Privacy policy


This Privacy Policy is effective as of November 1, 2016.

The Heart and Stroke Foundation of Canada, its affiliates, including Heart and Stroke Foundation of B.C. and Yukon, Heart and Stroke Foundation of Alberta, NWT and Nunavut, Heart and Stroke Foundation of Ontario, Heart and Stroke Foundation of Quebec, Heart and Stroke Foundation of Nova Scotia and Heart and Stroke Foundation of Prince Edward Island Inc., and the Heart and Stroke Foundation of New Brunswick (collectively, “HSF” or “we” or “our”) is leading the way in eliminating heart disease and stroke and reducing their impact through the advancement of research and its application, the promotion of healthy living, and advocacy.

Protecting your privacy is important to HSF. This Privacy Policy explains how HSF collects, uses, and discloses your personal information when you use this site (the “Site”), our products and our services, including but not limited to, any tools, eTools, apps, forums, event and course registration pages, electronic publications, newsletters, announcements, contest entries, lottery ticket purchases and/or donations online or by mail (collectively, the Site and services being, the “Services”). 

This Privacy Policy forms part of our Terms of Use, which outline the terms and conditions you agree to when using our Services.  We will only collect, use and disclose your personal information in accordance with this Privacy Policy.  By using the Services, you acknowledge that you have read and understood this Privacy Policy, and you agree and consent to the collection, use, and disclosure of your personal information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Services or supply your personal information to us.

1. What Personal Information Do We Collect?

Personal information means any information about an identifiable individual. The types of personal information that we may collect include, but is not limited to, your:

  • name;
  • date of birth, age, gender, ethnicity,  and weight;
  • phone number;
  • residential address;
  • e-mail address;
  • IP address; credit card information, money order or cheque;
  • banking information for donors that give monthly through chequing account withdrawals;
  • responses to program-specific registration questions;
  • child’s name, grade, school and teacher’s name when participating in the Jump program;
  • medical information, including but not limited to, your medical symptoms and conditions, your health screenings, your exercise habits and other health habits, and your family history of chronic illness; and
  • personal information you give us that we did not request (such as personal information you voluntarily put into an email to us or in a comments box on our Site).

2. Purposes for Collecting Your Personal Information

 HSF may use your personal information for the following purposes: 

  • to provide you with our Services;
  • to manage our relationship with you and provide you with customer service;
  • to identify you in our system;
  • to manage our business and operations;
  • to respond to your questions that you send through the Site, by email or by phone;
  • to contact you for fundraising purposes;
  • to facilitate and process your registration for certain courses, events and services;
  • to authenticate you when you sign in to your account;
  • to send you e-mails with mission-related content or about our programs and events;
  • to grant you access to special features or areas of the Site (including without limitation, to any HSF forums, tools, or courses) where you have applied for access or have posted information to those special features or areas of the Site;
  • to administer and provide you with eTools (through which we can provide you with a health assessment, and information to help you manage your health conditions and achieve your health goals, including support emails to encourage positive lifestyle changes);
  • to deliver and evaluate programs for which you are registered;
  • to receive your annual certification fees, certification card processing fees, certification card replacement fees, donations, online item purchases or purchases of a lottery ticket;
  • to issue tax receipts where applicable;
  • to track communications with you;
  • to track the location of IP addresses to provide provincial content for users;
  • to improve the Site and help us develop new services, tools and Site features that meet your needs;
  • for marketing segmentation to identify target populations;
  • for tracking purposes for the deployment of automated external defibrillators (“AED”); and 
  • as otherwise permitted or required by law

3. When Do We Collect Personal Information?

We may collect your personal information when you voluntarily provide it to us by using the Services.  For example, we may ask you to provide personal information if you:

  • use our Services;
  • register for user accounts;
  • sign into your account;
  • make a donation to HSF;
  • purchase an item from the Site (including without limitation, a ticket for one of HSF’s lotteries);
  • pay your annual certification fees, certification card processing fees or certification card replacement fees;
  • use our eTools features;
  • send a question or comment to HSF by email, phone, fax or through our Site;
  • communicate with HSF representatives by phone or in-person;
  • participate in an event organized by or associated with HSF;
  • post comments, messages or other content on our Site, including but not limited to, on our eTools, blog, contact us page or other features of the Site that permit you to provide your own comments, messages and content;
  • register to receive electronic communications, such as our e-newsletter; and
  • otherwise participate in features of our Site that ask for personal information.

    Any personal information posted, used or disclosed on a Twitter page, Facebook page or other social networking page or site is subject to that website’s privacy policy, and is not subject to this Privacy Policy.

    1. Limiting Collection of Personal Information

      We limit the collection of personal information to that which is necessary to fulfill the purposes identified in this Privacy Policy and we collect, use and disclose your personal information in accordance with this Privacy Policy.

    2. Use, Disclosure and Retention of Personal Information

      Your personal information will not be used without your consent for purposes other than those for which it was collected or in accordance with applicable laws.  From time to time, we may wish to use personal information for new or additional purposes, in which case we will amend the Privacy Policy to include these new or additional purposes and will obtain your consent through your continued use of our Services.

      We retain your personal information only for as long as we need it to fulfill the purposes for which it was collected and to comply with our legal obligations.

      We may also use and disclose your personal information to third parties under the following limited circumstances:

  • with service providers that help with HSF’s operations and Services including, without limitation, for customer services, monitoring and analyzing Site activity, and operating and maintaining the Site. Such service providers and partner companies may only use your personal information for the purposes described in this Privacy Policy;
  • when necessary to protect the safety, property or other rights of HSF, its representatives, and users of the Services, including to detect and protect fraud;
  • if we sell or transfer all or a portion of our business or assets to a related company or a third party.  Your personal information will remain subject to any pre-existing privacy policy unless you agree to the privacy policy of the company or third party that acquires your personal information;
  • with other charities, through an exchange list brokerage, unless you have opted-out. Specifically, HSF may trade your name and mailing address, but never your email address, with other charities.  You will always be given the opportunity to opt-out.
  • with your consent; or
  • when otherwise required or permitted by law.

     

    If you voluntarily submit or post any information, photographs or other content to any HSF forums, eTools, Twitter pages, Facebook pages or other social networking pages/sites, your personal information may be automatically included in the posting, including without limitation, your user name and email address. This information may be collected and used by others.

     

    1. Data Processors in Other Countries

      To provide you with Services, we may use service providers, data processors and other third parties (“Third Parties”) to perform services on our behalf.  These Third Parties may store, process and transfer personal information on servers located outside of Canada in jurisdictions whose data protection laws may differ from those of Canada, which may include the United States of America.  As a result, personal information may be subject to access requests from governments, courts, or law enforcement in those jurisdictions according to the laws in those jurisdictions.  For example, information may be shared in response to valid demands or requests from government authorities, courts and law enforcement officials in those countries. Subject to applicable laws in such other jurisdictions, we will use reasonable efforts to ensure that appropriate protections are in place to require our Third Parties to maintain protections on personal information that are equivalent to those that apply in Canada.

    2. Links to Other Sites

      The Site may contain links to other websites or Internet resources, notably those belonging to our sponsors, partners or collaborators. When you click on one of those links you are contacting another website or Internet resource that may collect information about you voluntarily or through cookies or other technologies. We are not responsible for the privacy practices or the content of any sites owned and operated by any third parties. Other sites may collect and treat information collected differently, so we encourage you to carefully read and review the privacy policy of each site you visit.

    3. Providing Credit Card Information on our Site

      If you make a credit card payment through HSF, we request the information reasonably needed by us to complete the processing of the transaction. For one-time payments, when you provide payment information, such as credit card numbers, credit card security codes, name on your credit card and expiration dates, we transmit this data directly from you to the credit card processing company; HSF only stores the credit card type, the last four digits of the credit card number and the expiration date in the event an incorrect payment needs to be refunded.  HSF will send you a confirmation email to confirm successful credit card charges.  For pre-authorized debits for recurring payments, all information is stored by HSF or Third Parties acting on our behalf, in an encrypted manner (i.e., coded data) such that only those who require access to update financial information can see the credit card number.  The encrypted data is provided at the appropriate intervals to the credit card processing company.  We may also share your personal information with Third Parties including credit card processing companies in order to bill you, but we do not provide any more information than reasonably necessary for this purpose. 

    4. Cookies, Web Beacons and Other Similar Technology

      As you interact with the Services, we may use automatic data collection technology and services that record and collect information that identifies your computer, tracks your use of this Site and collects certain other information about you and your surfing habits.  This data collection technology may include cookies, web beacons and other similar devices on this Site to enhance functionality and navigation for our visitors.

      A cookie is a small data file that is placed on the hard drive of your computer so that your computer will “remember” information when you visit a site.  Web beacons and tags are small strings of code that are used in conjunction with a cookie and allow us to record activity on our Site.  Internet tags, graphic tags and similar web beacon type functions allow us to count the number of users who have visited a particular web page or to access certain cookies. We may use web beacons on this Site to count users and to recognize users by accessing our cookies. Being able to access our cookies allows us to personalize this Site and improve your experience at this Site. We may also include web beacons in HTML-formatted e-mail messages that we send to determine which e-mail messages were opened.  

      Information tracked through these mechanisms includes, but is not limited to: (i) your IP address; (ii) the type of web browser and operating system being used; (iii) the pages of the Site a user visits; and (iv) other sites a user visited before visiting this Site. 

      You can reject or disable cookies by managing your browser settings and following the directions provided in your Internet provider’s help file. Please note that if you disable cookies, you may be unable to access some customized features on this Site. Cookies and web beacons do not collect or contain your personal information.

    5. Google Analytics

      Our Site uses Google Analytics, a web analytics service of Google, Inc. ("Google"), or comparable technology. Google Analytics uses "cookies", which are text files stored on your computer, to analyze how you use our Site. The information generated by the cookie about your use of our Site (including your IP address) is sent to a Google server in the U.S. and stored there. Google will use this information to evaluate your use of our Site, compile reports on Site activity for our Site operators and to provide other site activity related to internet services. Additionally, Google may transfer this information to a third party when required by law or in the case of a third-party processing information on Google's behalf. In no case will Google use your IP address in connection with any other information held by Google. You can set your internet browser to prohibit the installation of cookies, although we must point out that some features and functions of our Site will then be unusable. By using our Site, you consent to the processing of data about you collected by Google in the manner described and for the above mentioned purpose. The consent for collection and storage of data can be withdrawn at any time in the future by clicking on the following link: https://tools.google.com/dlpage/gaoptout?hl=en. Given the debate concerning the use of analytical tools using full IP addresses, we wish to point out that our Site uses the "Anonymize IP" function of Google Analytics which works with a shortened form of IP addresses to avoid direct personal identification.

      Furthermore, we use the cookies to carry out frequency assessments, page usage assessments and marketing assessments.  For the aforementioned assessments, we utilize this cookie information without a link to your personal information, so it is completely anonymous.

      You can set your Internet browser up so that you are notified when cookies are stored, you can decide in each individual case whether you want to accept cookies, or you can refuse to accept any cookies. However, if you do not accept cookies, you may be restricted in how you are able to use our Site. You can delete cookies which are already stored on your hard disk at any time. You will find more details on how to do this in the operating guide for your Internet browser program.

    6. Browsing Information

      We want to make your experience with HSF as supportive and as customized as possible, and to do this, we, with the help of one or more third party service providers, may use cookies on your computer to trace your online browsing habits on our Site. We and/or our third party service providers may then use the information collected from the cookies to provide you with suitable HSF advertisements when you visit our Site and other websites, such as social media sites, Google and Yahoo.  If you do not want to receive this type of customized advertising, you may set your browser to block third party cookies or clear your cache after each use.

    7. Security

      To help protect the confidentiality of your personal information, HSF employs security safeguards appropriate to the sensitivity of the information. We maintain reasonable technical, physical and administrative security safeguards to protect your personal information against loss, theft, and unauthorized access. Any personal information you provide to us is exchanged on a secure server. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we are committed to protecting your personal information, we cannot ensure or warrant the security of any information you provide to us.

      We take reasonable steps to verify your identity before granting you access to your account on our Site, however, you are solely responsible for maintaining the secrecy of your username, password and any other account information. We also take reasonable steps to ensure that HSF employees and volunteers are aware of the importance of maintaining the confidentiality of personal information and that unauthorized persons do not gain access to personal information that we have disposed of or destroyed.

    8. Individual Access and Accuracy of Personal Information

      You may request access to your personal information which we may hold by contacting us at the contact information set forth below, and we will respond within the time periods provided for under applicable laws. We will need to verify your identity before providing you with the personal information we hold about you. There is no cost for such access request unless you require copies of records. We may not be able to provide you with access to your personal information if the information cannot be separated from the personal information of others, cannot be disclosed for reasons of security or commercial confidentiality, or is protected by legal privilege. If we cannot provide you with access to your personal information, we will advise you of the reasons access is being denied, unless we are prohibited by law from doing so.

      You may request to update and change your personal information at the contact information set forth below.  We shall endeavor to correct or complete any personal information which you advise us is inaccurate or incomplete. Where appropriate, the amended information shall be transmitted to third parties having access to such information.

    9. Children’s Privacy

      We are committed to protecting the privacy of children and we do not knowingly solicit personal information from children under 13 years of age without parental or guardian consent.  Certain portions of our Site provide services and programs for children, such as Jump, for which we may collect a child’s personal information with parental or guardian consent in accordance with this Privacy Policy.   If a child has provided us with personal information without consent, his or her parent or guardian may contact us for the purpose of deleting this information.

       

    10. E-mail Communications

      HSF complies with Canada’s anti-spam legislation (CASL) and we will not send you electronic communications in contravention of this law. 

      We will ensure that each e-mail includes an opt-out feature and instructions on how to un-subscribe if you no longer wish to receive future e-mails from HSF. You can unsubscribe using the link included in the e-mail or by sending an e-mail to ON_privacyoffice@heartandstroke.ca or by telephoning us at 416-489-7111. If you do not expressly consent to receiving electronic communications, we will only communicate with you for the limited purposes permitted under CASL.  

    11. User Content in Comments, Chat Rooms and Message Boards

      If you post comments on the Site (such as commenting on a recipe or blog) or if you use chat rooms and message boards that may be available on our Site from time to time, you should know that when you voluntarily disclose your personal information on our message boards, chat rooms, comment boxes or other interactive areas where personal information can be posted, the information can be collected and used by other internet users. This may result in unsolicited messages from other posters or parties. We undertake no obligations as to the security of information you voluntarily post in our chat rooms, on our message boards, in comment sections of our Site or in other interactive features of our Site.  Please refer to our Terms of Use to understand your obligations when providing your own content (referred to as “User Content” in our Terms of Use)

    12. Changes to this Privacy Policy

      This Privacy Policy may be amended by HSF from time to time in HSF’s sole discretion and without any prior notice to you.  The collection, use and disclosure of your personal information by HSF will be governed by the version of this Privacy Policy in effect at that time. We will post the most current version on our Site and will indicate at the top of this page the date this Privacy Policy was last revised.  Please check back from time to time to ensure that you are aware of any updates or changes in this Privacy Policy.  By continuing to access or use this Site after any such changes constitutes your acceptance of the Privacy Policy as revised.

    13. Your Consent to the Terms of this Privacy Policy

      By using our Services and providing us with your personal information, you agree that HSF may collect your personal information and you voluntarily consent to the collection, use, disclosure and transfer of your personal information in accordance with this Privacy Policy. If you do not agree with any terms of this Privacy Policy, please do not use our Services or provide us with any personal information.  If you do not understand the nature, purpose and consequences of collecting, using and disclosing personal information to HSF, please do not use our Services or provide us with any personal information, and contact us at the contact information set forth below so that we can address your questions or concerns. 

      Subject to legal and contractual requirements, you may refuse or withdraw your consent to certain of the purposes identified in this Privacy Policy at any time by contacting us at the contact information set forth below. If you refuse or withdraw your consent, you acknowledge that HSF may not be able to provide you or continue to provide you with certain services or information which may be of value to you.

    14. How to Contact Us

We welcome your feedback. If you have questions, comments or concerns about this Privacy Policy, or would like to do any of the following:

  • see your personal information that you have already sent us so that you can correct, update or delete it from our files;
  • if your child under 13 has used this Site and sent us personal information, delete that personal information from our files;
  • ask that we not send you electronic communications or otherwise contact you; or
  • report any violation of this Privacy Policy,

Please contact us at ON_privacyoffice@heartandstroke.ca and we will try to get back to you as soon as possible.