Sidney Museum Privacy Policy

The Sidney Museum is committed to protecting the privacy of the users of this website (the “website”) in accordance with British Columbia’s Freedom of Information and Protection of Privacy Act, the Museum Act, and other applicable legislation. This Privacy Policy (“Policy”) describes the information that the Sidney Museum collects from or about users of the website, how it is used and protected, and to whom it is disclosed.

From time to time, the Sidney Museum may update its policies and procedures, including this one. Users should review this Policy each time that they visit the website.

Personal Information

“Personal information” (also known as “Personal Identifiable Information” or “PII”) means recorded information about an identifiable individual, including home or personal email address, phone numbers and credit card information. Personal information does not include contact information which enables an individual at a place of business to be contacted, such as the individual’s name, position name, title, business telephone number, business email or business fax number.

Collection and Retention of Information

The Sidney Museum only collects personal information when it is voluntarily submitted by users of the website. Users may choose not to provide certain personal information when it is requested, although that may impair the ability of the user to use the website and/or of the Sidney Museum to address a user’s needs or requests.

Users may visit the website without telling the Sidney Museum who they are, or revealing any information about themselves. However, like many organizations’ websites, our web server automatically collects certain non-identifying information related to the user’s visit to the website, including the Internet Protocol (IP) address of the user’s computer, the IP address of the user’s Internet Service Provider, the type and version of the browser that the user is using, the date and time the user accessed the website, the Internet address of the website from which the user linked directly to our website, the operating system that the user is using, and the pages of the website that the user has website. The Sidney Museum makes no attempt to link this information with the identity of individuals visiting the website. It may, however, review server logs and anonymous traffic statistics for security purposes, for example to detect intrusions into its network, and to monitor the aggregate viewership of the pages. The possibility therefore exists that server log data, which contains users’ IP addresses, could in instances of criminal malfeasance be used to trace and identify individuals. In such instances, raw data logs would be shared with appropriate investigative bodies authorized to investigate such security breaches.

The Sidney Museum retains information in accordance with its various records retention schedules, and will generally retain personal information for only as long as necessary to fulfil the purpose(s) for which it was collected. However, personal information that is used by or on behalf of the Sidney Museum to make a decision that directly affects an individual user will be retained for at least one year after it is used, so that the user has a reasonable opportunity to obtain access to his or her personal information. When destroying personal information, the Sidney Museum deletes electronically stored personal information and shreds any tangible materials containing personal information. While the Sidney Museum will endeavour to destroy all copies of personal information, deleted information may continue to exist on back-up media although it will not be used unless permitted by law.

Purpose – Why Information is Collected, Used and Disclosed

Personal information that the Sidney Museum collects is used and disclosed only for the purpose for which it was collected, or for a use consistent for that purpose, unless the user consents to another purpose or if another purpose is authorized under the Freedom of Information and Protection of Privacy Act or other applicable law. Purposes for which the Sidney Museum may collect and use personal information include:

  • to provide the user with information and promotional materials regarding the Sidney Museum;
  • to establish, maintain and manage relations with a user relating to the Sidney Museum’s programs, activities and services;
  • to plan and evaluate the Sidney Museum’s programs and activities;
  • to obtain feedback regarding the website and the Sidney Museum’s programs and services;
  • to create a record of the user’s involvement with the Sidney Museum;
  • to protect the Sidney Museum against error, fraud, theft or damage to its assets;
  • to comply with any legal requirements, including reporting requirements, and for law enforcement purposes;
  • any other reasonable purpose to which the user provides consent.

If the Sidney Museum transfers any personal information to a third party subcontractor for processing, it will use appropriate contractual or other means to ensure compliance with this Policy and all applicable legislation.

Contests and Surveys

The Sidney Museum may from time to time run contests or collect information from users using online surveys or entry forms. Participation in contests and surveys is entirely voluntary, and users can choose what, if any, information they wish to disclose. The specific information requested and how it will be used will vary, and will be communicated to users prior to or at the time that the information is requested.

Cookies and Web Beacons

The Sidney Museum may use cookies, or similar technologies to enhance the efficiency, convenience, and use of the website. When a user visits the website, the Sidney Museum may place a cookie on the hard drive of the user’s computer to allow us to track and analyze the user’s use of the website, and to enable the use of certain content management systems. “Cookies” are a technology that installs small data files on a website user’s computer to permit the web server to differentiate users, and to pass information from page to page during a single user’s website session. Most web browsers automatically accept cookies, but if a user does not wish to have cookies on the user’s system, the user can adjust browser settings to decline them or to alert the user when cookies are being sent. If a user declines cookies the user will still be able to use the website, but that user’s ability to access certain features of the website may be affected.

Links to other websites

The website may contain optional links to third party Internet websites and services that may collect data from users or their computers. The use of such websites is at the user’s own risk, and the Sidney Museum cannot assume responsibility for the privacy practices, policies or actions of the third parties who operate those websites. This Policy applies only to the Sidney Museum website, and all users are advised to read the privacy policies contained on each Internet website that they visit.

Feedback

Comments or other feedback provided by a user to the Sidney Museum become the property of the Sidney Museum, and the Sidney Museum may use and disclose them for any purpose provided that it does not associate them with the user’s personally identifiable information. The Sidney Museum will only publicly identify users who consent to being identified in connection with their comments or other feedback.

How Information Is Protected

The Sidney Museum maintains reasonable security safeguards to protect personal information in its custody or under its control from loss and unauthorized access, collection, theft, copying, use, alteration, disclosure or disposal, regardless of the format in which the information is held. The Sidney Museum maintains its servers and paper files in locked premises, and uses user IDs, passwords, firewalls, anti-virus and other protection against malicious code, as well as appliance-based encryption technology, all in accordance with the highest industry standards for data protection and network security. Access to personal information is restricted to those authorized personnel having a “need to know” and who are bound by confidentiality obligations. Any credit card information submitted by a user will not be stored on Sidney Museum servers, but rather will be sent to a PCI Level 1-compliant payment processor for processing. When destroying personal information, the Sidney Museum deletes electronically stored personal information and shreds any tangible materials containing personal information. While the Sidney Museum will endeavour to destroy all copies of personal information, under certain circumstances deleted information may continue to exist on back-up media, but will be protected and will not be used unless permitted by law. The safeguards applied to protect personal information will depend on the sensitivity of the information, with the highest level of protection given to the most sensitive personal information. Unless permitted by the Freedom of Information and Protection of Privacy Act or other relevant legislation, all personal information in the custody of the Sidney Museum or under its control is stored and accessed only in Canada.

The Sidney Museum will continually review and update its security policies and controls as technology evolves. Unfortunately, no security technology can be guaranteed to be failsafe. As a result, while the Sidney Museum strives to protect its users’ personal information, it is impossible to fully eliminate security risks associated with personal information. Use of the website and transmission of any information is at the user’s own risk, and the Sidney Museum cannot warrant the security of any information that is transmitted to or from it. Similarly, the Sidney Museum cannot guarantee that its hosted email will be secure at all times, nor can it be responsible for the actions of any third parties who might receive such information. As such, users should be very careful about the nature of the information that they provide, and are advised not to provide sensitive personal information through the website “Contact” form or via subsequent email correspondence with the Sidney Museum.

Accuracy / Access

The Sidney Museum will use all reasonable efforts to ensure that any personal information in its custody or under its control that will be used to make a decision that directly affects an individual user will be accurate and complete. Users may request access to their personal information, and should advise the Sidney Museum immediately if they discover inaccuracies in their personal information or if their personal information changes. All notices and requests should be in writing and sent to the Sidney Museum’s Information and Privacy Officer at the address set out below. When the Sidney Museum is contacted by a user, it may ask for further information in order to confirm the identity of the user.

In some circumstances, the Sidney Museum may not agree to a user’s request to change personal information for legal or other reasons, but will record that a request to change the information has been made.

Governing Law

Access to and use of the website, including this Policy, is governed exclusively by the laws of the Province of British Columbia and the federal laws of Canada applicable therein (excluding conflicts or choice of laws principles).

Social Media Commenting Guidelines

We encourage public interaction and conversation about the content we post on our social media accounts. Due to the large volume of comments we receive, we are not always able to respond to everyone, but we will do our best to answer questions, listen to your feedback and thank you for getting to know more about us.

While we do not discriminate against views or opinions posted to our social networking accounts, we reserve the right to remove or not approve any comment. We will not edit or modify comments to remove unacceptable content; the entire comment will be deleted. Users are solely responsible for their use of the Sidney Museum social media accounts, including user-generated content and comments. The Sidney Museum is not responsible for any comments or material published on this page by others.

The Sidney Museum moderates all comments and reserves the right to remove your comments from any of our social media platforms including but not limited to Facebook, Twitter, Instagram and YouTube. We also reserve the right to block or remove access to repeat offenders of this policy.

Comments of the following nature (and others deemed inappropriate) will be removed:

  • Trolling, spamming, or postings that contain inappropriate language or images
  • Comments that are threatening, obscene, profane and that contain hate speech, degrade others or are abusive 
  • Libel, slander, or personal attacks of any kind, including the use of offensive terms that target specific individuals or groups
  • Comments that could unfairly harm a person’s reputation 
  • Sharing personal information of Sidney Museum staff
  • Makes unsupported accusations
  • Comments that violate fair use, copyright and disclosure laws
  • Comments that promote users’ commercial activities, particularly if they are unrelated to the Museum’s mandate or history

Questions, Requests and Complaints 

Any user who wishes to access or correct his or her personal information, or who would like to make an inquiry, suggestion or complaint regarding the Sidney Museum’s personal information policies and procedures, or to challenge the Sidney Museum’s compliance with this Policy, should contact the Sidney Museum’s Information and Privacy Officer by email at [email protected], by telephone at (250) 655-6355, or by mail at:

Information and Privacy Officer
Sidney Museum and Archives
2423 Beacon Ave
Sidney, BC V8L 1X5
Canada 

Users may request that the Information and Privacy Commissioner of British Columbia review any decision, act or failure to act by the Sidney Museum relating to a user’s request to access a record or to correct personal information. Any such requests must be delivered to the Information and Privacy Commissioner in writing, in accordance with the Freedom of Information and Protection of Privacy Act.

 

Version 1.0 2020-12

 

Scroll to Top