Privacy Policy

This privacy policy (this "Policy") describes the practices of the Association of Professional Engineers and Geoscientists of the Province of British Columbia, also operating as Engineers and Geoscientists BC, and its affiliates (the "Association", "we", "us", "our") with respect to our collection, use, storage and disclosure of personal information provided to us from users of (a) the website operated at CompetencyAssessment.ca and such other locations as made available from time to time (the "Website") and other products and services which may be operated therefrom from time to time (collectively with the Website, the "Services"). It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. This Policy is incorporated by reference to the general CBA Terms of Service located at competencyassessment.ca/terms-of-service, and forms an integral part of it. All capitalized terms not otherwise defined herein have the meaning provided in the general CBA Terms of Service.

1. Introduction and General Concepts

The Association provides the Services in our capacity as a service provider through Authorizing Bodies. We may also use the Services in our capacity as an Authorizing Body in British Columbia, in which case we will be referred to as an Authorizing Body. We respect and uphold individual rights to privacy and the protection of personal information. We know how important it is to protect your personal information and want to make every regulator, applicant experience safe and secure. In keeping with that goal, we have developed this Policy to explain our practices for the collection, use, and disclosure of your personal information.

(a) Personal Information

For the purposes of this Policy, "personal information" means information about an identifiable individual, including, for example, an individual's name, email and home address, telephone number, social insurance or other licensing number, sex, employment and educational history, work or co-op experience, financial history and income, family status, others' opinion about the individual and personal views. Personal information does not include information that would enable an individual to be contacted at a place of business, for example an employee's name, position or title, business telephone number, or business address. We will only collect, use or disclose personal information in accordance with this Policy, or in accordance with laws applicable to the collection, use and disclosure of your personal information by us ("Applicable Privacy Laws").

(b) Non-Personal Information

On the other hand, "non-personal information" is any type of information other than personal information, and is excluded from this Policy. For example, non-personal information would include business information, or information that enables an individual to be contacted at a current place of business, for example a current employee's name, position or title, business telephone number, or business address. Non-personal information also includes information that is anonymous or not about an identifiable information, such as web browsing information (such as the domain used to access the Website, or the type and version of device, browser or operating system being used to access the Service), or aggregate information that anonymizes the underlying data (like the number of visitors, what pages users visit, average time spent on the Website or on various parts of the Service). We will collect, use or disclose non-personal information in accordance with our ordinary business practices, but always in accordance with any applicable laws. This Policy, however, only covers our collection, use and disclosure of personal information.

(c) Information about Minors

This site is not intended for minors and no person under the age of majority may obtain User Access. We do not knowingly collect personal information about any person under the age of majority (usually the age of 18 or 19, but it varies in different jurisdictions) including any person under the age of 13, and no such person, nor any parent or guardian as it relates to such person, should submit their personal information to us for any reason. Please do not submit personal information about minors to us, whether through the Website, the Services or otherwise.

2. Collection and Use of Personal Information

As indicated above, two types of information are collected through our Services: personal information and non-personal information. The types of information collected about you will depend on the nature of your interaction with us, your Authorizing Body or the Services.

(a) Personal Information we collect from you

We may collect the following personal information from you through the Services:

  • contact information such as name, email address, mailing address, phone number;
  • unique identifiers such as user name, account number, password;

(b) Personal Information Authorizing Bodies collect from you

Authorizing Bodies may collect the following personal information from you through the Services:

  • contact information such as name, email address, mailing address, phone number;
  • unique identifiers such as user name, account number, password;
  • professional information including licences, qualifications, education, training, certificates;
  • employment history;
  • user content generated by you, such as responses, reviews, comments, audio, video, text and images as provided by you on the Website, which may contain personal information as provided by you; and
  • any information that you voluntarily enter, including personal information, into any postings, comments, reviews, assessments, or forums.

(c) Information we automatically collect)

We also automatically gather information about your computer such as your IP address, browser type, referring/exit pages, operating system, as well as which aspects of our performance metric indicators available with our technology or our licensees' products you prefer using. Some of this may be personal information, but in typical cases it is non-personal information. Specific examples follow:

  • IP, etc. —When using our Website, we may collect the Internet Protocol (IP) address of your computer, the IP address of your Internet Service Provider, the date and time you access our Website, the Internet address of the website from which you linked directly to our Website, the operating system you are using, the sections of our Website you visit, the Website pages read and images viewed, and the content you download from the Website. This information is used for Website and system administration purposes, and to improve the Website.
  • Cookies —We use "cookies", a technology that installs a small amount of information on a user's computer to permit the Website to recognize future visits using that computer. Cookies enhance the convenience and use of the Website. For example, the information provided through cookies is used to recognize you as a previous user of the Website, to offer personalized content and information for your use, to track your activity at the Website, to respond to your needs, and to otherwise facilitate your Website experience. You may choose to decline cookies if your browser permits, but doing so may affect your use of the Website and your ability to access certain features of the Website or engage in transactions through the Website.

3. Use of Personal Information

We may use your personal information, in combination with your non-personal information, for a variety of business purposes, for example to:

  • providing you with and administering your User Access;
  • fulfil an Authorizing Body's request for Services;
  • share with such Authorizing Bodies or other Users as you request depending on your User Access;
  • respond to your questions and concerns;
  • improve our Services and marketing efforts;
  • conduct research and analysis;
  • to enforce our Terms of Service;
  • facilitate your transactions and interactions with other Users, as applicable; and
  • for other purposes as described in this Policy.

In addition to the above, Authorizing Bodies may use your personal information, in combination with your non-personal information, for a variety of business purposes, for example to:

  • fulfil your request of the Authorizing Body or other Users, if applicable;
  • provide information to Validators, Assessors, and Applicants, as applicable;
  • assess your suitability for membership with the Authorizing Body;
  • respond to your questions and concerns;
  • conduct research and analysis;
  • display content based upon your interests and qualifications;
  • facilitate your transactions and interactions with other Users, as applicable; and
  • for other purposes as described in this Policy.

4. Your Consent

We and your Authorizing Body will collect, use, or disclose your personal information only with your knowledge and consent, except where required or permitted by Applicable Privacy Laws. When you choose to provide your personal information through the Services you consent to the use of your personal information as identified in this Policy and as may be further identified at the time of collection.

(a) Express Consent

Sometimes you will be asked to give your express consent to the collection, use or disclosure of personal information – for example, by being asked to check a box to indicate your consent to receive marketing communications in compliance with Canada's anti-spam laws.

(b) Implied Consent

Other times, you may provide your implied consent to the collection, use or disclosure of personal information when we can reasonably conclude that you have given consent by some action you have taken or an action you have decided not to take. Generally, this occurs where the purpose for the use of your personal information would be reasonably apparent to you – for example, when providing your name on an application through the Services, or when providing us with the name of a Validator who can confirm your work experience.

(c) Withdrawing Your Consent

You may notify us and your Authorizing Body at any time that you wish to withdraw or change your consent to our use and disclosure or your personal information. We and your Authorizing Body will accommodate your request subject to legal and contractual restrictions. The most common way of indicating this withdrawal of consent is (i) by changing your privacy preferences to the extent such functionality is made available through the Services, or (ii) requesting us to terminate your User Access and stopping use of the Services. In other situations, you may be able to opt out of the use of your personal information. For example, if you have "opted in" or subscribed to one of our or an Authorizing Bodies's mailing lists, you will always be provided the opportunity to "opt out" or unsubscribe.

You may also choose not to provide your personal information. However, if you make this choice we and the Authorizing Body may not be able to provide you with the Services, or information that you have requested. For example, we require your email address in order to verify your User Access, which is necessary so that notifications may be sent to you electronically.

5. Information Obtained from Third Parties

If you provide personal information about others, or if others provide your information, that information will only be used for the specific reason for which it was provided and in accordance with this Policy and such policy under which that information was collected. For example, a Validator may provide personal information including, among other things, your employment history, their opinions of you, their relationship with you, and so forth.

6. Disclosure and Sharing of Your Information

We and the Authorizing Bodies will share your personal information with third parties only in the ways that are described in this Policy. Neither we nor the Authorizing Bodies will sell your personal information to third parties, however the use of the Services necessarily requires some sharing or disclosure of your personal information.

_(a) Authorizing Bodies

We may provide your personal information to Authorizing Bodies, in the course of providing our Services to them and to you. By providing personal information through the Services or to an Authorizing Body you acknowledge and agree that we and the Authorizing Bodies may share and use such information, including for the Authorizing Body's purpose of reviewing and assessing your application for membership with them.

(b) Assessors

We or your Authorizing Body may provide your personal information to Assessors in order for Assessors to provide services to an Authorizing Body to help review and assess an Applicant's eligibility or suitability for membership with the Authorizing Body. By providing personal information through the Services or to an Authorizing Body, you acknowledge and agree that we, the Authorizing Bodies and the Assessors may share and use such information, including for the purpose of assisting the Authorizing Bodies with their review of your application.

(c) Validators

We or your Authorizing Body may provide your personal information to Validators in order to enable such Validators to confirm, correct, review, rate, score, comment on or otherwise validate or invalidate such information provided or requested through the Services and by providing personal information through the Services or to an Authorizing Body, you acknowledge and agree that we, the Authorizing Bodies and the Validators may share and use such information, including for these purposes.

(d) Third Party Processors

We or the Authorizing Bodies may provide your personal information to companies ("Third Party Processors") that provide services to help us with the Service (for example, web hosting providers). In that scenario, Third Party Processors will be authorized to use your personal information only as necessary to provide these services to us, and in a manner consistent with this Policy. If we utilize a Third Party Processor, we will select a Third Party Processor who will use your information in compliance with this Policy, but they may have their own specific policies regarding the collection, use and personal information. We will use commercially reasonable efforts to identify such Third Party Processors when we are collecting your personal information, as well as providing links to the relevant privacy policies that may apply.

(e) Further Disclosures

We and the Authorizing Bodies may also disclose your personal information (i) as required by law such as to comply with a subpoena, or similar legal process, (ii) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, or (iii) to any other third party with your prior consent to do so.

(f) Third Party Links

The Services may contain links to other websites or Internet resources which are provided solely for your convenience and information. When you click on one of those links you are contacting another website or Internet resource. We have no responsibility or liability for, or control over, those other websites or Internet resources or their collection, use and disclosure of your personal information. We encourage you to read the privacy policies of those other websites to learn how they collect and use your personal information.

7. Security of Personal Information

(a) General Security Practices

The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. We employ physical, administrative, contractual and technological safeguards to protect personal information, and insist that our service providers do the same. We insist that our personnel, and those of our providers, only access and use personal information in order to properly perform those duties, and even then only to the strict extent necessary to perform them.

If you have any questions about security on our Website, you can contact us at [email protected].

8. Requests for Access to and Correction of Personal Information

Applicable Privacy Laws allow, to varying degrees, individuals the right to access and/or request the correction of errors or omissions in his or her personal information that is stored on the platform. All such inquiries should be directed to your applicable Authorizing Body, including:

  • identification of personal information under such Authorizing Body's custody or control;
  • information about how personal information under the Authorizing Body's control may be or has been used; and
  • the names of any individuals and organizations to which the individual's personal information has been disclosed.

The applicable Authorizing Body will respond to requests within the time allowed by Applicable Privacy Laws and will make every effort to respond as accurately and completely as possible. Any corrections made to personal information will be promptly sent to any organization it was disclosed to.

In certain exceptional circumstances, an Authorizing Body may not be able to provide access to certain personal information it holds about an individual. If access cannot be provided, the Authorizing Body will notify the individual making the request within 30 days, in writing, of the reasons for the refusal.

9. CASL Policy

The Association is committed to compliance with the law known as Canada's Anti-Spam Legislation ("CASL"). Any electronic communication sent by us to outside parties is protected by a range of business procedures, processes and policies to ensure that such communication is done in compliance with CASL. In our electronic communications with outside parties, we comply with the rules established by CASL and enforced by various Canadian authorities including the Canadian Radio-television and Telecommunications Commission. CASL regulates, and our policies generally apply to, each commercial electronic message we send (a "CEM"), which is an electronic message sent to an electronic address that, among its purposes, encourages participation in a commercial activity.

In addition to adopting this Policy, and to provide transparency about our compliance, we have undertaken various initiatives in order to ensure we are compliant with CASL in various respects:

  • Consent—We do not send CEMs without your consent. This consent typically must be "express" (or expressly acknowledged by you), but in certain circumstances consent can be "implied" and in others, messages are specifically exempt from consent requirements. We have modified or adopted our sign-up, registration and consent forms in order to ensure that the express consent obtained from you is in compliance with CASL. When we are collecting your electronic contact information, you will know what purposes we want to use it for.
  • Content—We have adopted processes to ensure that our CEMs contain the prescribed content of CASL. On any CEM from us (usually in the footer), we will clearly:
    • Identify ourselves as the party sending the CEM, and whether we are sending the message on our own behalf or on behalf of someone else;
    • Provide you contact information where you can readily contact us; and
    • Set out a clear, working unsubscribe mechanism (or preference centre) that is easy to use, automatic, and at no cost to you (other than your own cost of connecting to the Internet).
  • Clarity—We have ensured that each constituent element of a CEM (including its header, its content, or any links or URLs in the CEM) conveys the appropriate information, whether viewed individually or taken as a whole, so that you always know what you are clicking on.

If you have received a CEM from us, and you believe that you should not have or you do not wish to receive them (even if we are allowed to send them), we will endeavour to respect your inbox preferences. Without limiting our legal rights or obligations, we try to ensure that our messages all contain useful identity information and unsubscribe or preferences link in our messages—if you check the CEM itself, you will find clear instructions on how to stop receiving CEMs from us or manage your mail preferences. When you unsubscribe, it should happen very quickly – but as required by CASL we will make sure it occurs within 10 business days. If you have any questions or concerns about our unsubscribe methods, you may contact us at the address indicated below.

10. Removal of Your Information

Your information is kept only as long as necessary for legitimate business purposes and to meet any legal requirements. Personal information used to make a decision that directly affects an individual will be kept for at least one year after such a decision by the applicable Authorizing Body. We and each Authorizing Body has retention standards that meet these parameters, and your information will be destroyed when it is no longer needed or required to be kept, or your personally identifiable information will be removed to render it anonymous.

11. Updates or Changes to Privacy Policy

We may update this Policy to reflect changes to our information practices. If we make any material changes we will either (a) notify you by email (sent to the e-mail address specified in your User Content), or (b) provide a notice on the Website or otherwise through the Service prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Any change to this Privacy Policy will become effective on the date so indicated, and will apply to information collected from the date of the posting of the revised privacy policy and to existing information held by us. The date on which the latest update was made is indicated at the bottom of this document. We recommend that you print a copy of this privacy policy for your reference and revisit this policy from time to time to ensure you are aware of any changes. Your continued use of the Service signifies your acceptance of any changes to this Policy.

12. Contact Information

You can direct any questions or concerns regarding our compliance with this Policy to our Privacy Head by writing or emailing at:

Tony Chong
Privacy Head
Email: [email protected]
Phone: 604.412.6058

If you are not satisfied with our Privacy Head's response to their question or concern you may be able to make a complaint under Applicable Privacy Laws. Our Privacy Head can provide you with the contact information to make such a complaint.

End of Privacy Policy (Last Updated: November 9, 2018)