Our Respect for Your Privacy
The Stratford General Hospital Foundation recognizes your right to confidentiality and pledges to protect your privacy. We adhere to all applicable privacy legislation in Canada, the privacy guidelines of the Canadian Centre for Philanthropy; and abide by the Donor Bill of Rights and the Code of Ethical Principles and Standards of Professional Practice developed by the Association of Fundraising Professionals, the Canadian Centre of Philanthropy and the Association of Healthcare Philanthropy.
The Foundation does not sell, trade or otherwise share our contact lists.
The Stratford General Hospital Foundation is committed to protecting the privacy of its employees, donors, volunteers and other stakeholders. We value the trust of those we deal with, and of the public. We recognize that maintaining this trust requires that we be transparent and accountable in how we treat the information you chose to share with us.
What is Personal Information?
Collection and Use of Personal Information
The Foundation collects a limited amount of personal information about its donors, volunteers and potential supporters, including name, title, address, telephone numbers, email address, past donations and other relevant contact information.
This information is collected in order to comply with Canada Customs and Revenue Agency requirements; to provide donors and potential supporters with information about the activities of the Hospital and Foundation; to provide donors with stewardship information and to promote opportunities where donors and potential supporters may support the Foundation.
When donors make contributions we also collect:
Method of payment and amount of the contribution
Standard credit card information
In the case of memorial/in honour contributions where a letter is sent to a designated recipient their contact information is also kept.
How the Foundation Collects Personal Information
The Foundation collects Personal Information in different ways, including:
• Direct interactions – you may voluntarily provide us with Personal Information by filling out forms; creating an account on our Website; making a donation to the Foundation; applying to work or volunteer for the Foundation; registering to attend an event; requesting information to be sent to you; subscribing for our publications; responding to one of our direct mail or telemarketing campaigns; participating in one of our events; posting comments on our Website; or communicating with us face to face, over the telephone, by mail, by email, by text, through social media or through other means.
• Automated interactions – when you use our Website, we may automatically collect technical data about your equipment and browsing history using cookies and similar technologies
The Stratford General Hospital Foundation and its Third Party vendors are in PCI Compliance. PCI Compliance is an ongoing process that aids in preventing security breaches and payment card data theft.
THIRD-PARTY INTERACTIONS –WE MAY ACQUIRE PERSONAL INFORMATION IF YOU INTERACT WITH THIRD-PARTY ONLINE GAMING SITES THAT RAISE FUNDS FOR THE FOUNDATION, SUCH AS ASCEND FUNDRAISING SOLUTIONS.
What Personal Information is Collected by the Foundation
The Personal Information we may collect could include:
• Personal identifiers such as your name, date of birth and gender
• Contact information such as your mailing address, telephone number and email address
• Credit card and bank account information, if you make donations or purchase goods or services from us. We collect this information via secure payment processing service providers
• Donor information such as your donation history
• Website account information such as your log-in credentials and other security information
• Information about events you have participated in
• Images, including photographs and videos
• Your Website or Social Media profile including photos, posts, videos and other content
• Information about your device such as your IP address, location or provider and your usage information and browsing history.
• Information about your interactions with our content on third-party sites or platforms, such as Facebook and Instagram
• Communications such as letters, emails and digital communications that we send to you or that you send to us
• Your child's name, and age when participating in programs that include children
• Personal Information you give us that we did not request (such as Personal Information you voluntarily put into an email to us or in a comments box on our Website).
Our Guiding Principle
We use the Personal Information we collect to manage our operations and for various purposes associated with the programs and services we provide. We collect, use, and disclose Personal Information only for purposes that a reasonable person would consider appropriate in the circumstances. The main purposes for which we generally use Personal Information are:
• To manage, oversee and administer our operations
• To contact you for fundraising purposes
• To carry out fundraising activities to meet SGH/HPHA’s needs
• To receive and process your donations or online purchases
• To receipt and acknowledge your donations
• To provide donor stewardship and recognition information
• To maintain and manage relationships and provide customer service
• To determine your solicitation preferences and whether you have subscribed to or unsubscribed from any of our mailing lists or publications
• To respond to your requests for information
• To track communications with you
• To identify and authenticate you in our information system and network
• To provide, administer and protect our Website, information system and network
• For privacy and quality management audits and training
• For data analysis and data management
• To protect our rights, property or safety or that of our employees, volunteers or any other person
• For other purposes that we have told you about and for which you have given us your consent
• To fulfill other purposes permitted or required by law. We do not collect more Personal Information than we need to achieve these purposes.
We do not disclose or share Personal Information more widely than is necessary to achieve the purposes for which it was collected. We do not retain credit card or bank account information, other than that of monthly donors. We secure the credit card and bank account information of our monthly donors subject to appropriate physical and organizational safeguards.
We may share Personal Information with the parties set out below for the following purposes:
• Third-party service providers, such as those who provide us with IT and system administration services, data analytics services, credit card and payment processing services, e-commerce services, fundraising services, telemarketing services, direct mail services, donor relations services, donation management services, database management services and after hours calls management services
• Professional advisors, such as lawyers, auditors, bankers and insurers who provide us with legal, accounting, auditing, banking and insurance services
• Government, regulatory authorities, law enforcement, dispute resolution bodies, courts and similar entities to comply with any legal or regulatory obligation, to detect and prevent crimes or to assert or defend legal rights and interests
• Any persons or entities where we have a legitimate business reason for doing so, such as to manage risk, to process payments to you or to someone on your behalf or to perform or carry out the terms of any contract between us
• To the transferee if we transfer, sell or dispose of all or substantially all of our assets or operations
• To anyone we reasonably believe is your agent
• To other third parties if we have told you about them and you have given us your consent.
We require all third parties to respect the security of your Personal Information and to treat it in accordance with all applicable legal requirements. All third-party service providers are required to enter into contractual agreements with us that prevent them from using your Personal Information for their own purposes and require them to use your Personal Information only for specific purposes in accordance with our instructions and all applicable legal requirements.
Accuracy: The Foundation has adequate processes and safeguards in place to keep Personal Information as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used. We will not routinely update Personal Information, unless such a process is necessary to fulfil the purposes for which the Personal Information was collected.
Safeguards: We will take reasonable steps to keep Personal Information in both paper and electronic format protected against loss, theft, snooping, hacking or people collecting, disclosing, copying, using or changing it without authorization. We use security safeguards appropriate to the sensitivity of the information. Our methods of protection include:
• Physical measures - such as areas of restricted access and locked filing cabinets.
• Organizational measures - such as security policies and procedures, employee training on privacy issues, security clearances and limiting access on a "need-to-know" basis.
• Technological measures - such as passwords, encryption, audits as well as strong data security software and systems to protect the Personal Information in the Foundation’s custody from hackers and malicious intruders. Our software is routinely updated to maximize protection of Personal Information.
The Foundation makes all employees, volunteers as well as third-party service providers aware of the importance of maintaining the privacy and security of Personal Information. All Foundation employees and volunteers must sign a confidentiality agreement. We require all third-party service providers to enter into contractual agreements that require them to respect the security of your Personal Information and to treat it in accordance with all applicable legal requirements. We securely destroy Personal information so that reconstruction is not reasonably possible. This prevents unauthorized parties from gaining access to the Personal Information. While we are committed to protecting your Personal Information, our security practices and technology measures cannot guarantee absolute security of Personal Information and we cannot ensure or warrant the security of any information you provide to us. You can reduce risk to your own Personal Information by using strong passwords, keeping your passwords confidential and following other Personal Information security best practices.
Openness: The Foundation will make available to individuals’ specific information about our policies and practices relating to the management of Personal Information.
Information Safe Keeping
We maintain records of all contributions made to the Foundation and interest and affiliation information of donors, volunteers and potential donors. This information is only used for the benefit of the SGH Foundation in its endeavours to raise funds for the Stratford General Hospital site of the Huron Perth Healthcare Alliance. The Foundation does not trade, sell or share this information.
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we strive to maintain physical, electronic and administrative safeguards to secure the information we collect. All information is accessible only to authorized staff.
Information Collected Through Technology and Social Media
• your IP address
• your approximate geographic location
• the type of operating system you are using (e.g., Windows or Mac)
• the type of device you are using
• the type of browser you are using
• the domain name from which you reached our Website
• which pages you visit on our Website
• the frequency, date and time of your visits to our Website.
Our Website may also provide links to third party websites. Clicking on those links may allow third parties to collect or share information about you. We cannot control these third-party websites and we are not responsible for the actions or policies of such third parties. You should check the privacy policies of third parties when visiting their websites or when providing any Personal Information to them. We may collect Personal Information when you interact with our content on third-party sites or platforms, such as Facebook, Instagram or YouTube. This may include data such as comments or feedback, "likes" or shares, profile data or the fact that you viewed or interacted with our content. If you voluntarily post or submit any information on these platforms, your Personal Information may be automatically included in the posting and may be collected and used by others
Changes to our Policy
Access to Your Information
To help us keep your personal information up-to-date we encourage you to notify us of inaccuracies, corrections or change of address as often as you wish.
All requests to access your Personal Information must be made in person. We will need photo identification from you to verify your identity before we can provide you with the personal information we hold. Some information may not be disclosed due to legal reasons.
If you have any questions or concerns relating to the treatment of Personal Information please contact:
Chief Privacy Officer, Andrea Page (Executive Director)
Stratford General Hospital Foundation
46 General Hospital Drive
Stratford, ON N5A 2Y6
(519) 272-8210 ext 2627
Donor Bill of Rights and the Code of Ethical Principles and Standards of Professional Practice Adopted by the Stratford General Hospital Foundation Board of Trustees, 2003.
Updated by A. Page, 11/30/2022