Personal Information Protection Principles
Gusto Running™ is accountable for the protection of all Personal Information within the organization's possession or control, including any Personal Information that has been transferred to a third party for regulatory, legal or processing purposes. Gusto Running™ will require a comparable level of protection of this information from its third party relations.
2. Identifying Purposes
Personal Information includes but is not limited to:
(a) client’s name and address and other contact information, such as telephone numbers, email addresses;
(b) date of birth;
(c) running and fitness goals;
(d) employment information;
(e) in case of emergency contact information;
(f) medical information;
(g) parent/guardian contact information when applicable; and
(h) other identifiable information such as credit card or banking information.
Referred to collectively as (“Personal Information”)
Personal Information does not include information that is otherwise available to and made public.
3. Limiting Collection & Use of Personal Information
The knowledge and consent of an individual are generally required for the collection, use or disclosure of personal information and Gusto Running™ will seek to obtain consent before or when it collects, uses or discloses Personal Information about an individual. An individual can provide consent to the collection, use and disclosure of Personal Information about them expressly or implicitly. However, Gusto Running™ will collect, use or disclose Personal Information without an individual's knowledge and consent only in limited circumstances and as permitted by law, such as in the case of an emergency where the life, health or security of an individual is threatened, or by order of the court. Subject to certain legal and contractual restrictions and reasonable notice, an individual can refuse or withdraw their consent to the collection, use or disclosure of Personal Information about them at any time. Under certain exceptional circumstances, Gusto Running™ may have a legal duty or right to disclose Personal Information without the individual's knowledge or consent.
Gusto Running™ will retain closed client files (electronic and hard copy) for two years, after which the Personal Information will be destroyed or made anonymous.
Gusto Running™ shall take all reasonable steps to ensure that all Personal Information will be kept accurate, complete and up to date. Any client of Gusto Running™ can have access to the Personal Information about them that Gusto Running™ has in its possession or control. Individuals may challenge the accuracy and completeness of Personal Information about them and have it amended, as appropriate.
In executing its responsibilities with respect to the confidentiality of personal information, Gusto Running™ will employ a number of safeguards appropriate to the sensitivity of the information, to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. Such safeguards will include but are not limited to: physical measures, organizational measures and technological measures, for example locked filing cabinets, and the use of passwords and encryption. Procedures for implementing these measures will be communicated to all employees and third parties to ensure compliance with this principle.
Gusto Running™ will make its policies and practices relating to the protection of Personal Information available to its clients.
9. Challenging Compliance