Privacy Policy

Our Commitment
Mennonite Economic Development Associates (including its solely owned subsidiary companies MEDA Trade Company, MEDA Investments and Sarona Global Investment Fund - herein referred to as MEDA) is committed to protecting the privacy of the personal information of its employees, members/donors, clients/contractors and other stakeholders.  We value your trust and recognize that maintaining this trust requires that we are transparent and accountable in how we treat the information that you choose to share with us. This policy was updated effective 1 July 2009, and applies to all MEDA activities. The policy will be updated periodically in order to maintain compliance with applicable legislation.

Definitions
  • collection:  the act of gathering, acquiring, recording, or obtaining personal information from any source, including third parties, by any means
  • consent:  voluntary agreement with the collection, use and disclosure of personal information for defined purposes.  Consent can be either expressed or implied and can be provided directly by the individual or by an authorized representative.  Express consent can be given orally, electronically or in writing, but is always unequivocal and does not require any inference on the part of MEDA. Implied consent is consent that can reasonably be inferred from an individual’s action or inaction.
  • members/donors:  an individual who supports the work of MEDA financially, subscribes to MEDA publications; or volunteers to work with MEDA board/committees/projects, etc.
  • clients/contractors:  an individual or organization with which MEDA signs a contract for goods and services or indirectly receives services or resources from MEDA.
  • investors: an individual or organization who have direct or indirect investment in MEDA by way of loan, equity position, promissory note etc.
  • disclosure:  making personal information available to a third party
  • personal information:   includes any factual or subjective information, recorded or not, about an identifiable individual.  For example:
  • Name, age, birthday, ID numbers, income, ethnic origin, blood type, familial relationshipsOpinions, evaluations, comments, social status, or disciplinary actionsEmployee files, credit records, loan records, medical records, intentions (for example, to acquire goods or services, or change jobs)
    Personal information DOES NOT INCLUDE the name, job title, business address, business phone number or other information that would appear on a business card; or personal information that is available to the public (like information in a phone book).
  • third party:  an individual or organization outside of MEDA
  • use:  the treatment, handling, and management of personal information by and within MEDA or by a third party with the knowledge and approval of MEDA

Privacy practices
Consent for Identified Purposes

Personal information gathered by MEDA is kept in confidence and is used only for the purposes stated at the time of collection.  Where possible and appropriate, MEDA will endeavour to obtain express consent and state our intended use of your personal information either orally, electronically or in writing; in some cases implied consent will be assumed.  In rare circumstances, such as detecting and preventing fraud, serious illness, or mental incapacitation, obtaining consent may be impossible or inappropriate. MEDA will ensure that your reasonable expectations for using your personal information are respected, and you have the choice to withdraw your consent at any time.  

Limited Collection, Use, Disclosure and Retention
MEDA will limit our collection of personal information to that which is necessary to fulfill the purposes identified at the time of collection. If we would like to use your personal information for a reason other than its original purpose, we will contact you first to request permission.  Your personal information will be appropriately disposed of as soon as the purpose for which it was collected is no longer relevant, except as required by law or other industry recordkeeping standards.

Safeguards
MEDA has security measures in place to protect your personal information from use or disclosure beyond its original intention.  We evaluate the sensitivity of the type of personal information we collect, and take the appropriate level of security measures to ensure the integrity of your personal information and to prevent its loss or destruction.  

MEDA will implement procedures to ensure compliance with the Privacy Policy including:
  1. Regular privacy audit and procedure reviews.
  2. Established procedures to receive and respond to inquiries and complaints
  3. Training and communicating of employees and client/contractors about MEDA’s privacy policy and procedures.
  4. Maintaining reasonable and systematic controls, schedules and practices for information and records retention and destruction to prevent unauthorized parties from gaining access to Personal Information
  5. Obtain contractual agreements with third parties stipulating the confidentiality of the information and the purposes for which it is to be used.

Accuracy and Access
MEDA strives to keep your personal information accurate. If you would like access to your personal information we keep on file to verify its accuracy, please contact the Privacy Officer listed below. As further protection of your privacy and security we may take steps to verify your identity before granting access to your information. In certain situations MEDA may not be able to provide access to all of the personal information it holds about a member/donor, client/contractor, investors and other stakeholders, in which case MEDA will provide the reasons for denying access upon request.

Website Usage and Security
The www.meda.org web site is operated by MEDA for the benefit of our members/donors, clients/contractors, investors and other stakeholders interested in supporting our organization’s vision and mission.

MEDA will not collect any personal information about users, except that which is knowingly and specifically supplied to us by the user.  We will not disclose any personal information about users to any outside parties unless the user is advised of this possibility before providing the personal information.

On-line Security
MEDA uses recognized industry-standard encryption software for all personal information submitted on our web site.  Donations made on our web site are linked to a secure payment service for credit card transactions.

Cookies
MEDA uses cookies – small files containing information to track site visits for purposes of better understanding  how our site is used, to make sure our information is served correctly and to improve the performance of our site for our users.  We do not use cookies to retain personal information about our users, and do not sell information about our traffic patterns.

External Links
There are links on the meda.org web site that take you to other web sites outside of our service.  Any links provided to third party web sites outside of meda.org are provided solely for your convenience.  The operation and content of such third party web sites is beyond our control, and we do not endorse in any manner whatsoever or accept responsibility for the content or other material that may be contained on such web sites.

MEDA’s Privacy Policy will be posted to our website and will from time to time be updated to comply with changes in regulations.  Your continued use of our web site following the posting of changes to this policy implies acceptance of the changes.

Openness and Complaints
MEDA seeks to maintain transparency and accountability for our management of personal information. Our Privacy Policy is published on our web site and is otherwise available upon request.  All MEDA staff receive a copy of this policy and are given  appropriate training on how this policy affects their work. MEDA will make available to members/donors, clients/contractors, investors  and other stakeholders specific information about its policies and procedures relating to its management of personal information.  

The Privacy Officer is accountable for compliance to the Privacy Policy.  An audit of the personal information management practices of MEDA will be conducted regularly and presented to the Senior Management Team.

If you would like to register a complaint regarding our collection, retention, or use of personal information, please contact the Privacy Officer to file your complaint. Upon receiving your complaint in writing, the Privacy Officer will promptly investigate and inform you of the investigation results and MEDA’s response. If this does not satisfy the complaint, the issue will be taken to the MEDA Senior Management Team for further processing and action.

Contact Information
For questions, concerns or complaints relating to MEDA’s Privacy Policy on the handling of personal information, please contact:
Cynthia Atkinson
Privacy Officer
catkinson@meda.org
Phone: 1-800-665-7026

REVISED JUNE 24/09