Protection of Personal Information
Policies and Practices Governing the Management of Personal Information
The MILLER ZOO is committed to protecting all personal information collected and used in the management of its activities.
PURPOSES OF INFORMATION COLLECTION
Our privacy policy outlines the standards for the collection, use, disclosure, and retention of your personal information. It also explains how we protect your personal information and your right to access it.
PERSONAL INFORMATION
Personal information is defined as any information or combination of information relating to an individual that allows them to be identified (such as financial information, social insurance number, driver’s license, and health insurance number). However, an individual’s name, as well as their professional contact details (title, address, phone number, and professional email), are not considered personal information.
Personal information must be protected regardless of the medium on which it is stored or its form: written, graphic, audio, visual, digital, or otherwise.
CONSENT
When we obtain information about you, we first request your written consent for the collection, use, or disclosure of your personal information for the stated purposes. We will seek your consent for any other use, disclosure, or collection of your personal information or when the purposes for which your information was collected change.
Our organization commits to using the information provided only for the purposes for which it was collected and to retaining it only as long as necessary to fulfill the requested service.
However, we may collect, use, or disclose your information without your consent when permitted or required by law. In certain exceptional circumstances, we may do so without your knowledge or consent, such as for legal, medical, or security reasons, when it is impossible or impractical to obtain consent, or when the information is necessary for investigating a potential breach of contract, preventing or detecting fraud, or enforcing the law.
LIMITATION OF COLLECTION, USE, AND DISCLOSURE
The purposes for which information is collected generally include confirming an individual’s identity, creating an employee record, and complying with legal requirements (such as tax obligations).
We limit the collection, use, and disclosure of your personal information to the purposes we have communicated to you. Your personal information may only be accessed by authorized individuals and only as required for their duties.
RETENTION OF INFORMATION
We retain your personal information only as long as necessary for the purposes for which it was collected. We destroy this information in accordance with applicable laws and our records retention policy. When we destroy your personal information, we take the necessary steps to ensure its confidentiality and prevent unauthorized access during the process.
ACCURACY
Personal information must be as accurate, complete, and up to date as required for the purposes for which it is used.
Information used on an ongoing basis, including information that may be shared with third parties, will generally be accurate and up to date unless limitations are clearly identified.
We do not systematically update personal information unless necessary to fulfill its intended purpose.
The accuracy and completeness of personal information depend on the data provided when completing consent forms.
ACCOUNTABILITY
We are responsible for the personal information in our possession or under our control, including information entrusted to third parties for processing. We require these third parties to maintain strict standards of confidentiality and security.
Our Privacy Officer oversees this policy and related processes, as well as the procedures required to protect personal information.
Our staff is informed, adequately trained, and formally committed to our privacy policies and practices.
SECURITY MEASURES
We have implemented and continue to develop robust security measures to ensure your personal information remains strictly confidential and is protected against loss, theft, unauthorized access, disclosure, copying, use, or modification.
These measures include organizational safeguards such as restricting access to necessary personnel and data backup and archiving systems, as well as technological measures such as password protection and encryption (e.g., frequent password changes and firewalls).
ACCESS TO PERSONAL INFORMATION
Only authorized personnel may access your personal information. The organization ensures that such individuals are qualified and that access is necessary for the performance of their duties.
ACCESS AND CORRECTION REQUESTS
You have the right to know whether we hold personal information about you and to access that information. You also have the right to ask how it has been collected, used, and disclosed.
We will provide this information within a reasonable timeframe upon receipt of a written request. Reasonable fees may apply.
In certain circumstances, we may refuse access, for example, if the information concerns other individuals, cannot be disclosed for legal, security, or copyright reasons, was obtained during a fraud investigation, is prohibitively costly to retrieve, or is subject to litigation or privilege.
If we hold medical information about you, we may require that it be disclosed through a healthcare professional you designate.
You may verify the accuracy and completeness of your personal information and request corrections. Requests will be processed within a reasonable timeframe.
Requests should be sent to:
Privacy Officer
Name: Marianne Drouin
Email: [email protected]
Phone: 418-479-2000
COMPLAINTS AND QUESTIONS
You may contact the Privacy Officer at the above address.
All complaints regarding personal information must be submitted to the Privacy Officer. We will investigate all complaints and, if justified, take appropriate action, including updating our policies and practices if necessary.
TRAINING AND AWARENESS
The organization promotes best practices and respect for privacy rights through:
- Informing all staff members (consent forms)
- Displaying the name and contact details of the Privacy Officer
- Awareness initiatives such as training sessions, team meeting reminders, staff training, action plans, and internal tracking tools
APPLICATION
If you believe the organization has not complied with these principles, please notify our Privacy Officer. We will take the necessary steps to investigate and resolve the issue within a reasonable timeframe. Please include “Privacy Protection” in the subject line.
POLICY UPDATE
This policy is reviewed every three years and updated whenever there are significant changes to legislation or regulatory requirements.
Last update: August 1, 2023