1. Purpose and Scope
1.1. The Association of Canadian Mountain Guides (ACMG) is committed to safeguarding the personal and confidential information of its members and the public. This policy outlines how the ACMG collects, uses, discloses, and protects personal and confidential information in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the relevant provincial privacy laws, which are considered equivalent in terms of scope and protection to PIPEDA.
1.2. This policy applies to all personal and confidential information collected, used, or disclosed by the ACMG in the course of carrying out its mandate to:
· Develop and administer rigorous certification and professional conduct standards;
· Support the professionalism of its members through advocacy and program delivery;
· Train and assess guides and instructors to the highest risk management standards.
1.3. This policy governs all personal and confidential information processed by the ACMG, whether collected in person, through our website, or via third-party services.
2. Definitions
2.1. “Personal information” refers to any information about an identifiable individual, such as:
· Full name, address, email, phone number
· Date of birth
· Gender, pronouns
· Nationality, residency
· Certification history and training records
· Emergency contact details
· Media used for certification or promotional purposes
2.2. “Confidential Information” refers to any non-public information, including:
· Emails and other correspondence
· Meeting notes and recordings
· Internal deliberations
· Financial records
· Strategic documents
2.3. “Custody and Control” refers to the authority to manage, access, retain, and dispose of information on behalf of the organization.
3. Accountability
3.1. The ACMG is responsible for maintaining the confidentiality of personal and confidential information under its custody and control and appoints the ACMG Executive Director and President as the ACMG’s Privacy Officers to ensure compliance with this policy and respond to inquiries.
3.2. The ACMG requires that all third-party service providers handling personal and confidential information on our behalf provide comparable levels of data protection through contractual or other means.
4. Collection and Limiting Use of Personal and Confidential Information
4.1. The ACMG collects personal and confidential information only for purposes that a reasonable person would consider appropriate under the circumstances. These include, but are not limited to:
· Administering the ACMG Training and Assessment Program (TAP)
· Maintaining accurate membership records for membership renewal purposes
· Reviewing membership reinstatement applications
· Communicating professional updates and employment opportunities
· Providing assistance through the ACMG’s Simon Parboosingh Assistance Fund (SPAF)
· Professional Practice and Continued Professional Development Reporting
· Investigating ACMG Code of Conduct complaints
· Employment or business affiliation (if relevant)
· Media used for certification or promotional purposes
· Providing a public directory of active members via the ACMG’s website
4.2. The ACMG limits collection to what is necessary and retains information only as long as needed to fulfill these purposes.
5. Custody and Control of Personal and Confidential Information
5.1. Personal and confidential information may only be used for authorized purposes, directly related to organizational activities, and in accordance with relevant privacy policies and procedures.
5.2. No individual may retain, store, copy, or transmit personal and confidential information for personal use or on personal accounts without explicit authorization and with appropriate safeguards in place.
5.3. All personal and confidential information must be stored and accessed through systems and platforms that are controlled by the organization (e.g., official email, shared drives, databases).
5.4. Staff, independent contractors, committee and board members and anyone else with access to personal and confidential information must agree to fully comply with this policy.
5.5. Upon the conclusion of an individual's role with the organization, all personal or confidential information in their possession must be returned to the organization or securely deleted. This includes emails, files, meeting notes, or any other form of data.
5.6. All personal and confidential information collected, accessed, or used by individuals during the course of their ACMG duties is considered to be under the custody and control of the organization and must be disclosed to the ACMG’s Privacy Officer(s) upon request.
5.7. Any unauthorized use, disclosure, or retention of personal and confidential information must be reported to the ACMG’s Privacy Officer(s) immediately and may result in disciplinary action.
6. Public Directory of Active Members
6.1. To carry out its mandate and ensure transparency, the ACMG maintains a public directory of active members. This directory allows employers, land managers, and the public to verify member certification/designation and provincial park permit status. The ACMG considers this use to fall under “reasonable purposes” per PIPEDA.
6.2. Information in the directory includes:
· Full Name
· Active Certifications/Designations
· Provincial Park Permit Status (if applicable)
6.3. Members must agree to this limited disclosure as a condition of active membership. No personal contact information is shared without express, optional consent. Members may request special accommodations in exceptional cases.
6.4. Consent Language: “As an active ACMG member, I acknowledge that my name, certification/designation, and provincial park permit status (if applicable) will be included in the ACMG’s public directory. I recognize that no contact information will be published without my explicit consent.”
7. Consent and Transparency
7.1. The ACMG obtains meaningful consent before collecting, using, or disclosing personal and confidential information, except where permitted or required by law.
7.2. Consent may be:
· Express (e.g., written or verbal agreement)
· Implied (e.g., submitting an application or renewing membership)
7.3. The ACMG aims to use plain language and ensure that individuals clearly understand how their data will be used.
7.4. Consent may be withdrawn at any time, subject to legal or contractual obligations. Withdrawal of consent may affect eligibility for active membership.
8. Disclosure of Personal and Confidential Information
8.1. The ACMG may disclose personal and confidential information only for the purposes outlined above or where required by law. Typical disclosures include:
· Certification/designation and provincial park permit status via the public directory
· Service providers (e.g., cloud storage, membership systems) under data protection agreements
· Legal or regulatory bodies, when necessary
8.2. The ACMG does not sell or rent personal and confidential information to third parties.
9. Cross-Border Data Storage and Processing
9.1. Some third-party services the ACMG uses may store or process data outside of Canada. As a result, your personal and confidential information may be subject to foreign laws while under the custody of those providers. The ACMG ensures that any such third parties provide comparable protection and that appropriate safeguards are in place.
10. Safeguards
10.1. The ACMG uses a combination of physical, administrative, and technological measures to protect personal and confidential information. These include:
· Role-based access controls
· Secure cloud services with encryption
· Confidentiality agreements with staff, independent contractors, committee and board members and anyone else with access to personal and confidential information
· Regular privacy and data security reviews
11. Retention and Disposal
11.1. Personal and confidential information is retained only as long as necessary to fulfill the identified purposes or meet legal obligations. Once no longer needed, personal and confidential information is securely destroyed or anonymized.
11.2. Personal and confidential information beyond the full name, certification history, training records and date of death (if applicable) of resigned and deceased members will be deleted in three (3) years unless a request to delete the personal and confidential information is made earlier.
12. Access, Accuracy, and Correction
12.1. Individuals have the right to access their personal and confidential information held by the ACMG and to request corrections if the data is inaccurate or incomplete. The ACMG will require proof of identity before processing such requests.
12.2. Requests will be handled within 30 days in accordance with PIPEDA.
13. Openness and Inquiries
13.1. The ACMG makes its privacy practices available through this policy and related communications. Questions, concerns, or access requests can be directed to the ACMG’s Privacy Officers at [email protected].
14. Updates to This Policy
14.1. This policy may be updated to reflect changes in law, technology, or organizational practices. Revisions will be posted on our website, accompanied by a revised effective date.