes, to make our Web Site easier and more convenient to use, develop content and to improve our services and to track information in aggregate form (e.g. how many visitors use the Web Site).
We use cookies, that is, small files that your Web browser places on your computer's hard drive, to remember a User's code, password and preferences while the User is using our web site and to facilitate navigating different pages on the Web Site. If you want to prevent our cookies being stored on your computer in future, you may do so by referring to your internet browser's instructions. Please note however that if you disable our cookies you may not be able to access certain services or facilities on our sites and your use of our sites may be restricted.
Our web site contains security mechanisms that protect against the loss, the misuse and the modification of information under our control.
Our web site provides links to third party web sites for the convenience and information of our website visitors. Our Policy does not extend to these third party web sites and it is recommended that Users read the privacy policies of these web sites. We are not responsible for the content of, or the privacy practices employed by, third party web sites.
We ensure that third parties who are engaged to perform services on our behalf and are provided with Personal Information are required by contract to observe the intent of this Privacy Policy.
Principle #7 — IAA is open about the procedures it uses to manage personal information.
Up-to-date information on the IAA’s privacy policies can be obtained from the IAA’s Privacy Officer (see contact information under Principle 8).
Principle #8 — IAA responds on a timely basis to requests about the personal information which the IAA possesses or controls.
We will generally make available to you any Personal Information that we have collected about you, utilized or disclosed, upon your written request, to the extent permitted or required by law. We will make such information available to you in a form that is generally understandable, including explaining any abbreviations or codes.
You can at any time, challenge the accuracy or completeness of the Personal Information we have which is related to you. Once we have validated your identity, we will amend the Personal Information as required.
We will attempt to respond to each of your written requests not later than thirty (30) days after receipt of such requests. We will advise you in writing if we cannot meet your requests within this time limit. You have the right to make a complaint to the federal Privacy Commissioner in respect of this time limit.
We will not assess any costs to you for access to your Personal Information or to our Privacy Policies or Practices without first providing you with an estimate of the approximate costs, if any. We will inform you of the relevant procedures when you make an inquiry or lodge a challenge or complaint. We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such information shall be used only for this purpose. All comments, questions, concerns or complaints regarding your Personal Information or our Privacy Policy and Practices, should be forwarded to our Privacy Officer as follows.
In writing: E-mail
Attn: Privacy Officer Privacy@actuaries.org
International Actuarial Association
#1203 99 Metcalfe Street
Ottawa, Ontario
K1P 6L7