Privacy Policy

Introduction

The Northwest Territories and Nunavut Association of Professional Engineers and Geoscientists
(NAPEG) is committed to maintaining the accuracy, confidentiality, security and privacy of an
individual’s personal information.

NAPEG recognizes the importance of protecting our members and licensees privacy rights.
Members and licensees trust us with their personal information and we intend to retain that trust
by treating their information with respect.

The NAPEG Privacy Policy is a statement of the principles and guidelines for the required
protection of personal information collected, used or disclosed by NAPEG. The objective of the
NAPEG Privacy Policy is responsible and transparent practices in the management of personal
information in accordance with federal legislation.

The NAPEG Privacy Policy incorporates the provisions of the Personal Information Protection
and Electronic Documents Act (Bill C-6) and includes the 10 principles of the Canadian
Standards Association (CSA) Model Code for the Protection of Personal Information.

Consent

By submitting personal information to NAPEG, an individual submitting such information
agrees that NAPEG may collect, use and disclose personal information in accordance with the
NAPEG Privacy Policy.

Consent is the informed voluntary agreement with the collection, use and disclosure of personal
information for defined purposes. Consent can be either express or implied and can be provided
directly by the individual, by his or her legal guardian or by a person having power of attorney
for the individual. Express consent can be given orally, electronically or in writing, but is always
unequivocal and does not require any inference on the part of NAPEG. Implied consent is
consent that can reasonably be inferred from an individual’s action or inaction.

Summary of Principles

Principle 1 – Accountability

NAPEG is responsible for personal information under its control and designates the Executive
Director/Registrar to be accountable for its compliance with the principles outlined in this policy.

Principle 2 – Identifying Purposes for Collection of Personal Information

NAPEG identifies the purposes for which personal information is collected at or before the time
the information is collected.

Principle 3 – Obtaining Consent for Collection, Use or Disclosure of Personal Information

NAPEG requires the knowledge and informed consent of the individual for the collection, use, or
disclosure of personal information, except where exempted by law.

Principle 4 – Limiting Collection of Personal Information

NAPEG limits the collection of personal information to what is necessary for its identified
purposes. NAPEG collects personal information by fair and lawful means.

Principle 5 – Limiting Use, Disclosure and Retention of Personal Information

Personal information shall not be used or disclosed for purposes other than those for which it was
collected, except with the consent of the individual or as required by law. Personal information
shall be retained only as long as necessary to fulfill those purposes.

Principle 6 – Accuracy of Personal Information

Personal information shall be as accurate, complete, and up-to-date as is necessary for the
purposes for which it is to be used.

Principle 7 – Security Safeguards

NAPEG protects personal information by security safeguards appropriate to the sensitivity of the
information.

Principle 8 – Openness Concerning Policies and Practices

NAPEG shall make readily available to individuals specific information about its personal
information management policies and practices.

Principle 9 – Access to Personal Information

NAPEG informs individuals of the existence, use, and disclosure of their personal information
upon written request and gives them access to that information. Individuals may challenge the
accuracy and completeness of their information and have it amended, if appropriate.

Principle 10 – Challenging Compliance

An individual shall be able to address a challenge concerning compliance with the above
principles to the designated individual or individuals accountable for NAPEG’s compliance.

Scope and Application

The 10 principles that form the basis of the NAPEG Privacy Policy are interrelated and NAPEG
adheres to them as a whole. Each principle must be read in conjunction with the accompanying
commentary.

The scope and application of the NAPEG Privacy Policy are as follows:

  • The Policy applies to personal information that is collected, used, or disclosed by NAPEG and to the management of personal information under NAPEG’s control.
  • The Policy does not impose any limits on the collection, use or disclosure of the following
    information by NAPEG:    

    1. an individual’s name, title, business address and telephone and fax numbers;
    2. other information about an individual that is publicly available and is specified by
      regulation pursuant to the Personal Information Protection and Electronic
      Documents Act; and
    3. the terms, conditions and limitations attached to a license, certificate of registration,
      or permit to practice issued by NAPEG.

The application of the NAPEG Privacy Policy is subject to the requirements and provisions of
the Personal Information Protection and Electronic Documents Act, the regulations enacted
hereunder, and any other applicable legislation or regulation or the order of any court or other
lawful authority.

A NAPEG Staff Guideline will provide procedures to enhance this policy.

By approval of this privacy (protection of personal information) policy, NAPEG:

  • Agrees to comply with the above ten principle areas of responsibility;
  • Has designated a Chief Privacy Officer to oversee compliance;
  • Will protect personal information with appropriate safe guards;
  • Will develop and implement protection of personal information policies and procedures;
  • Will train staff through staff meetings or other appropriate means;
  • Will develop rules and obtain consent regarding the transfer of personal information to
    third parties.

Although an individual’s name, title, business address and telephone and fax numbers are not
classified as personal information under the Personal Information Protection and Electronic
Documents Act NAPEG will develop rules and obtain consent regarding the transfer of personal
information to third parties.