Policy
Safeguarding personal information of learners, families and contractors is a fundamental concern of SelfDesign Learning Foundation (SDLF). SDLF is committed to meeting or exceeding the privacy standards established by British Columbia’s Personal Information Protection Act (PIPA) and any other applicable legislation.
Principles
SDLF may add, modify or remove portions of this Personal Information Privacy Policy when it is considered appropriate to do so, and any such changes will be effective upon giving notice of the revised policy. The most recent update of this Personal Information Privacy Policy may be found at policies.selfdesign.org, or by emailing privacy@selfdesign.org. This Personal Information Privacy Policy may be supplemented or modified by agreements entered into between the SelfDesign Learning Foundation and an individual from time to time.
Part 1 – Definitions
“SDLF” refers to the SelfDesign Learning Foundation, and can be used to mean “SDLF and all its programs and activities.”
“SDLC” refers to the SelfDesign Learning Community, an SDLF program.
“personal information” means any information about an identifiable individual, as further defined under British Columbia’s Personal Information Protection Act or other applicable laws. Personal information excludes the name, position name or title, business telephone number, business address, business email, and business fax number of an individual, as well as any publicly available information as designated under applicable laws, such as information available from a public telephone directory or from a public registry.
“PII” is an acronym that refers to Personally-Identifiable Information, and is used as the formal term for personal information.
“Parent” means the parent, guardian, or other legal representative of a learner.
“Learner” means a prospective, current, or past learner in an SDLF program.
“Contractor” refers to any, individual, entity, or volunteer, who is engaged by SDLF in a professional relationship.
“Users” refers to parents, learners, families and contractors who are registered, enrolled, contracted, or otherwise involved in SDLF programs or activities.
Part 2 – Ten Privacy Principles
As part of SDLF’s commitment, the Ten Privacy Principles govern the actions of SDLF as they relate to the use of personal information. As described in the procedural section of this policy, the principles explain the privacy approach that SDLF uses when collecting, using, or disclosing personal information about learners, parents, and contractors, and inform the steps that SDLF has taken to ensure personal information is handled appropriately and securely. The ten principles are Accountability; Identifying Purposes; Consent; Limiting Collection; Use, Disclosure, and Retention; Accuracy; Safeguarding Personal Information; Openness; Individual Access; and Complaint Process.
PRINCIPLE 1: ACCOUNTABILITY
SDLF is responsible for maintaining and protecting the personal information under its control. In fulfilling this mandate, SDLF designates an individual who is accountable for SDLF’s compliance with the Ten Privacy Principles. This individual is the Privacy Officer of SDLF.
You may contact the Privacy Officer as follows:
SelfDesign Learning Foundation
Attention: Privacy Officer
Email address: privacy@selfdesign.org
PRINCIPLE 2: IDENTIFYING PURPOSES
SDLF normally collects personal information directly from our users. SDLF may collect your information from other persons with your consent or as authorized by law.
SDLF informs our users, before or at the time of collecting personal information, of the purposes for which we are collecting the information. The only time we don’t provide this notification is when a user volunteers information for an obvious purpose (for example, producing a credit card to pay a membership fee when the information will be used only to process the payment).
What Information is Collected?
The following agreements describe the ways that SDLF collects, uses, and discloses personal information of users participating in its programs and activities.
SelfDesign Learning Community: Consent, Use, and Disclosure of Personal Information
As an independent school program of the SelfDesign Learning Foundation (SDLF), the SelfDesign Learning Community (SDLC) collects and uses personal information to provide learners with the best possible educational services. Most of the information SDLC collects comes to SDLC directly from parents and learners, or is information regarding the learner’s school activities, performance or behaviour, such as Observing for Learning communications or seasonal reviews. For example, when a learner applies to enrol in SDLC, SDLC will ask you to provide the information that enables it to complete the enrolment process. This also includes information on academic, health, and personal matters needed by SDLC to provide the best possible educational programs. SDLC also collects information in connection with the use of its computer systems. Personal information is also collected and used and disclosed in the course of the operation of online systems.
Below is a list of the systems and applications that SelfDesign uses in the delivery of SDLC online programming.
- All personal information collected in SDLC Application to Enrol form will be stored on secure SelfDesign servers in Canada.
- Personal information that is disclosed to SelfDesign during enrolment as well as during the course of the program’s delivery may be disclosed to the following applications:
- The Ministry of Education provincial database in order to update student records (MyEdBC).
- SelfDesign’s internal infrastructure, hosted via OVH.Net (Canada)
- D2L Brightspace Learning Platform (Privacy Policy) for the main purposes of:
- Sending Learning Communications: Observing for Learning communications (including images and video), Learning Plan, Fall Connection, Winter Connection, Spring Connection, Year-end Summary
- SelfDesign’s Google Suite for Education (GSuite for Education Privacy & Security Information and Google’s Privacy Policy), including:
- Learner, family, and learning consultant documents; Reports; Mail; Forms; Sheets; Alerts
- Zoom, (Privacy Policy), for video conferencing, orientation to platform and 1:1 communication with your learning consultant
- Knack, (Privacy Policy), for admin support to keep track of records, update data for learners, and keep records of our processes and where families are at in the intake process
- Netsuite, (Privacy Policy), which SelfDesign uses to pay contractors, and which can include Learner names associated with the payments.
- External email servers. SelfDesign will use the personal email address of the learner’s family as the main form of communication from our program.
SelfDesign Home Learning: Consent, Use, and Disclosure of Personal Information
As an independent school program of the SelfDesign Learning Foundation (SDLF), SelfDesign Home Learning collects and uses personal information in order to register homeschooled learners under Section 13 of the School Act. Most of the information collected comes directly from parents or from previous schools, as certain student records are forwarded from school to school until the learner completes his/her K-12 education, whether through homeschooling, distributed learning, or attendance at a “bricks and mortar” school. For example, when a learner applies to register in SelfDesign Home Learning, they are asked to provide information to complete the registration process. This may include information on health and personal matters in accordance with Ministry of Education requirements.
Below is a list of the systems and applications that SelfDesign Home Learning uses in the process of registering homeschoolers, and staying in contact with parents:
- All personal information collected in SelfDesign Home Learning’s Application to Register form will be stored on secure SelfDesign servers in Canada.
- Personal information that is disclosed to SelfDesign Home Learning during registration as well as during the course of the learning year may be disclosed to the following applications:
- SelfDesign’s internal infrastructure, hosted via OVH.Net (Canada)
- SelfDesign’s Google Suite for Education (GSuite for Education Privacy & Security Information; Google Privacy Policy), including:
- Learner, family, and learning consultant documents; Reports; Mail; Forms; Sheets; Alerts
- The Ministry of Education provincial database in order to update student records (MyEdBC)
- Mailchimp (Privacy Policy), to communicate with families regarding news and program updates.
SDLF Educator and Operations Contractor Privacy Agreement: Consent, Use, and Disclosure of Personal Information
The SelfDesign Learning Foundation (SDLF) collects and uses contractor personal information to administer its core programs, including SelfDesign Learning Community, and SelfDesign Home Learning.
Most of the information SDLF collects comes to SDLF directly from contractors, or is information regarding the contractor’s activities, performance or behaviour. For example, when a contractor signs a contract with SDLF, the contract will ask for a business or personal address and enough financial data to enable SDLF to make direct deposits to pay the contractor and to complete the identity verification process. This may also include information on qualifications and personal matters needed by SDLF in order for it to provide the best possible educational programs to its community.
Personal information is also collected and used and disclosed by SDLF in the course of the operation of its online and computer systems. Note that Personal Information, according to PIPA, does not include business contact information. As such, independent contractor names may be used in contexts associated with learner names and that would not require additional consent once the individual is contracted with SDLF.
Contractor personal information that is disclosed to SDLF when a contract is set up as well as during the course of work may be disclosed to the following applications:
- SDLF’s internal infrastructure, hosted via OVH.Net (Canada)
- D2L Brightspace Learning Platform (Privacy Policy) for the main purposes of:
- Sending and receiving messages
- Posting in the discussion forums
- SDLF’s Google Suite for Education (GSuite for Education Privacy & Security Information and Google’s Privacy Policy), including:
- Learning consultant documents; Reports; Mail; Forms; Sheets; Alerts
- Zoom, (Privacy Policy), for video conferencing.
- Mailchimp, (Privacy Policy), to communicate with you regarding news and program updates.
- Coggle, (Privacy Policy) to store Learning Plans
- Netsuite, (Privacy Policy), to store information required for accounting, which SDLF uses to pay contractors.
- Moodle, (Privacy Policy), for the purpose of storying course content, assessments, and learner-submitted work.
- Your external email server. SDLF will use your personal email address as the main form of communication from our program.
- Other programs and systems that SelfDesign Learning Foundation adopts in the course of program delivery to support its administration, or in which you submit your Personal Information voluntarily.
PRINCIPLE 3: CONSENT
SDLF will obtain consent of the individual for the collection, use or disclosure of personal information except where the law states exemptions, grants permission, or creates a requirement for collection, use, or disclosure of personal information.
Requirements for consent to collection, use or disclosure of personal information vary depending on circumstances and on the type of personal information that is intended to be collected, used or disclosed. In determining whether consent is required and, if so, what form of consent is appropriate, SDLF will take into account both the sensitivity of the personal information and the purposes for which SDLF will use the information. Consent may be express, implied (including through use of “opt-out” consent where appropriate), or deemed. For example, if an individual provides his/her mailing address and requests information regarding a particular service, consent to use the address to provide the requested information may be implied.
On giving reasonable written notice to SDLF , an individual may withdraw consent to the collection, use or disclosure of his or her personal information. Upon notice of withdrawal of consent, SDLF will notify the individual of the likely consequences of withdrawing his or her consent and, except where otherwise required or permitted by law, SDLF will stop collecting, using or disclosing the personal information as requested.
If a person provides SDLF or its service providers or agents with personal information about an individual, the person represents that it has all necessary authority and/or has obtained all necessary consents from such individual to enable SDLF to collect, use and disclose such personal information for the purposes set forth in this Personal Information Privacy Policy.
PRINCIPLE 4: LIMITING COLLECTION
SDLF will limit the personal information collected to that information necessary for the purposes identified by SDLF.
Our websites and services may provide links to other third-party websites and services which are outside our control and not covered by this policy. We encourage you to review the privacy policies posted on these (and all) sites you visit or services you use.
PRINCIPLE 5: USE, DISCLOSURE, AND RETENTION
SDLF will use, disclose and retain personal information only for the purpose for which it was collected unless the individual has otherwise consented, or when its use, disclosure or retention is required or permitted by law.
How is Information Used?
SDLF uses personal information as follows:
- to communicate with families and contractors, process applications and ultimately to provide learners with the educational services and co-curricular programs you expect.
- to enable SDLF to operate its administrative function, including payment of school fees and maintenance of non-educational school programs including parent and volunteer participation and fundraising.
- to provide certain specialized services in those areas or as adjunct information in delivering educational services.
If for any reason personal information is required to fulfill another purpose, SDLF will, where appropriate, notify you and ask you for your consent before SDLF proceeds.
SDLF may use anonymous information, such as information collected through surveys or statistical information regarding learners, to constantly improve our school.
When May Information be Disclosed?
SDLF may disclose an individual’s personal information to others in connection with the purpose for which it was collected, as consented to by the individual, or as required or permitted by law. The following are some examples of how SDLF may disclose personal information.
- When Authorized by You – For example, other educational institutions routinely contact SDLF for personal information about learners. For example, if a learner moves to another school, college or university, learner records are requested by the enrolling institution. Your permission to pass on these records is obtained when the learner is registered and you authorize SDLC to disclose such information to other appropriate educational institutions for the ongoing education of the learner. Also, contact information may be used to enable SDLF to provide the para-educational and administrative services usually operated by SDLF . These services include online video conferences, participation groups, parent-Learning Consultant meetings, fundraising, events, annual general meetings, etc.In some cases, when communication is over the telephone, your consent to the use and/or disclosure of your information will be obtained verbally. In other cases such as when you communicate through e-mail, your consent will be obtained electronically.
- When Required by Law – The type of information SDLF is legally required to disclose most often relates to family court issues, legal proceedings, court orders and government tax reporting requirements. Learner information as per Form 1701 is annually filed with the Ministry of Education.Only the information specifically requested is disclosed and SDLF takes precautions to satisfy itself that the authorities making the request have legitimate grounds to do so.
When Permitted by Law – SDLF is legally permitted to disclose some personal information in situations such as an investigation of illegal activities, reasonable methods to collect overdue accounts, a medical emergency or suspicion of illegal activities, etc. Only pertinent information is disclosed.SDLF does not sell, lease or trade information about you to other parties. - Third-party Service Suppliers – SDLF sometimes contacts outside organizations to perform specialized services such as printing, learner assessments, market research or data processing. Suppliers of specialized services are given only the information necessary to perform those services, and SDLF takes appropriate steps to ensure that such information is securely transferred and stored and is used only to fulfill the purposes for which it was disclosed to the service provider. Because some third-party service providers are located outside of Canada, personal information provided to SelfDesign may be processed in a foreign country, and it may be accessible to law enforcement and national security authorities of that jurisdiction.
- Restricting Sharing Information – If you choose to limit the sharing of your personal information, please contact SDLF office and submit a written letter specifying which items of personal information you wish to limit, and to whom you wish these items to be restricted. Please remember that certain agencies, by law, have access to certain types of personal information. Personal information will be retained for the period of time required to fulfill the purpose for which it was collected. Once the personal information is no longer required to be retained to fulfill the purposes for which it was collected and is no longer required or permitted to be retained for legal or business purposes, it will be destroyed or made anonymous.
PRINCIPLE 6: ACCURACY
SDLF will take appropriate steps to ensure that personal information collected by SDLF is as accurate and complete as is reasonably required in connection with the purposes for which it was collected, used or disclosed.
How May I Update Outdated or Incorrect Information?
An individual may, upon written request to SDLF , request that SDLF correct an error or omission in any personal information that is under SDLF’s control and SDLF will, as appropriate, amend the information as requested and send the corrected personal information to each third party to which it has disclosed the information during the preceding year.
PRINCIPLE 7: SAFEGUARDING PERSONAL INFORMATION
SDLF will protect personal information by security safeguards that are appropriate to the sensitivity level of the information.
SDLC’s Contractors
In the course of daily operations, access to personal information is restricted to authorized employees who have a legitimate reason for accessing it. For example, Learning Consultants will have access to personal information about learners but not your account with SDLC, and authorized SelfDesign Administrators will have access to contractor personal information in order to make invoice payments.
Contractors are educated about the importance of privacy and they are required to follow SDLC’s policies and procedures regarding handling of personal information.
Learner Records
Learner records are stored on SelfDesign controlled assets. Access is restricted to only those contractors (Learning Consultant, SEAs, PSPs, administrators) who, by nature of their work, are required to see them.
Electronic Security
SDLF manages electronic files with passwords and security measures that limit access by unauthorized personnel. SDLF’s security practices are reviewed periodically to ensure that the privacy of personal information is not compromised.
PRINCIPLE 8: OPENNESS
SDLF will make information available to individuals concerning the policies and practices that apply to the management of personal information.
Individuals may direct any questions or enquiries with respect to SDLF’s privacy policies or practices to the Privacy Officer of SDLF (privacy@selfdesign.org).
PRINCIPLE 9: INDIVIDUAL ACCESS
SDLF will inform an individual, upon the individual’s request, of the existence, use and disclosure of the individual’s personal information, and shall give the individual access to it in accordance with the law.
How May I Access My Personal Information?
Individuals may access and verify any personal information with appropriate notice so that the office is able to supply the information required. Most of this information is available in the registration forms and other forms that you filled out.
Parent Access to Learner Personal Information
A parent may access and verify their learner’s records, with appropriate notice. In situations of family breakdown, SDLF will grant access to learners’ records in accordance with the law.
Learner Access to learner Personal Information
A learner may access and verify their records , with appropriate notice. In situations of family breakdown, SDLF will grant access to learners’ records in accordance with the law.
PRINCIPLE 10: COMPLAINT PROCESS
Individuals may question compliance with the above principles.
EFFECTIVE: March 21, 2018
REVIEWED: December 1, 2022