Personal information for non-profits and other organizations

Overview

Some non-profit organizations are not subject to the Personal Information Protection Act (PIPA), except for information collected, used or disclosed for commercial activity.

It depends how a non-profit organization is incorporated whether or not they fall fully under PIPA. Organizations need to determine this and they should be able to tell you. For example, trade unions, condo boards, schools councils and churches are subject to PIPA entirely due to the manner in which they are incorporated.

Commercial activity includes any transaction that is of a commercial character, such as:

the selling, bartering and leasing of donor or membership lists
the operation of a private school or early childhood program under the Education Act or a private college under the Post-secondary Learning Act

Accepting donations for charitable purposes is not a commercial activity.

Whether an organization is required to follow PIPA or not, the rules of PIPA provide best practices for the care of personal information. Even when not required, non-profits can voluntarily comply with PIPA.

Resources for non-profits

The following resources are available to help non-profit organizations understand the requirements under PIPA.

Protecting Personal Information: A Workbook for Non-Profit Organizations

provides space to take stock of personal information your organization collects, uses or discloses
provides a sample privacy policy and sample privacy statement

PIPA – A Summary for Organizations