Privacy Policy

Updated: October 2024

The Canadian Anesthesiologists’ Society (“CAS”, “we”, “our” or “us”) recognizes the importance of privacy. The purpose of this Privacy Statement is to inform you about our privacy practices, including how we collect, use and disclose your personal information.

What This Privacy Statement Covers
This Privacy Statement covers the following topics:

  • Personal Information We Collect
  • How We Use Your Personal Information
  • How We Share Your Personal Information
  • Your Consent to the Collection, Use and Disclosure of Your Personal Information
  • Opting Out of Marketing Communications
  • Retention and International Transfer of Personal Information
  • Information Security
  • Accessing and Updating Your Personal Information
  • Third-Party Websites and Services
  • Changes to this Privacy Statement
  • How to Contact Us
Personal Information We Collect
“Personal information” means information about an identifiable individual as described under Canadian privacy laws. 
 
Generally, personal information does not include any business contact information that is solely used to communicate with you in relation to your employment, business or profession, such as your name, position name or title, work address, work telephone number, work fax number or work e-mail address.
 
We may collect, use and disclose different kinds of personal information, depending on our relationship with you. Generally, the types of personal information we collect can be grouped into the following categories (not all of which may apply to you):
  • identity information, such as your name, membership ID, date of birth and gender
  • contact information, such as your address, e-mail address and telephone numbers
  • user information, such as your account username and information you provide to access the members-only portion of our website
  • professional information, such as your professional designation and your employer’s information, as well as qualifications, job title and any personal information contained in academic papers submitted to our journal or comments in respect of submitted papers
  • educational and event participation information, such as your participation in our continuing professional development activities, and leadership or networking events
  • financial information, such as your bank account and payment card details used to pay membership fees
  • technical and usage information when you use our website, such as your internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website
  • marketing and communications information, such as your preferences for receiving our newsletter 
If you make an online payment using a payment card, you are connected directly to our online payment processing service provider. Your payment card information is collected and processed through a certified secure server using encrypted transmissions.
 
We also collect, use and share aggregated and anonymized data for any purpose, including to provide the public with demographic information about CAS members. Aggregated and anonymized data is not considered personal information because it cannot be used to identify you.
 
How We Use Your Information
We generally use your personal information for the following purposes:
  • to communicate with you through our newsletter or other member communications
  • to provide accreditation services, continuing professional development programs and other educational and practice resources
  • to administer your membership, provide member benefits and support the activities and operations of our sections and committees
  • to provide and administer research grants
  • to publish journal articles in our academic journal and to undertake peer review of journal articles
  • to recognize excellence through our award program
  • to organize meetings and events
  • to publish the names of our division, section and committee Chairs on our website
  • to respond to your requests, questions and concerns
  • to investigate legal claims and protect our rights, operations or property
  • for such other purposes as you may consent from time to time
  • as otherwise required or permitted by law   
We do not use your personal information to engage in interest-based or behavioral advertising of our services across third-party websites or service offerings.
 
You have a variety of tools to control the data collected by cookies, web beacons, and similar technologies when you use our website. For example, you can use controls in your internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies. 
 
How We Share Your Personal Information
We generally identify to whom, and for what purposes, we disclose your personal information at the time we collect such information from you and obtain your consent to such disclosure.
 
For example, we may obtain your consent to disclose your personal information to our affiliates and partner organizations such as the Association of Canadian University Departments of Anesthesia (ACUDA), the Canadian Anesthesia Research Foundation (CARF) and the Canadian Anesthesiologists’ Society International Education Foundation (CASIEF).
 
We may disclose your personal information when we believe such disclosure is required or permitted by law. In addition, we may transfer your personal information to a third party in the event of any significant corporate transaction (such as a merger).
 
We rely on third party service providers to perform a variety of services on our behalf, such as payment card processors, telephone and technical support providers, and data storage and processing service providers. If we transfer your personal information to service providers, we require that those service providers maintain the confidentiality of your personal information and keep it secure. We also require that our service providers only use your personal information for the limited purposes for which it is provided and that they comply with applicable privacy laws.
 
Your Consent to the Collection, Use and Disclosure of Your Personal Information
We collect, use, and disclose your personal information with your consent or as permitted or required by law. How we obtain your consent, including whether it is express or implied, will depend on the circumstances and the sensitivity of the personal information in question. Typically, we will seek your consent at the time your personal information is collected. You may provide your consent to us either orally, electronically, or in writing.
 
If you provide personal information about another individual to us, for example when you register someone else for an event, nominate someone for an award or provide information about your co-investigators for a research grant, it is your responsibility to obtain the consent of that individual to enable us to collect, use, and disclose their personal information as described in this Privacy Statement.
 
If you wish to withdraw your consent to our collection, use or disclosure of your personal information, please contact us using the contact information in the “How to Contact Us” section below. We will accommodate your request to withdraw consent, subject to legal or contractual restrictions. In some cases, withdrawal of your consent may mean that we will no longer be able to provide you with certain products or services.
 

Opting Out of Marketing Communications
If you no longer want to receive our newsletter or other marketing-related e-mails from us, you may opt-out of receiving marketing-related e-mails by clicking the “unsubscribe” link at the bottom of any e-mail you receive from us. You may also opt-out by contacting us directly using the contact information in the “How to Contact Us” section below.
Please note that if you opt-out from receiving marketing-related e-mails, we may still need to send you communications about your membership, your use of our products or services, or other matters.

Retention and International Transfer of Personal Information 
We will retain your personal information for as long as necessary to fulfill the purposes for which it was collected and as permitted or required by law.
 
We may transfer your personal information outside of Canada to fulfil the purposes for which it was collected, including for processing and storage by service providers. While your personal information is outside of Canada, it is subject to the laws of the country in which it is located, which may have different data protection laws than Canada. Those laws may require disclosure of your personal information to authorities in that country. For more information about our policies and practices regarding service providers outside of Canada, contact us using the contact information in the “How to Contact Us” section below.
 
Information Security
We have implemented physical, organizational, contractual and technological security measures in an effort to protect your personal information from loss or theft, unauthorized access, use, or disclosure. For example:
  • we inform our employees and agents about the importance of safeguarding personal information
  • we restrict access to your personal information to those employees or agents who need access for authorized purposes
  • we protect electronic data using technological means such as firewalls, access controls and encryption
Despite these measures, we cannot guarantee that our safeguards will always be effective. A breach of security safeguards can result in such risks as phishing and identity theft. In such cases, we will act promptly to mitigate the risks and to inform you where there is a real risk of significant harm, or as otherwise required by law.
 
We may also require you to assist us to safeguard your personal information. For instance, if you create a membership account through our website, you should use a unique and strong password and not share your password with others.
 
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any information that you provided to us has been compromised), please contact us immediately using the contact information in the “How to Contact Us” section below.
 
Accessing and Updating Your Personal Information
We expect you, when required, to supply us with updates to your personal information. We will not routinely update your personal information, unless such a process is necessary. 
You may make a written request to review any personal information about you that we have collected, used or disclosed, and we will provide you with any such personal information to the extent required by applicable laws. 
 
You may also challenge the accuracy or completeness of your personal information in our records. If you demonstrate that your personal information in our records is inaccurate or incomplete, we will amend the personal information as required. We may require that you provide sufficient identification to fulfill your request to access or correct your personal information. Any such identifying information will be used only for this purpose.
 
We will not charge you any fees to access your personal information in our records without first providing you with an estimate of the approximate costs, if any. You may have the right to make a complaint to the Privacy Commissioner of Canada or the applicable provincial privacy commissioner if you object to how we handle your request.
 

Third-Party Websites and Services
We may provide links to third-party websites for your convenience and information. We may also make opportunities available to you to purchase, subscribe to, or use other products and online services from third parties with different privacy practices. Those other products and online services are governed by their respective privacy statements and policies. This Privacy Statement does not extend to any websites, products or services provided by third parties. We do not assume responsibility for the privacy practices of such third parties, and we encourage you to review all third-party privacy policies prior to using third-party websites, products or services.

If you are based in the UK or EEA, the following applies to you:
CAS is a “data controller” in relation to your personal information which includes any information relating to an identified or identifiable natural person.

We rely on one or more of the following lawful basis for processing:
 
  • Performance of a contract with you. Where we need to perform the contract we are about to enter into or have entered into with you (for example, to administer your membership, to provide member benefits or to publish your journal article)
  • Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests (for example to process any peer review information). We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). 
  • Legal obligation.  We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to (for example, where we are required to retain your data for tax or accounting purposes).
  • Consent.  We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose (for example if you subscribe to an email newsletter.
If there are any inconsistencies between the rights sets out above and below, the below apply to data subjects based in the UK or EEA.  Data subjects based in the UK or EEA have the right to:
 
  • Request access to your personal information (commonly known as a "subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. We may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object. You also have the absolute right to object any time to the processing of your personal information for direct marketing purposes.
  • Request the transfer of your personal information to you or to a third party. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Right to withdraw consent at any time where we are relying on consent to process your personal information.  This will not affect the lawfulness of any processing carried out before you withdraw consent.  If you withdraw consent, we may not be able to provide certain services to you.  We will advise you if this is the case at the time you withdraw consent.
  • Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information if you want us to establish the data's accuracy, if the processing is unlawful but you do not want us to erase it, where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. 
If you wish to exercise any of the rights set out above, please use the contact details set out below.
 
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). We may also contact you to ask you for further information in relation to your request to speed up our response.
 
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
 
Whenever we transfer your personal information to countries which have laws that do not provide the same level of data protection as UK or EEA data protection laws, we ensure that a similar degree of protection is afforded to it by ensuring that we use specific standard contractual terms approved by the UK government and EU Commission which give the transferred personal information the same protection as it would have had under UK or EEA data protection laws.  To obtain further information, please contact us using the details set out below.
 
As mentioned above, we will only retain your personal information for as long as is necessary to fulfil the purposes for which it was collected and as permitted or required by law.  We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.  To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
 
If you have any questions or complaints about how we process your personal information, please contact us.  However, if you wish to raise a complaint regarding your personal information or are unsatisfied with how we handled your information, you have the right to lodge a complaint with your national data protection regulator.

Changes to this Privacy Statement
The Privacy Statement was last revised as of the date that appears at the top of this page. From time to time, we may make changes to this Privacy Statement. When changes are made, they will become immediately effective when published in a revised Privacy Statement posted on our website, unless otherwise noted. We may also communicate changes to this Privacy Statement by other means.
 

How to contact us
All comments, questions, concerns or complaints regarding your personal information or our privacy practices should be sent to [email protected]

What’s New?

This version of the CAS Privacy Policy provides additional information for data subjects based in the UK or EEA.

Updated: October 2024